1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Hijackthis

Discussion in 'Virus & Other Malware Removal' started by SAJID52, Apr 26, 2004.

Thread Status:
Not open for further replies.
Advertisement
  1. SAJID52

    SAJID52 Thread Starter

    Joined:
    May 14, 2000
    Messages:
    480
    :eek: Logfile of HijackThis v1.97.7
    Scan saved at 2:13:34 PM, on 4/26/2004
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\S3apphk.exe
    C:\PROGRA~1\NORTON~1\navapw32.exe
    C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\WINDOWS\System32\ezSP_Px.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Outlook Express\msimn.exe
    C:\DOCUME~1\noyb\LOCALS~1\Temp\Rar$EX15.675\HijackThis.exe

    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll
    O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll
    O4 - HKLM\..\Run: [S3apphk] S3apphk.exe
    O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
    O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
    O8 - Extra context menu item: Yahoo! Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
    O8 - Extra context menu item: Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
    O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
    O9 - Extra button: Messenger (HKLM)
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
    O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://download.yahoo.com/dl/installs/yinst0401.cab
    O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52...pple.com/mickey/us/win/QuickTimeInstaller.exe
    O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/27da17a5d506bfd98e02/netzip/RdxIE601.cab
    O16 - DPF: {73F0FD85-BD47-4A95-86D1-DE38860462C1} (PremiumHTML Class) - http://www.accesoplugin.com/dialercab/IberoDialerHTML.cab
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004033001/housecall.antivirus.com/housecall/xscan53.cab
    O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yse/ymmapi_416.dll
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

    Thank you for reading and input. :eek:


    "S"
    V^^^^V
     
  2. SAJID52

    SAJID52 Thread Starter

    Joined:
    May 14, 2000
    Messages:
    480
    (Above) Thank you. ;)


    "S"
    V^^^^V
     
  3. Infidel_Kastro

    Infidel_Kastro

    Joined:
    Nov 21, 2003
    Messages:
    5,402
    Can you please describe any problems you are having?
     
  4. SAJID52

    SAJID52 Thread Starter

    Joined:
    May 14, 2000
    Messages:
    480
    I went to a site,and when I closed the page I had a NEW Icon on my desk top.
    I delted what I could find connected to it.
    Now,I would like to know if there's anything hidden.

    Thank you for replying.


    "S"
    V^^^^V
     
  5. anuthas

    anuthas

    Joined:
    Apr 26, 2004
    Messages:
    6
  6. cybertech

    cybertech Retired Moderator

    Joined:
    Apr 16, 2002
    Messages:
    72,115
    anuthas, Those 2 are fine.

    sajid53, find this file C:\WINDOWS\System32\S3apphk.exe right click go to properties, version tab and tell what's in each item name and value.
     
  7. SAJID52

    SAJID52 Thread Starter

    Joined:
    May 14, 2000
    Messages:
    480
    S3apphk.exe Tuesday, December 04, 2001, 3:02:44 AM,I guess this came with the XP Home.....looking at the date,XP was installed 21/2 mons.now.
    Getting older programs to run on Windows XPMost programs run properly on Windows XP. The exceptions are some older games and other programs that were written specifically for an earlier version of Windows. To run your program on Windows XP, try the following:

    Run the Program Compatibility Wizard. As an alternative, you can set the compatibility properties manually.
    Update your program, drivers, or hardware.
    These options are covered in detail below.

    The Program Compatibility Wizard
    This wizard prompts you to test your program in different modes (environments) and with various settings. For example, if the program was originally designed to run on Windows 95, set the compatibility mode to Windows 95 and try running your program again. If successful, the program will start in that mode each time. The wizard also allows you to try different settings, such as switching the display to 256 colors and the screen resolution to 640 x 480 pixels.

    If compatibility problems prevent you from installing a program on Windows XP, run the Program Compatibility Wizard on the setup file for the program. The file may be called Setup.exe or something similar, and is probably located on the Installation disc for the program.


    "S"
    V^^^^V
     
  8. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/224033

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice