1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

just weird and frustrating

Discussion in 'Virus & Other Malware Removal' started by treyxanthean, Apr 12, 2004.

Thread Status:
Not open for further replies.
Advertisement
  1. treyxanthean

    treyxanthean Thread Starter

    Joined:
    Mar 15, 2004
    Messages:
    13
    Hi All, i will post my hijack this log at the end of this post.. but before i do this i must tell you, that i have to keep doing a system restore every other time i get on and then get off the internet. if i restart my computer i am not able to log on to any websites at all!!!! i can however be connected to the net and say like download an ad-aware up date or run my newsbin pro or something like that... just weird and frustrating if you ask me... anyhow here is the logfile and just so you know i dont expect there will be anything shown but i will hope aganst hope.... thanks for looking and replying... Trey


    Logfile of HijackThis v1.97.7
    Scan saved at 2:49:50 AM, on 4/12/2004
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Sygate\SPF\smc.exe
    C:\WINDOWS\System32\oodag.exe
    C:\Program Files\Trend Micro\PC-cillin 2002\Tmntsrv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\kxmixer.exe
    C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe
    C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://infowars.net/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://infowars.net/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://infowars.net/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://infowars.net/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = http://infowars.net/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = http://infowars.net/
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {9527D42F-D666-11D3-B8DD-00600838CD5F} - C:\WINDOWS\System32\IETie.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [kX Mixer] C:\WINDOWS\System32\kxmixer.exe --startup
    O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
    O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe"
    O4 - HKLM\..\Run: [PCCClient.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe"
    O8 - Extra context menu item: Allow Site's Pop-&ups - file://C:\Program Files\PopNot\trustsite.script
    O8 - Extra context menu item: Always &Kill this Pop-up - file://C:\Program Files\PopNot\blocksite.script
    O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{16797121-6837-44C7-A17D-D367E7F9B931}: NameServer = 64.63.216.6 64.63.219.6
    O17 - HKLM\System\CS1\Services\Tcpip\..\{16797121-6837-44C7-A17D-D367E7F9B931}: NameServer = 64.63.216.6 64.63.219.6
     
    treyxanthean, Apr 12, 2004
    #1
  2. Flrman1

    Flrman1

    Joined:
    Jul 26, 2002
    Messages:
    46,329
    I don't see anything in your log. What exactly is happening that forces you to do these restores?
     
    Flrman1, Apr 12, 2004
    #2
  3. treyxanthean

    treyxanthean Thread Starter

    Joined:
    Mar 15, 2004
    Messages:
    13
    well flrman1,.."every other time i get on and then get off the internet. if i restart my computer i am not able to log on to any websites at all!!!!" now i did download Spy Sweeper and it found an alexia toolbar that all my others did not.. it seams to have fixed the problem however i still have from time to time extra reg entries in the form of these here (actual hijack this log excerpt from today, the rest is exactly the same...)

    O17 - HKLM\System\CCS\Services\Tcpip\..\{16797121-6837-44C7-A17D-D367E7F9B931}: NameServer = 64.63.216.6 64.63.219.6
    O17 - HKLM\System\CS1\Services\Tcpip\..\{16797121-6837-44C7-A17D-D367E7F9B931}: NameServer = 64.63.216.6 64.63.219.6
    i hope these are supposed to be there, cause they are not in every scan.. i have gotten rid of some in the past but i don't think they are harmfull.. perhaps you know better.... thanks for your time.... b.t.w. i have,Spybot,Ad-aware 6.0,cwshredder,Spy Cop and SpywareBlaster installed as well.....
     
    treyxanthean, Apr 14, 2004
    #3
  4. Flrman1

    Flrman1

    Joined:
    Jul 26, 2002
    Messages:
    46,329
    The IP in those O17's resolve to:

    Hawk Communications
    Address: 3530 Ashford Dunwoody Rd
    City: Atlanta
    StateProv: GA
    PostalCode: 30319
    Country: US
    Comment: Hawk Communications is the leading Dial Network in
    Comment: the U.S.A.

    They are legit.
     
    Flrman1, Apr 14, 2004
    #4
  5. treyxanthean

    treyxanthean Thread Starter

    Joined:
    Mar 15, 2004
    Messages:
    13
    Cool!! Thanks for the trace!!!!!!!!!! i hope this crud is over with now.... i'll sign off on that note since i think it was the alexia toolbar thing.. thanks for all your help in this matter!!!!!!!!! i will try to donate something soon if the Good Lord permitts..... See Ya,
     
    treyxanthean, Apr 15, 2004
    #5
  6. Flrman1

    Flrman1

    Joined:
    Jul 26, 2002
    Messages:
    46,329
    My pleasure! :)
     
    Flrman1, Apr 15, 2004
    #6

  7. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Similar Threads - weird frustrating
  1. xymalf

    New Computer acting weird

    xymalf, Oct 17, 2019, in forum: Virus & Other Malware Removal
    Replies:
    11
    Views:
    708
    blues_harp28
    Oct 18, 2019
  2. Tigerwout

    Weird internet connection problem

    Tigerwout, Oct 14, 2019, in forum: Virus & Other Malware Removal
    Replies:
    15
    Views:
    952
    Tigerwout
    Oct 17, 2019
  3. ated19

    In Progress Weird homepage in Google chrome

    ated19, Sep 13, 2019, in forum: Virus & Other Malware Removal
    Replies:
    4
    Views:
    567
    iMacg3
    Sep 18, 2019
  4. Alpha227

    New Weird behavior, missing storage, etc. And only on WiFi.

    Alpha227, Jun 7, 2019, in forum: Virus & Other Malware Removal
    Replies:
    0
    Views:
    291
    Alpha227
    Jun 7, 2019
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/219547

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice