treyxanthean
Thread Starter
- Joined
- Mar 15, 2004
- Messages
- 13
Hi All, i will post my hijack this log at the end of this post.. but before i do this i must tell you, that i have to keep doing a system restore every other time i get on and then get off the internet. if i restart my computer i am not able to log on to any websites at all!!!! i can however be connected to the net and say like download an ad-aware up date or run my newsbin pro or something like that... just weird and frustrating if you ask me... anyhow here is the logfile and just so you know i dont expect there will be anything shown but i will hope aganst hope.... thanks for looking and replying... Trey
Logfile of HijackThis v1.97.7
Scan saved at 2:49:50 AM, on 4/12/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\System32\oodag.exe
C:\Program Files\Trend Micro\PC-cillin 2002\Tmntsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\kxmixer.exe
C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe
C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://infowars.net/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://infowars.net/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://infowars.net/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://infowars.net/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = http://infowars.net/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = http://infowars.net/
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {9527D42F-D666-11D3-B8DD-00600838CD5F} - C:\WINDOWS\System32\IETie.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [kX Mixer] C:\WINDOWS\System32\kxmixer.exe --startup
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe"
O4 - HKLM\..\Run: [PCCClient.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe"
O8 - Extra context menu item: Allow Site's Pop-&ups - file://C:\Program Files\PopNot\trustsite.script
O8 - Extra context menu item: Always &Kill this Pop-up - file://C:\Program Files\PopNot\blocksite.script
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{16797121-6837-44C7-A17D-D367E7F9B931}: NameServer = 64.63.216.6 64.63.219.6
O17 - HKLM\System\CS1\Services\Tcpip\..\{16797121-6837-44C7-A17D-D367E7F9B931}: NameServer = 64.63.216.6 64.63.219.6
Logfile of HijackThis v1.97.7
Scan saved at 2:49:50 AM, on 4/12/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\System32\oodag.exe
C:\Program Files\Trend Micro\PC-cillin 2002\Tmntsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\kxmixer.exe
C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe
C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://infowars.net/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://infowars.net/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://infowars.net/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://infowars.net/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = http://infowars.net/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = http://infowars.net/
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {9527D42F-D666-11D3-B8DD-00600838CD5F} - C:\WINDOWS\System32\IETie.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [kX Mixer] C:\WINDOWS\System32\kxmixer.exe --startup
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe"
O4 - HKLM\..\Run: [PCCClient.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe"
O8 - Extra context menu item: Allow Site's Pop-&ups - file://C:\Program Files\PopNot\trustsite.script
O8 - Extra context menu item: Always &Kill this Pop-up - file://C:\Program Files\PopNot\blocksite.script
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{16797121-6837-44C7-A17D-D367E7F9B931}: NameServer = 64.63.216.6 64.63.219.6
O17 - HKLM\System\CS1\Services\Tcpip\..\{16797121-6837-44C7-A17D-D367E7F9B931}: NameServer = 64.63.216.6 64.63.219.6