(Solved) Can someone check my Hijack Log?

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Ade1965x

Thread Starter
Joined
Jul 31, 2003
Messages
34
Logfile of HijackThis v1.97.2
Scan saved at 9:18:07 AM, on 9/26/2003
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\NavNT\defwatch.exe
C:\Program Files\WS_FTP Pro\ftpsched.exe
C:\Program Files\NavNT\rtvscan.exe
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\NavNT\vptray.exe
C:\Program Files\WS_FTP Pro\ftpqueue.exe
C:\WINDOWS\System32\taskswitch.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Microsoft Money\System\urlmap.exe
C:\Documents and Settings\adrrou\Local Settings\Temp\Temporary Directory 1 for hijackthis[1].zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mff.ediwise.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.e4me.com
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Ipswitch.WsftpBrowserHelper - {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:\Program Files\WS_FTP Pro\wsbho2k0.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [vptray] C:\Program Files\NavNT\vptray.exe
O4 - HKLM\..\Run: [ftpqueue] "C:\Program Files\WS_FTP Pro\ftpqueue.exe" -tray
O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\System32\taskswitch.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: Real.com (HKLM)
O9 - Extra button: MoneySide (HKLM)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.e4me.com
O16 - DPF: {C4847596-972C-11D0-9567-00A0C9273C2A} (Crystal Report Viewer Control) - http://mff.ediwise.com/viewer/activeXViewer/activexviewer.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{03E6C711-28F3-4A79-9448-6F8C86512096}: NameServer = 209.208.35.4,216.53.130.3
O17 - HKLM\System\CS1\Services\Tcpip\..\{03E6C711-28F3-4A79-9448-6F8C86512096}: NameServer = 209.208.35.4,216.53.130.3
O17 - HKLM\System\CS2\Services\Tcpip\..\{03E6C711-28F3-4A79-9448-6F8C86512096}: NameServer = 209.208.35.4,216.53.130.3
 
Joined
Mar 20, 2003
Messages
4,823
It looks pretty clean, but I am not too sure of these, I can't find a reverse DNS so would be tempted to have Hijack this Fix these

O17 - HKLM\System\CCS\Services\Tcpip\..\{03E6C711-28F3-4A79-9448-6F8C86512096}: NameServer = 209.208.35.4,216.53.130.3
O17 - HKLM\System\CS1\Services\Tcpip\..\{03E6C711-28F3-4A79-9448-6F8C86512096}: NameServer = 209.208.35.4,216.53.130.3
O17 - HKLM\System\CS2\Services\Tcpip\..\{03E6C711-28F3-4A79-9448-6F8C86512096}: NameServer = 209.208.35.4,216.53.130.3

Of course, if you are on a company network, ignore this advice, and consider the log clean
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Members online

Top