MyTechSupport.ca :: Your Computer Technical Resource Headquarters! MyTechSupport.ca :: Your Computer Technical Resource Headquarters!
HOME FORUMS RESOURCES & TOOLS ARTICLES ONLINE STORE ABOUT US
Computer Support Forums arrow Internet & Network Support arrow Security & Viruses arrow Topic: HiJackThis - log
August 25, 2019, 05:41:57 AM
 

Home Forum Rules Help Search Mobile Version Login Register

Welcome, Guest. Please login or register.
Did you miss your activation email?
August 25, 2019, 05:41:57 AM

Login with username, password and session length
 
News
New  New Poll on our main page!
"My experience with Vista..."
  0 Members and 1 Guest are viewing this topic.
Pages: [1] Go Down Print
Author Topic: HiJackThis - log  (Read 851 times)
Markus
Full Member
***

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 55


Bookmark and Share

View Profile
« on: November 02, 2004, 03:20:46 AM »

PLEASE SUPPLY RELEVANT INFORMATION:
Operating System Version: WinXP Pro
Problem Application Name & Version: all
Problem Hardware Make & Model: -
Error Messages: -



Hi,

1. please check the following log
2. my problem is (again) that all programs won't start after the computer is running perhaps for 20 minutes - I guess it's a trojan or something ... I got nearly rid of this problem with your help one month ago but I didn't manage to eliminate it - thx ...

LOG:
 
Quote
Logfile of HijackThis v1.98.2
Scan saved at 04:13:15, on 02.11.2004
Platform: Windows XP  (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Programme\Logitech\MausTreiber\MouseWare\system\em_exec.exe
C:\WINDOWS\System32\nvsvc32.exe
D:\Programme\PandaAntiVirus\pavsrv51.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
D:\Programme\PandaAntiVirus\AVENGINE.EXE
D:\Programme\PandaAntiVirus\apvxdwin.exe
D:\Programme\PandaAntiVirus\pavProxy.exe
D:\Programme\ICQ\Icq.exe
D:\Programme\WinMX\WinMX.exe
C:\Dokumente und Einstellungen\MAD\Desktop\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.web.de/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programme\AcrobatReader\Reader\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://D:\PROGRA~1\OfficeXP\Office10\EXCEL.EXE/3000
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - D:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - D:\PROGRA~1\ICQ\ICQ.exe
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {14F65762-96FB-44B9-8DAC-93845F377A0E} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/de/filesharingctrl.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall-Kontrolle) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab31267.cab
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697514} (NsvPlayX Control) - http://www.nullsoft.com/nsv/embed/nsvplayx_vp3_mp3.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4AAD5A4F-BCDF-47FA-93C2-BB73F7B092C7}: NameServer = 212.18.3.5 212.18.0.5
<hr height="1" noshade id="quote"></font></blockquote>

EDIT:
I can't imagine that "O17" and so many "messenger.zone"s are acceptable...Huh?
« Last Edit: November 02, 2004, 03:29:12 AM by Markus » Logged

 
Pancake
Global Moderator
Hero Member
*****

Karma: +78/-0
Offline Offline

Gender: Male
Posts: 3915


Bookmark and Share

View Profile
« Reply #1 on: November 02, 2004, 06:11:52 AM »

If 017 is not your server ( www.ripe.net ) then you can remove it,otherwise every other thing is ok.I also see that you do not have security updates for IE6...you can get then here.
http://www.microsoft.com/windows/ie/downloads/critical/ie6sp1/default.mspx
« Last Edit: November 02, 2004, 06:15:41 AM by Pancake » Logged

An Australian Member of

EDDY
Markus
Full Member
***

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 55


Bookmark and Share

View Profile
« Reply #2 on: November 02, 2004, 03:22:03 PM »

Thanks, I don't know why but at the moment I can't visit microsoft.com ~> I'll try it later again ...
Logged

 
Pages: [1] Go Up Print 
 
Jump to:  

Powered by MySQL Powered by PHP

Powered by SMF 1.1.21 | SMF © 2015, Simple Machines

Valid XHTML 1.0! Valid CSS!

Disclaimer
This site is NOT responsible for any damage that the information on this site may cause to your system. Everything you try, whether inspired by the response given from this site or not, is entirely at your own risk. All product names and company names used herein are for identification purpose only and may be trademarks or registered trademarks of their respective owners. We are in no way affiliated or representing any of the companies on this site unless specified.
Back to Top
Stop Spam Harvesters, Join Project Honey Pot Fight Back Against Spammers! Get Firefox! Get Thunderbird! View Sylvain Amyots profile on LinkedIn
Back to Top
Google visited last this page December 31, 2018, 01:48:23 PM