MyTechSupport.ca :: Your Computer Technical Resource Headquarters! MyTechSupport.ca :: Your Computer Technical Resource Headquarters!
HOME FORUMS RESOURCES & TOOLS ARTICLES ONLINE STORE ABOUT US
Computer Support Forums arrow Internet & Network Support arrow Security & Viruses arrow Topic: HJT logfile
November 14, 2019, 01:54:42 AM
 

Home Forum Rules Help Search Mobile Version Login Register

Welcome, Guest. Please login or register.
Did you miss your activation email?
November 14, 2019, 01:54:42 AM

Login with username, password and session length
 Featured Sites:
News
Help us help you! Help us help you by helping out! The more people know about us, the more help will be available. Click here to find out how...
  0 Members and 1 Guest are viewing this topic.
Pages: [1] Go Down Print
Author Topic: HJT logfile  (Read 925 times)
Zedd
Full Member
***

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 89


Bookmark and Share

View Profile
« on: March 13, 2005, 02:01:00 AM »

Logfile of HijackThis v1.99.1
Scan saved at 7:56:03 PM, on 12/03/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Stardock\WindowBlinds\wbload.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Startup Faster 2004\sfAgent.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\PeerGuardian2\pg2.exe
C:\PROGRA~1\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\NETGEAR\WAG311 Wireless Smart Configuration\Utility\NetgearAG.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\Rainlendar\Rainlendar.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\mmc.exe
C:\Documents and Settings\Administrator\My Documents\hijackthis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.iso-tek.org
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Exploiter/Exploder
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O4 - HKLM\..\Run: [StartupFaster] "C:\Program Files\Startup Faster 2004\StrpFstCfg.exe" -run SFAURUN SFCURUN SFAUSTARTUP SFCUSTARTUP
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O9 - Extra button: Bet On USA Poker - {64FA9700-6A17-4bd5-A7D8-D81CF095995F} - C:\Program Files\betonusaMPP\MPPoker.exe
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O20 - Winlogon Notify: WB - C:\Stardock\WindowBlinds\fastload.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe



Both of the R1's as well as the Bet on USA O9 are okay. I use FlashGet as my download manager and am pretty sure it's clean.
Logged

Zedd
__________________________________________________________________________________________________________________________

My Rig:

-AMD Athlon 64 FX-51 Processor - Not Overclocked
-Asus SK8V Motherboard Skt 940
-2 GB Corsair Registered TWINX1024-3200 XMS3200
-120 GB Maxtor DiamondMax Plus
-80 GB Storage drive
-73 GB Western Digital Raptor 10,000 RPM SATA
Hard Drive
-256 MB ATI Radeon 9800 PRO Video Card
-Creative Labs Sound Blaster Audigy 2 ZS Sound Card
-Creative Labs SBS 4.1 Speaker System
-Pioneer DVR-A07 DVD-R/W +R/W
-Samsung SW-252FENB/SW-252SENB
Cactus
Security & Virus Specialist
Global Moderator
Hero Member
*****

Karma: +2/-0
Offline Offline

Gender: Male
Posts: 4327


Bookmark and Share

View Profile
« Reply #1 on: March 13, 2005, 02:29:03 AM »

Hey Zedd..

Press CTRL+ALT+DEL and stop these processes:

StrpFstCfg.exe
mmc.exe

Re-run HJT and have it FIX these lines:

R3 - Default URLSearchHook is missing

O4 - HKLM\..\Run: [StartupFaster] "C:\Program Files\Startup Faster 2004\StrpFstCfg.exe" -run SFAURUN SFCURUN SFAUSTARTUP SFCUSTARTUP << DO YOU KNOW WHAT THIS IS??

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

Empty ALL your TEMP Folders and Recycle Bin

Re-boot

Re-run HJT and post back...


Cactus  
« Last Edit: March 13, 2005, 02:33:46 AM by Cactus » Logged

**PLEASE**.....do not post your hijack log in someone else's thread. Start a separate thread HERE! Thank you.

cactus@mytechsupport.ca

My System Specs

Avg Antivirus::Ad-Aware::Spybot::Windows Update::Recuva
Malwarebytes::SUPERAntiSpywareFREE
Zedd
Full Member
***

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 89


Bookmark and Share

View Profile
« Reply #2 on: March 13, 2005, 02:34:34 AM »

WinTasks Process Library
Process File: mmc or mmc.exe
Process Name: Microsoft Management Console
 
Description:
mmc.exe is the Microsoft Management Console application and is used to display various management plug-ins accessed from the Control Panel, such as the Device Manager. This program is a non-essential system process, but should not be terminated unless suspected to be causing problems.

StartUpFaster is a program that lets you set the start order and delay between all programs/drives that are set to load on Windows start. It's clean.

Did delete the other three though, thanks a bunch.
Logged

Zedd
__________________________________________________________________________________________________________________________

My Rig:

-AMD Athlon 64 FX-51 Processor - Not Overclocked
-Asus SK8V Motherboard Skt 940
-2 GB Corsair Registered TWINX1024-3200 XMS3200
-120 GB Maxtor DiamondMax Plus
-80 GB Storage drive
-73 GB Western Digital Raptor 10,000 RPM SATA
Hard Drive
-256 MB ATI Radeon 9800 PRO Video Card
-Creative Labs Sound Blaster Audigy 2 ZS Sound Card
-Creative Labs SBS 4.1 Speaker System
-Pioneer DVR-A07 DVD-R/W +R/W
-Samsung SW-252FENB/SW-252SENB
Cactus
Security & Virus Specialist
Global Moderator
Hero Member
*****

Karma: +2/-0
Offline Offline

Gender: Male
Posts: 4327


Bookmark and Share

View Profile
« Reply #3 on: March 13, 2005, 02:38:24 AM »

I know I realized the mix up after ..glad you caught it.
Has your shutdown/boot time changed any?

Cactus
Logged

**PLEASE**.....do not post your hijack log in someone else's thread. Start a separate thread HERE! Thank you.

cactus@mytechsupport.ca

My System Specs

Avg Antivirus::Ad-Aware::Spybot::Windows Update::Recuva
Malwarebytes::SUPERAntiSpywareFREE
Zedd
Full Member
***

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 89


Bookmark and Share

View Profile
« Reply #4 on: March 13, 2005, 02:39:56 AM »

Haven't had time to restart, probably, should. I'll get back to you in a minute.

Edit: First restart was as bad as the rest. Trying again now.

Edit2: Still the same. Looks like I'm back to my original video card driver theroy.
« Last Edit: March 13, 2005, 02:50:04 AM by Zedd » Logged

Zedd
__________________________________________________________________________________________________________________________

My Rig:

-AMD Athlon 64 FX-51 Processor - Not Overclocked
-Asus SK8V Motherboard Skt 940
-2 GB Corsair Registered TWINX1024-3200 XMS3200
-120 GB Maxtor DiamondMax Plus
-80 GB Storage drive
-73 GB Western Digital Raptor 10,000 RPM SATA
Hard Drive
-256 MB ATI Radeon 9800 PRO Video Card
-Creative Labs Sound Blaster Audigy 2 ZS Sound Card
-Creative Labs SBS 4.1 Speaker System
-Pioneer DVR-A07 DVD-R/W +R/W
-Samsung SW-252FENB/SW-252SENB
Pages: [1] Go Up Print 
 
Jump to:  

Powered by MySQL Powered by PHP

Powered by SMF 1.1.21 | SMF © 2015, Simple Machines

Valid XHTML 1.0! Valid CSS!

Disclaimer
This site is NOT responsible for any damage that the information on this site may cause to your system. Everything you try, whether inspired by the response given from this site or not, is entirely at your own risk. All product names and company names used herein are for identification purpose only and may be trademarks or registered trademarks of their respective owners. We are in no way affiliated or representing any of the companies on this site unless specified.
Back to Top
Stop Spam Harvesters, Join Project Honey Pot Fight Back Against Spammers! Get Firefox! Get Thunderbird! View Sylvain Amyots profile on LinkedIn
Back to Top
Google visited last this page April 04, 2017, 03:41:05 PM