Visit the Ironworks Gaming Website Email the Webmaster Graphics Library Rules and Regulations Help Support Ironworks Forum with a Donation to Keep us Online - We rely totally on Donations from members Donation goal Meter

Ironworks Gaming Radio

Ironworks Gaming Forum

Go Back   Ironworks Gaming Forum > Ironworks Gaming Forums > General Discussion > General Conversation Archives (11/2000 - 01/2005)

 
 
Thread Tools Search this Thread
Old 07-14-2004, 09:23 AM   #1
Dalamar Stormcrow
Banned User
 

Join Date: November 1, 2003
Location: My own little world
Age: 33
Posts: 828
My computer was going pretty slow, and i heard great things bout Hijack This!, so I tried it out. What should I get rid of?

Logfile of HijackThis v1.97.7
Scan saved at 9:12:01 AM, on 7/14/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\WINDOWS\System32\nvsvc32.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\System32\HPHipm09.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\Mixer.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb0 4.exe
C:\WINDOWS\System32\hphmon03.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
C:\documents and settings\amy\local settings\temp\OB7R.exe
C:\installer\id53.exe
C:\Program Files\AutoUpdate\AutoUpdate.exe
C:\WINDOWS\System32\nvdctl32.exe
C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
C:\Program Files\Linksys\WUSB11 v25 Config Utility\WUSB11Cfg.exe
C:\Program Files\SEC\Natural Color\NaturalColorLoad.exe
C:\Program Files\SysAI\SysAI.exe
C:\WINDOWS\System32\AquwLEKu.exe
C:\WINDOWS\System32\Gatr8.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\mshta.exe
C:\WINDOWS\system32\ntvdm.exe
C:\WINDOWS\SYSTEM32\INSTALL2.EXE
C:\WINDOWS\System32\mshta.exe
C:\WINDOWS\system32\ntvdm.exe
C:\WINDOWS\SYSTEM32\INSTALL2.EXE
C:\WINDOWS\System32\mshta.exe
C:\WINDOWS\system32\ntvdm.exe
C:\WINDOWS\SYSTEM32\INSTALL2.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\ff7\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://server224.smartbotpro.net/7search/?new-hkcu
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://default-homepage-network.com/start.cgi?new-hklm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://server224.smartbotpro.net/7search/?new-hklm
R3 - URLSearchHook: (no name) - {707E6F76-9FFB-4920-A976-EA101271BC25} - C:\Program Files\TV Media\TvmBho.dll
O2 - BHO: (no name) - SOFTWARE - (no file)
O2 - BHO: (no name) - {00000EF1-0786-4633-87C6-1AA7A44296DA} - C:\WINDOWS\System32\ATPART~1.DLL
O2 - BHO: (no name) - {01C5BF6C-E699-4CD7-BEA1-786FA05C83AB} - C:\Program Files\SysAI\AproposPlugin.dll
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - C:\PROGRA~1\COMMON~1\Real\Toolbar\realbar.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: WinPage Affiliate - {E8EAEB34-F7B5-4C55-87FF-720FAF53D841} - C:\Program Files\Common Files\midaddle\midaddle.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - C:\PROGRA~1\COMMON~1\Real\Toolbar\realbar.dll
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [WinVNC] "d:\RealVNC\WinVNC\WinVNC.exe" -servicehelper
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb0 4.exe
O4 - HKLM\..\Run: [HPHmon03] C:\WINDOWS\System32\hphmon03.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [49445742.exe] C:\WINDOWS\System32\49445742.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
O4 - HKLM\..\Run: [TV Media] C:\Program Files\TV Media\Tvm.exe
O4 - HKLM\..\Run: [nicdimeu] C:\WINDOWS\System32\nicdimeu.exe
O4 - HKLM\..\Run: [OB7R] C:\documents and settings\amy\local settings\temp\OB7R.exe
O4 - HKLM\..\Run: [stcinstaller] c:\installer\id53.exe
O4 - HKLM\..\Run: [2MXRHSL5QAWFCT] C:\WINDOWS\System32\Qxcn74j.exe
O4 - HKLM\..\Run: [Dsi] C:\WINDOWS\System32\dp-him.exe
O4 - HKLM\..\Run: [stcloader] C:\WINDOWS\System32\stcloader.exe
O4 - HKLM\..\Run: [AutoUpdater] "C:\Program Files\AutoUpdate\AutoUpdate.exe"
O4 - HKLM\..\Run: [p3FS3qO] nvdctl32.exe
O4 - HKCU\..\Run: [msmc] C:\WINDOWS\System32\msmc.exe
O4 - HKLM\..\RunOnce: [TV Media] C:\Program Files\TV Media\Tvm.exe
O4 - HKCU\..\RunOnce: [TV Media] C:\Program Files\TV Media\Tvm.exe
O4 - Global Startup: Image Transfer.lnk = ?
O4 - Global Startup: Instant Wireless Configuration Utility.lnk = ?
O4 - Global Startup: NaturalColorLoad.lnk = ?
O9 - Extra button: AIM (HKLM)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0713E8D2-850A-101B-AFC0-4210102A8DA7} (Microsoft ProgressBar Control, version 5.0 (SP2)) - http://bin.mcafee.com/molbin/Shared/...2/ComCtl32.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/s...irector/sw.cab
O16 - DPF: {23B7A816-3647-49D2-9756-6F41CE8F9201} (ddm_download.ddm_control) - http://download.rfwnad.com/cab/ddm_control.CAB
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/...eInstaller.exe
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://bin.mcafee.com/molbin/shared/...4/mcinsctl.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/15e153d54211087...p/RdxIE601.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://bin.mcafee.com/molbin/shared/...11/mcgdmgr.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/s...sh/swflash.cab
O16 - DPF: {F5192746-22D6-41BD-9D2D-1E75D14FBD3C} - http://download.rfwnad.com/cab/crack.CAB
O16 - DPF: {FE5D6722-826F-11D5-A24E-0060B0F1A5AE} (Tukati Launcher) - http://http.gamezone.tukati.com/tuka....20/tukati.cab
Dalamar Stormcrow is offline  
Old 07-14-2004, 09:46 AM   #2
Larry_OHF
Ironworks Moderator
 

Join Date: March 1, 2001
Location: Midlands, South Carolina
Age: 48
Posts: 14,759
http://www.sysinfo.org/startuplist.php

This website has all of those things listed, with explanations on their use and whether or not they can/should be deleted.
__________________
Larry_OHF is offline  
Old 07-14-2004, 09:47 AM   #3
philip
Galvatron
 

Join Date: June 24, 2002
Location: aa
Posts: 2,101
You should try out google with the results.

I'm quite sure some of them are spyware but you should use google on it unless you like finding out the hard way which I sometimes do.
philip is offline  
Old 07-14-2004, 05:34 PM   #4
Animal
Gold Dragon
 

Join Date: March 29, 2002
Location: Canada
Age: 51
Posts: 2,534
I wonder why your PC was going slow?

Just run every process through google and it will tell you whether you need it or not.
__________________
It\'s all fun and games until somebody loses an eye...then it becomes a sport.<br /> [img]\"http://members.shaw.ca/mtholdings/bsmeter.gif\" alt=\" - \" />
Animal is offline  
Old 07-15-2004, 03:48 AM   #5
B_part
Quintesson
 

Join Date: September 11, 2002
Location: Milan (Italy)
Age: 43
Posts: 1,066
some of them are deinitely spyware, and some look very suspicious.
Get spybot S&D and blast them... http://www.safer-networking.org/en/index.html. Be sure to run this every once in a while, and keep it updated. Don't forget to 'immunize' your PC as well.

Also, update your Mcafee antivirus, because some of those entries look a bit suspicious and might be viruses not yet recognised by your a/v. Keeping your Mcafee up to date is something wital you should do as often as possible.

Once you've cleaned things up, be sure to update your winsucks machine, as there are tons of 'holes' in the retail version, and MSucks has released countless patches for them. those really help, as some viruses can exploit those vulnerabilities to get in no matter what AV you might use.

For other needs, look at this URL http://www.answersthatwork.com/Taskl...s/tasklist.htm which lists most of the tasks you might have, along with their functions. On that page they also sell a software of their own to manage those pesky tasks. forget it, Spybot S&D 1.3 can handle all those functions under the 'tools' section. Use it with care, though, you might cause problems by disabling needed tasks
__________________
Never attribute to malice that which can be ascribed to sheer stupidity
B_part is offline  
Old 07-15-2004, 04:51 AM   #6
vesselle
Hathor
 

Join Date: April 6, 2001
Location: the desert
Posts: 2,296
not to push another website, but techsupportguy forums are some of the best, well, tech support forums i've come across. they also know HJT inside out and help everyone who posts their log there.

if you think you might want to see what they think, go to:
tech support guy and start a thread on the Windows XP forum, with your HJT log and i'm sure they'll help you out.

good luck!

V***V
__________________
my best friend is a junkie.
what does your best friend do?
vesselle is offline  
Old 07-15-2004, 09:09 AM   #7
Larry_OHF
Ironworks Moderator
 

Join Date: March 1, 2001
Location: Midlands, South Carolina
Age: 48
Posts: 14,759
Thanks for that link! It sounds like something I would be interested in as well.
__________________
Larry_OHF is offline  
 


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Halp! HAAAALP ! They're after me !! Antiokos III Baldurs Gate II: Shadows of Amn & Throne of Bhaal 10 12-03-2002 05:17 PM
Please Hijack this Thread with a Gun Debate Timber Loftis General Conversation Archives (11/2000 - 01/2005) 59 10-30-2002 07:43 PM
Saudi Airliner Crew Foils Hijack Charean General Conversation Archives (11/2000 - 01/2005) 0 10-15-2002 01:26 PM
Possible Hijack in Canada Ryanamur General Conversation Archives (11/2000 - 01/2005) 0 09-11-2001 03:50 PM
Lost Sea HALP ?? Mr-Eiz Wizards & Warriors Forum 3 05-28-2001 07:09 PM


All times are GMT -4. The time now is 07:59 AM.


Powered by vBulletin® Version 3.8.3
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
©2024 Ironworks Gaming & ©2024 The Great Escape Studios TM - All Rights Reserved