Jain_Charin Posted April 9, 2006 Share Posted April 9, 2006 well i cant log into yahoo or any thing really besides forums and im all over the lace trying to figure out whats up and i cant seem to find it Logfile of HijackThis v1.99.1 Scan saved at 10:15:24 PM, on 4/8/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\Explorer[Caution: Executable File] C:\WINDOWS\ehome\ehtray[Caution: Executable File] C:\Program Files\Digital Media Reader\shwiconem[Caution: Executable File] C:\PROGRA~1\mcafee.com\agent\mcagent[Caution: Executable File] C:\WINDOWS\eHome\ehmsas[Caution: Executable File] C:\WINDOWS\zHotkey[Caution: Executable File] C:\WINDOWS\system32\igfxtray[Caution: Executable File] C:\WINDOWS\system32\hkcmd[Caution: Executable File] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray[Caution: Executable File] C:\Program Files\McAfee.com\VSO\mcvsshld[Caution: Executable File] C:\Program Files\McAfee.com\VSO\oasclnt[Caution: Executable File] C:\Program Files\QuickTime\qttask[Caution: Executable File] c:\progra~1\mcafee.com\vso\mcvsescn[Caution: Executable File] c:\progra~1\mcafee.com\vso\mcvsftsn[Caution: Executable File] C:\PROGRA~1\McAfee.com\PERSON~1\Mp[bleep]ent[Caution: Executable File] C:\Documents and Settings\Anthony\My Documents\torrent\mIRC\mirc[Caution: Executable File] C:\Program Files\Internet Explorer\iexplore[Caution: Executable File] C:\Documents and Settings\Anthony\My Documents\New Folder (4)\HijackThis[Caution: Executable File] R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gatewaybiz.com O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar5.dll O3 - Toolbar: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar5.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray[Caution: Executable File] O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck[Caution: Executable File] O4 - HKLM\..\Run: [sunKistEM] C:\Program Files\Digital Media Reader\shwiconem[Caution: Executable File] O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent[Caution: Executable File] O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate[Caution: Executable File] O4 - HKLM\..\Run: [CHotkey] zHotkey[Caution: Executable File] O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1123365865\ee\AOLSoftware[Caution: Executable File] O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD[Caution: Executable File] O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ[Caution: Executable File]" O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut[Caution: Executable File] O4 - HKLM\..\Run: [Mixersel] C:\Program Files\Realtek\InstallShield\mixersel[Caution: Executable File] O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray[Caution: Executable File] O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd[Caution: Executable File] O4 - HKLM\..\Run: [soundMan] SOUNDMAN[Caution: Executable File] O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD[Caution: Executable File] O4 - HKLM\..\Run: [Alcmtr] ALCMTR[Caution: Executable File] O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr[Caution: Executable File]" O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray[Caution: Executable File] O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr[Caution: Executable File]" /checktask O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld[Caution: Executable File] O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt[Caution: Executable File] O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask[Caution: Executable File]" -atboottime O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy[Caution: Executable File]" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs[Caution: Executable File]" /background O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire[Caution: Executable File] O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl[Caution: Executable File] O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\BigFix[Caution: Executable File] O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL[Caution: Executable File]/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Documents and Settings\Anthony\My Documents\New Folder\PartyPoker\RunApp[Caution: Executable File] O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Documents and Settings\Anthony\My Documents\New Folder\PartyPoker\RunApp[Caution: Executable File] O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: Executable File] O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: Executable File] O12 - Plugin for .au: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll O12 - Plugin for .wav: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin2.dll O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/share ... insctl.cab O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/share ... cgdmgr.cab O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O23 - Service: Apache2 - Unknown owner - C:\OpenSA\Apache2\bin\Apache[Caution: Executable File]" -k runservice (file missing) O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES[Caution: Executable File] O23 - Service: McAfee WSC Integration (McDetect[Caution: Executable File]) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect[Caution: Executable File] O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield[Caution: Executable File] O23 - Service: McAfee Task Scheduler (McTskshd[Caution: Executable File]) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd[Caution: Executable File] O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr[Caution: Executable File]) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr[Caution: Executable File] O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService[Caution: Executable File] O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS Link to comment Share on other sites More sharing options...
Mementh Posted April 9, 2006 Share Posted April 9, 2006 O4 - HKLM\..\Run: [Alcmtr] ALCMTR[Caution: Executable File] Realtek AC97 Audio - Event Monitor. "Sypware" file used surreptitiously monitor ones actions. It is not a sinister one, like remote control programs, but it is being used by Realtek to gather data about customers + O23 - Service: Apache2 - Unknown owner - C:\OpenSA\Apache2\bin\Apache[Caution: Executable File]" -k runservice (file missing) (were you running a webserver?) not sure what to recomend man? The following statement is true. The previous statement is false. 60% of all statistics are made up 90% of the time andrew i love you & want you to have my babys!!! Finally, I get to save the Earth with deadly lasers instead of deadly slide shows! Link to comment Share on other sites More sharing options...
Jain_Charin Posted April 9, 2006 Author Share Posted April 9, 2006 thanks i can get rid of them easy i might reset my ip adress too.... ive been looking around and some people said it could be easy as that Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now