technathene
asked on
1. Ads234 is driving me crazy. 2. I'm a moron. Help?
I saw someone else's question just like this but I cannot find the things that he was told to delete on my hijackthis log. What should I delete?
My log:
Logfile of HijackThis v1.97.7
Scan saved at 1:12:18 PM, on 9/15/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.e
C:\WINDOWS\system32\winlog
C:\WINDOWS\system32\servic
C:\WINDOWS\system32\lsass.
C:\WINDOWS\system32\svchos
C:\WINDOWS\System32\svchos
C:\WINDOWS\System32\S24EvM
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spools
C:\WINDOWS\System32\Ati2ev
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Common Files\Lanovation\PrismXL\P
C:\WINDOWS\System32\RegSrv
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.ex
C:\WINDOWS\system32\ZCfgSv
C:\WINDOWS\explorer.exe
C:\WINDOWS\System32\1XConf
C:\Program Files\Intel\NCS\PROSet\PRO
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\GWMDMMSG.exe
C:\WINDOWS\System32\IEHost
C:\WINDOWS\System32\winhel
C:\WINDOWS\system32\pcs\pc
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\SpyKiller\spykiller.
C:\Program Files\BestPopUpKiller\Best
C:\WINDOWS\System32\YeePX0
C:\WINDOWS\System32\Kbc1Pg
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\v\Desktop\HijackT
R1 - HKCU\Software\Microsoft\In
R0 - HKCU\Software\Microsoft\In
R1 - HKCU\Software\Microsoft\In
F0 - system.ini: Shell=explorer.exe C:\WINDOWS\System32\svohos
F2 - REG:system.ini: Shell=explorer.exe C:\WINDOWS\System32\svohos
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-7
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-C
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-F
O2 - BHO: (no name) - {C5183ABC-EB6E-4E05-B8C9-5
O2 - BHO: Search Help - {E8EAEB34-F7B5-4C55-87FF-7
O3 - Toolbar: Band Class - {C5183ABC-EB6E-4E05-B8C9-5
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-0
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRO
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [GWMDMMSG] GWMDMMSG.exe
O4 - HKLM\..\Run: [Win32 System Spool] spoolsvc.exe
O4 - HKLM\..\Run: [Bakra] C:\WINDOWS\System32\IEHost
O4 - HKLM\..\Run: [Windows Help Service] winhelpsv.exe
O4 - HKLM\..\Run: [load32] C:\WINDOWS\System32\swchos
O4 - HKLM\..\Run: [NvClipRsv] C:\WINDOWS\svchost.exe
O4 - HKLM\..\Run: [Pcsv] C:\WINDOWS\system32\pcs\pc
O4 - HKLM\..\Run: [Dpi] C:\Program Files\Common Files\Dpi\dpi.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dump
O4 - HKLM\..\Run: [2SWZKN82R5K47C] C:\WINDOWS\System32\GxxXPn
O4 - HKLM\..\RunServices: [Win32 System Spool] spoolsvc.exe
O4 - HKLM\..\RunServices: [Windows Help Service] winhelpsv.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe
O4 - HKCU\..\Run: [Win32 System Spool] spoolsvc.exe
O4 - HKCU\..\Run: [SpyKiller] C:\Program Files\SpyKiller\spykiller.
O4 - HKCU\..\Run: [BestPopUpKiller] C:\Program Files\BestPopUpKiller\Best
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O16 - DPF: {6414512B-B978-451D-A0D8-F
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-4
O17 - HKLM\System\CCS\Services\T
My log:
Logfile of HijackThis v1.97.7
Scan saved at 1:12:18 PM, on 9/15/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.e
C:\WINDOWS\system32\winlog
C:\WINDOWS\system32\servic
C:\WINDOWS\system32\lsass.
C:\WINDOWS\system32\svchos
C:\WINDOWS\System32\svchos
C:\WINDOWS\System32\S24EvM
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spools
C:\WINDOWS\System32\Ati2ev
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Common Files\Lanovation\PrismXL\P
C:\WINDOWS\System32\RegSrv
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.ex
C:\WINDOWS\system32\ZCfgSv
C:\WINDOWS\explorer.exe
C:\WINDOWS\System32\1XConf
C:\Program Files\Intel\NCS\PROSet\PRO
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\GWMDMMSG.exe
C:\WINDOWS\System32\IEHost
C:\WINDOWS\System32\winhel
C:\WINDOWS\system32\pcs\pc
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\SpyKiller\spykiller.
C:\Program Files\BestPopUpKiller\Best
C:\WINDOWS\System32\YeePX0
C:\WINDOWS\System32\Kbc1Pg
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\v\Desktop\HijackT
R1 - HKCU\Software\Microsoft\In
R0 - HKCU\Software\Microsoft\In
R1 - HKCU\Software\Microsoft\In
F0 - system.ini: Shell=explorer.exe C:\WINDOWS\System32\svohos
F2 - REG:system.ini: Shell=explorer.exe C:\WINDOWS\System32\svohos
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-7
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-C
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-F
O2 - BHO: (no name) - {C5183ABC-EB6E-4E05-B8C9-5
O2 - BHO: Search Help - {E8EAEB34-F7B5-4C55-87FF-7
O3 - Toolbar: Band Class - {C5183ABC-EB6E-4E05-B8C9-5
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-0
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRO
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [GWMDMMSG] GWMDMMSG.exe
O4 - HKLM\..\Run: [Win32 System Spool] spoolsvc.exe
O4 - HKLM\..\Run: [Bakra] C:\WINDOWS\System32\IEHost
O4 - HKLM\..\Run: [Windows Help Service] winhelpsv.exe
O4 - HKLM\..\Run: [load32] C:\WINDOWS\System32\swchos
O4 - HKLM\..\Run: [NvClipRsv] C:\WINDOWS\svchost.exe
O4 - HKLM\..\Run: [Pcsv] C:\WINDOWS\system32\pcs\pc
O4 - HKLM\..\Run: [Dpi] C:\Program Files\Common Files\Dpi\dpi.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dump
O4 - HKLM\..\Run: [2SWZKN82R5K47C] C:\WINDOWS\System32\GxxXPn
O4 - HKLM\..\RunServices: [Win32 System Spool] spoolsvc.exe
O4 - HKLM\..\RunServices: [Windows Help Service] winhelpsv.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe
O4 - HKCU\..\Run: [Win32 System Spool] spoolsvc.exe
O4 - HKCU\..\Run: [SpyKiller] C:\Program Files\SpyKiller\spykiller.
O4 - HKCU\..\Run: [BestPopUpKiller] C:\Program Files\BestPopUpKiller\Best
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O16 - DPF: {6414512B-B978-451D-A0D8-F
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-4
O17 - HKLM\System\CCS\Services\T
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Perfect! I am sane again. Thanks!
Great...... good job :)
now as the problem is solved for u, u can close this question, u can see the Accept button infron of each coment, just hit the button for that comment which solved ur problem and then assign a grade, that's all =)
for more info. on how to close a Question, plzz refer here >> https://www.experts-exchange.com/help.jsp#hs5
Thanx ^_^
now as the problem is solved for u, u can close this question, u can see the Accept button infron of each coment, just hit the button for that comment which solved ur problem and then assign a grade, that's all =)
for more info. on how to close a Question, plzz refer here >> https://www.experts-exchange.com/help.jsp#hs5
Thanx ^_^
and from next time u use Hijackthis, use the latest version >> http://tools.radiosplace.com/HijackThis.exe
and then post the LOG here >> http://www.hijackthis.de/index.php?langselect=english
it will automatically analyse it for u,,,,, so u can fix the entries urself :)