my hijack this log

Discussion in 'adware, spyware & hijack cleaning' started by Stressy, Mar 15, 2004.

Thread Status:
Not open for further replies.
  1. Stressy

    Stressy Registered Member

    Joined:
    Mar 14, 2004
    Posts:
    15
    hi all, this is my very 1st post.. just wondering is my system free from all those crappy spywares..

    Logfile of HijackThis v1.97.7
    Scan saved at 12:46:25 PM, on 3/15/2004
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    F:\WINDOWS\System32\smss.exe
    F:\WINDOWS\SYSTEM32\winlogon.exe
    F:\WINDOWS\system32\services.exe
    F:\WINDOWS\system32\lsass.exe
    F:\WINDOWS\system32\svchost.exe
    F:\WINDOWS\System32\svchost.exe
    F:\WINDOWS\system32\spoolsv.exe
    F:\WINDOWS\Explorer.EXE
    F:\Program Files\WinPoET Broadband Connection\winpppoverethernet.exe
    F:\Program Files\Messenger Plus! 2\MsgPlus.exe
    F:\WINDOWS\System32\CTsvcCDA.exe
    F:\Program Files\Executive Software\Diskeeper\DkService.exe
    F:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
    F:\Program Files\Eset\nod32krn.exe
    F:\WINDOWS\System32\nvsvc32.exe
    F:\WINDOWS\System32\PGPsdkServ.exe
    F:\WINDOWS\System32\svchost.exe
    F:\Program Files\WinPoET Broadband Connection\WrOS.EXE
    F:\WINDOWS\System32\MsPMSPSv.exe
    F:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
    F:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
    F:\Program Files\ESET\nod32kui.exe
    F:\Program Files\Mozilla Firefox\firefox.exe
    F:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
    F:\Documents and Settings\Terrence Chia\Desktop\security\HijackThis.exe

    O1 - Hosts: 64.91.255.87 www.dcsresearch.com
    O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - F:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [PHIME2002ASync] F:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] F:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [CTSysVol] F:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
    O4 - HKLM\..\Run: [a-winpoet-service] "F:\Program Files\WinPoET Broadband Connection\winpppoverethernet.exe"
    O4 - HKLM\..\Run: [MessengerPlus2] "F:\Program Files\Messenger Plus! 2\MsgPlus.exe"
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [nod32kui] "F:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
    O4 - Startup: PowerReg Scheduler.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = F:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O9 - Extra button: Related (HKLM)
    O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
    O10 - Broken Internet access because of LSP provider 'imon.dll' missing
    O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/SU/ocx/12119/CTSUEng.cab
    O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38029.8524537037
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/SU/ocx/12119/CTPID.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{652E6D9E-BFA2-46A7-8AC4-529A8945EBF9}: NameServer = 165.21.100.88 165.21.83.88
     
  2. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,435
    Location:
    Netherlands
    Hi Stressy,

    Welcome at Wilders. :)

    Check the items listed below in HijackThis, close all windows except HijackThis and click Fix checked:

    O4 - Startup: PowerReg Scheduler.exe

    Then reboot.

    No spyware, just a "nag" screen.

    Regards,

    Pieter
     
  3. Stressy

    Stressy Registered Member

    Joined:
    Mar 14, 2004
    Posts:
    15
    thks man :)
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.