Hijack This Log

  1. 06-03-2005  #1
    meg14t
    meg14t is offline Newbie

    Hijack This Log: Task Manager Broken

    I read about someone else with a similar problem to mine and they posted their Hijack This log and said it worked! I'm hoping the same will work for me.

    My Task Manager will only show up for about 3-5 seconds, max. It then disappears so I can't view processes or anything like that, it's quite frustrating! Here is my hyjack this log, any and all help is greatly appreciated!

    Logfile of HijackThis v1.99.1
    Scan saved at 2:41:37 PM, on 3/6/2005
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\wanmpsvc.exe
    C:\WINDOWS\System32\Winkddk.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\MSI\Live Update 2\LMonitor.exe
    C:\WINDOWS\essspk.exe
    C:\Program Files\Real\RealPlayer\RealPlay.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe
    C:\Program Files\Lexmark X74-X75\lxbbbmon.exe
    C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
    C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
    C:\Program Files\Advantage\Advantage.exe
    C:\WINDOWS\System32\systime.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\WINDOWS\System32\systime.exe
    C:\Program Files\America Online 9.0\aoltray.exe
    C:\Program Files\Messenger\msmsgszrz.exe
    C:\Program Files\America Online 9.0\waol.exe
    C:\Program Files\America Online 9.0\shellmon.exe
    C:\Program Files\America Online 9.0\aolwbspd.exe
    C:\Program Files\Microsoft Office\Office\WINWORD.EXE
    C:\Program Files\AIM95\aim.exe
    C:\WINDOWS\System32\dmdlgs.exe
    C:\WINDOWS\System32\winpack.exe
    C:\Documents and Settings\Meg\Desktop\hijackthis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://213.159.117.134/index.php
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://213.159.117.134/index.php
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://213.159.117.134/index.php
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://213.159.117.134/index.php
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = http://213.159.117.134/index.php
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = http://213.159.117.134/index.php
    O2 - BHO: &EliteBar - {28CAEFF3-0F18-4036-B504-51D73BD81ABC} - (no file)
    O3 - Toolbar: &EliteBar - {825CF5BD-8862-4430-B771-0C15C5CA8DEF} - C:\EliteToolBar version 58.dll (file missing)
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
    O4 - HKLM\..\Run: [LiveMonitor] C:\Program Files\MSI\Live Update 2\LMonitor.exe
    O4 - HKLM\..\Run: [EssSpkPhone] essspk.exe
    O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
    O4 - HKLM\..\Run: [Spyware Nuker Installer] C:\WINDOWS\Downloaded Program Files\SpywareNukerInstaller.exe
    O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
    O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Lexmark X74-X75] "C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe"
    O4 - HKLM\..\Run: [Microsoft Inet Xp..] teekids.exe
    O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaE ngineMain
    O4 - HKLM\..\Run: [Advantage Launcher] "C:\Program Files\Advantage\Advantage.exe"
    O4 - HKLM\..\Run: [SysTime] C:\WINDOWS\System32\systime.exe
    O4 - HKLM\..\Run: [antiware] C:\windows\system32\elitesdk32.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [Jet Detection] C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe
    O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM95\aim.exe -cnetwait.odl
    O4 - HKCU\..\Run: [mslbui] C:\WINDOWS\System32\mslbui.exe
    O4 - HKCU\..\Run: [dmdlgs] C:\WINDOWS\System32\dmdlgs.exe
    O4 - HKCU\..\Run: [Suhxb] C:\WINDOWS\System32\t?skmgr.exe
    O4 - HKCU\..\Run: [winpack] C:\WINDOWS\System32\winpack.exe
    O4 - HKCU\..\Run: [SysTime] C:\WINDOWS\System32\systime.exe
    O4 - HKCU\..\Run: [Wece] C:\Documents and Settings\Meg\Application Data\occp.exe
    O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O15 - Trusted Zone: *.iframedollars.biz
    O15 - Trusted Zone: *.skoobidoo.com
    O15 - Trusted Zone: *.slotchbar.com
    O15 - Trusted Zone: *.windupdates.com
    O15 - Trusted Zone: *.ysbweb.com
    O15 - Trusted Zone: *.iframedollars.biz (HKLM)
    O15 - Trusted Zone: *.searchmiracle.com (HKLM)
    O15 - Trusted Zone: *.skoobidoo.com (HKLM)
    O15 - Trusted Zone: *.slotchbar.com (HKLM)
    O15 - Trusted Zone: *.windupdates.com (HKLM)
    O15 - Trusted Zone: *.ysbweb.com (HKLM)
    O15 - Trusted IP range: 213.159.117.202
    O15 - Trusted IP range: 213.159.117.202 (HKLM)
    O16 - DPF: Pop Fu by pogo.com - http://popfu.pogo.com/applet/popfu/popfu-ob-assets.cab
    O16 - DPF: Word Whomp Whackdown by pogo.com - http://whackdown.pogo.com/applet/wha...-ob-assets.cab
    O16 - DPF: Yahoo! Graffiti - http://download.games.yahoo.com/game...s/y/grt5_x.cab
    O16 - DPF: Yahoo! Literati - http://download.games.yahoo.com/game...ts/y/tt2_x.cab
    O16 - DPF: Yahoo! Poker - http://download.games.yahoo.com/game...ts/y/pt0_x.cab
    O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/game...s/y/potb_x.cab
    O16 - DPF: {1D0D9077-3798-49BB-9058-393499174D5D} - file://c:\counter.cab
    O16 - DPF: {79849612-A98F-45B8-95E9-4D13C7B6B35C} (Loader2 Control) - http://iframedollars.biz/tb/loader2.ocx
    O16 - DPF: {87067F04-DE4C-4688-BC3C-4FCF39D609E7} - http://download.websearch.com/Dnl/T_50038/QDow_AS2.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{505F223C-3BA1-4D41-A130-2A10B898EC69}: NameServer = 205.188.146.145
    O17 - HKLM\System\CS1\Services\Tcpip\..\{505F223C-3BA1-4D41-A130-2A10B898EC69}: NameServer = 205.188.146.145
    O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
    O23 - Service: Creative Service for CDROM Access - Unknown owner - C:\WINDOWS\System32\CTSVCCDA.EXE (file missing)
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
    O23 - Service: Winkddk - Unknown owner - C:\WINDOWS\System32\Winkddk.exe
    Last edited by meg14t; 07-03-2005 at 04:45 AM. Reason: title change
+ Reply to Thread
« Mam's HiJack | tool bar problem/hijack »