Results 1 to 2 of 2

Thread: hello

  1. #1
    Member
    Join Date
    Dec 2007
    Posts
    1
    Points
    0

    Default hello

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 21:57:04, on 07.12.2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\UAService7.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\rsvp.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\WINDOWS\system32\ntvdm.exe
    C:\Documents and Settings\Prof\Desktop\viroos\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://getnichepass.com/2/82/4/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://getnichepass.com/2/82/4/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = http://getnichepass.com/2/82/4/
    O4 - HKCU\..\Run: [qservices] C:\WINDOWS\qservice.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [SystemDriverLoad] (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [SystemDriver] (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [FDriver] (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [ADriver] (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [CDriver] (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [DDriver] (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: BJ Status Monitor Canon PIXMA iP2000.lnk = C:\Documents and Settings\Prof\cnmss Canon PIXMA iP2000 (Local).exe
    O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
    O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
    O22 - SharedTaskScheduler: Windows Installer Class - {24E31EA9-FCE2-404F-BD80-20543565D946} - C:\DOCUME~1\Prof\LOCALS~1\Temp\~~install.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe

    --
    End of file - 3123 bytes

  2. #2
    Member
    Join Date
    Dec 2002
    Posts
    12,000
    Points
    1191

    Default

    You have a number of strange entries considering the small size of the HJT log.

    What problems are you having ??????

    Some one or some thing has blocked any reg edits.

    Is this a work PC?

    Please read and follow all the directions here and then post a new HJT log:

    http://www.help2go.com/component/opt...wtopic/t,9709/

    BG

    Since there has been no response for a few days, from the poster, this topic is now closed. BG

    (Please contact a Moderator if you need it reopened. Please be advised that the spyware forum will closing down for the Holidays on or about the December 20.)