|
WE HAVE MOVED. Please see our NEW Computer Forums |
11-6-2009: Sorry for the inconvenience. We finally upgraded to vBulletin 3 !! See you there, Larry could someone help meGo to the Tech-Forums Discussion Home PagePosted by: nev Hi , I first posted my hijack this log in the hardware forum (I though something was wrong with my hard disks) They adviced me to post it in this section. Well here is my log: Logfile of HijackThis v1.97.7 Scan saved at 11:46:10 AM, on 5/18/2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\System32\17n.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\System32\17n.exe C:\Documents and Settings\Nevinson.YOUR-6PDPT9YPA2\Desktop\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [url]http://www.yahoo.com/[/url] O2 - BHO: (no name) - {A78860C8-EE1A-46DF-A97F-E3E6D433E80B} - C:\WINDOWS\system32\oqq.dll O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\APVXDWIN.EXE" /s O4 - HKLM\..\Run: [LUPGCONF] "C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\LUpgConf.exe" /RunOnce:3_02_01 O4 - HKLM\..\RunOnce: [lwyl6.exe] C:\WINDOWS\System32\lwyl6.exe /k O4 - HKCU\..\RunOnce: [lwyl6.exe] C:\WINDOWS\System32\lwyl6.exe /k O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - [url]http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB[/url] O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - [url]http://download.macromedia.com/pub/...director/sw.cab[/url] O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - [url]http://a840.g.akamai.net/7/840/537/...all/xscan53.cab[/url] O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - [url]http://download.yahoo.com/dl/mail/autocomplete.cab[/url] Please advice Nev Posted by: Warez Monster Your log wasnt to bad. C:\WINDOWS\System32\17n.exe This is an unknown processes Removed this on your own or get another suggestion. The rest should be removed. O2 - BHO: (no name) - {A78860C8-EE1A-46DF-A97F-E3E6D433E80B} - C:\WINDOWS\system32\oqq.dll Entries found in this registry zone are potentially nasty. This application ([A78860C8-EE1A-46DF-A97F-E3E6D433E80B] - Result: A78860C8-EE1A-46DF-A97F-E3E6D433E80B) has been checked. O4 - HKLM\..\RunOnce: [lwyl6.exe] C:\WINDOWS\System32\lwyl6.exe /k It seems that the name of this program is the same as the name of the file. In the most cases this is the result of trojans. To be sure, you should check this file. O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - [url]http://a840.g.akamai.net/7/840/537/...all/xscan53.cab[/url] This entry is possibly nasty. Posted by: nev Thanks, I got it fixed Nev Posted by: Warez Monster Np....Glad I could help Please Visit the Online Configurator, Email Hosting, Internet Marketing , Computer Schools , Software for Real Estate , AAOutlook , Search Engine Site |