ComputerForum.com ComputerForum.com  

Go Back   Computer Forum > Computer Software > Computer Security
Hijackthis log Hijackthis log
Register FAQ Members List Social Groups Calendar Search Today's Posts Mark Forums Read

 
 
LinkBack Thread Tools Search this Thread Display Modes
Prev Previous Post   Next Post Next
Old 04-21-2005, 01:13 PM   #1 (permalink)
New Member
 
Join Date: Apr 2005
Posts: 8
Default Hijackthis log
I can't get rid of about:blank. I have tried almost everything. Can someone tell me what I should remove from this hijackthis log.




Logfile of HijackThis v1.99.1
Scan saved at 5:24:05 AM, on 4/21/2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Network Associates\VirusScan\avsynmgr.exe
C:\WINNT\system32\ncsvc.exe
C:\Program Files\Nortel Networks\Remote Access Manager\NNDService.exe
C:\Program Files\Nortel Networks\Remote Access Manager\RAMSettings.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Network Associates\VirusScan\VsStat.exe
C:\Program Files\Network Associates\VirusScan\Vshwin32.exe
C:\Program Files\Network Associates\VirusScan\Avconsol.exe
C:\WINNT\system32\tp4mon.exe
C:\WINNT\system32\ltmsg.exe
C:\THINKPAD\TP98.EXE
C:\THINKPAD\tphkmgr.exe
C:\THINKPAD\tponscr.exe
C:\Program Files\Visual Networks\Visual IP InSight\Nortel\IPClient.exe
C:\Program Files\Visual Networks\Visual IP InSight\Nortel\IPMon32.exe
C:\Program Files\BellSouth\Connection Tool\IPClient.exe
C:\Program Files\BellSouth\Connection Tool\IPMon32.exe
C:\WINNT\system32\addff.exe
C:\Program Files\Common Files\Network Associates\McShield\mcshield.exe
C:\CFGSAFE\AUTOCHK.EXE
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Linksys\Wireless-G Notebook Adapter\WPC54CFG.exe
C:\WINNT\system32\wuauclt.exe
C:\WINNT\System32\rsvp.exe
C:\WINNT\mfclt32.exe
C:\PROGRA~1\WINZIP\winzip32.exe
C:\unzipped\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINNT\owdej.dll/sp.html#12345
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINNT\owdej.dll/sp.html#12345
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINNT\owdej.dll/sp.html#12345
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINNT\owdej.dll/sp.html#12345
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINNT\owdej.dll/sp.html#12345
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINNT\owdej.dll/sp.html#12345
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://home.bellsouth.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Bellsouth® Internet Service
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {8A3A22DC-21F1-3B84-D9A5-091D05B49E6C} - C:\WINNT\system32\sdkkw.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [TrackPointSrv] tp4mon.exe
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [LTWinModem1] ltmsg.exe 9
O4 - HKLM\..\Run: [TP98UTIL] C:\THINKPAD\TP98.EXE /s
O4 - HKLM\..\Run: [TpHotkey] C:\THINKPAD\tphkmgr.exe
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [RAMConnectionChecker] "C:\Program Files\Nortel Networks\Remote Access Manager\RAMConnChecker.exe" -m
O4 - HKLM\..\Run: [RAMGINAConnWatch] "C:\Program Files\Nortel Networks\Remote Access Manager\RAMConnWatcher.exe"
O4 - HKLM\..\Run: [IPInSightLAN 01] "C:\Program Files\Visual Networks\Visual IP InSight\Nortel\IPClient.exe" -l
O4 - HKLM\..\Run: [IPInSightMonitor 01] "C:\Program Files\Visual Networks\Visual IP InSight\Nortel\IPMon32.exe"
O4 - HKLM\..\Run: [IPInSightLAN 02] "C:\Program Files\BellSouth\Connection Tool\IPClient.exe" -l
O4 - HKLM\..\Run: [IPInSightMonitor 02] "C:\Program Files\BellSouth\Connection Tool\IPMon32.exe"
O4 - HKLM\..\Run: [addff.exe] C:\WINNT\system32\addff.exe
O4 - Global Startup: AUTOCHK.LNK = C:\CFGSAFE\AUTOCHK.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O4 - Global Startup: Wireless-G Notebook Adapter Utility.lnk = C:\Program Files\Linksys\Wireless-G Notebook Adapter\WPC54CFG.exe
O14 - IERESET.INF: START_PAGE_URL=http://home.bellsouth.net
O16 - DPF: {4CC35DAD-40EA-4640-ACC2-A1A3B6FB3E06} (NeoterisSetup Control) - https://connect2.prudential.com/dana...terisSetup.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab
O23 - Service: Network Security Service (NSS) ( 11Fßä#·ºÄÖ`I) - Unknown owner - C:\WINNT\mfclt32.exe
O23 - Service: AVSync Manager (AvSynMgr) - Unknown owner - C:\Program Files\Network Associates\VirusScan\avsynmgr.exe
O23 - Service: CVCBrokerService - Unknown owner - C:\Program Files\Nortel Networks\Remote Access Manager\CVCBrokerService.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Contivity VPN Service (ExtranetAccess) - Nortel Networks NA, Inc. - C:\Program Files\Nortel Networks\Extranet_serv.exe
O23 - Service: McShield - Unknown owner - C:\Program Files\Common Files\Network Associates\McShield\mcshield.exe
O23 - Service: Virtual Com Port Service (neoNcSvc) - Unknown owner - C:\WINNT\system32\ncsvc.exe
O23 - Service: NICSer_WPC54G - Unknown owner - C:\Program Files\Linksys\Wireless-G Notebook Adapter\NICServ.exe
O23 - Service: NNDService - Unknown owner - C:\Program Files\Nortel Networks\Remote Access Manager\NNDService.exe
O23 - Service: RAMSettings - Unknown owner - C:\Program Files\Nortel Networks\Remote Access Manager\RAMSettings.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
terryh is offline   Reply With Quote


 

Bookmarks

« Previous Thread | Next Thread »
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Threaded Mode Threaded Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


All times are GMT +1. The time now is 08:59 PM.

Contact Us - Computer Forum - Sitemap - Top

Powered by: vBulletin Version 3.8.4
Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.
SEO by vBSEO 3.3.0 ©2009, Crawlability, Inc.
Copyright © 2002-2009 Computer Forum - Internet Business - Web Design Forum