| View previous topic :: View next topic |
| Author |
Message |
kasolo
Guest
IP: 68.215.*.*
|
 Posted: Wed Mar 10, 2004 4:34 am Post subject: Please check out my HijackThis log. |
|
|
My CPU usage is always at 100%. Any clues why?
Logfile of HijackThis v1.97.7
Scan saved at 10:46:47 PM, on 3/9/2004
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\Explorer.EXE
C:\WINNT\system32\TPWRSAVE.EXE
C:\WINNT\system32\TFUNCKEY.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Adobe\Acrobat 6.0\Reader\AcroRd32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\guest\Desktop\HijackThis.exe
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://mshp.dll/sp.html#10213
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://mshp.dll/sp.html#10213
R3 - URLSearchHook: (no name) - {D6DFF6D8-B94B-4720-B730-1C38C7065C3B} - (no file)
O1 - Hosts: 12.129.205.209 search.netscape.com12.129.205.209 sitefinder.verisign.com
O2 - BHO: (no name) - {00000EF1-0786-4633-87C6-1AA7A44296DA} - (no file)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_11_0.dll
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {2E9CAFF6-30C7-4208-8807-E79D4EC6F806} - C:\Program Files\Submit\submithook.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: . - {587DBF2D-9145-4c9e-92C2-1F953DA73773} - C:\Documents and Settings\Administrator\Application Data\ieif\ieif32.dll (file missing)
O2 - BHO: (no name) - {5D60FF48-95BE-4956-B4C6-6BB168A70310} - C:\PROGRA~1\INCRED~1\BHO\INCFIN~1.DLL (file missing)
O2 - BHO: (no name) - {FD9BC004-8331-4457-B830-4759FF704C22} - C:\Documents and Settings\Administrator\Application Data\ieif\msiesh.dll (file missing)
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_11_0.dll
O3 - Toolbar: searchforit - {C109664B-CEB1-420b-B353-D55A561536DD} - C:\WINNT\system32\SYSsfitb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [TDspOff] Tdspoff.exe B
O4 - HKLM\..\Run: [Tpwrsave] TPWRSAVE.EXE
O4 - HKLM\..\Run: [Tfunckey] TFUNCKEY.EXE
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O16 - DPF: ChatSpace Full Java Client 3.1.0.229 - http://streak.fimc.net:8000/Java/cfs31229.cab
O16 - DPF: ChatSpace Full Java Client 3.1.0.235 - http://streak.fimc.net:8000/Java/cfs31235.cab
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/potc_x.cab
O16 - DPF: {00000EF1-0786-4633-87C6-1AA7A44296DA} - http://www.netpaloffers.net/NetpalOffers/DMO1/Mx0n11n3.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://download.yahoo.com/dl/installs/yinst0309.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/08193ed121cde35b0702/netzip/RdxIE601.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37997.7360648148
O16 - DPF: {A27AD582-5BE5-4C2D-82F0-48B24FE02040} - http://www.adshooter.com/pop_shooter/install/win2000/SYSsfitb.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
|
|
| Back to top |
|
 |
k027
Special Response Team
Guest Forums Host
Joined: Aug 25, 2003
Posts: 8481
|
| Posted: Wed Nov 09, 2005 1:10 am Post subject: |
|
|
Hello ghost,
Please do not offer assistance with HJT logs until you have been trained and specifically authorized to do so.
Hello kasolo,
For your own good, do not ever follow any HJT log advice from ghost or anyone else unless they have been specifically authorized by CastleCops to provide HJT help.
|
|
| Back to top |
|
|
k027
Special Response Team
Guest Forums Host
Joined: Aug 25, 2003
Posts: 8481
|
| Posted: Wed Nov 09, 2005 1:14 am Post subject: |
|
|
Hello Dagaul,
Please do not hijack anyone else's topic or double post. You already have your own topic.
|
|
| Back to top |
|
|
YounGun
1st Responder
Site Moderator
Joined: Dec 11, 2004
Posts: 4330
|
| Posted: Sat Nov 19, 2005 9:54 am Post subject: |
|
|
** Edit ** Saw the original poste date 
_________________
IT Stuff
|
|
| Back to top |
|
|
|
|
Forum FAQ
Search
Usergroups
Profile
Login to check your private messages
Login
