You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
help with highjack -- highjackthis.txt attached
- Thread starter redjoy
- Start date
- Status
- Not open for further replies.
RealBlackStuff
Posts: 6,450 +3
First of all, please do NOT open a new thread for every post you make!
First Read: Only use these HJT-instructions when asked!
/P/ Process needs to be stopped
/S/ Service needs to be stopped
The text between the dotted lines underneath goes between the dotted lines of that post.
Make sure to follow ALL instructions, and in HJT tick/fix ALL lines!
...................................................................................................
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr7/*http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
O2 - BHO: (no name) - {FFF4E223-7019-4ce7-BE03-D7D3C8CCE884} - (no file)
/P/ STOP the Process for every following single xxx.exe and .pif file if there. WATCH THE SPELLING CAREFULLY!
O4 - HKLM\..\Run: [MusIRC (irc.musirc.com) client] musirc4.71.exe
O4 - HKLM\..\Run: [Satin] csmsn.exe
O4 - HKLM\..\Run: [Config Loader] scvhost.exe <<== Careful!
O4 - HKLM\..\Run: [Distributed Transaction Coordinator System] cliconfgh.exe
O4 - HKLM\..\Run: [Configuration Loader] sw32.exe
O4 - HKLM\..\Run: [Microsoft Internet] spolws.exe
O4 - HKLM\..\Run: [Microsoft Explorer] msl.exe
O4 - HKLM\..\Run: [COM+ System Applications] lsas.exe
O4 - HKLM\..\Run: [Microsoft Update Machine] systemse.exe
O4 - HKLM\..\Run: [Msgn] C:\WINNT\SYSTEM32\tstorm.exe
O4 - HKLM\..\Run: [contime] C:\winnt\system32\contime.exe
O4 - HKLM\..\Run: [New Csnm Manager] csmn.exe
O4 - HKLM\..\Run: [Microsoft Server] rserv.exe
O4 - HKLM\..\Run: [System Service] schost.exe
O4 - HKLM\..\Run: [System Update Service] update.pif
as well as for svcproc.exe
/S/ STOP the Service for every following single xxx.exe and .pif file if there. WATCH THE SPELLING CAREFULLY!
O4 - HKLM\..\RunServices: [MusIRC (irc.musirc.com) client] musirc4.71.exe
O4 - HKLM\..\RunServices: [Satin] csmsn.exe
O4 - HKLM\..\RunServices: [Config Loader] scvhost.exe <<== Careful!
O4 - HKLM\..\RunServices: [Configuration Loader] sw32.exe
O4 - HKLM\..\RunServices: [Microsoft Internet] spolws.exe
O4 - HKLM\..\RunServices: [Microsoft Explorer] msl.exe
O4 - HKLM\..\RunServices: [COM+ System Applications] lsas.exe
O4 - HKLM\..\RunServices: [Microsoft Update Machine] systemse.exe
O4 - HKLM\..\RunServices: [New Csnm Manager] csmn.exe
O4 - HKLM\..\RunServices: [Microsoft Server] rserv.exe
O4 - HKLM\..\RunServices: [System Service] schost.exe
O4 - HKLM\..\RunServices: [System Update Service] update.pif
as well as for svcproc.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O23 - Service: COM+ System Applications (COMS) - Unknown owner - C:\WINNT\System32\lsas.exe" -service (file missing)
O23 - Service: Microsoft NetWork FireWall Services - Unknown owner - NetServices.exe (file missing)
O23 - Service: netinfo - Unknown owner - C:\WINNT\netinfo.exe (file missing)
O23 - Service: Query Service - Unknown owner - C:\WINNT\system32\com1\dragoon\SS.BAT (file missing)
O23 - Service: sdktemp - Unknown owner - C:\WINNT\debughlp.exe (file missing)
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINNT\svcproc.exe
O23 - Service: Configuration Loader (sw3) - Unknown owner - C:\WINNT\System32\sw32.exe" -service (file missing)
O23 - Service: TASKESV (TESV) - Unknown owner - C:\WINNT\taskcntr.exe (file missing)
O23 - Service: Windows Product Activation (wpa) - Unknown owner - C:\WINNT\system32\wpa.exe (file missing)
.............................................................................
First Read: Only use these HJT-instructions when asked!
/P/ Process needs to be stopped
/S/ Service needs to be stopped
The text between the dotted lines underneath goes between the dotted lines of that post.
Make sure to follow ALL instructions, and in HJT tick/fix ALL lines!
...................................................................................................
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr7/*http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
O2 - BHO: (no name) - {FFF4E223-7019-4ce7-BE03-D7D3C8CCE884} - (no file)
/P/ STOP the Process for every following single xxx.exe and .pif file if there. WATCH THE SPELLING CAREFULLY!
O4 - HKLM\..\Run: [MusIRC (irc.musirc.com) client] musirc4.71.exe
O4 - HKLM\..\Run: [Satin] csmsn.exe
O4 - HKLM\..\Run: [Config Loader] scvhost.exe <<== Careful!
O4 - HKLM\..\Run: [Distributed Transaction Coordinator System] cliconfgh.exe
O4 - HKLM\..\Run: [Configuration Loader] sw32.exe
O4 - HKLM\..\Run: [Microsoft Internet] spolws.exe
O4 - HKLM\..\Run: [Microsoft Explorer] msl.exe
O4 - HKLM\..\Run: [COM+ System Applications] lsas.exe
O4 - HKLM\..\Run: [Microsoft Update Machine] systemse.exe
O4 - HKLM\..\Run: [Msgn] C:\WINNT\SYSTEM32\tstorm.exe
O4 - HKLM\..\Run: [contime] C:\winnt\system32\contime.exe
O4 - HKLM\..\Run: [New Csnm Manager] csmn.exe
O4 - HKLM\..\Run: [Microsoft Server] rserv.exe
O4 - HKLM\..\Run: [System Service] schost.exe
O4 - HKLM\..\Run: [System Update Service] update.pif
as well as for svcproc.exe
/S/ STOP the Service for every following single xxx.exe and .pif file if there. WATCH THE SPELLING CAREFULLY!
O4 - HKLM\..\RunServices: [MusIRC (irc.musirc.com) client] musirc4.71.exe
O4 - HKLM\..\RunServices: [Satin] csmsn.exe
O4 - HKLM\..\RunServices: [Config Loader] scvhost.exe <<== Careful!
O4 - HKLM\..\RunServices: [Configuration Loader] sw32.exe
O4 - HKLM\..\RunServices: [Microsoft Internet] spolws.exe
O4 - HKLM\..\RunServices: [Microsoft Explorer] msl.exe
O4 - HKLM\..\RunServices: [COM+ System Applications] lsas.exe
O4 - HKLM\..\RunServices: [Microsoft Update Machine] systemse.exe
O4 - HKLM\..\RunServices: [New Csnm Manager] csmn.exe
O4 - HKLM\..\RunServices: [Microsoft Server] rserv.exe
O4 - HKLM\..\RunServices: [System Service] schost.exe
O4 - HKLM\..\RunServices: [System Update Service] update.pif
as well as for svcproc.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O23 - Service: COM+ System Applications (COMS) - Unknown owner - C:\WINNT\System32\lsas.exe" -service (file missing)
O23 - Service: Microsoft NetWork FireWall Services - Unknown owner - NetServices.exe (file missing)
O23 - Service: netinfo - Unknown owner - C:\WINNT\netinfo.exe (file missing)
O23 - Service: Query Service - Unknown owner - C:\WINNT\system32\com1\dragoon\SS.BAT (file missing)
O23 - Service: sdktemp - Unknown owner - C:\WINNT\debughlp.exe (file missing)
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINNT\svcproc.exe
O23 - Service: Configuration Loader (sw3) - Unknown owner - C:\WINNT\System32\sw32.exe" -service (file missing)
O23 - Service: TASKESV (TESV) - Unknown owner - C:\WINNT\taskcntr.exe (file missing)
O23 - Service: Windows Product Activation (wpa) - Unknown owner - C:\WINNT\system32\wpa.exe (file missing)
.............................................................................
- Status
- Not open for further replies.
Similar threads
- Replies
- 1
- Views
- 492
- Replies
- 5
- Views
- 363
-
TechSpot is dedicated to computer enthusiasts and power users.
Ask a question and give support.
Join the community here, it only takes a minute.