Tech Support Guy banner
  • IMPORTANT: Only authorized members may reply to threads in this forum due to the complexity of the malware removal process. Authorized members include Malware Specialists and Trainees, Administrators, Moderators, and Trusted Advisors. Regular members are not permitted to reply, and any such posts will be deleted without notice or further explanation. Notice
Not open for further replies.
1 - 6 of 6 Posts

· Registered
46 Posts
Discussion Starter · #1 ·
hey, this is my first post, was hoping maybe you guys could help out with this. here is my hijackthis results:

Logfile of HijackThis v1.97.7
Scan saved at 3:00:28 PM, on 4/7/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\Program Files\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe
C:\Program Files\BigFix\BigFix.exe
C:\Program Files\McAfee\McAfee VirusScan\Avsynmgr.exe
C:\Program Files\McAfee\McAfee VirusScan\VsStat.exe
C:\Program Files\McAfee\McAfee VirusScan\Vshwin32.exe
C:\Program Files\McAfee\McAfee VirusScan\Avconsol.exe
C:\Program Files\McAfee\McAfee VirusScan\Webscanx.exe
C:\Program Files\McAfee\McAfee Firewall\CPD.EXE
C:\Program Files\McAfee\McAfee Firewall\CPDCLNT.EXE
C:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\TMinish\Local Settings\Temp\Temporary Directory 1 for hijackthis[1].zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,Shellnext =
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Ad-aware] "C:\Program Files\Lavasoft\Ad-aware 6\Ad-aware.exe" +c
O4 - HKLM\..\Run: [McAfee Guardian] "C:\Program Files\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe" /SU
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\BigFix.exe
O9 - Extra button: ICQ (HKLM)
O9 - Extra 'Tools' menuitem: ICQ (HKLM)
O9 - Extra button: AIM (HKLM)
O9 - Extra button: (HKLM)
O9 - Extra button: MoneySide (HKLM)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

· Registered
46 Posts
Discussion Starter · #3 ·
thank you for you reply. i was under the impression that the system32 stuff was some type of virus/spyware, is that stuff just FAT32 stuff? is it just the specific "system32.exe" that is the virus/spyware? once again, thanks for the help.

· Registered
46 Posts
Discussion Starter · #4 ·
another quick question, i have mcafee virusscan/firewall both running, i have browser hijack blaster, and lavasoft adaware 6. should i still be finding files with these programs? i should think mcafee firewall and the default firewall for my dsl connection would be enough to block against new worms/viruses/etc... am i wrong? or do i just need to change certain settings?

· Registered
46 Posts
Discussion Starter · #6 ·
ok, this is driving me ABSOLUTELY INSANE. my internet based programs, ie6, aim, etc. lose their connection after a given amount of time. even while this is happening, i go into internet options and check the connection and everything appears to be fine. if i leave my aim connected it stays working. even while my ie does not. when i restart my comp, everything works fine again. i have tried tech support 4 times to no avail. i've done the msconfig to free up system resources, i've even gone so far as to format my hard drive... i've scanned for viruses repeatedly now, and as in the previous post, i have spyware checkers, virus checkers, all showing nothing on my computer. PLEASE IF ANYONE CAN HELP ME
1 - 6 of 6 Posts
Not open for further replies.