0

plz sir i am giving my hyjack report plz check and give my reply how to connect that system in LAN

Logfile of HijackThis v1.99.1
Scan saved at 3:13:09 PM, on 5/30/2006
Platform: Windows 2000 (WinNT 5.00.2195)
MSIE: Internet Explorer v5.00 (5.00.2920.0000)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\msdtc.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINNT\System32\tcpsvcs.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\System32\llssrv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINNT\System32\dns.exe
C:\WINNT\System32\inetsrv\inetinfo.exe
C:\WINNT\system32\Dfssvc.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\Explorer.exe
C:\WINNT\System32\taskmgr32.exe
C:\WINNT\System32\igfxtray.exe
C:\WINNT\System32\ctfmon.exe
C:\WINNT\system32\msiexec.exe
C:\Documents and Settings\Administrator\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 200.100.60.107:6588
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [Microsoft Access] taskmgr32.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINNT\System32\igfxtray.exe
O4 - HKLM\..\RunServices: [Microsoft Access] taskmgr32.exe
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O17 - HKLM\System\CCS\Services\Tcpip\..\{6A592793-96CE-4524-A0A5-EF5FF9D6CAC1}: NameServer = 202.54.6.50,202.9.145.6
O17 - HKLM\System\CS1\Services\Tcpip\..\{6A592793-96CE-4524-A0A5-EF5FF9D6CAC1}: NameServer = 202.54.6.50,202.9.145.6
O17 - HKLM\System\CS2\Services\Tcpip\..\{6A592793-96CE-4524-A0A5-EF5FF9D6CAC1}: NameServer = 202.54.6.50,202.9.145.6
O20 - Winlogon Notify: igfxcui - C:\WINNT\SYSTEM32\igfxsrvc.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINNT\cXVlc3Q\command.exe (file missing)
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

2
Contributors
1
Reply
2
Views
11 Years
Discussion Span
Last Post by DMR
0

give my reply how to connect that system in LAN

Can you state that more clearly, please?
Does the system not connect at the moment?
What exact problems are you experiencing?

Platform: Windows 2000 (WinNT 5.00.2195)
MSIE: Internet Explorer v5.00 (5.00.2920.0000)

The above information from your log's header indicates that you are running a very out-of-date system. You should install the most current Service Packs and updates for Windows 2000 and Internet Explorer. An up-to-date Win 2K system will be reported in a HJT log as:
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)


The following entry in your log is relates to an adware parasite, although the "(file missing)" note may indicate that the infection itself has already been removed:
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINNT\cXVlc3Q\command.exe (file missing)

Please do the following:

You will need to close/quit all web browser programs and disconnect from the Internet for much of the following, so you should print out these instructions or save them into a text file with Notepad.

* Download and install the following utilities; do not actually run the programs yet:

CCleaner - www.ccleaner.com
ewido Anti-malware - http://www.ewido.net/en/download/
When installing ewido, under "Additional Options" uncheck..

    • Install background guard
    • Install scan via context menu
  1. Launch ewido, there should be an icon on your desktop, double-click it.
  2. The program will now open to the main screen.
  3. When you run ewido for the first time, you may get a warning "Database could not be found!". Click OK. We will fix this in a moment.
  4. You will need to update ewido to the latest definition files.
    • On the left hand side of the main screen click update.
    • Then click on Start Update.
  5. The update will start and a progress bar will show the updates being installed.
    (the status bar at the bottom will display ("Update successful" )

If you are having problems with the updater, you can use this link to manually update ewido.
ewido manual updates
Don't run a scan with ewido yet; just close the program once the updates are installed.

* Open your anti-virus program and check for/install the most current updates. Again- don't run a scan; just close the program once the updates are installed.


* Reboot into safe mode (you get to the safe mode boot option by hitting the F8 key as your computer is starting up) and:

* Open Windows Explorer, and in the Folder Options->View settings under the Tools menu, select "show hidden files and folders", and uncheck "Hide protected operating system files" and "Hide extentions for known file types".

* Run CCleaner.
- Go to Options-> Advanced: Uncheck "Only delete files in Windows Temp folders older than 48 hours"
- Go to Options>CustomFolders>Add Folder>Navigate to these folders (click on bold file once and hit OK) :
* C:\Windows\Temp
* C:\Windows\Prefetch
* C:\Documents and Settings\<Your Profile>\Local Settings\Temporary Internet Files\ (This will delete all your cached internet content including cookies.)
* C:\Documents and Settings\<Your Profile>\Local Settings\Temp
* C:\Documents and Settings\<any other user's Profile>\Local Settings\Temporary Internet Files
* C:\Documents and Settings\<Any other user's Profile>\Local Settings\Temp
* C:\Documents and Settings\<Your Profile>\Cookies
* C:\Documents and Settings\<Any other users Profile>\Cookies
Hit OK
- In left pane, scroll down to "Advanced, Custom Folders", put a check in Custom Folders
- Click on Run Cleaner. It may take a while for the program to perform its cleaning, so be patient. Close the program when it has finished.

* Run a full system scan with your anti-virus utility, and then run ewido; have the programs fix all malicious items they find.
When ewido finds the first malicious object on your system, it will ask you if it should clean it. When it asks this, put a checkmark in the lower left corner of the box that says "Perform action on all infections", then choose clean and click OK.
Save the log file that ewido will create after it finishes scanning; you'll be including that log in your next post here.

* Empty your Recycle Bin, reboot normally, run HijackThis again, and post the new log. Also post the log that ewido generated.

-
-

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.