PPRuNe Forums - View Single Post

31st October 2004 | 16:00

#14 (permalink)

likair

Joined: Dec 2002

Posts: 130

Likes: 0

From: na

Hello again

Hope this helps...
Thanks a lot
L|kA|r

Logfile of HijackThis v1.98.2
Scan saved at 3:30:28 PM, on 10/31/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
CWINDOWS\System32\smss.exe
CWINDOWS\system32\winlogon.exe
CWINDOWS\system32\services.exe
CWINDOWS\system32\lsass.exe
CWINDOWS\system32\svchost.exe
CWINDOWS\System32\svchost.exe
CWINDOWS\system32\spoolsv.exe
CWINDOWS\Explorer.EXE
CProgram Files\Common Files\Symantec Shared\ccApp.exe
CWINDOWS\System32\lhwsbvc.exe
CProgram Files\Java\j2re1.4.2_05\bin\jusched.exe
CWINDOWS\system32\ctfmon.exe
CProgram Files\MegaTec\UPSilon 2000\Monw32.exe
CProgram Files\Common Files\Symantec Shared\ccEvtMgr.exe
CProgram Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
CProgram Files\Norton AntiVirus\navapsvc.exe
CProgram Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
CProgram Files\MegaTec\UPSilon 2000\Rupsmon.exe
CWINDOWS\System32\svchost.exe
CProgram Files\Winamp\winamp.exe
CProgram Files\Internet Explorer\iexplore.exe
CProgram Files\MSN Messenger\msnmsgr.exe
CProgram Files\Adobe\Acrobat 4.0\Reader\AcroRd32.exe
CFrederick\mIRC\mirc.exe
CProgram Files\Internet Explorer\iexplore.exe
CPROGRA~1\WINZIP\winzip32.exe
CDocuments and Settings\Joe\Local Settings\Temp\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cus...rch/search.html[/url]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.onvol.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cus...rch/search.html[/url]
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/cus...//www.yahoo.com[/url]
O2 - BHO: (no name) - {0000607D-D204-42C7-8E46-216055BF9918} - (no file)
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - CProgram Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - CProgram Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ccApp] "CProgram Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "CProgram Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] CPROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [NeroCheck] CWINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WinampAgent] "CProgram Files\Winamp\Winampa.exe"
O4 - HKLM\..\Run: [ckvlyolznrruk] CWINDOWS\System32\lhwsbvc.exe
O4 - HKLM\..\Run: [tubcr] CWINDOWS\tubcr.exe
O4 - HKLM\..\Run: [QuickTime Task] "CProgram Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] CProgram Files\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKCU\..\Run: [ctfmon.exe] CWINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "CProgram Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = CProgram Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Rupsmon Daemon.lnk = CProgram Files\MegaTec\UPSilon 2000\Monw32.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://CPROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - CProgram Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - CProgram Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binar...kr.cab28578.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binar...nt.cab31267.cab
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/get_f...585d7b34e81015d
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/c...DC_1_0_0_42.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binar...StatsClient.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binar...ro.cab31267.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab