Jump to content

buhbye1

Members
 View Profile  See their activity

  • Posts

    3

  • Joined

  • Last visited

Reputation

0 Neutral
  1. buhbye1
    Logfile of HijackThis v1.99.1 Scan saved at 9:35:58 PM, on 04/06/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss[Caution: ExecutableFile] C:\WINDOWS\system32\winlogon[Caution: ExecutableFile] C:\WINDOWS\system32\services[Caution: ExecutableFile] C:\WINDOWS\system32\lsass[Caution: ExecutableFile] C:\WINDOWS\system32\svchost[Caution: ExecutableFile] C:\WINDOWS\System32\svchost[Caution: ExecutableFile] C:\WINDOWS\system32\spoolsv[Caution: ExecutableFile] C:\WINDOWS\Explorer[Caution: ExecutableFile] C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\isafe[Caution: ExecutableFile] C:\WINDOWS\System32\tcpsvcs[Caution: ExecutableFile] C:\WINDOWS\System32\snmp[Caution: ExecutableFile] C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg[Caution: ExecutableFile] C:\Documents and Settings\All Users\Documents\aim[Caution: ExecutableFile] C:\WINDOWS\System32\svchost[Caution: ExecutableFile] C:\Program Files\BearShare\BearShare[Caution: ExecutableFile] C:\Program Files\BearShare\BearShare[Caution: ExecutableFile] C:\Program Files\Windows Media Player\wmplayer[Caution: ExecutableFile] C:\Documents and Settings\aaron1\Desktop\HijackThis[Caution: ExecutableFile] R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customi ... ch/ie.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customi ... .yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://channels.aimtoday.com/search/aimtoolbar.jsp N3 - Netscape 7: user_pref("browser.search.defaultengine", "http://www.google.com/"); (C:\Documents and Settings\aaron1\Application Data\Mozilla\Profiles\default\v5vple8l.slt\prefs.js) O2 - BHO: (no name) - {00000000-0000-0000-0000-000000000000} - C:\WINDOWS\system32\eegtjqze.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {1AED5E93-BAAA-D14B-482E-616AAFAA553C} - C:\WINDOWS\System32\goxfqqqg.dll O2 - BHO: (no name) - {1FC014C8-543C-839C-F8CB-47B001439587} - C:\WINDOWS\system32\eouzbvpr.dll O2 - BHO: (no name) - {33B8B7E7-EE07-A319-9E3F-59A3273F745E} - C:\WINDOWS\System32\urnffrpj.dll O2 - BHO: (no name) - {34C7E9F9-7B5C-DFA6-DA67-BA3B5E832DDA} - C:\WINDOWS\System32\kfcszbli.dll (file missing) O2 - BHO: (no name) - {3919724B-DD28-7D6C-FEE9-359C7EF06817} - C:\WINDOWS\System32\xsalcshu.dll O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll (file missing) O2 - BHO: (no name) - {6992D13F-2C5E-DBF6-B0D0-884D40D68342} - C:\WINDOWS\System32\iqdrbrcp.dll (file missing) O2 - BHO: (no name) - {69CF9159-54C3-9063-58A5-B3FE6D616611} - C:\WINDOWS\system32\nmdwoaln.dll O2 - BHO: (no name) - {6C7497B8-3D23-5238-A1F3-746F9E30D66E} - C:\WINDOWS\system32\llmaowrf.dll O2 - BHO: (no name) - {7C913563-137E-07AA-7E22-7A0D0FE28E35} - C:\WINDOWS\System32\tydobpgi.dll (file missing) O2 - BHO: (no name) - {AC66ECEF-E572-FB9A-682B-A83A113C7112} - C:\WINDOWS\system32\ssatryrv.dll O2 - BHO: (no name) - {AE3E2C69-C4CA-47ED-F815-26AAF3667B30} - C:\WINDOWS\System32\anjndldg.dll O2 - BHO: (no name) - {B3B4B788-8678-E8E1-0DA7-9D63F2E0D5BF} - C:\WINDOWS\System32\ifmmrcni.dll (file missing) O2 - BHO: (no name) - {C03E26AA-18A6-EE10-FEA2-59D16117958A} - C:\WINDOWS\system32\yacorkqa.dll O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll O3 - Toolbar: Get Anonymous - {8892C699-6978-4DD9-8EB2-951C93DB4F62} - C:\Program Files\GetAnonymous 2.1 Professional\IEToolBar.dll O4 - HKLM\..\Run: [VetTray] C:\PROGRA~1\CA\ETRUST~1\ETRUST~1\VetTray[Caution: ExecutableFile] O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\System32\igfxtray[Caution: ExecutableFile] O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd[Caution: ExecutableFile] O4 - HKLM\..\Run: [bearShare] "C:\Program Files\BearShare\BearShare[Caution: ExecutableFile]" /pause O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched[Caution: ExecutableFile]" -osboot O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched[Caution: ExecutableFile] O4 - HKCU\..\Run: [AIM] C:\Documents and Settings\All Users\Documents\aim[Caution: ExecutableFile] -cnetwait.odl O4 - HKCU\..\Run: [WeatherCast] "C:\Program Files\WeatherCast\Weather[Caution: ExecutableFile]" /q O4 - HKCU\..\Run: [spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor[Caution: ExecutableFile]" /Q O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile]" /background O4 - HKCU\..\Run: [Desktop Weather 3] C:\PROGRA~1\THEWEA~1\The Weather Channel[Caution: ExecutableFile] O4 - HKCU\..\Run: [DWHeartbeatMonitor] C:\PROGRA~1\THEWEA~1\DWHeartbeatMonitor[Caution: ExecutableFile] O4 - HKCU\..\Run: [uninstallAbility] "C:\PROGRA~1\UNINST~2\uability[Caution: ExecutableFile]" /AUTO O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Documents and Settings\All Users\Documents\aim[Caution: ExecutableFile] O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker[Caution: ExecutableFile] O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker[Caution: ExecutableFile] O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile] O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile] O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O16 - DPF: {99B6E512-3893-4155-9964-8EB8E06099CB} (WebSpyWareKiller Class) - http://download.zonelabs.com/bin/promot ... WebSWK.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMe ... loader.cab O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\isafe[Caution: ExecutableFile] O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Unknown owner - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc[Caution: ExecutableFile] (file missing) O23 - Service: Intel NCS NetService (NetSvc) - IntelĀ® Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc[Caution: ExecutableFile] O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg[Caution: ExecutableFile]
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept