Already ran the usual spybot, ad-aware
Logfile of HijackThis v1.99.1
Scan saved at 10:45:21 PM, on 17/06/2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\LEXBCES.EXE
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\LEXPPS.EXE
C:\WINNT\SYSTEM32\DNTUS26.EXE
C:\WINNT\system32\nvsvc32.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\System32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Common Files\Nokia\NCLTools\NclTray.exe
C:\Documents and Settings\Teo\My Documents\Messenger Service Received Files\msnshell.exe
C:\Program Files\Daily Weather Forecast\weather.exe
C:\Program Files\Common Files\Nokia\Services\ServiceLayer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\downloads\HJT\HijackThis.exe
N1 - Netscape 4: user_pref("browser.startup.homepage", "http://home.netscape.com/"); (C:\Program Files\Netscape\Users\vincent\prefs.js)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Nokia Tray Application] C:\Program Files\Common Files\Nokia\NCLTools\NclTray.exe
O4 - HKLM\..\Run: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -minimize
O4 - HKLM\..\Run: [MSNShell] C:\Documents and Settings\Teo\My Documents\Messenger Service Received Files\msnshell.exe autorun
O4 - HKLM\..\Run: [Daily Weather Forecast] C:\Program Files\Daily Weather Forecast\weather.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [Windows installer] C:\winstall.exe
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -trayboot
O8 - Extra context menu item: &Download using ReGet - C:\Program Files\ReGet\RG_Link.htm
O8 - Extra context menu item: &List for ReGet - C:\Program Files\ReGet\RG_List.htm
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download All by Re&Get - C:\Program Files\ReGet\RG_All.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINNT\System32\Shdocvw.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: ReGet - {38AAF320-C5B4-11D1-B75E-111111111111} - C:\WINNT\system32\shdocvw.dll (HKCU)
O9 - Extra 'Tools' menuitem: &Re&Get - {38AAF320-C5B4-11D1-B75E-111111111111} - C:\WINNT\system32\shdocvw.dll (HKCU)
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall-bet...all/xscan60.cab
O16 - DPF: {4A88CB42-BBFE-496A-884F-98E8AC316292} (YJInstStarter Control) - http://dl.msg.yahoo....load/yjinst.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O16 - DPF: {E87A6788-1D0F-4444-8898-1D25829B6755} - http://communities.m...al/msnchat4.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O23 - Service: FireDaemon Service: csrss2 (csrss2) - Unknown owner - C:\WINNT\system32\repair\repair32\FireDaemon.EXE (file missing)
O23 - Service: FireDaemon Service: csrsss (csrsss) - Unknown owner - C:\WINNT\system32\repair\repair32\FireDaemon.EXE (file missing)
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: DameWare NT Utilities 2.6 (DNTUS26) - DameWare Development - C:\WINNT\SYSTEM32\DNTUS26.EXE
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINNT\system32\LEXBCES.EXE
O23 - Service: FireDaemon Service: msnet (msnet) - Unknown owner - C:\winnt\ms.tmp\FireDaemon.EXE (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe
O23 - Service: FireDaemon Service: rundll32 (rundll32) - Unknown owner - c:\winnt\system32\Microsoft\Protect\FireDaemon.EXE (file missing)
O23 - Service: FireDaemon Service: svchost32 (svchost32) - Unknown owner - c:\winnt\system32\Microsoft\Protect\FireDaemon.EXE (file missing)
O23 - Service: FireDaemon Service: systemnt (systemnt) - Unknown owner - C:\WINNT\system32\repair\repair32\FireDaemon.EXE (file missing)
O23 - Service: FireDaemon Service: winmgnt (winmgnt) - Unknown owner - C:\winnt\ms.tmp\FireDaemon.EXE (file missing)
Sign In
Create Account
