Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

first time hijackthis log

Started by remick , Sep 15 2005 06:11 AM

  • Please log in to reply

#1
remick
Posted 15 September 2005 - 06:11 AM

remick

    New Member

  • Member
  • Pip
  • 1 posts
Logfile of HijackThis v1.99.1
Scan saved at 12:54:01, on 15/09/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\McAfee\McAfee Privacy Service\GUARDDOG.EXE
C:\WINDOWS\system32\crypserv.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\WINDOWS\System32\svchost.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\McAfee\McAfee Privacy Service\GUARDDOG.EXE
C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
c:\program files\mcafee.com\agent\mcagent.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\PROGRA~1\TWEAKM~1\TMTray.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\YacsMon.exe
C:\Program Files\Shareaza\Shareaza.exe
C:\unzipped\hijackthis-v1.99.1\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\TWEAKM~1\LinkFox.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.co.uk/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: (no name) - _{20EC3D2D-33C1-4C9D-BC37-C2D500688DA2} - (no file)
O1 - Hosts: 67.139.254.125 hop.clickbank.net
O1 - Hosts: 208.37.24.10 ads.clicksor.com
O1 - Hosts: 193.195.120.213 www.msndvdrental.com
O1 - Hosts: 213.199.154.57 cars.msn.co.uk
O1 - Hosts: 204.157.10.243 www.tweekies-takeaway.com
O1 - Hosts: 195.225.148.140 companion.spymac.com
O1 - Hosts: 195.225.148.100 www.spymac.com
O1 - Hosts: 213.239.203.80 87221.shoutboxes.com
O1 - Hosts: 83.149.103.76 www.demonoid.com
O1 - Hosts: 209.11.67.27 jbeet.cjt1.net
O1 - Hosts: 64.28.86.231 jcontent.bns1.net
O1 - Hosts: 209.10.215.36 ad.yieldmanager.com
O1 - Hosts: 209.10.25.168 servedby.adorigin.com
O1 - Hosts: 83.149.103.166 www.torrentspy.com
O1 - Hosts: 83.149.103.166 adzones.torrentspy.com
O1 - Hosts: 69.64.61.30 isohunt.com
O1 - Hosts: 62.212.84.243 62.212.84.243
O1 - Hosts: 85.12.2.216 www2.layer-ads.de
O1 - Hosts: 193.138.231.10 www3.layer-ads.de
O1 - Hosts: 62.208.122.57 www.usenext.de
O1 - Hosts: 193.149.47.53 adopt.euroclick.com
O1 - Hosts: 69.50.165.252 www.torrentreactor.net
O1 - Hosts: 217.159.201.178 217.159.201.178
O1 - Hosts: 207.44.248.65 www.ads.joetec.net
O1 - Hosts: 67.159.3.150 www.torrentportal.com
O1 - Hosts: 69.57.140.27 www9.paypopup.com
O1 - Hosts: 66.48.78.195 www195.paypopup.com
O1 - Hosts: 213.133.115.131 230436.myshoutbox.com
O1 - Hosts: 84.246.136.133 www.bluesq.com
O1 - Hosts: 195.13.50.100 www.teamtalk.com
O1 - Hosts: 63.241.25.134 www.smartdraw.com
O1 - Hosts: 195.92.193.158 www.mitedu.freeserve.co.uk
O1 - Hosts: 66.39.92.76 www.924.org
O1 - Hosts: 216.25.24.124 www.10w40.com
O1 - Hosts: 195.157.100.95 www.volvoclub.org.uk
O1 - Hosts: 62.128.193.70 www.electricmotors-uk.com
O1 - Hosts: 84.22.161.179 www.algarltd.co.uk
O1 - Hosts: 216.193.252.111 www.rangerovers.net
O1 - Hosts: 195.173.72.99 footballmsn.skysports.com
O1 - Hosts: 65.206.60.206 http300.edge.ru4.com
O1 - Hosts: 217.140.32.31 www.odeon.co.uk
O1 - Hosts: 216.49.88.125 uk.mcafee.com
O1 - Hosts: 64.158.223.128 adfarm.mediaplex.com
O1 - Hosts: 213.249.148.179 www.myoffers.co.uk
O1 - Hosts: 65.54.183.192 loginnet.passport.com
O1 - Hosts: 64.4.56.250 by101fd.bay101.hotmail.msn.com
O1 - Hosts: 65.54.194.118 rad.msn.com
O1 - Hosts: 213.86.246.154 ad.uk.doubleclick.net
O1 - Hosts: 66.203.115.26 www.real.com
O1 - Hosts: 213.146.148.152 reporting.tvlicensing.co.uk
O1 - Hosts: 217.33.193.168 www.tvlicensing.co.uk
O1 - Hosts: 213.174.198.198 www.virginholidays.co.uk
O1 - Hosts: 212.24.80.121 ecom.virginholidays.com
O1 - Hosts: 194.129.79.14 view.atdmt.com
O1 - Hosts: 213.199.154.54 www.msn.co.uk
O1 - Hosts: 216.49.88.118 us.mcafee.com
O1 - Hosts: 195.92.249.131 www.wanadoo.co.uk
O1 - Hosts: 207.46.19.60 www.microsoft.com
O1 - Hosts: 209.120.243.136 www.wmplugins.com
O1 - Hosts: 212.58.224.115 www.bbc.co.uk
O1 - Hosts: 213.177.198.228 livescores.football365.com
O1 - Hosts: 217.64.231.177 www.thekittycapergame.com
O1 - Hosts: 213.177.198.228 fs.football365.com
O1 - Hosts: 64.4.15.61 messenger.msn.co.uk
O1 - Hosts: 206.63.10.98 www.imagine-msn.com
O1 - Hosts: 62.172.196.226 www.myvue.com
O1 - Hosts: 217.18.19.74 www.yourpsp.com
O1 - Hosts: 212.113.202.50 gamesradar.msn.co.uk
O1 - Hosts: 209.249.116.139 www.java.com
O1 - Hosts: 66.225.196.36 www.spython.com
O1 - Hosts: 146.101.245.103 sib1.od2.com
O1 - Hosts: 64.157.165.241 dist.belnk.com
O1 - Hosts: 65.54.162.250 by108fd.bay108.hotmail.msn.com
O1 - Hosts: 64.246.54.64 www.peerweb.org
O1 - Hosts: 82.211.71.211 ww2.opodo.co.uk
O1 - Hosts: 216.70.65.31 sale.opodo-promotions.com
O1 - Hosts: 216.70.65.31 www.sale.opodo-promotions.com
O1 - Hosts: 63.246.151.55 www.tacamateurs.com
O1 - Hosts: 65.54.195.188 g.msn.com
O1 - Hosts: 66.111.50.155 www.descargasweb.net
O1 - Hosts: 80.69.64.204 webmaster.impresionesweb.com
O1 - Hosts: 70.86.3.53 alternativos.iw-advertising.com
O1 - Hosts: 213.146.153.183 frankfurt.cars.msn.co.uk
O1 - Hosts: 213.199.148.26 channelizer.msn.com
O1 - Hosts: 195.173.72.99 home.skysports.com
O1 - Hosts: 212.95.227.149 www.mymovies.net
O1 - Hosts: 81.201.129.246 tvguide.freeserve.com
O1 - Hosts: 72.0.207.140 www.shareaza.com
O1 - Hosts: 66.35.250.209 shareaza.sourceforge.net
O1 - Hosts: 72.0.207.140 forums.shareaza.com
O1 - Hosts: 205.234.213.68 www.filesharinghelp.com
O1 - Hosts: 66.249.93.99 pagead2.googlesyndication.com
O1 - Hosts: 67.15.118.39 wiki.shareaza.com
O1 - Hosts: 70.84.70.85 tomcoyote.org
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: TweakMASTER PRO Component - {7DAAC7DE-9EF0-4FF0-BFA5-AFF3E899054C} - C:\PROGRA~1\TWEAKM~1\TweakBHO.dll
O2 - BHO: McAfee Privacy Service - {cc4b2ee5-4803-11d7-8a38-00b0d0c6b814} - C:\Program Files\McAfee\McAfee Privacy Service\GDIEHELP.DLL
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: Freeserve - {8B68564D-53FD-4293-B80C-993A9F3988EE} - C:\PROGRA~1\FREESE~1\FSBar\FSBar.dll
O3 - Toolbar: (no name) - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - (no file)
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [TweakMASTER] C:\PROGRA~1\TWEAKM~1\TMTray.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [McAfee Guardian] C:\Program Files\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe /SU
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - Global Startup: YacsMon.exe
O8 - Extra context menu item: Add to &LinkFox - res://C:\PROGRA~1\TWEAKM~1\TweakBHO.dll/IESCRIPT
O8 - Extra context menu item: Search with Freeserve - res://C:\PROGRA~1\FREESE~1\FSBar\FSBar.dll/VSearch.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: (no name) - {AFC3FA82-AD07-45cd-8B57-983435B9899E} - (no file)
O9 - Extra button: Privacy Bar - {cc4b2ee5-4803-11d7-8a38-00b0d0c6b814} - C:\Program Files\McAfee\McAfee Privacy Service\GDIEHELP.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: SEARCH_PAGE_URL=
O14 - IERESET.INF: START_PAGE_URL=
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....467&clcid=0x409
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg...l_v1-0-3-24.cab
O16 - DPF: {4E888414-DB8F-11D1-9CD9-00C04F98436A} (Microsoft.WinRep) - https://webresponse....iveX/winrep.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcaf...83/mcinsctl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by101fd.bay10...es/MsnPUpld.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pdownloader.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcaf...,20/mcgdmgr.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} - http://fdl.msn.com/p...t/msnchat45.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{7043102F-DD77-4C4D-9D19-055F540C0183}: NameServer = 195.92.195.95 195.92.195.94
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: McAfee Privacy Service (GuardDogEXE) - Unknown owner - C:\Program Files\McAfee\McAfee Privacy Service\GUARDDOG.EXE" /SERVICE (file missing)
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP