Jump to content


Photo

Anything to worry about?


  • Please log in to reply
1 reply to this topic

#1 Farside

Farside

    Member

  • New Member
  • Pip
  • 1 posts

Posted 20 May 2004 - 04:49 AM

Greetings
Been spending a lot of time reading the forums, great place, extremly informative!
Followed a lot of tips and advices, tried to do as much by my self as possible. It would be great having an evaluation - "Is it safe?" (Running man). Its not like Im having issues, so no rush, but if someone could find a moment to look it over and comment, I would be greatfull.

Logfile of HijackThis v1.97.7
Scan saved at 11:21:04 AM, on 20/05/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Fælles filer\Symantec Shared\ccSetMgr.exe
C:\Programmer\Fælles filer\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programmer\Promise\FastTrak\FtrakSvc.exe
C:\Programmer\Kerio\Personal Firewall 4\kpf4ss.exe
C:\WINDOWS\System32\RevoTask.exe
C:\WINDOWS\runservice.exe
C:\Programmer\Fælles filer\Symantec Shared\ccApp.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Programmer\Norton AntiVirus\navapsvc.exe
C:\Programmer\Bandwidth Monitor Pro\Bandwidth Monitor Pro.exe
C:\Programmer\Webroot\Spy Sweeper\SpySweeper.exe
C:\Programmer\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\Programmer\Promise\FastTrak\RAIDeUtility.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Programmer\Norton AntiVirus\SAVScan.exe
C:\Programmer\Kerio\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Fælles filer\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Programmer\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://grc.com/x/ne.dll?bh0bkyd2
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: (no name) - {9527D42F-D666-11D3-B8DD-00600838CD5F} - C:\WINDOWS\System32\IETie.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programmer\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programmer\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [RevoTaskbarApp] C:\WINDOWS\System32\RevoTask.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [ccApp] "C:\Programmer\Fælles filer\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [anvshell] anvshell.exe
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [AceGain LiveUpdate] C:\Programmer\AceGain\LiveUpdate\LiveUpdate.exe
O4 - HKLM\..\Run: [THGuard] "C:\Programmer\TrojanHunter 3.8\THGuard.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Bandwidth Monitor Pro] "C:\Programmer\Bandwidth Monitor Pro\Bandwidth Monitor Pro.exe" /minimized
O4 - HKCU\..\Run: [SpySweeper] C:\Programmer\Webroot\Spy Sweeper\SpySweeper.exe /0
O4 - Global Startup: M-Audio Revolution Control Panel Launcher.lnk = C:\Programmer\M-Audio Revolution\RevoTask.exe
O4 - Global Startup: FastCheck Monitoring Utility.lnk = C:\Programmer\Promise\FastTrak\RAIDeUtility.exe
O9 - Extra button: Trace (HKLM)
O9 - Extra 'Tools' menuitem: VisualRoute Trace (HKLM)
O9 - Extra button: ICQ Pro (HKLM)
O9 - Extra 'Tools' menuitem: ICQ (HKLM)
O16 - DPF: {00000000-0000-0000-0000-000020030000} - http://www.7adpower....ler/A091AEM.exe
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akama...meInstaller.exe
O16 - DPF: {63DF43C2-469A-41F3-B119-17B1ACE8BB34} (Sony SNC-RZ30 Image Viewer) - http://151.204.174.2...SncRz30View.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupd...7876.2036574074
O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/z...s/heartbeat.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macr...ash/swflash.cab

#2 Archon_Wing

Archon_Wing

    Donut Patron

  • Trusted Advisor
  • PipPipPipPip
  • 368 posts

Posted 20 May 2004 - 04:52 AM

Ack, there's a nasty dialer here!

You can select the following entries listed below in Hijack This. Then, close all other windows besides Hijack This and click fix checked


Note: If something goes wrong you can undo the changes done by Hijack This. Go to the bottom right hand corner of Hijack This and click on config. Then choose backups.There you can reverse any changes you made.

O16 - DPF: {00000000-0000-0000-0000-000020030000} - http://www.7adpower....ler/A091AEM.exe


Edited by Archon_Wing, 20 May 2004 - 04:52 AM.

Rights are never important until you don't have them.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button