Jump to content


Photo

Spot anything wrong?


  • Please log in to reply
1 reply to this topic

#1 calundra

calundra

    Member

  • New Member
  • Pip
  • 2 posts

Posted 04 July 2004 - 05:02 AM

Logfile of HijackThis v1.97.7
Scan saved at 10:53:06, on 04/07/2004
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINNT\System32\svchost.exe
D:\Apps\NORTON~1\NORTON~2\GHOSTS~2.EXE
D:\Apps\CanonMultiPASS4\MPSERVIC.EXE
C:\inetpub\MSDE\MSSQL\Binn\sqlservr.exe
D:\Apps\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\WINNT\Explorer.EXE
D:\Apps\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
D:\Apps\NORTON~1\SPEEDD~1\nopdb.exe
C:\Program Files\Common Files\Symantec Shared\SymTray.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\inetsrv\inetinfo.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
D:\Apps\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
C:\WINNT\SOUNDMAN.EXE
D:\apps\Daemon\daemon.exe
D:\Apps\CanonMultiPASS4\MPTBox.exe
C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
D:\Apps\Eyeball Chat\EyeballChat.exe
D:\Apps\Norton SystemWorks\Norton CleanSweep\csinsmnt.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Documents and Settings\******\Desktop\HijackThis.exe (edit to this line to protect my real name)
C:\WINNT\system32\ntvdm.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\apps\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - D:\Apps\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - D:\Apps\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [GhostStartTrayApp] D:\Apps\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
O4 - HKLM\..\Run: [QD FastAndSafe] D:\Apps\Norton SystemWorks\Norton CleanSweep\QDCSFS.exe /startup
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [DAEMON Tools-1033] "D:\apps\Daemon\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [MPTBox] D:\Apps\CanonMultiPASS4\MPTBox.exe
O4 - HKLM\..\Run: [SymTray - Norton SystemWorks] C:\Program Files\Common Files\Symantec Shared\SymTray.exe SetReg
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - HKLM\..\Run: [CTRegRun] C:\WINNT\CTRegRun.EXE
O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\system32\\NeroCheck.exe
O4 - HKCU\..\Run: [Eyeball Chat] "D:\Apps\Eyeball Chat\EyeballChat.exe" -min
O4 - HKLM\..\RunOnce: [SymTray - Norton SystemWorks] C:\Program Files\Common Files\Symantec Shared\Symtrdr.exe
O4 - Global Startup: CleanSweep Smart Sweep-Internet Sweep.lnk = D:\Apps\Norton SystemWorks\Norton CleanSweep\csinsmnt.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\apps\MICROS~2\OFFICE11\EXCEL.EXE/3000
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg...t/c381/chat.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macr...director/sw.cab
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg...v45/yacscom.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupd...8076.3660185185
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macr...ash/swflash.cab

#2 calundra

calundra

    Member

  • New Member
  • Pip
  • 2 posts

Posted 04 July 2004 - 05:12 AM

The problem, (although I might have cured at least the trigger to it) is that whenever I play music I get a full screen window with links on, it also seems to break outlook express making all messages unreadable (blank) although all the messages source looks fine, it also changes my search page and other pages in internet explorer (except the homepage).




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button