Jump to content


Photo

Dragoon log


  • Please log in to reply
1 reply to this topic

#1 Dragoon

Dragoon

    Member

  • New Member
  • Pip
  • 4 posts

Posted 17 June 2004 - 08:21 PM

Okay... Heres the log... Please help:

Logfile of HijackThis v1.97.7
Scan saved at 02:28:34, on 18-06-2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
D:\Upload\Hijacker.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...B_PVER}&ar=home
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft...er=6&ar=msnhome
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
R1 - HKLM\Software\Microsoft\Internet Explorer,SearchURL = http://
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://yanwkc.outhost.info/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://yanwkc.outhost.info/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://yanwkc.outhost.info/sp.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O1 - Hosts: 213.159.118.228 collections.inhost.info
O1 - Hosts: 213.159.118.228 collections.inhost2.info
O1 - Hosts: 213.159.118.228 1-se.com
O1 - Hosts: 213.159.118.228 58q.com
O1 - Hosts: 213.159.118.228 aifind.cc
O1 - Hosts: 213.159.118.228 aifind.info
O1 - Hosts: 213.159.118.228 allneedsearch.com
O1 - Hosts: 213.159.118.228 approvedlinks.com
O1 - Hosts: 213.159.118.228 auto.ie.searchforge.com
O1 - Hosts: 213.159.118.228 awebfind.biz
O1 - Hosts: 213.159.118.228 best.royalsearch.net
O1 - Hosts: 213.159.118.228 cracks.am
O1 - Hosts: 213.159.118.228 default-homepage-network.com
O1 - Hosts: 213.159.118.228 find.microgirls.com
O1 - Hosts: 213.159.118.228 find4u.net
O1 - Hosts: 213.159.118.228 freshvideogals.com
O1 - Hosts: 213.159.118.228 i-lookup.com
O1 - Hosts: 213.159.118.228 ie-search.com
O1 - Hosts: 213.159.118.228 in.webcounter.cc
O1 - Hosts: 213.159.118.228 itseasy.us
O1 - Hosts: 213.159.118.228 just.find-itnow.com
O1 - Hosts: 213.159.118.228 link.startmake.com
O1 - Hosts: 213.159.118.228 mysearchnow.com
O1 - Hosts: 213.159.118.228 nativehardcore.com
O1 - Hosts: 213.159.118.228 qwertysearch123.biz
O1 - Hosts: 213.159.118.228 search.ieplugin.com
O1 - Hosts: 213.159.118.228 search.psn.cn
O1 - Hosts: 213.159.118.228 searchbar.findthewebsiteyouneed.com
O1 - Hosts: 213.159.118.228 searchcentrix.com
O1 - Hosts: 213.159.118.228 searchmyrequest.com
O1 - Hosts: 213.159.118.228 super-spider.com
O1 - Hosts: 213.159.118.228 t.rack.cc
O1 - Hosts: 213.159.118.228 teen-biz.com
O1 - Hosts: 213.159.118.228 teenhqpics.com
O1 - Hosts: 213.159.118.228 tits.hardcore4ever.net
O1 - Hosts: 213.159.118.228 webcoolsearch.com
O1 - Hosts: 213.159.118.228 wmmse.com
O1 - Hosts: 213.159.118.228 www.008i.com
O1 - Hosts: 213.159.118.228 www.2fastsearch.net
O1 - Hosts: 213.159.118.228 www.8095.com
O1 - Hosts: 213.159.118.228 www.alfa-search.com
O1 - Hosts: 213.159.118.228 www.boredlife.com
O1 - Hosts: 213.159.118.228 www.couldnotfind.com
O1 - Hosts: 213.159.118.228 www.cracks.am
O1 - Hosts: 213.159.118.228 www.daum.net
O1 - Hosts: 213.159.118.228 www.dreamwiz.com
O1 - Hosts: 213.159.118.228 www.find-itnow.com
O1 - Hosts: 213.159.118.228 www.find-itnow.com
O1 - Hosts: 213.159.118.228 www.find4u.net
O1 - Hosts: 213.159.118.228 www.firstbookmark.com
O1 - Hosts: 213.159.118.228 www.gajai.com
O1 - Hosts: 213.159.118.228 www.hand-book.com
O1 - Hosts: 213.159.118.228 www.hao123.com
O1 - Hosts: 213.159.118.228 www.hotsearchbox.com
O1 - Hosts: 213.159.118.228 www.hotwebsearch.com
O1 - Hosts: 213.159.118.228 www.hugesearch.net
O1 - Hosts: 213.159.118.228 www.iquicksearch.com
O1 - Hosts: 213.159.118.228 www.lookfor.cc
O1 - Hosts: 213.159.118.228 www.maxxxhosters.com
O1 - Hosts: 213.159.118.228 www.naver.com
O1 - Hosts: 213.159.118.228 www.nkvd.us
O1 - Hosts: 213.159.118.228 www.novafuck.com
O1 - Hosts: 213.159.118.228 www.ohcorea.com
O1 - Hosts: 213.159.118.228 www.omega-search.com
O1 - Hosts: 213.159.118.228 www.onet.pl
O1 - Hosts: 213.159.118.228 www.power-search.info
O1 - Hosts: 213.159.118.228 www.rightfinder.net
O1 - Hosts: 213.159.118.228 www.search-1.net
O1 - Hosts: 213.159.118.228 www.search-and-go.com
O1 - Hosts: 213.159.118.228 www.search-dot.com
O1 - Hosts: 213.159.118.228 www.search-space.com
O1 - Hosts: 213.159.118.228 www.searchforge.com
O1 - Hosts: 213.159.118.228 www.searching-the-net.com
O1 - Hosts: 213.159.118.228 www.searchv.com
O1 - Hosts: 213.159.118.228 www.searchxl.com
O1 - Hosts: 213.159.118.228 www.seznam.cz
O1 - Hosts: 213.159.118.228 www.slotch.com
O1 - Hosts: 213.159.118.228 www.spidersearch.com
O1 - Hosts: 213.159.118.228 www.startium.com
O1 - Hosts: 213.159.118.228 www.therealsearch.com
O1 - Hosts: 213.159.118.228 www.ttjj.com
O1 - Hosts: 213.159.118.228 www.viewpornkey.com
O1 - Hosts: 213.159.118.228 www.wazzupnet.com
O1 - Hosts: 213.159.118.228 www.websearch.com
O1 - Hosts: 213.159.118.228 www.windowws.cc
O1 - Hosts: 213.159.118.228 www.xgmm.com
O1 - Hosts: 213.159.118.228 xwebsearch.biz
O1 - Hosts: 213.159.118.228 yourbookmarks.ws
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Adobe Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Ipswitch.WsftpBrowserHelper - {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:\Programmer\WS_FTP Pro\wsbho2k0.dll
O2 - BHO: (no name) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programmer\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programmer\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [AdobeVersionCue] C:\Programmer\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmer\Java\j2re1.4.2_04\bin\jusched.exe
O4 - HKLM\..\Run: [Network Service] C:\WINDOWS\svhost.exe -sr -1
O4 - HKLM\..\Run: [Ad-watch] "C:\Programmer\Lavasoft\Ad-aware 6\Ad-watch.exe"
O4 - HKLM\..\Run: [praihkay] C:\WINDOWS\System32\kgxozhx.exe
O4 - HKLM\..\Run: [alchem] C:\WINDOWS\alchem.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [Network Service] C:\WINDOWS\svhost.exe -sr -1
O4 - Startup: Stardock ObjectDock.lnk = C:\Programmer\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Programmer\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Aktiver Labtec Trådløse Skrivebord.lnk = ?
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O16 - DPF: {10000000-1000-0000-1000-000000000000} - ms-its:mhtml:file://C:\MAIN.MHT!http://d.dialer2004....testnewload.exe
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macr...ash/swflash.cab

#2 Frink1234

Frink1234

    Member

  • New Member
  • Pip
  • 3 posts

Posted 13 October 2004 - 07:39 PM

[quote name='Dragoon' date='Jun 17 2004, 09:21 PM']
Okay... Heres the log... Please help:

I am getting the same list of hosts in my log. Any help with this problem yet?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button