Jump to content


Photo

Anything i should be worried about ?


  • Please log in to reply
1 reply to this topic

#1 andt2583

andt2583

    Member

  • Full Member
  • Pip
  • 7 posts

Posted 18 June 2004 - 04:48 PM

Logfile of HijackThis v1.97.7
Scan saved at 22:47:13, on 18/06/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\Explorer.EXE
F:\WINDOWS\system32\spoolsv.exe
F:\WINDOWS\System32\nvsvc32.exe
F:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
F:\Program Files\Trend Micro\PC-cillin 2002\PCCPFW.exe
F:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe
F:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe
F:\PROGRA~1\Yahoo!\browser\ycommon.exe
F:\Program Files\Yahoo!\browser\ybrwicon.exe
F:\PROGRA~1\Yahoo!\browser\ybrowser.exe
F:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
F:\WINDOWS\system32\ZoneLabs\vsmon.exe
F:\Program Files\Trend Micro\PC-cillin 2002\Tmntsrv.exe
F:\Program Files\BT Yahoo! Internet\DialBTYahoo.exe
F:\Documents and Settings\Spirit 2\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.client...fo/bt_side.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://uk.red.client...arch.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://bt.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://uk.red.client...arch.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://bt.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://uk.red.client...arch.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.red.client...arch.yahoo.com/
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - F:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_17_0.dll
O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - F:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {4115122B-85FF-4DD3-9515-F075BEDE5EB5} - F:\Program Files\ONSPEED\PBHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - F:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: BT Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - F:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_17_0.dll
O3 - Toolbar: My &Search Bar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - F:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE F:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [pccguide.exe] "F:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe"
O4 - HKLM\..\Run: [PCCClient.exe] "F:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe"
O4 - HKLM\..\Run: [Pop3trap.exe] "F:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe"
O4 - HKLM\..\Run: [Zone Labs Client] F:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
O4 - HKLM\..\Run: [BTopenworld] "f:\program files\bt yahoo! internet\DialBTYahoo.exe" /ReInstallAutoDial
O4 - HKLM\..\Run: [NeroCheck] F:\WINDOWS\System32\\NeroCheck.exe
O4 - HKCU\..\Run: [SpywareGuard] F:\WINDOWS\system32\winproc32.exe
O4 - HKCU\..\Run: [Windows Update Checker] F:\Documents and Settings\Spirit 2\Desktop\deinst_qfe002.exe
O4 - Global Startup: ONSPEED.lnk = F:\Program Files\ONSPEED\onspeed.exe
O9 - Extra button: BT Yahoo! Sidebar (HKLM)
O9 - Extra 'Tools' menuitem: BT &Yahoo! Sidebar (HKLM)
O10 - Unknown file in Winsock LSP: f:\progra~1\onspeed\sliplsp.dll
O10 - Unknown file in Winsock LSP: f:\progra~1\onspeed\sliplsp.dll
O10 - Unknown file in Winsock LSP: f:\progra~1\onspeed\sliplsp.dll
O10 - Unknown file in Winsock LSP: f:\progra~1\onspeed\sliplsp.dll
O12 - Plugin for .spop: F:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://bt.yahoo.com
O16 - DPF: {231B1C6E-F934-42A2-92B6-C2FEFEC24276} (yucsetreg Class) - F:\Program Files\Yahoo!\common\yucconfig.dll
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - F:\Program Files\Yahoo!\common\yinsthelper.dll
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://download.yaho...mail/ymmapi.dll
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://download.yaho...alls/yab_af.cab
O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} - http://photos.yahoo....plorer1_9us.cab
O16 - DPF: {EC5A4E7B-02EB-451D-B310-D5F2E0A4D8C3} (webhelper Class) - http://register.btin...bcontrol023.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{9957F689-5E68-4650-8390-E2FF002D80A0}: NameServer = 213.120.62.102 213.120.62.99

#2 andt2583

andt2583

    Member

  • Full Member
  • Pip
  • 7 posts

Posted 20 June 2004 - 12:17 PM

Is anyone gonig to reply to me ?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button