Jump to content


Photo

I'M NEW! =D


  • This topic is locked This topic is locked
2 replies to this topic

#1 B3ZKONTROLU

B3ZKONTROLU

    [R][O][M][A][N]

  • Full Member
  • Pip
  • 2 posts

Posted 14 August 2005 - 12:19 AM

Now when I say "I'm new" i really really mean that i'm new! lol I registered today and already posting something just to get into this, new to me, atmosphere and see if you can help me out, guide me, and so on, to where i need to go, what i need to learn, and what i need to know for the future!

THANKING YOU IN ADVANCE!

MY QUESTION ---> WHAT CAN YOU TELL ME ABOUT THE FOLLOWING?

Logfile of HijackThis v1.99.1
Scan saved at 1:47:39 AM, on 8/14/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
c:\TOSHIBA\Ivp\Swupdate\swupdtmr.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\program files\half life\steam.exe
C:\PROGRA~1\COMMON~1\kquq\kquqm.exe
C:\PROGRA~1\COMMON~1\kquq\kquqa.exe
C:\Program Files\Serials 2000 7.1 Plus\serial2k.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\Program Files\Adobe\Photoshop CS\Photoshop.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Documents and Settings\Trauma\Desktop\PrOgRaMz\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.toshiba.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshiba.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://r.office.micr...streg?clid=1033
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program [FONT=Courier]Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\half life\steam.exe" -silent
O4 - HKCU\..\Run: [ZeroSpyware Lite] "C:\Program Files\ZeroSpyware Lite\ZeroSpyware Lite.exe" -STARTUP
O4 - HKCU\..\Run: [NetGuard Lite] "C:\Program Files\ZeroSpyware Lite\NetGuard Lite.exe" -STARTUP
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [kquq] C:\PROGRA~1\COMMON~1\kquq\kquqm.exe
O4 - HKCU\..\Run: [Spyware-Cop] "C:\PROGRA~1\SPYWAR~1\Spyware-Cop.exe" /s
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.toshiba.com
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.co...ad/MsnPUpld.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Swupdtmr - Unknown owner - c:\TOSHIBA\Ivp\Swupdate\swupdtmr.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

Edited by B3ZKONTROLU, 14 August 2005 - 12:36 AM.

Сосни

Ти вийшла заміж за весну,
Ти вийшла заміж за весну
Мені лишила осінь
І запах твоїх сосен.

Машина їде по шосе
Вона мене туди несе
Де я не був ще досі,
Там чути запах сосен.

Сльози колишуться за вікном
Сосни - навколо мене стіна
Сльози лякають своїм теплом
Сосни - най-най-най-най-най.

Хвилина їсть мої слова
Година їсть мої слова
А ніч опустить очі
Вона мене не хоче

Кохання бігало в садок
Кохання бавилось в пісок
Воно ходило в школу
А далі був лиш холод.

Ти вийшла заміж за весну
Ти вийшла заміж за весну
І запах твоїх сосен
Мені сказав вже досить.

#2 cnm

cnm

    Mother Lion of SWI

  • Retired Staff
  • PipPipPipPipPip
  • 25,317 posts

Posted 14 August 2005 - 09:12 AM

Nothing obviously malevolent in your log. However Spyware-Cop is unsavory. You'll find it listed here: Rogue/Suspect Antispyware. I would uninstall it.

There are excellent free antispyware programs:
Spybot Search and Destroy Tutorial and support forum at http://net-integrati...t/spybotsd.html

If you want to learn about spyware, consider joining the Boot Camp. Lots of good info and fine teachers. The Boot Camp here.
Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE

#3 B3ZKONTROLU

B3ZKONTROLU

    [R][O][M][A][N]

  • Full Member
  • Pip
  • 2 posts

Posted 14 August 2005 - 10:08 AM

Nothing obviously malevolent in your log.  However Spyware-Cop is unsavory.  You'll find it listed here: Rogue/Suspect Antispyware.  I would uninstall it.

There are excellent free antispyware programs:
Spybot Search and Destroy Tutorial and support forum at http://net-integrati...t/spybotsd.html

If you want to learn about spyware, consider joining the Boot Camp.  Lots of good info and fine teachers. The Boot Camp here.

View Post


thanks for getting back to me! :D
Сосни

Ти вийшла заміж за весну,
Ти вийшла заміж за весну
Мені лишила осінь
І запах твоїх сосен.

Машина їде по шосе
Вона мене туди несе
Де я не був ще досі,
Там чути запах сосен.

Сльози колишуться за вікном
Сосни - навколо мене стіна
Сльози лякають своїм теплом
Сосни - най-най-най-най-най.

Хвилина їсть мої слова
Година їсть мої слова
А ніч опустить очі
Вона мене не хоче

Кохання бігало в садок
Кохання бавилось в пісок
Воно ходило в школу
А далі був лиш холод.

Ти вийшла заміж за весну
Ти вийшла заміж за весну
І запах твоїх сосен
Мені сказав вже досить.




Member of UNITE
Support SpywareInfo Forum - click the button