By using this site, D-A-L.com you agree to be bound by these rules
DAL Computer Help > Internet Issues Including Security > Spyware, Adware and Viruses
Got another one
Welcome, spud.
You last visited: Today at 04:15 PM
Private Messages: 0 Unread, Total 99.
Homepage User CP FAQ Members List Donation Arcade New Posts Search Quick Links Log Out
Search Forums
Advanced Search
Quick Links
New Posts
Mark Forums Read
Open Buddy List
User Control Panel
Edit Signature
Edit Avatar
Edit Profile
Edit Options
Miscellaneous
Private Messages
Subscribed Threads
My Profile
Who's Online
Did we help you? Please support us and make a small donation to help keep the site running | Click Here |
View First Unread Thread Tools Search this Thread Rate Thread Display Modes
#1 Today, 05:07 PM
mltor
Junior Member Join Date: Aug 2004
Posts: 6
Got another one
--------------------------------------------------------------------------------
In Safe mode I:
Ran Housecall (No Viruses)
Ran Spybot: found and removed alot of things
Ran Adaware: found and removed ALOT of things!
HJT log below
Code:
Logfile of HijackThis v1.97.7
Scan saved at 12:04:03 PM, on 12/14/2004
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Intel\ASF Agent\AS***ent.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
C:\WINNT\SYSTEM32\DWRCS.EXE
C:\WINNT\System32\svchost.exe
C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
c:\program files\ultravnc\winvnc.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\hkcmd.exe
C:\Program Files\Common Files\Adaptec Shared\CreateCD\CreateCD50.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
C:\WINNT\system32\spool\drivers\w32x86\3\hpztsb09. exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Scansoft\PaperPort\pptd40nt.exe
C:\Program Files\ScanSoft\OmniPagePro11.0\opware32.exe
C:\Program Files\Castelle\FaxPress\FaxTray.Exe
C:\Program Files\Castelle\FaxPress\ExCnvt.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
C:\WINNT\system32\ctfmon.exe
C:\Program Files\Scansoft\PaperPort\xdcla.exe
C:\Hijack this\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://news.google.com/nwshp?hl=en&gl=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://smbusiness.dellnet.com/
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINNT\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\system32\hkcmd.exe
O4 - HKLM\..\Run: [CreateCD50] "C:\Program Files\Common Files\Adaptec Shared\CreateCD\CreateCD50.exe" -r
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [QuickFinder Scheduler] "C:\Program Files\WordPerfect Office 11\Programs\QFSCHD110.EXE"
O4 - HKLM\..\Run: [WinVNC] "c:\program files\ultravnc\winvnc.exe" -servicehelper
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINNT\system32\spool\drivers\w32x86\3\hpztsb09. exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\Scansoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\Scansoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPagePro11.0\opware32.exe
O4 - HKLM\..\Run: [CstlFaxTray] C:\Program Files\Castelle\FaxPress\FaxTray.Exe /s
O4 - HKLM\..\Run: [FPEXCNVT] C:\Program Files\Castelle\FaxPress\ExCnvt.exe
O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 - Startup: AIM.lnk = EDSISS\pl50.exe
O4 - Startup: Microsoft Office Outlook 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
O4 - Global Startup: Image Retriever.lnk = C:\Program Files\Scansoft\PaperPort\xdcla.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) -
http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) -
http://security.symantec.com/sscv6/...bin/AvSniff.cab
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) -
http://office.microsoft.com/officeu...ontent/opuc.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) -
http://security.symantec.com/sscv6/...n/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
http://a840.g.akamai.net/7/840/537/...all/xscan53.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) -
http://v4.windowsupdate.microsoft.c...7939.5166319444
O16 - DPF: {CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA} (Java Runtime Environment 1.4.0_02) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://download.macromedia.com/pub/...ash/swflash.cab
O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} -
http://download.abacast.com/downloa...abasetup151.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = katzbarron.local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = katzbarron.local
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = katzbarron.local
mltor
View Public Profile
Challenge mltor in the Arcade
Send a private message to mltor
Find all posts by mltor
Add mltor to Your Buddy List
« Previous Thread | Next Thread »
Quick Reply
Message:
Options
Show your signature Quote message in reply?
Thread Tools
Show Printable Version
Email this Page
Subscribe to this Thread
Display Modes
Linear Mode
Switch to Hybrid Mode
Switch to Threaded Mode
Search this Thread
Advanced Search
Rate This Thread
Excellent
Good
Average
Bad
Terrible
Did we help you? Please support us and make a small donation to help keep the site running | Click Here |
Posting Rules
You may post new threads
You may post replies
You may post attachments
You may edit your posts
--------------------------------------------------------------------------------
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump
Please select one User Control Panel Private Messages Subscriptions Who's Online Search Forums Forums Home -------------------- Windows Operating System Issues Windows XP Issues Windows ME Issues Windows 2000 Issues Windows 98/98SE Web Design and Coding Download Website Templates Web Design Help Private Mods Room
All times are GMT. The time now is 05:36 PM.
Download Website Templates - PC Directory - DAL Computer Help - Archive - Top
Powered by: vBulletin Version 3.0.1
Copyright ©2000 - 2004, Jelsoft Enterprises Ltd.
Copyright 2004 D-A-L.com
