|
Logfile of HijackThis v1.98.2 - Rasandy
Your log looks clean. The following are some uncommon software, uninstall them if you are not frequently used:
Original Log Posted:
Scan saved at 09:20:28, on 11 / 12 / 2004
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ csrss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ Program Files \ Sygate \ SPF \ smc.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ Program Files \ Alwil Software \ Avast4 \ aswUpdSv.exe
C: \ Program Files \ Alwil Software \ Avast4 \ ashServ.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ system32 \ MSTask.exe
C: \ WINDOWS \ System32 \ WBEM \ WinMgmt.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ Program Files \ Picasa \ PicasaMediaDetector.exe
C: \ PROGRA~1 \ ALWILS~1 \ Avast4 \ ashDisp.exe
C: \ Program Files \ Alwil Software \ Avast4 \ ashMaiSv.exe
C: \ WINDOWS \ system32 \ cisvc.exe
C: \ WINDOWS \ system32 \ cidaemon.exe
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ WINDOWS \ explorer.exe
C: \ Program Files \ Mozilla Firefox \ firefox.exe
C: \ WINDOWS \ system32 \ taskmgr.exe
C: \ Program Files \ HijackThis.exe
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main,Search Bar = website: red.clientapps.yahoo.com / customize / ycomp / defaults / sb / *website: yahoo.com / search / ie.html
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main,Search Page = website: red.clientapps.yahoo.com / customize / ycomp / defaults / sp / *website: yahoo.com
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main,Start Page = website: yahoo.com /
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main,Default_Page_URL = website: btopenworld.com /
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ SearchURL,(Default) = website: red.clientapps.yahoo.com / customize / ycomp / defaults / su / *website: yahoo.com
R1 - HKCU \ Software \ Microsoft \ Internet Connection Wizard,ShellNext = website: yahoo.com /
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main,Window Title = Microsoft Internet Explorer provided by BTopenworld
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C: \ Program Files \ Yahoo! \ Companion \ Installs \ cpn0 \ ycomp5_5_7_0.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C: \ PROGRA~1 \ SPYBOT~1 \ SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c: \ program files \ google \ googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C: \ Program Files \ Yahoo! \ Companion \ Installs \ cpn0 \ ycomp5_5_7_0.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c: \ program files \ google \ googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C: \ WINDOWS \ system32 \ msdxm.ocx
O4 - HKLM \ .. \ Run: [SmcService] C: \ PROGRA~1 \ Sygate \ SPF \ smc.exe -startgui
O4 - HKLM \ .. \ Run: [LifeScape Media Detector] C: \ Program Files \ Picasa \ PicasaMediaDetector.exe
O4 - HKLM \ .. \ Run: [avast!] C: \ PROGRA~1 \ ALWILS~1 \ Avast4 \ ashDisp.exe
O4 - HKLM \ .. \ Run: [NeroCheck] C: \ WINDOWS \ system32 \ NeroCheck.exe
O4 - HKLM \ .. \ Run: [SpeedTouch USB Diagnostics] "C: \ Program Files \ Alcatel \ SpeedTouch USB \ Dragdiag.exe" / icon
O4 - HKLM \ .. \ Run: [Synchronization Manager] mobsync.exe / logon
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C: \ Program Files \ Common Files \ Adobe \ Calibration \ Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk.disabled
O4 - Global Startup: Microsoft Office.lnk = C: \ Program Files \ Microsoft Office \ Office \ OSA9.EXE
O4 - Global Startup: Microsoft Office.lnk.disabled
O4 - Global Startup: MyCorkboard.lnk.disabled
O4 - Global Startup: WinZip Quick Pick.lnk.disabled
O8 - Extra context menu item: &Google Search - res: / / C: \ Program Files \ Google \ GoogleToolbar1.dll / cmsearch.html
O8 - Extra context menu item: Backward Links - res: / / C: \ Program Files \ Google \ GoogleToolbar1.dll / cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res: / / C: \ Program Files \ Google \ GoogleToolbar1.dll / cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res: / / c: \ PROGRA~1 \ MICROS~1 \ OFFICE10 \ EXCEL.EXE / 3000
O8 - Extra context menu item: Similar Pages - res: / / C: \ Program Files \ Google \ GoogleToolbar1.dll / cmsimilar.html
O8 - Extra context menu item: Translate into English - res: / / C: \ Program Files \ Google \ GoogleToolbar1.dll / cmtrans.html
O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - C: \ Program Files \ IrfanView \ Ebay \ Ebay.htm
O14 - IERESET.INF: START_PAGE_URL=website: btopenworld.com /
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - website: us.dl1.yimg.com / download.yahoo.com / dl / yinst / yinst_current.cab
O16 - DPF: {71057C18-0507-4747-86BC-E11CE7512C5F} (mailhelper Class) - website: register.btinternet.com / templates / btmailcontrol013.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - website: a840.g.akamai.net / 7 / 840 / 537 / 2004061001 / housecall.trendmicro.com / housecall / xscan53.cab
O16 - DPF: {EC5A4E7B-02EB-451D-B310-D5F2E0A4D8C3} (webhelper Class) - website: register.btinternet.com / templates / btwebcontrol024.cab
O17 - HKLM \ System \ CCS \ Services \ Tcpip \ .. \ {F520A33F-D199-4677-8DE5-9FD8E17443FC}: NameServer = 194.72.9.55 194.74.65.86
|
Post your comment