Antivirus Protection
 
Forums: » Register « |  User CP |  Games |  Calendar |  Members |  FAQs |  Sitemap |  Support | 
User Name:
Password:
Remember me
Go Back   Dev Shed ForumsSystem AdministrationAntivirus Protection
Reload this Page

look-today start page (HJT log included)

Discuss look-today start page (HJT log included) in the Antivirus Protection forum on Dev Shed.
look-today start page (HJT log included) Antivirus Protection forum discussing issues relating to antivirus programs, spyware, hijack protection, and personal firewalls for all operating systems. Keep your systems protected from hackers and other hazards.

Reply
Add This Thread To:
  Del.icio.us   Digg   Google   Spurl   Blink   Furl   Simpy   Y! MyWeb 
« Previous Thread | Next Thread »  
Thread Tools Search this Thread Rate Thread Display Modes
 
Unread Dev Shed Forums Sponsor:
  #1  
Old July 29th, 2004, 11:59 PM
kyle88 kyle88 is offline
Registered User
Dev Shed Newbie (0 - 499 posts)
  
Join Date: Jul 2004
Posts: 1 kyle88 User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: < 1 sec
Reputation Power: 0
look-today start page (HJT log included)
Hi,

Ive recently been having problems with many connections being opened from my machine through the processes Iexplore and explore. This may be related to the annoying IE toolbar which has recently appeared. I’ve tried Adaware, Spybot and InoculatelIT without success, attached is my Hijack This log.

Any help would be much appreciated


Logfile of HijackThis v1.97.7
Scan saved at 4:42:34 p.m., on 30/07/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CA\eTrust\InoculateIT\InoRpc.exe
C:\Program Files\CA\eTrust\InoculateIT\InoRT.exe
C:\Program Files\CA\eTrust\InoculateIT\InoTask.exe
C:\WINDOWS\LogWatNT.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\HPPROPTY.EXE
C:\Program Files\CA\eTrust\InoculateIT\realmon.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\NetLimiter\NetLimiter.exe
c:\progra~1\intern~1\iexplore.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\RUNDLL32.EXE
c:\progra~1\intern~1\iexplore.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Games\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://look-today.com/passthrough/index.html?http://about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://wwftwhufvkmqxharhxymyx.net/abLQlCRjxXymNcwlumyI948afFxVe3nBPTj_WI4LY7l10JMPja/AXSMa2ZqFjcnn.jpg
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {E95749B6-ED49-DFAA-51DF-92C270F32FF6} - C:\PROGRA~1\CAKERO~1\CoalAdmin.exe
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [HP LaserJet ToolBox] HPPROPTY.EXE
O4 - HKLM\..\Run: [coolmulti] C:\PROGRA~1\SOAPPO~1\ToolList.exe
O4 - HKLM\..\Run: [Realtime Monitor] "C:\Program Files\CA\eTrust\InoculateIT\realmon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [Cryptographic Service] C:\WINDOWS\System32\arnspr.exe
O4 - HKLM\..\Run: [Trust cash win ref] C:\Documents and Settings\All Users\Application Data\Pile 32 trust cash\City vga.exe
O4 - HKLM\..\Run: [NetLimiter] C:\Program Files\NetLimiter\NetLimiter.exe /s
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: Research (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab


Thankyou
Reply With Quote
Reply

Viewing: Dev Shed ForumsSystem AdministrationAntivirus Protection > look-today start page (HJT log included)

« Previous Thread | Next Thread »

Thread Tools  Search this Thread 
Search this Thread:

Advanced Search
Display Modes  Rate This Thread 
Linear Mode Linear Mode
Rate This Thread:


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
View Your Warnings | New Posts | Latest News | Latest Threads | Shoutbox
Forum Jump


Forums: » Register « |  User CP |  Games |  Calendar |  Members |  FAQs |  Sitemap |  Support | 
  
 





© 2003-2008 by Developer Shed. All rights reserved. DS Cluster 6 hosted by Hostway
Stay green...Green IT