Question
-
Topic
-
Hijack Log included – Unable to download any files
LockedI have checked, changed and rechecked security settings numerous times. Unable to download any files from any sites and also unable to log into windows live messenger. Here is a hijack this log file
Logfile of HijackThis v1.99.1
Scan saved at 8:59:03 PM, on 3/5/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\Program Files\Windows Defender\MsMpEng.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\ZoneLabs\vsmon.exe
F:\WINDOWS\system32\LEXBCES.EXE
F:\WINDOWS\system32\spoolsv.exe
F:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
F:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
F:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
F:\WINDOWS\system32\cisvc.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\runservice.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\cidaemon.exe
F:\WINDOWS\Explorer.EXE
F:\Program Files\QuickTime\qttask.exe
F:\WINDOWS\system32\lexpps.exe
F:\WINDOWS\system32\ctfmon.exe
F:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
F:\Program Files\MSN Messenger\msnmsgr.exe
F:\PROGRA~1\DESKTO~1\datray.exe
F:\Program Files\Internet Explorer\iexplore.exe
F:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\HiJackThis\HijackThis.exeR1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
O1 – Hosts: 65.54.239.80 messenger.hotmail.com
O1 – Hosts: 65.54.239.80 dp.msnmessenger.akadns.net
O2 – BHO: (no name) – {7E853D72-626A-48EC-A868-BA8D5E23E045} – (no file)
O4 – HKLM\..\Run: [QuickTime Task] “F:\Program Files\QuickTime\qttask.exe” -atboottime
O4 – HKCU\..\Run: [ctfmon.exe] F:\WINDOWS\system32\ctfmon.exe
O4 – HKCU\..\Run: [Yahoo! Pager] “F:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE” -quiet
O4 – HKCU\..\Run: [Desktop Architect] “F:\PROGRA~1\DESKTO~1\datray.exe” -S
O15 – Trusted Zone: http://www.reflexive.com
O16 – DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) – http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1172001704921
O16 – DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games – Installer) – http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab55579.cab
O17 – HKLM\System\CCS\Services\Tcpip\Parameters: Domain = connie
O17 – HKLM\Software\..\Telephony: DomainName = connie
O17 – HKLM\System\CS1\Services\Tcpip\Parameters: Domain = connie
O18 – Protocol: livecall – {828030A1-22C1-4009-854F-8E305202313F} – F:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 – Protocol: msnim – {828030A1-22C1-4009-854F-8E305202313F} – F:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 – Winlogon Notify: WgaLogon – F:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 – Service: AVG7 Alert Manager Server (Avg7Alrt) – GRISOFT, s.r.o. – F:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 – Service: AVG7 Update Service (Avg7UpdSvc) – GRISOFT, s.r.o. – F:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 – Service: AVG E-mail Scanner (AVGEMS) – GRISOFT, s.r.o. – F:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 – Service: InstallDriver Table Manager (IDriverT) – Macrovision Corporation – F:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 – Service: LexBce Server (LexBceS) – Lexmark International, Inc. – F:\WINDOWS\system32\LEXBCES.EXE
O23 – Service: LicCtrl Service (LicCtrlService) – Unknown owner – F:\WINDOWS\runservice.exe
O23 – Service: TrueVector Internet Monitor (vsmon) – Zone Labs, LLC – F:\WINDOWS\system32\ZoneLabs\vsmon.exe
