Question

  • Creator
    Topic
  • #2269586

    Hijack Log included – Unable to download any files

    Locked

    by chawoodle ·

    I have checked, changed and rechecked security settings numerous times. Unable to download any files from any sites and also unable to log into windows live messenger. Here is a hijack this log file

    Logfile of HijackThis v1.99.1
    Scan saved at 8:59:03 PM, on 3/5/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    F:\WINDOWS\System32\smss.exe
    F:\WINDOWS\system32\winlogon.exe
    F:\WINDOWS\system32\services.exe
    F:\WINDOWS\system32\lsass.exe
    F:\WINDOWS\system32\svchost.exe
    F:\Program Files\Windows Defender\MsMpEng.exe
    F:\WINDOWS\System32\svchost.exe
    F:\WINDOWS\system32\ZoneLabs\vsmon.exe
    F:\WINDOWS\system32\LEXBCES.EXE
    F:\WINDOWS\system32\spoolsv.exe
    F:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    F:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    F:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    F:\WINDOWS\system32\cisvc.exe
    F:\WINDOWS\System32\svchost.exe
    F:\WINDOWS\runservice.exe
    F:\WINDOWS\System32\svchost.exe
    F:\WINDOWS\system32\cidaemon.exe
    F:\WINDOWS\Explorer.EXE
    F:\Program Files\QuickTime\qttask.exe
    F:\WINDOWS\system32\lexpps.exe
    F:\WINDOWS\system32\ctfmon.exe
    F:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
    F:\Program Files\MSN Messenger\msnmsgr.exe
    F:\PROGRA~1\DESKTO~1\datray.exe
    F:\Program Files\Internet Explorer\iexplore.exe
    F:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\HiJackThis\HijackThis.exe

    R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
    R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
    R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
    R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
    R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
    O1 – Hosts: 65.54.239.80 messenger.hotmail.com
    O1 – Hosts: 65.54.239.80 dp.msnmessenger.akadns.net
    O2 – BHO: (no name) – {7E853D72-626A-48EC-A868-BA8D5E23E045} – (no file)
    O4 – HKLM\..\Run: [QuickTime Task] “F:\Program Files\QuickTime\qttask.exe” -atboottime
    O4 – HKCU\..\Run: [ctfmon.exe] F:\WINDOWS\system32\ctfmon.exe
    O4 – HKCU\..\Run: [Yahoo! Pager] “F:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE” -quiet
    O4 – HKCU\..\Run: [Desktop Architect] “F:\PROGRA~1\DESKTO~1\datray.exe” -S
    O15 – Trusted Zone: http://www.reflexive.com
    O16 – DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) – http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1172001704921
    O16 – DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games – Installer) – http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab55579.cab
    O17 – HKLM\System\CCS\Services\Tcpip\Parameters: Domain = connie
    O17 – HKLM\Software\..\Telephony: DomainName = connie
    O17 – HKLM\System\CS1\Services\Tcpip\Parameters: Domain = connie
    O18 – Protocol: livecall – {828030A1-22C1-4009-854F-8E305202313F} – F:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 – Protocol: msnim – {828030A1-22C1-4009-854F-8E305202313F} – F:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 – Winlogon Notify: WgaLogon – F:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 – Service: AVG7 Alert Manager Server (Avg7Alrt) – GRISOFT, s.r.o. – F:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    O23 – Service: AVG7 Update Service (Avg7UpdSvc) – GRISOFT, s.r.o. – F:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    O23 – Service: AVG E-mail Scanner (AVGEMS) – GRISOFT, s.r.o. – F:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    O23 – Service: InstallDriver Table Manager (IDriverT) – Macrovision Corporation – F:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 – Service: LexBce Server (LexBceS) – Lexmark International, Inc. – F:\WINDOWS\system32\LEXBCES.EXE
    O23 – Service: LicCtrl Service (LicCtrlService) – Unknown owner – F:\WINDOWS\runservice.exe
    O23 – Service: TrueVector Internet Monitor (vsmon) – Zone Labs, LLC – F:\WINDOWS\system32\ZoneLabs\vsmon.exe

All Answers

Viewing 1 reply thread