[Solved] do i have a worm or virus here is log

Home | Forums | Rules | Chat | Donate!

"There's no such thing as a stupid question,
but they're the easiest to answer!"

HelpOnThe.Net > TSG Forums > Internet & Networking > Security
do i have a worm or virus here is log
Welcome, dubbie299.
You last visited: Today at 08:24 AM
Private Messages: 0 Unread, Total 0.

User CP FAQ Members List Calendar New Posts Search Quick Links Log Out

Search Forums

Advanced Search

Quick Links
New Posts
Mark Forums Read
Open Buddy List
User Control Panel
Edit Signature
Edit Avatar
Edit Profile
Edit Options
Miscellaneous
Private Messages
Subscribed Threads
My Profile
Who's Online

If you've found this site helpful, please make a donation!
View First Unread Thread Tools Search this Thread Display Modes

#1 Today, 09:31 AM
dubbie299
Junior Member Join Date: Apr 2004
Posts: 1

do i have a worm or virus here is log

--------------------------------------------------------------------------------

Logfile of HijackThis v1.97.7
Scan saved at 9:06:26 AM, on 4/10/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\PROGRAMS\System32\smss.exe
C:\PROGRAMS\system32\winlogon.exe
C:\PROGRAMS\system32\services.exe
C:\PROGRAMS\system32\lsass.exe
C:\PROGRAMS\system32\svchost.exe
C:\PROGRAMS\System32\svchost.exe
C:\PROGRAMS\system32\spoolsv.exe
C:\PROGRAMS\Explorer.EXE
C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Yahoo!\Messenger\ypager.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\wmconnecta\wmtray.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
C:\PROGRAMS\System32\PackethSvc.exe
C:\PROGRAMS\System32\svchost.exe
C:\PROGRAMS\PCHEALTH\HELPCTR\Binaries\helpctr.exe
C:\PROGRAMS\PCHealth\HelpCtr\Binaries\HelpSvc.exe
C:\PROGRAMS\PCHealth\HelpCtr\Binaries\HelpHost.exe
C:\Program Files\wmconnecta\wwm.exe
C:\PROGRAMS\PCHEALTH\HELPCTR\Binaries\HelpCtr.exe
C:\PROGRA~1\WINZIP\winzip32.exe
C:\Documents And Settings\Administrator.RICHARD-BT7OPP4\Local Settings\Temp\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cus...rch/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/cus...//www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://red.clientapps.yahoo.com/cus...://my.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cus...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/cus...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://red.clientapps.yahoo.com/cus...://my.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapps.yahoo.com/cus...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/cus...//www.yahoo.com
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\ycomp5_3_16_0.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\PROGRAMS\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\ycomp5_3_16_0.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O4 - Global Startup: Wal-Mart Connect Tray Icon.lnk = C:\Program Files\wmconnecta\wmtray.exe
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra button: Real.com (HKLM)
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://download.yahoo.com/dl/installs/yinst0401.cab
O16 - DPF: {4FCE7460-D289-4037-A570-4E4DED74ADC9} (WebTrackOCXX4.WebTrackOCX4) - http://www.mediatechnics.net/np5cd/...ebTrackOCX4.CAB
O16 - DPF: {8D023D6D-5494-459E-A163-BD0A5DFADDE1} (YMSC Class) - http://download.yahoo.com/dl/toolbar/modules/ymsc.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.c...8063.8693055556
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yah.../ymmapi_416.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pu...ash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B50E5210-D408-4EAE-8BDB-9E587031F665}: NameServer = 205.188.146.146

dubbie299
View Public Profile
Send a private message to dubbie299
Find all posts by dubbie299
Add dubbie299 to Your Buddy List

Donate to turn off
this ad bar!

« Previous Thread | Next Thread »

Quick Reply
Message:

Options
Quote message in reply?