Tech Support Forum - View Single Post

BZW · 05-28-2005, 06:24 PM

====================================================================
Log was analyzed using KRC HijackThis Analyzer - Updated on 4/1/05
Get updates at http://www.greyknight17.com/download.htm#programs

***Security Programs Detected***

C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone

Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot -

Search & Destroy\TeaTimer.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs LLC -

C:\WINDOWS\system32\ZoneLabs\vsmon.exe

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Logfile of HijackThis v1.99.1
Scan saved at 5:13:28 PM, on 5/28/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

http://darkhippie.adsl.dk/boards.asp?msgb=1
O1 - Hosts: 64.91.255.87 www.dcsresearch.com
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe

NvMCTray.dll,NvTaskbarInit
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501}

- C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console -

{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program

Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility)

- http://www.pctuneup.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX

Player) - http://www.cult3d.com/download/cult.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl

Class) -

http://v5.windowsupdate.microsoft.co...rols/en/x86/cl

ient/wuweb_site.cab?1108188222434
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control)

-

http://a840.g.akamai.net/7/840/537/2....trendmicro.co

m/housecall/xscan53.cab
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service

(default)) - Analog Devices, Inc. - C:\Program Files\Analog

Devices\SoundMAX\SMAgent.exe

End of KRC HijackThis Analyzer Log.
====================================================================

05-28-2005, 06:24 PM	#7 (permalink)
BZW Member Join Date: Apr 2005 Posts: 27 OS: WinXP sp2	==================================================================== Log was analyzed using KRC HijackThis Analyzer - Updated on 4/1/05 Get updates at http://www.greyknight17.com/download.htm#programs *Security Programs Detected* C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Logfile of HijackThis v1.99.1 Scan saved at 5:13:28 PM, on 5/28/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\Program Files\Windows NT\Accessories\WORDPAD.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://darkhippie.adsl.dk/boards.asp?msgb=1 O1 - Hosts: 64.91.255.87 www.dcsresearch.com O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pctuneup.com/pcpitstop/PCPitStop.CAB O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...rols/en/x86/cl ient/wuweb_site.cab?1108188222434 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2....trendmicro.co m/housecall/xscan53.cab O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe End of KRC HijackThis Analyzer Log. ====================================================================