Thread: Problems here...
View Single Post
  #7  
Old 04-14-2005, 09:31 PM
sula sula is offline
Junior Member
  
Join Date: Apr 2005
Posts: 8
Hi ok, well I've checked were you told me... no sign of winupdate...son I did the rest...here's my log

Logfile of HijackThis v1.99.1
Scan saved at 21:29:30, on 2005-04-14
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\mocih.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\cmdtel.exe
C:\WINDOWS\system32\netdde.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\PROGRA~1\NETASS~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Visual Networks\Visual IP InSight\Sympatico Consumer\IPClient.exe
C:\Program Files\Visual Networks\Visual IP InSight\Sympatico Consumer\IPMon32.exe
C:\WINDOWS\System32\ufaticom.exe
C:\windows\system32\taskmg.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
C:\Documents and Settings\Olivier\Menu Démarrer\Programmes\Démarrage\winupdate03430305[1].exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\NetAssistant\bin\mpbtn.exe
C:\WINDOWS\System32\rundll32.exe
C:\Documents and Settings\Olivier\Bureau\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://w-find.com/sp.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://w-find.com/index.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://w-find.com/index.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://w-find.com/sp.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://w-find.com/index.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Loader Class - {2E246FAE-8420-11D9-870D-000C2917DE7F} - C:\WINDOWS\SYSTEM\Loader.dll
O2 - BHO: BHOmodObj Class - {7F6828CA-9E42-462C-BC60-418C8144012C} - c:\windows\system\BHOmod.dll
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\NETASS~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [IPInSightLAN 01] "C:\Program Files\Visual Networks\Visual IP InSight\Sympatico Consumer\IPClient.exe" -l
O4 - HKLM\..\Run: [IPInSightMonitor 01] "C:\Program Files\Visual Networks\Visual IP InSight\Sympatico Consumer\IPMon32.exe"
O4 - HKLM\..\RunOnce: [Srv32 spool service] C:\WINDOWS\System32\spoolsrv32.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - HKCU\..\Run: [labjyji] c:\windows\xmdwvgd.exe
O4 - HKCU\..\Run: [eydqnxw] c:\windows\xmdwvgd.exe
O4 - HKCU\..\Run: [rbcqgpr] c:\windows\ayqswnt.exe
O4 - HKCU\..\Run: [qidkenp] c:\windows\ayqswnt.exe
O4 - HKCU\..\Run: [lxqqhkt] c:\windows\ayqswnt.exe
O4 - HKCU\..\Run: [qyiygej] c:\windows\ayqswnt.exe
O4 - HKCU\..\Run: [viggfwp] c:\windows\ayqswnt.exe
O4 - HKCU\..\Run: [yircvyf] c:\windows\ayqswnt.exe
O4 - HKCU\..\Run: [umloyqw] c:\windows\ayqswnt.exe
O4 - HKCU\..\Run: [jdrjtks] c:\windows\ayqswnt.exe
O4 - HKCU\..\Run: [grmfvmh] c:\windows\ayqswnt.exe
O4 - HKCU\..\Run: [kxmrqrt] c:\windows\ayqswnt.exe
O4 - HKCU\..\Run: [fdxhwqw] c:\windows\ayqswnt.exe
O4 - HKCU\..\Run: [ekfiwra] c:\windows\peqygva.exe
O4 - HKCU\..\RunOnce: [Srv32 spool service] C:\WINDOWS\System32\spoolsrv32.exe
O4 - Startup: winupdate03430305[1].exe
O4 - Startup: winupdate07872521[1].exe
O4 - Startup: winupdate52561670[1].exe
O4 - Global Startup: Assistant Internet.lnk = C:\Program Files\NetAssistant\bin\matcli.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Universite Laval Client VPN ULaval.lnk = C:\Program Files\UnivLaval\vpngui.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: Microsoft AntiSpyware helper - {7A237B81-9A42-404D-89E5-76AA84F49C01} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {7A237B81-9A42-404D-89E5-76AA84F49C01} - (no file) (HKCU)
O16 - DPF: {08BF6530-81D5-32FF-D4A6-33AC59A50AA4} - http://69.50.182.94/1/rdgCA1882.exe
O16 - DPF: {63AFB621-C329-083B-14AF-79670A3CC662} - http://69.50.182.94/1/rdgCA1882.exe
O23 - Service: Trace network connections (ACCRA) - Unknown owner - C:\WINDOWS\System32\mocih.exe
O23 - Service: Loading Outpost Connections (KDE) - Unknown owner - C:\WINDOWS\System32\cmdtel.exe

winupdate is still here...don't know what is the problem... hope you can still help me...and again.. thanks for all your advice..
Reply With Quote