ddr_wizard

Members
 View Profile  See their activity

  • Content Count

    2

  • Joined

  • Last visited

 Content Type 

Posts posted by ddr_wizard

  1. Constant Traffic On Idle Connection

    in Malware Removal

    Posted · Edited by ddr_wizard

    all the traffic has stopped :)

    yeah it had sysinternals on the manufacture im pretty sure this is not harmful.

    I think i solved the problem BTW ... the DSL/phone jack splitter thing, well my internet was plugged into the phone line side :/ this would probably explain why i got so many connection attempts from them and a lot of other worldwide telecommunication addresses, you think?

    Thank you Danny for your time in helping me resolve this issue much appreciated.

    Kaspersky did not find anything in my system

  2. Constant Traffic On Idle Connection

    in Malware Removal

    Posted

    Logfile of HijackThis v1.99.1

    Scan saved at 10:56:29 AM, on 2/25/2007

    Platform: Windows XP SP2 (WinNT 5.01.2600)

    MSIE: Internet Explorer v7.00 (7.00.5730.0011)

    Running processes:

    C:\WINDOWS\System32\smss.exe

    C:\WINDOWS\system32\winlogon.exe

    C:\WINDOWS\system32\services.exe

    C:\WINDOWS\system32\lsass.exe

    C:\WINDOWS\system32\svchost.exe

    C:\WINDOWS\System32\svchost.exe

    C:\WINDOWS\Explorer.EXE

    C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe

    C:\WINDOWS\system32\ctfmon.exe

    C:\Program Files\Macro Express3\MacExp.exe

    C:\WINDOWS\system32\sndvol32.exe

    C:\Program Files\Creative Professional\E-MU PatchMix DSP\EmuPatchMixDSP.exe

    C:\Program Files\AutoHotkey\AutoHotkey.exe

    C:\Program Files\Macro Express3\macedit.exe

    C:\WINDOWS\system32\svchost.exe

    C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe

    C:\Program Files\Mozilla Firefox\firefox.exe

    C:\Program Files\mIRC\mirc.exe

    C:\WINDOWS\system32\NOTEPAD.EXE

    C:\Program Files\WinRAR\WinRAR.exe

    C:\HiJackthis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/

    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 128.195.25.100:3128

    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

    O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.2.7.dll

    O2 - BHO: (no name) - {598F4775-6FB6-477B-9842-E0426824E077} - C:\DOCUME~1\Peter\LOCALS~1\Temp\~DP19B.dll (file missing)

    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdmcks.dll

    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP

    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

    O4 - HKCU\..\Run: [bitComet] "C:\Program Files\BitComet\BitComet.exe"

    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

    O4 - Startup: Shortcut to EmuPatchMixDSP.exe.lnk = C:\Program Files\Creative Professional\E-MU PatchMix DSP\EmuPatchMixDSP.exe

    O4 - Startup: Shortcut to MiddleclicktoRightclick.lnk = ?

    O4 - Global Startup: Macro Express 3.lnk = C:\Program Files\Macro Express3\MacExp.exe

    O4 - Global Startup: Volume Control.lnk = C:\WINDOWS\system32\sndvol32.exe

    O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm

    O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm

    O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm

    O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm

    O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm

    O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm

    O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe

    O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe

    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

    O11 - Options group: [iNTERNATIONAL] International*

    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll

    O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.3.102.cab

    O16 - DPF: {6054D082-355D-4B47-B77C-36A778899F48} (Upgrade Class) - http://qmedia.xlontech.net/100348/qm/lates...ull06061501.cab

    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1164112122937

    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe

    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe

    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe

    O23 - Service: YUUZR - Sysinternals - www.sysinternals.com - C:\DOCUME~1\Peter\LOCALS~1\Temp\YUUZR.exe

    ---------------------------------------------

    Multiple connection attempts from my isp and other global isp my router only blocks half of them