|
|
#1
November 9th, 2003, 05:03 PM
|
|||
|
|||
joe505505: Problems with rightfinder.net... Spyware??
Hello
sorry for my horrible englisch I have a problem with rightfinder.net I have run the HijackThis - program with the result you can read below I have the program C:\WINDOWS\Addclass.exe. I have not the program C:\WINDOWS\ScrSvr.exe My questions: Which lines should I mark with HijackThis, so that HijackThis can fix the checked lines or programs? Should I delete the program Addclass.exe? What does it mean that I don`t have the ScrSvr.exe program? Should I delete another programs? Thank you very much for your help joe Logfile of HijackThis v1.97.3 Scan saved at 22:38:33, on 09.11.2003 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Programme\AVPersonal\AVGUARD.EXE C:\Programme\AVPersonal\AVWUPSRV.EXE C:\WINDOWS\Explorer.EXE C:\Programme\Java\j2re1.4.2_01\bin\jusched.exe C:\WINDOWS\System32\ctfmon.exe C:\Programme\OpenOffice.org1.0.3\program\soffice.exe C:\Programme\Internet Explorer\iexplore.exe C:\PROGRA~1\WINZIP\winzip32.exe C:\Dokumente und Einstellungen\Rainer\Lokale Einstellungen\Temp\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.rightfinder.net/search/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.rightfinder.net/search/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.rightfinder.net/search/ R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.rightfinder.net/search/ R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.rightfinder.net/search/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rightfinder.net/hp/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.rightfinder.net/search/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.rightfinder.net/search/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.rightfinder.net/search/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.rightfinder.net/search/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.rightfinder.net/search/ R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.rightfinder.net/search/ O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [TkBellExe] C:\Programme\Gemeinsame Dateien\Real\Update_OB\evntsvc.exe -osboot O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\j2re1.4.2_01\bin\jusched.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [AVGCtrl] C:\Programme\AVPersonal\AVGNT.EXE /min O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [LPS] C:\Programme\LPS\LPS.exe O4 - HKCU\..\Run: [AddClass] C:\WINDOWS\AddClass.exe O4 - Startup: Verknüpfung mit quickstart.exe.lnk = C:\Programme\OpenOffice.org1.0.3\program\quickstart.exe O9 - Extra 'Tools' menuitem: Sun Java Konsole (HKLM) O12 - Plugin for .mpeg: C:\Programme\Internet Explorer\PLUGINS\npqtplugin3.dll O12 - Plugin for .mpg: C:\Programme\Internet Explorer\PLUGINS\npqtplugin3.dll O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab O16 - DPF: {CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1_01) - O16 - DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1_02) - O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{9DB6049A-05EE-4363-BD0D-84057D19C7E8}: NameServer = 212.185.248.50 194.25.2.129 |
|
#2
November 9th, 2003, 05:09 PM
|
||||
|
||||
|
Re:Problems with rightfinder.net... Spyware??
Welcome to the board. And your English is fine!
 Check, and have Hijack This fix the following: R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.rightfinder.net/search/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.rightfinder.net/search/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.rightfinder.net/search/ R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.rightfinder.net/search/ R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.rightfinder.net/search/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rightfinder.net/hp/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.rightfinder.net/search/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.rightfinder.net/search/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.rightfinder.net/search/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.rightfinder.net/search/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.rightfinder.net/search/ R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.rightfinder.net/search/ O4 - HKCU\..\Run: [AddClass] C:\WINDOWS\AddClass.exe Now restart your computer, and delete the C:\WINDOWS\AddClass.exe file itself. Good luck,
__________________
Tony < > CLSID List - A Collection of Autostart Locations |
|
#3
November 9th, 2003, 05:11 PM
|
||||
|
||||
|
Re:Problems with rightfinder.net... Spyware??
BTW, just out of curiosity, what exactly is that C:\Programme\LPS\LPS.exe file that's starting up as Windows starts?
Could you tell us what program it belongs to, please?
__________________
Tony < > CLSID List - A Collection of Autostart Locations |
|
#4
November 9th, 2003, 06:13 PM
|
|||
|
|||
|
Re:Problems with rightfinder.net... Spyware??
Hello,
thank you very much for your help. It works. I dont understand the letters "BTW" and the words "just out of curiosity" What does it mean? The program LPS is a Local Port Scanner. I was not able to find the LPS.exe on my computer. The only thing I found was a log file, which you can see at the end. I think I should delete the folder C:/Programme/LPS and with the msconfig program I can delete the start of the LPS.exe program Do you think it is ok cu joe Log File: 09.09.2003 00:06:30: Started full TCP scanning on IP:XXX.0.0.1 09.09.2003 00:06:30: Scanning TCP - port 1 ... 09.09.2003 00:06:31: Scanning TCP - port 2 ... 09.09.2003 00:06:32: Scanning TCP - port 3 ... 09.09.2003 00:06:33: Scanning TCP - port 4 ... 09.09.2003 00:06:34: Scanning TCP - port 5 ... 09.09.2003 00:06:35: Scanning TCP - port 6 ... 09.09.2003 00:06:36: Scanning TCP - port 7 ... 09.09.2003 00:06:37: Scanning TCP - port 8 ... 09.09.2003 00:06:38: Scanning TCP - port 9 ... 09.09.2003 00:06:39: Scanning TCP - port 10 ... 09.09.2003 00:06:40: Scanning TCP - port 11 ... 09.09.2003 00:06:41: Scanning TCP - port 12 ... 09.09.2003 00:06:42: Scanning TCP - port 13 ... 09.09.2003 00:06:43: Scanning TCP - port 14 ... 09.09.2003 00:06:44: Scanning TCP - port 15 ... 09.09.2003 00:06:45: Scanning TCP - port 16 ... 09.09.2003 00:06:46: Scanning TCP - port 17 ... 09.09.2003 00:06:47: Scanning TCP - port 18 ... 09.09.2003 00:06:48: Scanning TCP - port 19 ... 09.09.2003 00:06:49: Scanning TCP - port 20 ... 09.09.2003 00:06:50: Scanning TCP - port 21 ... 09.09.2003 00:06:51: Scanning TCP - port 22 ... 09.09.2003 00:06:52: Scanning TCP - port 23 ... 09.09.2003 00:06:53: Scanning TCP - port 24 ... 09.09.2003 00:06:54: Scanning TCP - port 25 ... 09.09.2003 00:06:55: Scanning TCP - port 26 ... 09.09.2003 00:06:56: Scanning TCP - port 27 ... 09.09.2003 00:06:57: Scanning TCP - port 28 ... 09.09.2003 00:06:58: Scanning TCP - port 29 ... 09.09.2003 00:06:59: Scanning TCP - port 30 ... 09.09.2003 00:07:00: Scanning TCP - port 31 ... 09.09.2003 00:07:01: Scanning TCP - port 32 ... 09.09.2003 00:07:02: Scanning TCP - port 33 ... 09.09.2003 00:07:03: Scanning TCP - port 34 ... 09.09.2003 00:07:04: Scanning TCP - port 35 ... 09.09.2003 00:07:05: Scanning TCP - port 36 ... 09.09.2003 00:07:06: Scanning TCP - port 37 ... 09.09.2003 00:07:07: Scanning TCP - port 38 ... 09.09.2003 00:07:08: Scanning TCP - port 39 ... 09.09.2003 00:07:09: Scanning TCP - port 40 ... 09.09.2003 00:07:10: Scanning TCP - port 41 ... 09.09.2003 00:07:11: Scanning TCP - port 42 ... 09.09.2003 00:07:12: Scanning TCP - port 43 ... 09.09.2003 00:07:13: Scanning TCP - port 44 ... 09.09.2003 00:07:14: Scanning TCP - port 45 ... 09.09.2003 00:07:15: Scanning TCP - port 46 ... 09.09.2003 00:07:16: Scanning TCP - port 47 ... 09.09.2003 00:07:17: Scanning TCP - port 48 ... 09.09.2003 00:07:18: Scanning TCP - port 49 ... 09.09.2003 00:07:19: Scanning TCP - port 50 ... 09.09.2003 00:07:20: Scanning TCP - port 51 ... 09.09.2003 00:07:21: Scanning TCP - port 52 ... 09.09.2003 00:07:22: Scanning TCP - port 53 ... 09.09.2003 00:07:23: Scanning TCP - port 54 ... 09.09.2003 00:07:24: Scanning TCP - port 55 ... 09.09.2003 00:07:25: Scanning TCP - port 56 ... 09.09.2003 00:07:26: Scanning TCP - port 57 ... 09.09.2003 00:07:27: Scanning TCP - port 58 ... 09.09.2003 00:07:28: Scanning TCP - port 59 ... 09.09.2003 00:07:29: Scanning TCP - port 60 ... 09.09.2003 00:07:30: Scanning TCP - port 61 ... 09.09.2003 00:07:31: Scanning TCP - port 62 ... 09.09.2003 00:07:32: Scanning TCP - port 63 ... 09.09.2003 00:07:33: Scanning TCP - port 64 ... 09.09.2003 00:07:34: Scanning TCP - port 65 ... 09.09.2003 00:07:35: Scanning TCP - port 66 ... 09.09.2003 00:07:36: Scanning TCP - port 67 ... 09.09.2003 00:07:37: Scanning TCP - port 68 ... 09.09.2003 00:07:38: Scanning TCP - port 69 ... 09.09.2003 00:07:39: Scanning TCP - port 70 ... 09.09.2003 00:07:40: Scanning TCP - port 71 ... 09.09.2003 00:07:41: Scanning TCP - port 72 ... 09.09.2003 00:07:42: Scanning TCP - port 73 ... 09.09.2003 00:07:43: Scanning TCP - port 74 ... 09.09.2003 00:07:44: Scanning TCP - port 75 ... 09.09.2003 00:07:45: Scanning TCP - port 76 ... 09.09.2003 00:07:46: Scanning TCP - port 77 ... 09.09.2003 00:07:47: Scanning TCP - port 78 ... 09.09.2003 00:07:48: Scanning TCP - port 79 ... 09.09.2003 00:07:49: Scanning TCP - port 80 ... 09.09.2003 00:07:50: Scanning TCP - port 81 ... 09.09.2003 00:07:51: Scanning TCP - port 82 ... 09.09.2003 00:07:52: Scanning TCP - port 83 ... 09.09.2003 00:07:53: Scanning TCP - port 84 ... 09.09.2003 00:07:54: Scanning TCP - port 85 ... 09.09.2003 00:07:55: Scanning TCP - port 86 ... 09.09.2003 00:07:56: Scanning TCP - port 87 ... 09.09.2003 00:07:57: Scanning TCP - port 88 ... 09.09.2003 00:07:58: Scanning TCP - port 89 ... 09.09.2003 00:07:59: Scanning TCP - port 90 ... 09.09.2003 00:08:00: Scanning TCP - port 91 ... 09.09.2003 00:08:01: Scanning TCP - port 92 ... 09.09.2003 00:08:02: Scanning TCP - port 93 ... 09.09.2003 00:08:03: Scanning TCP - port 94 ... 09.09.2003 00:08:04: Scanning TCP - port 95 ... 09.09.2003 00:08:05: Scanning TCP - port 96 ... 09.09.2003 00:08:06: Scanning TCP - port 97 ... 09.09.2003 00:08:07: Scanning TCP - port 98 ... 09.09.2003 00:08:08: Scanning TCP - port 99 ... 09.09.2003 00:08:09: Scanning TCP - port 100 ... 09.09.2003 00:08:10: Scanning TCP - port 101 ... 09.09.2003 00:08:11: Scanning TCP - port 102 ... 09.09.2003 00:08:12: Scanning TCP - port 103 ... 09.09.2003 00:08:13: Scanning TCP - port 104 ... 09.09.2003 00:08:14: Scanning TCP - port 105 ... 09.09.2003 00:08:15: Scanning TCP - port 106 ... 09.09.2003 00:08:16: Scanning TCP - port 107 ... 09.09.2003 00:08:17: Scanning TCP - port 108 ... 09.09.2003 00:08:18: Scanning TCP - port 109 ... 09.09.2003 00:08:19: Scanning TCP - port 110 ... 09.09.2003 00:08:20: Scanning TCP - port 111 ... 09.09.2003 00:08:21: Scanning TCP - port 112 ... 09.09.2003 00:08:22: Scanning TCP - port 113 ... 09.09.2003 00:08:23: Scanning TCP - port 114 ... 09.09.2003 00:08:24: Scanning TCP - port 115 ... 09.09.2003 00:08:25: Scanning TCP - port 116 ... 09.09.2003 00:08:26: Scanning TCP - port 117 ... 09.09.2003 00:08:27: Scanning TCP - port 118 ... 09.09.2003 00:08:28: Scanning TCP - port 119 ... 09.09.2003 00:08:29: Scanning TCP - port 120 ... 09.09.2003 00:08:30: Scanning TCP - port 121 ... 09.09.2003 00:08:31: Scanning TCP - port 122 ... 09.09.2003 00:08:32: Scanning TCP - port 123 ... 09.09.2003 00:08:33: Scanning TCP - port 124 ... 09.09.2003 00:08:34: Scanning TCP - port 125 ... 09.09.2003 00:08:35: Scanning TCP - port 126 ... 09.09.2003 00:08:36: Scanning TCP - port 127 ... 09.09.2003 00:08:37: Scanning TCP - port 128 ... 09.09.2003 00:08:38: Scanning TCP - port 129 ... 09.09.2003 00:08:39: Scanning TCP - port 130 ... 09.09.2003 00:08:40: Scanning TCP - port 131 ... 09.09.2003 00:08:41: Scanning TCP - port 132 ... 09.09.2003 00:08:42: Scanning TCP - port 133 ... 09.09.2003 00:08:43: Scanning TCP - port 134 ... 09.09.2003 00:08:44: Scanning TCP - port 135 ... 09.09.2003 00:08:44: Warning! TCP port 135 open on IP: XXX.0.0.1 09.09.2003 00:08:44: Scanning TCP - port 136 ... 09.09.2003 00:08:45: Scanning TCP - port 137 ... 09.09.2003 00:08:46: Scanning TCP - port 138 ... 09.09.2003 00:08:47: Scanning TCP - port 139 ... 09.09.2003 00:08:48: Scanning TCP - port 140 ... 09.09.2003 00:08:49: Scanning TCP - port 141 ... 09.09.2003 00:08:50: Scanning TCP - port 142 ... 09.09.2003 00:08:51: Scanning TCP - port 143 ... 09.09.2003 00:08:52: Scanning TCP - port 144 ... 09.09.2003 00:08:53: Scanning TCP - port 145 ... 09.09.2003 00:08:54: Scanning TCP - port 146 ... 09.09.2003 00:08:55: Scanning TCP - port 147 ... 09.09.2003 00:08:56: Scanning TCP - port 148 ... 09.09.2003 00:08:57: Scanning TCP - port 149 ... 09.09.2003 00:08:58: Scanning TCP - port 150 ... 09.09.2003 00:08:59: Scanning TCP - port 151 ... 09.09.2003 00:09:00: Scanning TCP - port 152 ... 09.09.2003 00:09:01: Scanning TCP - port 153 ... 09.09.2003 00:09:02: Scanning TCP - port 154 ... 09.09.2003 00:09:03: Scanning TCP - port 155 ... 09.09.2003 00:09:04: Scanning TCP - port 156 ... 09.09.2003 00:09:05: Scanning TCP - port 157 ... 09.09.2003 00:09:06: Scanning TCP - port 158 ... 09.09.2003 00:09:07: Scanning TCP - port 159 ... 09.09.2003 00:09:08: |
|
#5
November 9th, 2003, 06:30 PM
|
||||
|
||||
|
Re:Problems with rightfinder.net... Spyware??
Quote:
BTW just means "By the way", and by "Out of curiosity" I meant that I didn't think there was anything wrong with that program, but I that I was just wondering what it was for. And it's quite all right to use Msconfig to stop it from starting up!
__________________
Tony < > CLSID List - A Collection of Autostart Locations |
| « Previous Thread | Next Thread » |
| Thread Tools | Search this Thread |
|
|
