1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

anti trojan onle check checks different ip

Discussion in 'Windows XP' started by Shiran, Oct 16, 2003.

Thread Status:
Not open for further replies.
Advertisement
  1. Shiran

    Shiran Thread Starter

    Joined:
    Oct 14, 2003
    Messages:
    53
    Though I checked through ANTI TROJAN CHECK it doest check my ip. it runs the check on some other ip which is not at all in my ip range here is my hijack report once again can anybody pease chach it once again & advice me

    Logfile of HijackThis v1.97.3
    Scan saved at 5:08:07 PM, on 10/14/2003
    Platform: Windows 2000 SP4 (WinNT 5.00.2195)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    D:\WINNT\System32\smss.exe
    D:\WINNT\system32\winlogon.exe
    D:\WINNT\system32\services.exe
    D:\WINNT\system32\lsass.exe
    D:\WINNT\system32\svchost.exe
    D:\WINNT\system32\spoolsv.exe
    D:\WINNT\System32\msdtc.exe
    D:\Program Files\NavNT\defwatch.exe
    D:\WINNT\system32\Dfssvc.exe
    D:\WINNT\System32\svchost.exe
    D:\WINNT\System32\ismserv.exe
    D:\WINNT\System32\llssrv.exe
    c:\msdm.exe
    D:\Program Files\NavNT\rtvscan.exe
    D:\WINNT\system32\ntfrs.exe
    D:\WINNT\system32\regsvc.exe
    D:\WINNT\System32\locator.exe
    D:\WINNT\system32\hypertrm.exe
    D:\WINNT\system32\MSTask.exe
    D:\WINNT\System32\svchost.exe
    D:\WINNT\System32\WBEM\WinMgmt.exe
    D:\WINNT\system32\svchost.exe
    D:\WINNT\System32\inetsrv\inetinfo.exe
    D:\Program Files\Common Files\System\MSSearch\Bin\mssearch.exe
    D:\WINNT\system32\MsgSys.EXE
    D:\Program Files\Microsoft ISA Server\mspadmin.exe
    D:\Exchsrvr\bin\store.exe
    D:\Program Files\Microsoft ISA Server\w3proxy.exe
    D:\Program Files\Microsoft ISA Server\W3Prefch.exe
    D:\WINNT\System32\svchost.exe
    D:\WINNT\Explorer.EXE
    D:\Program Files\NavNT\vptray.exe
    D:\Program Files\Common Files\Real\Update_OB\realsched.exe
    D:\Program Files\MSN Messenger\MsnMsgr.Exe
    D:\Program Files\TurboNote\tbnote.exe
    D:\Program Files\Yahoo!\Messenger\ypager.exe
    D:\Program Files\Internet Explorer\IEXPLORE.EXE
    D:\Program Files\MailWasher Pro\MailWasher.exe
    D:\Program Files\Outlook Express\msimn.exe
    D:\PROGRA~1\WINZIP\winzip32.exe
    D:\Documents and Settings\Administrator\Local Settings\Temp\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 202.51.155.178:8080
    O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - e:\Acrobat\Reader\ActiveX\AcroIEHelper.ocx
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINNT\System32\msdxm.ocx
    O4 - HKLM\..\Run: [vptray] D:\Program Files\NavNT\vptray.exe
    O4 - HKLM\..\Run: [WinApp32] msapp.exe
    O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [Yahoo! Pager] D:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
    O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office\OSA9.EXE
    O4 - Global Startup: TurboNote.lnk = D:\Program Files\TurboNote\tbnote.exe
    O9 - Extra button: Messenger (HKLM)
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
    O9 - Extra button: Related (HKLM)
    O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
    O9 - Extra button: Real.com (HKLM)
    O12 - Plugin for .spop: D:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: DigiChat Applet - http://host5.digichat.com/DigiChat/DigiClasses/Client_IE.cab
    O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://tdserver.bitstream.com/tdserver.cab
    O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    O16 - DPF: {2E28242B-A689-11D4-80F2-0040266CBB8D} (KX-HCM10 Control) - http://61.196.229.166/kxhcm10.ocx
    O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://download.yahoo.com/dl/installs/yinst0309.cab
    O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
    O16 - DPF: {3C5BA506-6C30-4738-9CED-797ACADEA8DC} (Loader Class) - http://cyberspace.com/SQLoader.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = doom.lanka.net
    O17 - HKLM\System\CCS\Services\Tcpip\..\{0EC2423D-F2A7-43A0-852A-83356BBA04EE}: NameServer = 202.51.128.70,202.51.131.2
    O17 - HKLM\System\CCS\Services\Tcpip\..\{23A8F508-4DA8-4D90-A0F8-E674F6DB2B92}: NameServer = 202.51.128.70,202.51.131.2
    O17 - HKLM\System\CCS\Services\Tcpip\..\{46F34E54-3A01-4B6E-AD4F-4D5E035D9D15}: NameServer = 1.0.128.70,202.51.131.2
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = doom.lanka.net
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = doom.lanka.net
     
  2. $teve

    $teve

    Joined:
    Oct 9, 2001
    Messages:
    9,396
    Is this the ip thats coming up?202.51.155.178
    your on a proxy server,but you do have a trojan.
    Download the trial version of "the cleaner here:
    www.moosoft.com
    update it before you scan.
    Post back with the results.
     
  3. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,196
    First Name:
    Derek
    which online site are you using.

    many sites are unable to resolve your genuine computer IP if you access via a proxy or have cable/dsl and your ISP has an inline transparant proxy. the trojan checker checks the ISP server not your computer.

    check here for a list of online scanners and find one that actually checks your computer not your ISp's server
    http://www.wilders.org/free_services.htm
     
  4. $teve

    $teve

    Joined:
    Oct 9, 2001
    Messages:
    9,396
    Slowpoke:D
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Similar Threads - anti trojan onle
  1. flavallee
    Replies:
    0
    Views:
    181
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/172296

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice