Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

please help! desperate! hijack included


  • Please log in to reply

#1
pOoOka

pOoOka

    New Member

  • Member
  • Pip
  • 1 posts
Norton detected Bloodhound.Exploit.109 on my computer..but i cannot find the file... and norton cannot repair the file. please help me get rid of this virus! i also get random pop ups, random background music, and random microsoft outlook notices.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:43:15 PM, on 8/31/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Common Files\Symantec

Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device

Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Microsoft SQL

Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton

AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO

Entertainment Platform\VCSW\VCSW.exe
C:\Program

Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Common Files\Sony Shared\VAIO

Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO

Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Common Files\Symantec

Shared\Security Center\SymWSC.exe
C:\Program Files\Sony\SmartWi Connection

Utility\SmartWiService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Program Files\Protector Suite QL\menusw.exe
C:\Program Files\Sony\SmartWi Connection

Utility\WCULauncher.exe
C:\Program Files\Sony\VAIO Camera

Utility\VCUServe.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Common Files\Symantec

Shared\ccApp.exe
C:\Program Files\Apoint\Apvfb.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Sony\SmartWi Connection

Utility\SmartWiTogglet.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Toshiba\Bluetooth Toshiba

Stack\TosBtMng.exe
C:\Program Files\Cisco Systems\Clean Access

Agent\CCAAgent.exe
C:\Program Files\Common Files\Microsoft

Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Toshiba\Bluetooth Toshiba

Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba

Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba

Stack\TosBtHsp.exe
C:\Program Files\Viewpoint\Viewpoint

Manager\ViewMgr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\System32\Rundll32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Toshiba\Bluetooth Toshiba

Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba

Stack\tosBtProc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Jasc Software Inc\Paint Shop Pro 7

\psp.exe
C:\hijackthis\HiJackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet

Explorer\Main,Start Page = http://www.cadcuci.net/
R1 - HKLM\Software\Microsoft\Internet

Explorer\Main,Default_Page_URL =

http://www.sony.com/vaiopeople
R3 - URLSearchHook: AOLSearchHook Class - {54EB34EA-

E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program

Files\AOL\AOL Search Enhancement\AOLSearch.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-

C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program

Files\Common

Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: rightonadz.biz browser optimizer -

{36A91CEC-6C71-4758-B492-397BFC8E96A2} -

C:\WINDOWS\system32\gzmrotate.dll
O2 - BHO: AOL Search Enhancement - {54EB34EA-E6BE-

4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AOL\AOL

Search Enhancement\AOLSearch.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB

-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02

\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-

BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-

4C02-4ABF-8ECC-5164760863C6} - C:\Program

Files\Common Files\Microsoft Shared\Windows

Live\WindowsLiveLogin.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-

FADC6B084872} - C:\Program Files\Norton

AntiVirus\NavShExt.dll
O2 - BHO: adssite - {F31B3634-12AA-41ca-B021-

0685C3B3E4CA} - C:\WINDOWS\system32\nsaA.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238

-8AD1-7859DF00B1D6} - C:\Program Files\Norton

AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE

C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Apoint] C:\Program

Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32

\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32

\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32

\igfxpers.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program

Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program

Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel

PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] "C:\Program

Files\Intel\Wireless\Bin\EOUWiz.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program

Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program

Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program

Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program

Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [Biomenu] "C:\Program

Files\Protector Suite QL\menusw.exe"
O4 - HKLM\..\Run: [WCULauncher] C:\Program

Files\Sony\SmartWi Connection Utility\WCULauncher.exe
O4 - HKLM\..\Run: [VAIOCameraUtility] "C:\Program

Files\Sony\VAIO Camera Utility\VCUServe.exe"
O4 - HKLM\..\Run: [VAIO Recovery]

C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-

b109a192b4c2}] C:\Program Files\Google\Gmail

Notifier\gnotify.exe
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1

\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [adstart] C:\WINDOWS\System32

\Rundll32.exe "C:\WINDOWS\system32\gzmrotate.dll"

DllVerify
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1

\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [ccRegVfy] C:\Program Files\Common

Files\Symantec Shared\ccRegVfy.exe
O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common

Files\Symantec Shared\ccApp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher]

"C:\Program Files\Adobe\Reader 8.0

\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader]

"C:\Program Files\Adobe\Photoshop Album Starter

Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program

Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6

\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Clean Access Agent.lnk =

C:\Program Files\Cisco Systems\Clean Access

Agent\CCAAgent.exe
O8 - Extra context menu item: E&xport to Microsoft

Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11

\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-

AAA5-00401C608501} - C:\Program

Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console -

{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program

Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-

B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11

\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-

BB9E-00C04F795683} - C:\Program

Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -

{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program

Files\Messenger\msmsgs.exe
O14 - IERESET.INF:

START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {00001023-A15C-11D4-97A4-0050BF0FBE67}

(NetmarbleStarter23 Class) -

http://download.netm...arter/NMStarter

23.cab
O16 - DPF: {00001024-A15C-11D4-97A4-0050BF0FBE67}

(NetmarbleStarter24 Class) -

http://download.netm...arter/NMStarter

24.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0}

(Snapfish Activia) -

http://www2.snapfish...fishActivia.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC}

(Facebook Photo Uploader Control) -

http://upload.facebo...cebookPhotoUplo

ader.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616}

(DivXBrowserPlugin Object) -

http://go.divx.com/p...owserPlugin.cab
O16 - DPF: {92E82FBB-DA00-41E0-ABFE-95482E21A4F6}

(NMTransX Module) -

http://download.netm...tX/NMTransX.cab
O16 - DPF: {9B75502C-BBED-4BBD-8FE2-822E5E0AD32C}

(MagicLockOCX Control) -

http://www.diodeo.com/DioDeoPlayer.cab
O16 - DPF: {A4508A45-F1C4-40F3-99B4-0CA08AC77E3B}

(Kdfense8 Control) -

http://download.netm...ce/kdfense8.cab
O16 - DPF: {AF60D574-F249-4243-8040-5521AAA5BB5E}

(PandoraTVSet Class) -

http://imgcdn.pandor...yer/package/pdr

tvset.cab
O16 - DPF: {BD6BB450-7C69-43B8-96F3-689CAE57AB51}

(SBSWebPlayer Class) -

http://netv.sbs.co.k...BSWebPlayer.cab
O16 - DPF: {CBD8B1CB-2F5F-415F-93E8-A297B33DCBB2}

(CentrinoCheck Control) -

http://entriq.vo.lln...rsal/cabs/cpuch

eck_1_0_0_5.cab
O16 - DPF: {E8E20D57-3D5B-4A2D-B710-252900B66685}

(Installer Class) -

http://www.haduri.co...er/v1.2.3.7/Had

uriInstaller.cab
O16 - DPF: {FA463B6E-93D5-4E02-B7F2-E0BA98DA73FC}

(SHLaunch Control) -

http://nchat2.haduri...launch_0930.cab
O16 - DPF: {FF0CD5DC-60A6-4668-AB80-1ACF40ED9CB8}

(HitPlus Control) -

http://haduri.com/ha...cut/HitPlus.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458

-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1

\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple, Inc. -

C:\Program Files\Common Files\Apple\Mobile Device

Support\bin\AppleMobileDeviceService.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) -

Symantec Corporation - C:\Program Files\Common

Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service

(ccPwdSvc) - Symantec Corporation - C:\Program

Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Intel® PROSet/Wireless Event Log

(EvtEng) - Intel Corporation - C:\Program

Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT)

- Macrovision Corporation - C:\Program Files\Common

Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording

monitor for VAIO Entertainment - Sony Corporation -

C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program

Files\iPod\bin\iPodService.exe
O23 - Service: MSCSPTISRV - Sony Corporation -

C:\Program Files\Common Files\Sony

Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norton AntiVirus Auto Protect Service

(navapsvc) - Symantec Corporation - C:\Program

Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection

(NProtectService) - Symantec Corporation - C:\Program

Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc)

- NVIDIA Corporation - C:\WINDOWS\system32

\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation -

C:\Program Files\Common Files\Sony

Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP -

C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel® PROSet/Wireless Registry

Service (RegSrvc) - Intel Corporation - C:\Program

Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless Service

(S24EventMonitor) - Intel Corporation - C:\Program

Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ScriptBlocking Service (SBService) -

Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1

\SCRIPT~1\SBServ.exe
O23 - Service: SmartWiService - Sony Electronics, Inc

- C:\Program Files\Sony\SmartWi Connection

Utility\SmartWiService.exe
O23 - Service: Symantec Network Drivers Service

(SNDSrvc) - Symantec Corporation - C:\Program

Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony

Corporation - C:\Program Files\Common Files\Sony

Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) -

Sony Corporation - C:\Program Files\Common Files\Sony

Shared\AVLib\SSScsiSV.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec

Corporation - C:\Program Files\Common Files\Symantec

Shared\Security Center\SymWSC.exe
O23 - Service: VAIO Entertainment TV Device

Arbitration Service - Sony Corporation - C:\Program

Files\Common Files\Sony Shared\VAIO Entertainment

Platform\VzCs\VzHardwareResourceManager\VzHardwareRes

ourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation

- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server

(VAIOMediaPlatform-IntegratedServer-AppServer) - Sony

Corporation - C:\Program Files\Sony\VAIO Media

Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP)

(VAIOMediaPlatform-IntegratedServer-HTTP) - Sony

Corporation - C:\Program Files\Sony\VAIO Media

Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP)

(VAIOMediaPlatform-IntegratedServer-UPnP) - Sony

Corporation - C:\Program Files\Sony\VAIO Media

Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server

(VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation

- C:\Program Files\Sony\VAIO Media Integrated

Server\Platform\VmGateway.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter

(Vcsw) - Sony Corporation - C:\Program Files\Common

Files\Sony Shared\VAIO Entertainment

Platform\VCSW\VCSW.exe
O23 - Service: Viewpoint Manager Service - Viewpoint

Corporation - C:\Program

Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: VAIO Entertainment Database Service

(VzCdbSvc) - Sony Corporation - C:\Program

Files\Common Files\Sony Shared\VAIO Entertainment

Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service

(VzFw) - Sony Corporation - C:\Program Files\Common

Files\Sony Shared\VAIO Entertainment

Platform\VzCdb\VzFw.exe

--
End of file - 14365 bytes

Edited by pOoOka, 01 September 2007 - 10:13 AM.

  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP