Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

trojan.w32.looksky

Started by kieranorwin , Sep 06 2007 06:21 PM

  • Please log in to reply

#1
kieranorwin
Posted 06 September 2007 - 06:21 PM

kieranorwin

    New Member

  • Member
  • Pip
  • 1 posts
I have the same problem with this poxy Trojan thing. My hijcak log looks like this. Any help would be much appreciated. Thanks


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:23:12, on 07/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
G:\WINDOWS\System32\smss.exe
G:\WINDOWS\system32\csrss.exe
G:\WINDOWS\system32\winlogon.exe
G:\WINDOWS\system32\services.exe
G:\WINDOWS\system32\lsass.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\System32\svchost.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\system32\svchost.exe
G:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
G:\WINDOWS\system32\spoolsv.exe
G:\Program Files\Common Files\LightScribe\LSSrvc.exe
G:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
G:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
G:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
G:\WINDOWS\system32\wdfmgr.exe
G:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
G:\WINDOWS\System32\alg.exe
G:\WINDOWS\system32\wscntfy.exe
G:\WINDOWS\Explorer.EXE
G:\Program Files\Logitech\iTouch\iTouch.exe
G:\Program Files\LogMeIn\LogMeInSystray.exe
G:\Program Files\Trend Micro\Internet Security 2005\pccguide.exe
G:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
G:\WINDOWS\system32\ctfmon.exe
G:\Program Files\Messenger\msmsgs.exe
G:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
G:\Program Files\NETGEAR\WG111v2\WG111v2.exe
G:\Program Files\OpenOffice.org 2.0\program\soffice.exe
G:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
G:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
G:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
G:\Program Files\Lavasoft\Ad-Aware 2007\Ad-Aware2007.exe
G:\Program Files\Internet Explorer\iexplore.exe
G:\Program Files\Internet Explorer\iexplore.exe
G:\Program Files\Spyware Doctor\swdsvc.exe
G:\Program Files\Spyware Doctor\SDTrayApp.exe
G:\Program Files\Spyware Doctor\svcntaux.exe
G:\Program Files\Internet Explorer\iexplore.exe
G:\Program Files\Spyware Doctor\swdoctor.exe
G:\Program Files\Trend Micro\HijackThis\HijackThis.exe
G:\WINDOWS\system32\wbem\wmiprvse.exe

O2 - BHO: (no name) - {04607465-6868-45D7-91BA-EA855E992A91} - g:\windows\system32\ldoaldo.dll
O2 - BHO: (no name) - {200E116C-2944-494A-AD7C-8DC7C6B08B97} - g:\windows\system32\mfsmmrtx.dll
O2 - BHO: (no name) - {325BB602-1C94-4793-AA96-F967840ED218} - g:\windows\system32\ldoaldo.dll
O2 - BHO: (no name) - {3DB6ADEE-52D7-40B2-84D9-1E7C069EA3DD} - g:\windows\system32\ldoaldo.dll
O2 - BHO: (no name) - {4B9694A4-BA1F-4CEC-884E-1086178940DA} - g:\windows\system32\ldoaldo.dll
O2 - BHO: (no name) - {5E57316D-4093-4AFB-A392-1380BF90CAB1} - g:\windows\system32\ldoaldo.dll
O2 - BHO: (no name) - {7474AD6B-2313-4F8E-A2C7-AD2BBE4D8548} - g:\windows\system32\ldoaldo.dll
O2 - BHO: MSVPS System - {88418AA3-16F5-4FC2-A9D8-90B1266DF841} - G:\WINDOWS\nsduo.dll
O2 - BHO: (no name) - {9B4F8A8D-D23A-44BA-B375-AFB58AD1A9A4} - g:\windows\system32\ceizhrfs.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - g:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {B1A1192F-D55A-48EC-859D-D8B335941EA1} - g:\windows\system32\ldoaldo.dll
O2 - BHO: (no name) - {D688E60E-9768-44DA-BE2B-2F2C3980256D} - g:\windows\system32\ldoaldo.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - g:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [zBrowser Launcher] G:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [auabqaaa] G:\WINDOWS\system32\auabqaaa.exe
O4 - HKLM\..\Run: [LogMeIn GUI] "G:\Program Files\LogMeIn\LogMeInSystray.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] G:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [DllRunning] rundll32.exe "G:\WINDOWS\system32\oxqelsmn.dll",setvm
O4 - HKLM\..\Run: [pccguide.exe] "G:\Program Files\Trend Micro\Internet Security 2005\pccguide.exe"
O4 - HKLM\..\Run: [AAWTray] G:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
O4 - HKLM\..\Run: [SDTray] "G:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "G:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "G:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = G:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: OpenOffice.org 2.0.lnk = G:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Global Startup: Microsoft Office.lnk = G:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: NETGEAR WG111v2 Smart Wizard.lnk = G:\Program Files\NETGEAR\WG111v2\WG111v2.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {3E0D93BD-ABC6-4723-A70F-2A57D33C0186} (AlamyUploader Class) - http://www.alamy.com...my_uploader.cab
O20 - Winlogon Notify: alktd - alktd.dll (file missing)
O20 - Winlogon Notify: ijlud - ijlud.dll (file missing)
O20 - Winlogon Notify: kokvd - kokvd.dll (file missing)
O20 - Winlogon Notify: odlpj - odlpj.dll (file missing)
O20 - Winlogon Notify: pjazuwzm - G:\WINDOWS\SYSTEM32\ldoaldo.dll
O20 - Winlogon Notify: tdev - tdev.dll (file missing)
O21 - SSODL: msmhost - {93D5042C-B930-4659-9722-AC2D3EBE4BB1} - G:\WINDOWS\msmhost.dll
O21 - SSODL: msmdev - {4DB388BB-8272-4E7C-B0D3-C9A82C3B1EA8} - G:\WINDOWS\msmdev.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - G:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - G:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - G:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - G:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NMIndexingService - Nero AG - G:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - G:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - G:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - G:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - G:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - G:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - G:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
O24 - Desktop Component 0: Privacy Protection - file:///G:\WINDOWS\privacy_danger\index.htm
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP