Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Trojan Spy Smitfraud.c [split]


  • This topic is locked This topic is locked

#1
MuzaK

MuzaK

    New Member

  • Member
  • Pip
  • 1 posts
Trojan Spy Smitfraud.c :tazz:




Logfile of HijackThis v1.99.1
Scan saved at 18:43:07, on 20-04-2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programas\Ficheiros comuns\Symantec Shared\ccProxy.exe
C:\Programas\Ficheiros comuns\Symantec Shared\ccSetMgr.exe
C:\Programas\Norton Internet Security\ISSVC.exe
C:\Programas\Ficheiros comuns\Symantec Shared\SNDSrvc.exe
C:\Programas\Ficheiros comuns\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Programas\Ficheiros comuns\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\DVDRAMSV.exe
C:\Programas\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Programas\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Programas\Ficheiros comuns\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Programas\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programas\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\ASUS\Probe\AsusProb.exe
C:\Programas\Ficheiros comuns\Symantec Shared\ccApp.exe
C:\Programas\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\PROGRA~2\B'SCLI~1\Win2K\BSCLIP.exe
C:\Programas\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Programas\MSN Apps\Updater\01.02.3000.1001\pt-br\msnappau.exe
C:\Programas\QuickTime\qttask.exe
C:\Programas\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Internet Optimizer\optimize.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
C:\program files\180search assistant\saap.exe
C:\Programas\VVSN\VVSN.exe
C:\Program Files\Wwthts\Aygnt.exe
C:\Programas\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Programas\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe
C:\Programas\SpeedTouch\Dr SpeedTouch\drst.exe
C:\Programas\MSN Messenger\MsnMsgr.Exe
C:\wp.exe
C:\WINDOWS\System32\eosh.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Programas\Messenger\msmsgs.exe
C:\Programas\eMule\eMule.exe
C:\Programas\Internet Explorer\iexplore.exe
C:\Programas\Windows Media Player\wmplayer.exe
C:\Programas\Ficheiros comuns\Symantec Shared\NMain.exe
C:\Programas\Internet Explorer\iexplore.exe
C:\Programas\WinRAR\WinRAR.exe
C:\DOCUME~1\Leite\DEFINI~1\Temp\Rar$EX00.562\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://searchmiracle.com/sp.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchmiracle.com/sp.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchmiracle.com/sp.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchmiracle.com/sp.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: (no name) - _{00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
O2 - BHO: BHObj Class - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - C:\WINDOWS\nem220.dll
O2 - BHO: &EliteBar - {28CAEFF3-0F18-4036-B504-51D73BD81ABC} - C:\WINDOWS\EliteToolBar\EliteToolBar version 60.dll
O2 - BHO: BHObj Class - {8F4E5661-F99E-4B3E-8D85-0EA71C0748E4} - C:\WINDOWS\wsem303.dll
O2 - BHO: &EliteSideBar - {ED103D9F-3070-4580-AB1E-E5C179C1AE41} - C:\WINDOWS\EliteSideBar\EliteSideBar 08.dll
O3 - Toolbar: &EliteBar - {825CF5BD-8862-4430-B771-0C15C5CA8DEF} - C:\WINDOWS\EliteToolBar\EliteToolBar version 60.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Programas\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Smapp] C:\Programas\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe
O4 - HKLM\..\Run: [ccApp] "C:\Programas\Ficheiros comuns\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Programas\Ficheiros comuns\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Programas\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [B'sCLiP] C:\PROGRA~2\B'SCLI~1\Win2K\BSCLIP.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Programas\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [msnappau] "C:\Programas\MSN Apps\Updater\01.02.3000.1001\pt-br\msnappau.exe"
  • 0

Advertisements


#2
Michelle

Michelle

    Malware Removal Goddess

  • Retired Staff
  • 8,928 posts
I split your post from the other topic. We start our own topics around here instead of hijacking another person's thread :tazz:

As there has been no response from the original poster, this topic is now closed. If you have any other problems, please post a new topic.

Edited by bananafanafo, 02 May 2005 - 11:02 PM.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP