Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Log Help

Started by gators38 , Mar 19 2008 05:59 PM

  • Please log in to reply

#1
gators38
Posted 19 March 2008 - 05:59 PM

gators38

    New Member

  • Member
  • Pip
  • 3 posts 
Logfile of Trend Micro HijackThis v2.0.2Scan saved at 8:00:26 PM, on 3/19/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16608)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\csrss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\Programs\Intel\Wireless\Bin\EvtEng.exeC:\WINDOWS\system32\Ati2evxx.exeC:\Programs\Intel\Wireless\Bin\S24EvMon.exeC:\Programs\Intel\Wireless\Bin\WLKeeper.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\Programs\Online Armor\oasrv.exeC:\WINDOWS\system32\spoolsv.exeC:\Programs\Avira\AntiVir PersonalEdition Classic\avguard.exeC:\Programs\Avira\AntiVir PersonalEdition Classic\sched.exeC:\Programs\AVG Anti-Spyware 7.5\guard.exeC:\Programs\Intel\Wireless\Bin\RegSrvc.exeC:\Programs\Sandboxie\SbieSvc.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\alg.exeC:\WINDOWS\Explorer.EXEC:\Programs\Intel\Wireless\bin\ZCfgSvc.exeC:\WINDOWS\ATK0100\HControl.exeC:\Programs\Intel\Wireless\Bin\ifrmewrk.exeC:\Program Files\Wireless Console 2\wcourier.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\WINDOWS\ATK0100\ATKOSD.exeC:\Programs\Intel\Wireless\Bin\Dot1XCfg.exeC:\WINDOWS\RTHDCPL.EXEC:\Program Files\Java\jre1.6.0_05\bin\jusched.exeC:\Programs\Avira\AntiVir PersonalEdition Classic\avgnt.exeC:\Programs\AVG Anti-Spyware 7.5\avgas.exeC:\Programs\Online Armor\oaui.exeC:\WINDOWS\system32\ctfmon.exeC:\Programs\Rainlendar2\Rainlendar2.exeC:\Programs\Sandboxie\SbieCtrl.exeC:\Programs\Spybot - Search & Destroy\TeaTimer.exeC:\Programs\Generic ChkMail\ChkMail.exeC:\Programs\Logitech\SetPoint\SetPoint.exeC:\Programs\musikCube_1.0\musikCube.exeC:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXEC:\Programs\Firefox\firefox.exeC:\Programs\Spybot - Search & Destroy\SpybotSD.exeC:\Programs\HijackThis\HijackThis.exeC:\WINDOWS\system32\wbem\wmiprvse.exeR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url="http://go.microsoft.com/fwlink/?LinkId=69157"]http://go.microsoft.com/fwlink/?LinkId=69157[/url]R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft.com/fwlink/?LinkId=54896[/url]R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [url="http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft.com/fwlink/?LinkId=54896[/url]R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [url="http://go.microsoft.com/fwlink/?LinkId=69157"]http://go.microsoft.com/fwlink/?LinkId=69157[/url]O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programs\SPYBOT~1\SDHelper.dllO2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programs\MICROS~1\Office12\GRA8E1~1.DLLO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dllO4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXEO4 - HKLM\..\Run: [IntelZeroConfig] "C:\Programs\Intel\Wireless\bin\ZCfgSvc.exe"O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exeO4 - HKLM\..\Run: [IntelWireless] "C:\Programs\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/WirelessO4 - HKLM\..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exeO4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exeO4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXEO4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXEO4 - HKLM\..\Run: [AtiPTA] atiptaxx.exeO4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"O4 - HKLM\..\Run: [avgnt] "C:\Programs\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /minO4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Programs\AVG Anti-Spyware 7.5\avgas.exe" /minimizedO4 - HKLM\..\Run: [OnlineArmor GUI] "C:\Programs\Online Armor\oaui.exe"O4 - HKLM\..\Run: [] C:\Programs\Wipeer\Wipeer.exeO4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [Rainlendar2] C:\Programs\Rainlendar2\Rainlendar2.exeO4 - HKCU\..\Run: [Pidgin] C:\Programs\Pidgin\pidgin.exeO4 - HKCU\..\Run: [SandboxieControl] "C:\Programs\Sandboxie\SbieCtrl.exe"O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programs\Spybot - Search & Destroy\TeaTimer.exeO4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /SO4 - Startup: musikCube.lnk = C:\Programs\musikCube_1.0\musikCube.exeO4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Programs\Microsoft Office\Office12\ONENOTEM.EXEO4 - Global Startup: Generic ChkMail.lnk = C:\Programs\Generic ChkMail\ChkMail.exeO4 - Global Startup: Logitech SetPoint.lnk = C:\Programs\Logitech\SetPoint\SetPoint.exeO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dllO9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programs\MICROS~1\Office12\ONBttnIE.dllO9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programs\MICROS~1\Office12\ONBttnIE.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programs\MICROS~1\Office12\REFIEBAR.DLLO9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programs\SPYBOT~1\SDHelper.dllO9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programs\SPYBOT~1\SDHelper.dllO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - [url="http://www.creative.com/softwareupdate/su/ocx/15031/CTSUEng.cab"]http://www.creative.com/softwareupdate/su/...031/CTSUEng.cab[/url]O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - [url="http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1204961484272"]http://www.update.microsoft.com/windowsupd...b?1204961484272[/url]O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - [url="http://www.creative.com/softwareupdate/su/ocx/15034/CTPID.cab"]http://www.creative.com/softwareupdate/su/...15034/CTPID.cab[/url]O21 - SSODL: Direvpol - {FB5CB90F-B26B-4699-893B-443E2026C603} - C:\WINDOWS\system32\icowosnd.dllO23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programs\Avira\AntiVir PersonalEdition Classic\sched.exeO23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Programs\Avira\AntiVir PersonalEdition Classic\avguard.exeO23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exeO23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exeO23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Programs\AVG Anti-Spyware 7.5\guard.exeO23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Programs\Intel\Wireless\Bin\EvtEng.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exeO23 - Service: Imapi Helper - Alex Feinman - C:\Programs\ISO Recorder\ImapiHelper.exeO23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exeO23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Programs\Intel\Wireless\Bin\RegSrvc.exeO23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation  - C:\Programs\Intel\Wireless\Bin\S24EvMon.exeO23 - Service: Sandboxie Service (SbieSvc) - tzuk - C:\Programs\Sandboxie\SbieSvc.exeO23 - Service: Online Armor (SvcOnlineArmor) - Tall Emu - C:\Programs\Online Armor\oasrv.exeO23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:\Programs\Intel\Wireless\Bin\WLKeeper.exe--End of file - 8502 bytes

  • 0

Advertisements

#2
gators38
Posted 20 March 2008 - 09:49 AM

gators38

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
Online-Armor:

vUpAVX!!!!!!!!!MKKSkEXCELFiles>tW{~$4Q}c@II=l2xaTO5 wants to start automatically with your computer

Which program requested this change?
msiexec.exe
C:\WNIDOWS\system32\


^^^this warning keeps coming up
  • 0

#3
gators38
Posted 23 March 2008 - 06:09 PM

gators38

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
err bump
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP