Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Malware Alarm and Other Problems (Log Inside)


  • Please log in to reply

#1
FireRunt

FireRunt

    New Member

  • Member
  • Pip
  • 1 posts
Hi All

I have a bit of a problem....

Here is the hijack this log....Ive done everything I know of and ive been working with computers for many many years. This is a Windows 2000 system that I am having the problem with.

Thanks



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:31:06 AM, on 3/31/2008
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPZipm12.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\WINNT\System32\svchost.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINNT\System32\Rundll32.exe
C:\WINNT\system32\pcntokwd.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\HiJackThis.exe

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [brnjdlyh] C:\WINNT\system32\brnjdlyh.exe
O4 - HKLM\..\Run: [PostSetupCheck] C:\WINNT\System32\Rundll32.exe "C:\WINNT\System32\atgban.dll" DllStart
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [ExploreUpdSched] C:\WINNT\system32\pcntokwd.exe DWram
O4 - HKLM\..\Run: [SNM] C:\Program Files\SpyNoMore\SNM.exe /startup
O4 - HKLM\..\Run: [BM1a0b27eb] Rundll32.exe "C:\WINNT\system32\bstqrdsq.dll",s
O4 - HKLM\..\Policies\Explorer\Run: [qiCubi1Dsy] C:\WINNT\rudirqxy.exe
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user')
O4 - Startup: DW_Start.lnk = C:\WINNT\system32\jnwnw64p.exe
O4 - Startup: Deewoo.lnk = C:\WINNT\system32\pcntokwd.exe
O4 - Global Startup: print.bat
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\system32\msjava.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.mi...b?1195484448313
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.c.../cpcScanner.cab
O16 - DPF: {B64F4A7C-97C9-11DA-8BDE-F66BAD1E3F3A} - http://scanner2.live...Install2707.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{36D923EA-7A79-4D80-9922-DDB35F456597}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{7ECFE49E-90BB-4AA2-9537-01BF2FC95500}: NameServer = 198.6.1.98,198.6.100.98
O17 - HKLM\System\CS1\Services\Tcpip\..\{36D923EA-7A79-4D80-9922-DDB35F456597}: NameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{36D923EA-7A79-4D80-9922-DDB35F456597}: NameServer = 192.168.1.1
O21 - SSODL: BootKernel - {6e81779c-6f6b-4505-a0fd-e4228c4a1530} - C:\WINNT\Installer\{6e81779c-6f6b-4505-a0fd-e4228c4a1530}\BootKernel.dll (file missing)
O21 - SSODL: zip - {cc793020-4a57-4fb7-b729-acfb645c271b} - C:\WINNT\Installer\{cc793020-4a57-4fb7-b729-acfb645c271b}\zip.dll (file missing)
O21 - SSODL: ntdll.dll - {cc793020-4a57-4fb7-b729-acfb645c271b} - C:\WINNT\Installer\{cc793020-4a57-4fb7-b729-acfb645c271b}\zip.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINNT\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPBPRO.EXE
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINNT\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPBOID.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPZipm12.exe

--
End of file - 5375 bytes
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP