Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

slow proccess execution, overall too much has been installed..


  • Please log in to reply

#1
doja503

doja503

    New Member

  • Member
  • Pip
  • 1 posts
Logfile of Trend Micro

HijackThis v2.0.2
Scan saved at 4:55:21

PM, on 9/21/2008
Platform: Windows XP

SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer

v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\sms

s.exe
C:\WINDOWS\system32\win

logon.exe
C:\WINDOWS\system32\ser

vices.exe
C:\WINDOWS\system32\lsa

ss.exe
C:\WINDOWS\system32\svc

host.exe
C:\WINDOWS\System32\svc

host.exe
C:\Program

Files\WIDCOMM\Bluetooth

Software\bin\btwdins.ex

e
C:\WINDOWS\System32\WLT

RYSVC.EXE
C:\WINDOWS\System32\bcm

wltry.exe
C:\PROGRA~1\COMMON~1\St

ardock\SDMCP.exe
C:\WINDOWS\system32\spo

olsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program

Files\Sprint\Mobile

Broadband\SMBAUtilSvc.e

xe
C:\PROGRA~1\AVG\AVG8\av

gwdsvc.exe
C:\Program

Files\Microsoft Small

Business\Business

Contact

Manager\BcmSqlStartupSv

c.exe
C:\Program

Files\Google\Common\Goo

gle

Updater\GoogleUpdaterSe

rvice.exe
C:\WINDOWS\system32\lxc

tcoms.exe
c:\Program

Files\Microsoft SQL

Server\90\Shared\sqlwri

ter.exe
C:\WINDOWS\system32\svc

host.exe
C:\Program

Files\Viewpoint\Common\

ViewpointService.exe
C:\Program

Files\HPQ\Quick Launch

Buttons\EabServr.exe
C:\Program

Files\Synaptics\SynTP\S

ynTPEnh.exe
C:\WINDOWS\system32\tas

kswitch.exe
C:\Program

Files\Java\jre1.6.0_07\

bin\jusched.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\stsystra.exe
C:\WINDOWS\system32\WLT

RAY.exe
C:\WINDOWS\system32\hkc

md.exe
C:\WINDOWS\system32\igf

xpers.exe
C:\Program

Files\CyberLink\PowerDV

D\PDVDServ.exe
C:\Program

Files\Yahoo!\Search

Protection\SearchProtec

tion.exe
C:\Program

Files\PowerISO\PWRISOVM

.EXE
C:\Program

Files\Microsoft

Office\Office12\GrooveM

onitor.exe
C:\PROGRA~1\AVG\AVG8\av

gtray.exe
C:\PROGRA~1\MYWEBS~1\ba

r\1.bin\m3SrchMn.exe
C:\PROGRA~1\MYWEBS~1\ba

r\1.bin\mwsoemon.exe
C:\WINDOWS\system32\ctf

mon.exe
C:\Program

Files\Google\GoogleTool

barNotifier\GoogleToolb

arNotifier.exe
C:\Program Files\TomTom

HOME 2\HOMERunner.exe
C:\Program

Files\AIM6\aim6.exe
C:\Program

Files\WIDCOMM\Bluetooth

Software\BTTray.exe
C:\Program

Files\Nikon\PictureProj

ect\NkbMonitor.exe
C:\PROGRA~1\AVG\AVG8\av

grsx.exe
C:\Program

Files\AIM6\aolsoftware.

exe
C:\Documents and

Settings\ADMIN\Desktop\

HiJackThis.exe

R1 -

HKLM\Software\Microsoft

\Internet

Explorer\Main,Default_S

earch_URL =

http://go.microsoft.com

/fwlink/?LinkId=54896
R1 -

HKLM\Software\Microsoft

\Internet

Explorer\Main,Search

Bar =

http://us.rd.yahoo.com/

customize/ie/defaults/s

b/msgr8/*http://www.yah

oo.com/ext/search/searc

h.html
R1 -

HKLM\Software\Microsoft

\Internet

Explorer\Main,Search

Page =

http://go.microsoft.com

/fwlink/?LinkId=54896
R1 -

HKCU\Software\Microsoft

\Windows\CurrentVersion

\Internet

Settings,ProxyServer =

actsvr.comcastonline.co

m:8100
R1 -

HKCU\Software\Microsoft

\Windows\CurrentVersion

\Internet

Settings,ProxyOverride

= cdn
R3 - URLSearchHook:

AOLTBSearch Class -

{EA756889-2338-43DB-8F0

7-D1CA6FB9C90D} -

C:\Program

Files\AOL\AIM Toolbar

5.0\aoltb.dll
R3 - URLSearchHook:

Yahoo! Toolbar -

{EF99BD32-C1FB-11D2-892

F-0090271D4F88} -

C:\PROGRA~1\Yahoo!\Comp

anion\Installs\cpn1\yt.

dll
R3 - URLSearchHook: (no

name) -

{00A6FAF6-072E-44cf-895

7-5838F569A31D} -

C:\Program

Files\MyWebSearch\SrchA

stt\1.bin\MWSSRCAS.DLL
O2 - BHO: MyWebSearch

Search Assistant BHO -

{00A6FAF1-072E-44cf-895

7-5838F569A31D} -

C:\Program

Files\MyWebSearch\SrchA

stt\1.bin\MWSSRCAS.DLL
O2 - BHO: &Yahoo!

Toolbar Helper -

{02478D38-C3F9-4efb-9B5

1-7695ECA05670} -

C:\PROGRA~1\Yahoo!\Comp

anion\Installs\cpn1\yt.

dll
O2 - BHO: Adobe PDF

Reader Link Helper -

{06849E9F-C8D7-4D59-B87

D-784B7D6BE0B3} -

C:\Program Files\Common

Files\Adobe\Acrobat\Act

iveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO -

{07B18EA1-A523-4961-B6B

B-170DE4475CCA} -

C:\Program

Files\MyWebSearch\bar\1

.bin\MWSBAR.DLL
O2 - BHO: WormRadar.com

IESiteBlocker.NavFilter

-

{3CA2F312-6F6E-4B53-A66

E-4E65E497C8C0} -

C:\Program

Files\AVG\AVG8\avgssie.

dll
O2 - BHO: Yahoo! IE

Services Button -

{5BAB4B5B-68BC-4B02-94D

6-2FC0DE4A7897} -

C:\Program

Files\Yahoo!\Common\yie

srvc.dll
O2 - BHO: Groove GFS

Browser Helper -

{72853161-30C5-4D22-B7F

9-0BBC1D38A37E} -

C:\Program

Files\Microsoft

Office\Office12\GrooveS

hellExtensions.dll
O2 - BHO: SSVHelper

Class -

{761497BB-D6F0-462C-B6E

B-D4DAF1D92D43} -

C:\Program

Files\Java\jre1.6.0_07\

bin\ssv.dll
O2 - BHO: AOL Toolbar

Launcher -

{7C554162-8CB7-45A4-B8F

4-8EA1C75885F9} -

C:\Program

Files\AOL\AIM Toolbar

5.0\aoltb.dll
O2 - BHO: AVG Security

Toolbar -

{A057A204-BACC-4D26-999

0-79A187E2698E} -

C:\PROGRA~1\AVG\AVG8\AV

GTOO~1.DLL
O2 - BHO: Google

Toolbar Helper -

{AA58ED58-01DD-4d91-833

3-CF10577473F7} -

c:\program

files\google\googletool

bar1.dll
O2 - BHO: Google

Toolbar Notifier BHO -

{AF69DE43-7D58-4638-B6F

A-CE66B5AD205D} -

C:\Program

Files\Google\GoogleTool

barNotifier\3.0.1225.98

68\swg.dll
O3 - Toolbar: Yahoo!

Toolbar -

{EF99BD32-C1FB-11D2-892

F-0090271D4F88} -

C:\PROGRA~1\Yahoo!\Comp

anion\Installs\cpn1\yt.

dll
O3 - Toolbar: &Google -

{2318C2B1-4965-11d4-9B1

8-009027A5CD4F} -

c:\program

files\google\googletool

bar1.dll
O3 - Toolbar: AVG

Security Toolbar -

{A057A204-BACC-4D26-999

0-79A187E2698E} -

C:\PROGRA~1\AVG\AVG8\AV

GTOO~1.DLL
O3 - Toolbar: AIM

Toolbar -

{DE9C389F-3316-41A7-809

B-AA305ED9D922} -

C:\Program

Files\AOL\AIM Toolbar

5.0\aoltb.dll
O3 - Toolbar: My Web

Search -

{07B18EA9-A523-4961-B6B

B-170DE4475CCA} -

C:\Program

Files\MyWebSearch\bar\1

.bin\MWSBAR.DLL
O4 - HKLM\..\Run:

[eabconfg.cpl]

C:\Program

Files\HPQ\Quick Launch

Buttons\EabServr.exe

/Start
O4 - HKLM\..\Run:

[SynTPLpr] C:\Program

Files\Synaptics\SynTP\S

ynTPLpr.exe
O4 - HKLM\..\Run:

[SynTPEnh] C:\Program

Files\Synaptics\SynTP\S

ynTPEnh.exe
O4 - HKLM\..\Run:

[CoolSwitch]

C:\WINDOWS\system32\tas

kswitch.exe
O4 - HKLM\..\Run:

[SunJavaUpdateSched]

"C:\Program

Files\Java\jre1.6.0_07\

bin\jusched.exe"
O4 - HKLM\..\Run:

[AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run:

[SigmatelSysTrayApp]

stsystra.exe
O4 - HKLM\..\Run:

[Broadcom Wireless

Manager UI]

C:\WINDOWS\system32\WLT

RAY.exe
O4 - HKLM\..\Run:

[NeroFilterCheck]

C:\WINDOWS\system32\Ner

oCheck.exe
O4 - HKLM\..\Run:

[igfxtray]

C:\WINDOWS\system32\igf

xtray.exe
O4 - HKLM\..\Run:

[igfxhkcmd]

C:\WINDOWS\system32\hkc

md.exe
O4 - HKLM\..\Run:

[igfxpers]

C:\WINDOWS\system32\igf

xpers.exe
O4 - HKLM\..\Run:

[RemoteControl]

"C:\Program

Files\CyberLink\PowerDV

D\PDVDServ.exe"
O4 - HKLM\..\Run:

[LXCTCATS] rundll32

C:\WINDOWS\System32\spo

ol\DRIVERS\W32X86\3\LXC

Ttime.dll,[email protected]

16
O4 - HKLM\..\Run:

[YSearchProtection]

"C:\Program

Files\Yahoo!\Search

Protection\SearchProtec

tion.exe"
O4 - HKLM\..\Run:

[PWRISOVM.EXE]

C:\Program

Files\PowerISO\PWRISOVM

.EXE
O4 - HKLM\..\Run:

[GrooveMonitor]

"C:\Program

Files\Microsoft

Office\Office12\GrooveM

onitor.exe"
O4 - HKLM\..\Run:

[Adobe Reader Speed

Launcher] "C:\Program

Files\Adobe\Reader

8.0\Reader\Reader_sl.ex

e"
O4 - HKLM\..\Run:

[AVG8_TRAY]

C:\PROGRA~1\AVG\AVG8\av

gtray.exe
O4 - HKLM\..\Run:

[LogonStudio]

"C:\Program

Files\WinCustomize\Logo

nStudio\logonstudio.exe

" /RANDOM
O4 - HKLM\..\Run:

[MyWebSearch Plugin]

rundll32

C:\PROGRA~1\MYWEBS~1\ba

r\1.bin\M3PLUGIN.DLL,UP

F
O4 - HKLM\..\Run: [My

Web Search Bar Search

Scope Monitor]

"C:\PROGRA~1\MYWEBS~1\b

ar\1.bin\m3SrchMn.exe"

/m=0
O4 - HKLM\..\Run:

[MyWebSearch Email

Plugin]

C:\PROGRA~1\MYWEBS~1\ba

r\1.bin\mwsoemon.exe
O4 - HKCU\..\Run:

[ctfmon.exe]

C:\WINDOWS\system32\ctf

mon.exe
O4 - HKCU\..\Run:

[MSMSGS] "C:\Program

Files\Messenger\msmsgs.

exe" /background
O4 - HKCU\..\Run: [swg]

C:\Program

Files\Google\GoogleTool

barNotifier\GoogleToolb

arNotifier.exe
O4 - HKCU\..\Run:

[TomTomHOME.exe]

"C:\Program

Files\TomTom HOME

2\HOMERunner.exe"
O4 - HKCU\..\Run:

[CursorXP] C:\Program

Files\CursorXP\CursorXP

.exe
O4 - HKCU\..\Run:

[Aim6] "C:\Program

Files\AIM6\aim6.exe" /d

locale=en-US

ee://aol/imApp
O4 - HKCU\..\Run:

[MyWebSearch Email

Plugin]

C:\PROGRA~1\MYWEBS~1\ba

r\1.bin\mwsoemon.exe
O4 - HKCU\..\Run:

[MySpaceIM] C:\Program

Files\MySpace\IM\MySpac

eIM.exe
O4 - HKCU\..\Run:

[Yahoo! Pager]

"C:\PROGRA~1\Yahoo!\MES

SEN~1\YAHOOM~1.EXE"

-quiet
O4 -

HKUS\S-1-5-18\..\Run:

[MySpaceIM] C:\Program

Files\MySpace\IM\MySpac

eIM.exe (User 'SYSTEM')
O4 -

HKUS\.DEFAULT\..\Run:

[MySpaceIM] C:\Program

Files\MySpace\IM\MySpac

eIM.exe (User 'Default

user')
O4 - Startup: YPOPs.lnk

= ?
O4 - Global Startup:

Bluetooth.lnk = ?
O4 - Global Startup:

NkbMonitor.exe.lnk =

C:\Program

Files\Nikon\PictureProj

ect\NkbMonitor.exe
O8 - Extra context menu

item: &AIM Search -

c:\program

files\aol\aim toolbar

5.0\resources\en-US\loc

al\search.html
O8 - Extra context menu

item: &Search -

http://edits.mywebsearc

h.com/toolbaredits/menu

search.jhtml?p=ZUfox000
O8 - Extra context menu

item: E&xport to

Microsoft Excel -

res://C:\PROGRA~1\MICRO

S~2\Office12\EXCEL.EXE/

3000
O8 - Extra context menu

item: Send to

&Bluetooth Device... -

C:\Program

Files\WIDCOMM\Bluetooth

Software\btsendto_ie_ct

x.htm
O9 - Extra button: (no

name) -

{08B0E5C0-4FCB-11CF-AAA

5-00401C608501} -

C:\Program

Files\Java\jre1.6.0_07\

bin\ssv.dll
O9 - Extra 'Tools'

menuitem: Sun Java

Console -

{08B0E5C0-4FCB-11CF-AAA

5-00401C608501} -

C:\Program

Files\Java\jre1.6.0_07\

bin\ssv.dll
O9 - Extra button: Send

to OneNote -

{2670000A-7350-4f3c-808

1-5663EE0C6C49} -

C:\PROGRA~1\MICROS~2\Of

fice12\ONBttnIE.dll
O9 - Extra 'Tools'

menuitem: S&end to

OneNote -

{2670000A-7350-4f3c-808

1-5663EE0C6C49} -

C:\PROGRA~1\MICROS~2\Of

fice12\ONBttnIE.dll
O9 - Extra button: AIM

Toolbar -

{3369AF0D-62E9-4bda-810

3-B4C75499B578} -

C:\Program

Files\AOL\AIM Toolbar

5.0\aoltb.dll
O9 - Extra button:

Yahoo! Services -

{5BAB4B5B-68BC-4B02-94D

6-2FC0DE4A7897} -

C:\Program

Files\Yahoo!\Common\yie

srvc.dll
O9 - Extra button:

Research -

{92780B25-18CC-41C8-B9B

E-3C9C571A8263} -

C:\PROGRA~1\MICROS~2\Of

fice12\REFIEBAR.DLL
O9 - Extra button:

@btrez.dll,-4015 -

{CCA281CA-C863-46ef-933

1-5C8D4460577F} -

C:\Program

Files\WIDCOMM\Bluetooth

Software\btsendto_ie.ht

m
O9 - Extra 'Tools'

menuitem:

@btrez.dll,-12650 -

{CCA281CA-C863-46ef-933

1-5C8D4460577F} -

C:\Program

Files\WIDCOMM\Bluetooth

Software\btsendto_ie.ht

m
O9 - Extra button: (no

name) -

{e2e2dd38-d088-4134-82b

7-f2ba38496583} -

C:\WINDOWS\Network

Diagnostic\xpnetdiag.ex

e
O9 - Extra 'Tools'

menuitem:

@xpsp3res.dll,-20001 -

{e2e2dd38-d088-4134-82b

7-f2ba38496583} -

C:\WINDOWS\Network

Diagnostic\xpnetdiag.ex

e
O9 - Extra button:

Messenger -

{FB5F1910-F110-11d2-BB9

E-00C04F795683} -

C:\Program

Files\Messenger\msmsgs.

exe
O9 - Extra 'Tools'

menuitem: Windows

Messenger -

{FB5F1910-F110-11d2-BB9

E-00C04F795683} -

C:\Program

Files\Messenger\msmsgs.

exe
O16 - DPF:

{05CA9FB0-3E3E-4B36-BF4

1-0E3A5CAA8CD8} (Office

Genuine Advantage

Validation Tool) -

http://go.microsoft.com

/fwlink/?linkid=58813
O16 - DPF:

{30528230-99f7-4bb4-88d

8-fa1d4f56a2ab}

(Installation Support)

- C:\Program

Files\Yahoo!\Common\Yin

sthelper.dll
O16 - DPF:

{6B75345B-AA36-438A-BBE

6-4078B4C6984D}

(HpProductDetection

Class) -

http://h20270.www2.hp.c

om/ediags/gmn2/install/

HPProductDetection.cab
O16 - DPF:

{BFF1950D-B1B4-4AE8-B84

2-B2CCF06D9A1B} (Zylom

Games Player) -

http://www.gamehouse.co

m/games/zylom/zylomplay

er.cab
O16 - DPF:

{D27CDB6E-AE6D-11CF-96B

8-444553540000}

(Shockwave Flash

Object) -

http://fpdownload2.macr

omedia.com/get/shockwav

e/cabs/flash/swflash.ca

b
O16 - DPF:

{FD0B6769-6490-4A91-AA0

A-B5AE0DC75AC9}

(Performance Viewer

Activex Control) -

https://secure.logmein.

com/activex/ractrl.cab?

lmi=100
O18 - Protocol:

grooveLocalGWS -

{88FED34C-F0CA-4636-A37

5-3CB6248B04CD} -

C:\Program

Files\Microsoft

Office\Office12\GrooveS

ystemServices.dll
O18 - Protocol:

linkscanner -

{F274614C-63F8-47D5-A4D

1-FBDDE494F8D1} -

C:\Program

Files\AVG\AVG8\avgpp.dl

l
O20 - AppInit_DLLs:

avgrsstx.dll
O23 - Service: Access

Utility Service -

SprintNextel -

C:\Program

Files\Sprint\Mobile

Broadband\SMBAUtilSvc.e

xe
O23 - Service: Ati

HotKey Poller - ATI

Technologies Inc. -

C:\WINDOWS\system32\Ati

2evxx.exe
O23 - Service: AVG8

WatchDog (avg8wd) - AVG

Technologies CZ, s.r.o.

-

C:\PROGRA~1\AVG\AVG8\av

gwdsvc.exe
O23 - Service:

Bluetooth Service

(btwdins) - Broadcom

Corporation. -

C:\Program

Files\WIDCOMM\Bluetooth

Software\bin\btwdins.ex

e
O23 - Service: Google

Updater Service (gusvc)

- Google - C:\Program

Files\Google\Common\Goo

gle

Updater\GoogleUpdaterSe

rvice.exe
O23 - Service: HP WMI

Interface (hpqwmi) -

Hewlett-Packard

Development Company,

L.P. - C:\Program

Files\HPQ\SHARED\HPQWMI

.exe
O23 - Service:

InstallDriver Table

Manager (IDriverT) -

Macrovision Corporation

- C:\Program

Files\Common

Files\InstallShield\Dri

ver\1150\Intel

32\IDriverT.exe
O23 - Service:

lxct_device - -

C:\WINDOWS\system32\lxc

tcoms.exe
O23 - Service: My Web

Search Service

(MyWebSearchService) -

MyWebSearch.com -

C:\PROGRA~1\MYWEBS~1\ba

r\1.bin\mwssvc.exe
O23 - Service:

Viewpoint Manager

Service - Viewpoint

Corporation -

C:\Program

Files\Viewpoint\Common\

ViewpointService.exe
O23 - Service: Dell

Wireless WLAN Tray

Service (wltrysvc) -

Unknown owner -

C:\WINDOWS\System32\WLT

RYSVC.EXE

--
End of file - 12838

bytes
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP