Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

net2ez

Started by lee1001 , Oct 12 2008 03:22 AM

  • Please log in to reply

#1
lee1001
Posted 12 October 2008 - 03:22 AM

lee1001

    New Member

  • Member
  • Pip
  • 1 posts
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:17:29, on 12/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\lxdicoms.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Webroot\Washer\WasherSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\TweakMASTER\TMTray.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\PeerGuardian2\pg2.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\spider.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neu...ie/default.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://news.bbc.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.co.uk/0...S01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8118
F2 - REG:system.ini: Shell=Explorer.exe
O1 - Hosts: 87.248.221.198 media.podshow.com
O1 - Hosts: 24.102.58.36 cinemageddon.org
O1 - Hosts: 74.53.143.35 www.uknova.com
O1 - Hosts: 88.221.74.216 www.timesonline.co.uk
O1 - Hosts: 68.142.207.55 us.f334.mail.yahoo.com
O1 - Hosts: 89.234.25.194 stats.telegraph.co.uk
O1 - Hosts: 217.12.8.76 login.yahoo.com
O1 - Hosts: 217.146.187.164 edit.europe.yahoo.com
O1 - Hosts: 209.191.68.218 us.mc334.mail.yahoo.com
O1 - Hosts: 216.239.113.224 mads.com.com
O1 - Hosts: 166.90.203.248 www.allmovie.com
O1 - Hosts: 203.22.204.47 www.theyshootpictures.com
O1 - Hosts: 72.21.210.129 rcm.amazon.com
O1 - Hosts: 74.125.39.103 www.google.com
O1 - Hosts: 89.234.53.244 www.dianomioffers.co.uk
O1 - Hosts: 193.243.128.86 shares.telegraph.co.uk
O1 - Hosts: 208.100.51.98 www.webtvwire.com
O1 - Hosts: 217.117.154.2 static.weborama.fr
O1 - Hosts: 89.248.208.161 ems6.net
O1 - Hosts: 213.251.138.35 ns6113.ovh.net
O1 - Hosts: 88.198.5.144 forum.emule-project.net
O1 - Hosts: 84.96.219.206 www.brothersoft.com
O1 - Hosts: 216.239.122.164 www.download.com
O1 - Hosts: 216.239.116.65 bwp.download.com
O1 - Hosts: 69.147.72.43 pn2.adserver.yahoo.com
O1 - Hosts: 216.239.122.164 forums.cnet.com
O1 - Hosts: 209.62.179.57 ad.fr.doubleclick.net
O1 - Hosts: 216.239.116.65 bwp.cnet.com
O1 - Hosts: 216.239.122.178 www.cnet.com
O1 - Hosts: 212.58.227.138 search.bbc.co.uk
O1 - Hosts: 78.46.226.99 www.mysubtitles.com
O1 - Hosts: 195.167.226.20 www.groovecollector.com
O1 - Hosts: 78.47.161.52 ads.geek-tools.org
O1 - Hosts: 66.48.78.209 ads.clicksor.com
O1 - Hosts: 78.47.110.205 www.allsubs.org
O1 - Hosts: 78.47.161.54 www.b-famous.com
O1 - Hosts: 78.46.226.97 korean-subs.mysubtitles.org
O1 - Hosts: 78.46.226.91 tools.bestmovies21.com
O1 - Hosts: 64.21.125.42 www.ro-mantik.com
O1 - Hosts: 212.58.232.8 newsforums.bbc.co.uk
O1 - Hosts: 74.125.39.103 www.google.co.uk
O1 - Hosts: 209.132.97.194 www.webring.com
O1 - Hosts: 62.253.162.12 homepage.ntlworld.com
O1 - Hosts: 69.64.155.131 www.rlsuth.com
O1 - Hosts: 64.202.163.148 www.oldtimeradiofans.com
O1 - Hosts: 205.234.144.140 www.old-time.com
O1 - Hosts: 77.238.174.11 adserving.cpxinteractive.com
O1 - Hosts: 69.89.31.60 www.nomig.net
O1 - Hosts: 80.189.94.38 www.whirligig-tv.co.uk
O1 - Hosts: 199.199.214.142 www.radiolovers.com
O1 - Hosts: 84.96.219.209 as.casalemedia.com
O1 - Hosts: 207.241.229.39 www.archive.org
O1 - Hosts: 62.149.24.66 www.demonoid.com
O1 - Hosts: 87.233.147.140 www.mininova.org
O1 - Hosts: 84.96.219.209 d3.zedo.com
O1 - Hosts: 62.219.199.215 www.predictad.net
O1 - Hosts: 216.35.75.110 tracking.vindicosuite.com
O1 - Hosts: 74.125.39.167 pagead2.googlesyndication.com
O1 - Hosts: 88.221.74.216 entertainment.timesonline.co.uk
O1 - Hosts: 87.248.220.19 lstatic.weborama.fr
O1 - Hosts: 82.96.145.1 chat.guy.fr
O1 - Hosts: 82.96.144.50 guy.fr
O1 - Hosts: 212.58.226.20 news.bbc.co.uk
O1 - Hosts: 212.58.253.67 www.bbc.co.uk
O1 - Hosts: 72.52.212.32 www.slyck.com
O1 - Hosts: 72.20.34.145 www.utorrent.com
O1 - Hosts: 216.104.71.5 www.portforward.com
O1 - Hosts: 217.71.208.72 www.belle-epine.com
O1 - Hosts: 80.247.229.54 www.texto-france.com
O1 - Hosts: 91.198.174.2 en.wikipedia.org
O1 - Hosts: 216.104.71.5 portforward.com
O1 - Hosts: 87.106.10.85 www.emule-project.net
O1 - Hosts: 212.112.238.21 porttest.emule-project.net
O1 - Hosts: 84.96.219.206 www.pctools.com
O1 - Hosts: 67.19.235.68 www.free-codecs.com
O1 - Hosts: 209.73.187.220 answers.yahoo.com
O1 - Hosts: 209.73.187.220 uk.answers.yahoo.com
O1 - Hosts: 207.46.248.248 support.microsoft.com
O1 - Hosts: 207.58.186.48 www.moviecodec.com
O1 - Hosts: 69.41.171.139 forum.mininova.org
O1 - Hosts: 209.172.34.39 www.dvdfab.com
O1 - Hosts: 62.149.24.68 fora.demonoid.com
O1 - Hosts: 208.43.203.202 www.download3000.com
O1 - Hosts: 69.162.79.74 www.malwarebytes.org
O1 - Hosts: 194.90.190.38 buzz.omgili.com
O1 - Hosts: 74.86.196.162 finderg.com
O1 - Hosts: 75.126.229.35 www.dunevi.com
O1 - Hosts: 212.30.118.74 www.neuf.fr
O1 - Hosts: 206.222.228.17 www.neufportail.fr
O1 - Hosts: 64.233.183.99 news.google.co.uk
O1 - Hosts: 212.222.51.176 mpg.ebay.fr
O1 - Hosts: 216.113.183.219 listings.ebay.fr
O1 - Hosts: 216.73.86.161 fr.ebayobjects.com
O1 - Hosts: 66.135.204.82 cgi.ebay.fr
O1 - Hosts: 66.211.160.92 promo.ebay.fr
O1 - Hosts: 66.135.200.23 pages.ebay.fr
O1 - Hosts: 199.232.43.137 hjt-data.trend-braintree.com
O1 - Hosts: 208.74.204.75 www.dellcommunity.com
O1 - Hosts: 208.43.44.138 www.geekstogo.com
O1 - Hosts: 89.149.227.36 www.atribune.org
O2 - BHO: (no name) - {05AFD3CE-9049-49E6-ABF8-A34FDB747278} - (no file)
O2 - BHO: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {2D64CA4D-5790-49DC-9D9A-D41FB33B471E} - (no file)
O2 - BHO: (no name) - {330AAACF-EFC1-4E14-AB72-ADCE9820500B} - (no file)
O2 - BHO: (no name) - {38279696-E9D6-4418-BC20-15EB75AB994C} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7403106D-3BF5-45CE-8C9B-3B0462D06C13} - (no file)
O2 - BHO: TweakMASTER PRO Component - {7DAAC7DE-9EF0-4FF0-BFA5-AFF3E899054C} - C:\PROGRA~1\TWEAKM~1\TweakBHO.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {C2678AB1-69B9-4037-AE9C-CCD4E22C2AE4} - (no file)
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [TweakMASTER] "C:\Program Files\TweakMASTER\TMTray.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LXDICATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXDItime.dll,[email protected]
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RegMech.exe /H
O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe
O4 - HKUS\S-1-5-18\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'Default user')
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Add to &LinkFox - res://C:\PROGRA~1\TWEAKM~1\TweakBHO.dll/IESCRIPT
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail....es/MSNPUpld.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1164812171953
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impot...gnerADP-1.1.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} -
O20 - Winlogon Notify: ddcCTkJa - ddcCTkJa.dll (file missing)
O20 - Winlogon Notify: rqRJCTlm - rqRJCTlm.dll (file missing)
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. http://www.bitdefender.com - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: lxdi_device - - C:\WINDOWS\system32\lxdicoms.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
O23 - Service: Window Washer Engine (wwEngineSvc) - Webroot Software, Inc. - C:\Program Files\Webroot\Washer\WasherSvc.exe

--
End of file - 13777 bytes
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Forum
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP