Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Help! work pc

Started by fivef555 , Dec 28 2008 08:47 AM

  • Please log in to reply

#1
fivef555
Posted 28 December 2008 - 08:47 AM

fivef555

    New Member

  • Member
  • Pip
  • 2 posts
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:28:51, on 1/1/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\WINDOWS\system32\PGPserv.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\CCM\CcmExec.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe
C:\WINDOWS\TEMP\PN170C.EXE
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\OfficeScan Client\CNTAoSMgr.exe
C:\Program Files\Trend Micro\OfficeScan Client\tmproxy.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Cisco Systems\Clean Access Agent\ccaagent.exe
C:\Program Files\PGP Corporation\PGP Desktop\pgptray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://Tagzone
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://Tagzone
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Best Buy Co., Inc.
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://usproxy.na.bestbuy.com/wpad.dat
O2 - BHO: (no name) - {467A8A7C-4C2A-4812-A879-9F162E7A98CC} - C:\WINDOWS\system32\nnnmmklJ.dll
O2 - BHO: (no name) - {a87caf9d-8574-4916-b170-f87f715a4c40} - C:\WINDOWS\system32\dusatalo.dll
O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [Banner] "c:\windows\system32\Banner.hta"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [riwuvajube] Rundll32.exe "C:\WINDOWS\system32\girubuko.dll",s
O4 - HKUS\S-1-5-19\..\Run: [riwuvajube] Rundll32.exe "C:\WINDOWS\system32\girubuko.dll",s (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [riwuvajube] Rundll32.exe "C:\WINDOWS\system32\girubuko.dll",s (User 'NETWORK SERVICE')
O4 - Global Startup: Clean Access Agent.lnk = C:\Program Files\Cisco Systems\Clean Access Agent\CCAAgent.exe
O4 - Global Startup: PGPtray.exe.lnk = ?
O4 - Global Startup: VPN Client.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://Tagzone
O15 - Trusted Zone: *.accenture.com
O15 - Trusted Zone: http://msimabs.bestbuy.com
O15 - Trusted Zone: http://mysite.bestbuy.com
O15 - Trusted Zone: http://sp.bestbuy.com
O15 - Trusted Zone: http://www.bestbuy.com
O15 - Trusted Zone: http://*.bestbuy.com
O15 - Trusted Zone: http://bestbuy.collaborate.net
O15 - Trusted Zone: http://h30125.www3.hp.com
O15 - Trusted Zone: http://onlinebanker.usbank.com
O15 - Trusted Zone: http://www.usbankconnections.com
O15 - Trusted Zone: *.accenture.com (HKLM)
O15 - Trusted Zone: http://msimabs.bestbuy.com (HKLM)
O15 - Trusted Zone: http://mysite.bestbuy.com (HKLM)
O15 - Trusted Zone: http://sp.bestbuy.com (HKLM)
O15 - Trusted Zone: http://www.bestbuy.com (HKLM)
O15 - Trusted Zone: http://*.bestbuy.com (HKLM)
O15 - Trusted Zone: http://bestbuy.collaborate.net (HKLM)
O15 - Trusted Zone: http://h30125.www3.hp.com (HKLM)
O15 - Trusted Zone: http://onlinebanker.usbank.com (HKLM)
O15 - Trusted Zone: http://www.usbankconnections.com (HKLM)
O16 - DPF: {CAFECAFE-0013-0001-0029-ABCDEFABCDEF} (JInitiator 1.3.1.29) - http://op01oalba.na....tor/oajinit.exe
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = na.bestbuy.com
O17 - HKLM\Software\..\Telephony: DomainName = na.bestbuy.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = na.bestbuy.com
O20 - AppInit_DLLs: hljiwc.dll C:\WINDOWS\system32\gulotema.dll
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: OfficeScanNT RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe
O23 - Service: OracleOraHome92ClientCache - Unknown owner - C:\oracle\ora92\BIN\ONRSD.EXE
O23 - Service: PGPserv - PGP Corporation - C:\WINDOWS\system32\PGPserv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: OfficeScan NT Listener (tmlisten) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe
O23 - Service: OfficeScan NT Proxy Service (TmProxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\TmProxy.exe

--
End of file - 6442 bytes
  • 0

Advertisements

#2
kahdah
Posted 28 December 2008 - 08:53 AM

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Hello fivef555

Welcome to G2Go. :)
=====================
WHat type of business are you running?
Don't you have an IT department that can handle this for you?
  • 0

#3
fivef555
Posted 28 December 2008 - 08:55 AM

fivef555

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
We do but I am unbable to get through today and need to do some work on the pc. I am still able to work on it but the pop ups are becoming annoying
  • 0

#4
kahdah
Posted 28 December 2008 - 08:58 AM

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Because this is a business we do not offer support for businesses.

Please refer to our Terms Of use specifically this line:

We offer free computer help and tech support for home and personal use. We are not here to support others that work for profit, or to support/replace your company's IT department.

Very Sorry.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP