Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Help! work pc


  • Please log in to reply

#1
fivef555

fivef555

    New Member

  • Member
  • Pip
  • 2 posts
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:28:51, on 1/1/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\WINDOWS\system32\PGPserv.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\CCM\CcmExec.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe
C:\WINDOWS\TEMP\PN170C.EXE
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\OfficeScan Client\CNTAoSMgr.exe
C:\Program Files\Trend Micro\OfficeScan Client\tmproxy.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Cisco Systems\Clean Access Agent\ccaagent.exe
C:\Program Files\PGP Corporation\PGP Desktop\pgptray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://Tagzone
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://Tagzone
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Best Buy Co., Inc.
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://usproxy.na.bestbuy.com/wpad.dat
O2 - BHO: (no name) - {467A8A7C-4C2A-4812-A879-9F162E7A98CC} - C:\WINDOWS\system32\nnnmmklJ.dll
O2 - BHO: (no name) - {a87caf9d-8574-4916-b170-f87f715a4c40} - C:\WINDOWS\system32\dusatalo.dll
O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [Banner] "c:\windows\system32\Banner.hta"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [riwuvajube] Rundll32.exe "C:\WINDOWS\system32\girubuko.dll",s
O4 - HKUS\S-1-5-19\..\Run: [riwuvajube] Rundll32.exe "C:\WINDOWS\system32\girubuko.dll",s (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [riwuvajube] Rundll32.exe "C:\WINDOWS\system32\girubuko.dll",s (User 'NETWORK SERVICE')
O4 - Global Startup: Clean Access Agent.lnk = C:\Program Files\Cisco Systems\Clean Access Agent\CCAAgent.exe
O4 - Global Startup: PGPtray.exe.lnk = ?
O4 - Global Startup: VPN Client.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://Tagzone
O15 - Trusted Zone: *.accenture.com
O15 - Trusted Zone: http://msimabs.bestbuy.com
O15 - Trusted Zone: http://mysite.bestbuy.com
O15 - Trusted Zone: http://sp.bestbuy.com
O15 - Trusted Zone: http://www.bestbuy.com
O15 - Trusted Zone: http://*.bestbuy.com
O15 - Trusted Zone: http://bestbuy.collaborate.net
O15 - Trusted Zone: http://h30125.www3.hp.com
O15 - Trusted Zone: http://onlinebanker.usbank.com
O15 - Trusted Zone: http://www.usbankconnections.com
O15 - Trusted Zone: *.accenture.com (HKLM)
O15 - Trusted Zone: http://msimabs.bestbuy.com (HKLM)
O15 - Trusted Zone: http://mysite.bestbuy.com (HKLM)
O15 - Trusted Zone: http://sp.bestbuy.com (HKLM)
O15 - Trusted Zone: http://www.bestbuy.com (HKLM)
O15 - Trusted Zone: http://*.bestbuy.com (HKLM)
O15 - Trusted Zone: http://bestbuy.collaborate.net (HKLM)
O15 - Trusted Zone: http://h30125.www3.hp.com (HKLM)
O15 - Trusted Zone: http://onlinebanker.usbank.com (HKLM)
O15 - Trusted Zone: http://www.usbankconnections.com (HKLM)
O16 - DPF: {CAFECAFE-0013-0001-0029-ABCDEFABCDEF} (JInitiator 1.3.1.29) - http://op01oalba.na....tor/oajinit.exe
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = na.bestbuy.com
O17 - HKLM\Software\..\Telephony: DomainName = na.bestbuy.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = na.bestbuy.com
O20 - AppInit_DLLs: hljiwc.dll C:\WINDOWS\system32\gulotema.dll
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: OfficeScanNT RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe
O23 - Service: OracleOraHome92ClientCache - Unknown owner - C:\oracle\ora92\BIN\ONRSD.EXE
O23 - Service: PGPserv - PGP Corporation - C:\WINDOWS\system32\PGPserv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: OfficeScan NT Listener (tmlisten) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe
O23 - Service: OfficeScan NT Proxy Service (TmProxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\TmProxy.exe

--
End of file - 6442 bytes
  • 0

Advertisements


#2
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Hello fivef555

Welcome to G2Go. :)
=====================
WHat type of business are you running?
Don't you have an IT department that can handle this for you?
  • 0

#3
fivef555

fivef555

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
We do but I am unbable to get through today and need to do some work on the pc. I am still able to work on it but the pop ups are becoming annoying
  • 0

#4
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Because this is a business we do not offer support for businesses.

Please refer to our Terms Of use specifically this line:

We offer free computer help and tech support for home and personal use. We are not here to support others that work for profit, or to support/replace your company's IT department.

Very Sorry.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP