Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Am I infected?

Started by timbo428 , Feb 08 2009 07:33 PM

  • Please log in to reply

#1
timbo428
Posted 08 February 2009 - 07:33 PM

timbo428

    Member

  • Member
  • PipPip
  • 35 posts
Regarding this thread: http://www.geekstogo...ng-t228052.html

Do I have some kind of problem with my computer?


Logfile of Trend Micro

HijackThis v2.0.2
Scan saved at 4:26:24 PM,

on 2/8/2009
Platform: Windows XP SP2

(WinNT 5.01.2600)
MSIE: Internet Explorer

v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS2\System32\smss.

exe
C:\WINDOWS2\system32\winlo

gon.exe
C:\WINDOWS2\system32\servi

ces.exe
C:\WINDOWS2\system32\lsass

.exe
C:\WINDOWS2\system32\svcho

st.exe
C:\Program Files\Microsoft

Windows OneCare

Live\Antivirus\MsMpEng.exe
C:\WINDOWS2\System32\svcho

st.exe
C:\WINDOWS2\system32\spool

sv.exe
C:\Program Files\Microsoft

Windows OneCare

Live\OcHealthMon.exe
C:\Program Files\Analog

Devices\SoundMAX\SMAgent.e

xe
C:\Program Files\Common

Files\supportsoft\bin\sprt

listen.exe
C:\WINDOWS2\system32\svcho

st.exe
C:\Program Files\Microsoft

Windows OneCare

Live\Firewall\msfwsvc.exe
C:\Program Files\Microsoft

Windows OneCare

Live\winss.exe
C:\WINDOWS2\System32\svcho

st.exe
C:\Program Files\Microsoft

Windows OneCare

Live\winssnotify.exe
C:\WINDOWS2\Explorer.EXE
C:\Program Files\Analog

Devices\SoundMAX\Smtray.ex

e
C:\Program

Files\Qwest\QuickCare\bin\

sprtcmd.exe
C:\WINDOWS2\system32\igfxt

ray.exe
C:\WINDOWS2\system32\hkcmd

.exe
C:\WINDOWS2\system32\ctfmo

n.exe
C:\Program Files\Mozilla

Firefox\firefox.exe
C:\Program Files\Trend

Micro\HijackThis\HijackThi

s.exe

R1 -

HKLM\Software\Microsoft\In

ternet

Explorer\Main,Default_Page

_URL =

http://go.microsoft.com/fw

link/?LinkId=69157
R1 -

HKLM\Software\Microsoft\In

ternet

Explorer\Main,Default_Sear

ch_URL =

http://go.microsoft.com/fw

link/?LinkId=54896
R1 -

HKLM\Software\Microsoft\In

ternet

Explorer\Main,Search Page

=

http://go.microsoft.com/fw

link/?LinkId=54896
R0 -

HKLM\Software\Microsoft\In

ternet Explorer\Main,Start

Page =

http://go.microsoft.com/fw

link/?LinkId=69157
R0 -

HKCU\Software\Microsoft\In

ternet Explorer\Main,Local

Page =
O2 - BHO: AcroIEHlprObj

Class -

{06849E9F-C8D7-4D59-B87D-7

84B7D6BE0B3} - C:\Program

Files\Adobe\Acrobat

5.0\Reader\ActiveX\AcroIEH

elper.ocx
O4 - HKLM\..\Run: [Smapp]

C:\Program Files\Analog

Devices\SoundMAX\Smtray.ex

e
O4 - HKLM\..\Run:

[QuickCare2.2] C:\Program

Files\Qwest\QuickCare\bin\

sprtcmd.exe /P

QuickCare2.2
O4 - HKLM\..\Run:

[OneCareUI] "C:\Program

Files\Microsoft Windows

OneCare

Live\winssnotify.exe"
O4 - HKLM\..\Run:

[IgfxTray]

C:\WINDOWS2\system32\igfxt

ray.exe
O4 - HKLM\..\Run:

[HotKeysCmds]

C:\WINDOWS2\system32\hkcmd

.exe
O4 - HKCU\..\Run:

[ctfmon.exe]

C:\WINDOWS2\system32\ctfmo

n.exe
O4 -

HKUS\S-1-5-21-1177238915-2

111687655-1801674531-1004\

..\Run: [ctfmon.exe]

C:\WINDOWS2\system32\ctfmo

n.exe (User 'Surf')
O8 - Extra context menu

item: E&xport to Microsoft

Excel -

res://C:\PROGRA~1\MICROS~2

\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu

item: Save Flash with

Flash Catcher -

res://C:\Program

Files\Common

Files\Justdo\IECatcher.DLL

/FlashCatcher.htm
O9 - Extra button:

Research -

{92780B25-18CC-41C8-B9BE-3

C9C571A8263} -

C:\PROGRA~1\MICROS~2\OFFIC

E11\REFIEBAR.DLL
O9 - Extra button: (no

name) -

{e2e2dd38-d088-4134-82b7-f

2ba38496583} -

C:\WINDOWS2\Network

Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools'

menuitem:

@xpsp3res.dll,-20001 -

{e2e2dd38-d088-4134-82b7-f

2ba38496583} -

C:\WINDOWS2\Network

Diagnostic\xpnetdiag.exe
O9 - Extra button:

Messenger -

{FB5F1910-F110-11d2-BB9E-0

0C04F795683} - C:\Program

Files\Messenger\msmsgs.exe
O9 - Extra 'Tools'

menuitem: Windows

Messenger -

{FB5F1910-F110-11d2-BB9E-0

0C04F795683} - C:\Program

Files\Messenger\msmsgs.exe
O16 - DPF:

{6414512B-B978-451D-A0D8-F

CFDF33E833C} (WUWebControl

Class) -

http://update.microsoft.co

m/windowsupdate/v6/V5Contr

ols/en/x86/client/wuweb_si

te.cab?1165701147861
O16 - DPF:

{D27CDB6E-AE6D-11CF-96B8-4

44553540000} (Shockwave

Flash Object) -

http://fpdownload2.macrome

dia.com/get/shockwave/cabs

/flash/swflash.cab
O23 - Service: Ati HotKey

Poller - ATI Technologies

Inc. -

C:\WINDOWS2\system32\Ati2e

vxx.exe
O23 - Service: ATI Smart -

Unknown owner -

C:\WINDOWS2\system32\ati2s

gag.exe
O23 - Service: SoundMAX

Agent Service (SoundMAX

Agent Service (default)) -

Analog Devices, Inc. -

C:\Program Files\Analog

Devices\SoundMAX\SMAgent.e

xe
O23 - Service: SupportSoft

Listener Service

(sprtlisten) -

SupportSoft, Inc. -

C:\Program Files\Common

Files\supportsoft\bin\sprt

listen.exe
O23 - Service: SupportSoft

RemoteAssist -

SupportSoft, Inc. -

C:\Program Files\Common

Files\SupportSoft\bin\ssrc

.exe

--
End of file - 4352 bytes
  • 0

Advertisements

#2
timbo428
Posted 10 February 2009 - 09:01 AM

timbo428

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts
Yes, No, Maybe so?
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP