Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Am I infected?


  • Please log in to reply

#1
timbo428

timbo428

    Member

  • Member
  • PipPip
  • 35 posts
Regarding this thread: http://www.geekstogo...ng-t228052.html

Do I have some kind of problem with my computer?


Logfile of Trend Micro

HijackThis v2.0.2
Scan saved at 4:26:24 PM,

on 2/8/2009
Platform: Windows XP SP2

(WinNT 5.01.2600)
MSIE: Internet Explorer

v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS2\System32\smss.

exe
C:\WINDOWS2\system32\winlo

gon.exe
C:\WINDOWS2\system32\servi

ces.exe
C:\WINDOWS2\system32\lsass

.exe
C:\WINDOWS2\system32\svcho

st.exe
C:\Program Files\Microsoft

Windows OneCare

Live\Antivirus\MsMpEng.exe
C:\WINDOWS2\System32\svcho

st.exe
C:\WINDOWS2\system32\spool

sv.exe
C:\Program Files\Microsoft

Windows OneCare

Live\OcHealthMon.exe
C:\Program Files\Analog

Devices\SoundMAX\SMAgent.e

xe
C:\Program Files\Common

Files\supportsoft\bin\sprt

listen.exe
C:\WINDOWS2\system32\svcho

st.exe
C:\Program Files\Microsoft

Windows OneCare

Live\Firewall\msfwsvc.exe
C:\Program Files\Microsoft

Windows OneCare

Live\winss.exe
C:\WINDOWS2\System32\svcho

st.exe
C:\Program Files\Microsoft

Windows OneCare

Live\winssnotify.exe
C:\WINDOWS2\Explorer.EXE
C:\Program Files\Analog

Devices\SoundMAX\Smtray.ex

e
C:\Program

Files\Qwest\QuickCare\bin\

sprtcmd.exe
C:\WINDOWS2\system32\igfxt

ray.exe
C:\WINDOWS2\system32\hkcmd

.exe
C:\WINDOWS2\system32\ctfmo

n.exe
C:\Program Files\Mozilla

Firefox\firefox.exe
C:\Program Files\Trend

Micro\HijackThis\HijackThi

s.exe

R1 -

HKLM\Software\Microsoft\In

ternet

Explorer\Main,Default_Page

_URL =

http://go.microsoft.com/fw

link/?LinkId=69157
R1 -

HKLM\Software\Microsoft\In

ternet

Explorer\Main,Default_Sear

ch_URL =

http://go.microsoft.com/fw

link/?LinkId=54896
R1 -

HKLM\Software\Microsoft\In

ternet

Explorer\Main,Search Page

=

http://go.microsoft.com/fw

link/?LinkId=54896
R0 -

HKLM\Software\Microsoft\In

ternet Explorer\Main,Start

Page =

http://go.microsoft.com/fw

link/?LinkId=69157
R0 -

HKCU\Software\Microsoft\In

ternet Explorer\Main,Local

Page =
O2 - BHO: AcroIEHlprObj

Class -

{06849E9F-C8D7-4D59-B87D-7

84B7D6BE0B3} - C:\Program

Files\Adobe\Acrobat

5.0\Reader\ActiveX\AcroIEH

elper.ocx
O4 - HKLM\..\Run: [Smapp]

C:\Program Files\Analog

Devices\SoundMAX\Smtray.ex

e
O4 - HKLM\..\Run:

[QuickCare2.2] C:\Program

Files\Qwest\QuickCare\bin\

sprtcmd.exe /P

QuickCare2.2
O4 - HKLM\..\Run:

[OneCareUI] "C:\Program

Files\Microsoft Windows

OneCare

Live\winssnotify.exe"
O4 - HKLM\..\Run:

[IgfxTray]

C:\WINDOWS2\system32\igfxt

ray.exe
O4 - HKLM\..\Run:

[HotKeysCmds]

C:\WINDOWS2\system32\hkcmd

.exe
O4 - HKCU\..\Run:

[ctfmon.exe]

C:\WINDOWS2\system32\ctfmo

n.exe
O4 -

HKUS\S-1-5-21-1177238915-2

111687655-1801674531-1004\

..\Run: [ctfmon.exe]

C:\WINDOWS2\system32\ctfmo

n.exe (User 'Surf')
O8 - Extra context menu

item: E&xport to Microsoft

Excel -

res://C:\PROGRA~1\MICROS~2

\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu

item: Save Flash with

Flash Catcher -

res://C:\Program

Files\Common

Files\Justdo\IECatcher.DLL

/FlashCatcher.htm
O9 - Extra button:

Research -

{92780B25-18CC-41C8-B9BE-3

C9C571A8263} -

C:\PROGRA~1\MICROS~2\OFFIC

E11\REFIEBAR.DLL
O9 - Extra button: (no

name) -

{e2e2dd38-d088-4134-82b7-f

2ba38496583} -

C:\WINDOWS2\Network

Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools'

menuitem:

@xpsp3res.dll,-20001 -

{e2e2dd38-d088-4134-82b7-f

2ba38496583} -

C:\WINDOWS2\Network

Diagnostic\xpnetdiag.exe
O9 - Extra button:

Messenger -

{FB5F1910-F110-11d2-BB9E-0

0C04F795683} - C:\Program

Files\Messenger\msmsgs.exe
O9 - Extra 'Tools'

menuitem: Windows

Messenger -

{FB5F1910-F110-11d2-BB9E-0

0C04F795683} - C:\Program

Files\Messenger\msmsgs.exe
O16 - DPF:

{6414512B-B978-451D-A0D8-F

CFDF33E833C} (WUWebControl

Class) -

http://update.microsoft.co

m/windowsupdate/v6/V5Contr

ols/en/x86/client/wuweb_si

te.cab?1165701147861
O16 - DPF:

{D27CDB6E-AE6D-11CF-96B8-4

44553540000} (Shockwave

Flash Object) -

http://fpdownload2.macrome

dia.com/get/shockwave/cabs

/flash/swflash.cab
O23 - Service: Ati HotKey

Poller - ATI Technologies

Inc. -

C:\WINDOWS2\system32\Ati2e

vxx.exe
O23 - Service: ATI Smart -

Unknown owner -

C:\WINDOWS2\system32\ati2s

gag.exe
O23 - Service: SoundMAX

Agent Service (SoundMAX

Agent Service (default)) -

Analog Devices, Inc. -

C:\Program Files\Analog

Devices\SoundMAX\SMAgent.e

xe
O23 - Service: SupportSoft

Listener Service

(sprtlisten) -

SupportSoft, Inc. -

C:\Program Files\Common

Files\supportsoft\bin\sprt

listen.exe
O23 - Service: SupportSoft

RemoteAssist -

SupportSoft, Inc. -

C:\Program Files\Common

Files\SupportSoft\bin\ssrc

.exe

--
End of file - 4352 bytes
  • 0

Advertisements


#2
timbo428

timbo428

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts
Yes, No, Maybe so?
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP