Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

elitum bar [CLOSED]


  • This topic is locked This topic is locked

#1
hilario

hilario

    Member

  • Member
  • PipPip
  • 20 posts
hi all:

sorry I think i've posted on the wrong place, and posting here now:
her is my hijackthis log, pls tell me what to remove to eliminate elitum bar.tks.

Logfile of HijackThis v1.99.1
Scan saved at 10:40:56, on 05/15/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Programas\Ficheiros comuns\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\r_server.exe
C:\Programas\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Programas\Analog Devices\SoundMAX\Smax4.exe
C:\Programas\Creative\Shared Files\CAMTRAY.EXE
C:\progra~1\sibs\mbnet\mbnet.exe
C:\Programas\BillP Studios\WinPatrol\winpatrol.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Programas\NetLimiter\NetLimiter.exe
C:\Programas\Error Nuker\bin\ErrorNuker.exe
C:\Programas\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Programas\Woize\Woize.exe
D:\Programas\Skype\Phone\Skype.exe
C:\Programas\IP Phone Center\IPCenter.exe
C:\Programas\SAM\SAM.exe
C:\Programas\VoipBuster.com\VoipBuster\voipbuster.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Programas\IP Phone Center\pc2pccall.exe
C:\Programas\IP Phone Center\tjbuddy.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Documents and Settings\Hilario\Definições locais\Temp\Directório temporário 1 para hijackthis.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://new-search.ne...?v=6&aff=962016
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {38D4D5D0-423E-4220-B6F9-30918C2AE4A4} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programas\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Programas\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [Microsoft WinUpdate] spoolsvs.exe
O4 - HKLM\..\Run: [Internet Content Publisher] icp.exe
O4 - HKLM\..\Run: [sbrkys] c:\windows\system32\sbrkys.exe
O4 - HKLM\..\Run: [SYSTRAY] C:\UNMT.EXE
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Programas\Creative\Shared Files\CAMTRAY.EXE
O4 - HKLM\..\Run: [vqd] C:\WINDOWS\vqd.exe
O4 - HKLM\..\Run: [gah95on6] C:\WINDOWS\System32\gah95on6.exe
O4 - HKLM\..\Run: [abasa5jrp] C:\WINDOWS\System32\abasa5jrp.exe
O4 - HKLM\..\Run: [MBNet] c:\progra~1\sibs\mbnet\mbnet.exe
O4 - HKLM\..\Run: [WinPatrol] C:\Programas\BillP Studios\WinPatrol\winpatrol.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [] C:\Documents and Settings\Hilario\Ambiente de trabalho\SAM.Setup.1.0.4.0.exe
O4 - HKLM\..\Run: [NetLimiter] C:\Programas\NetLimiter\NetLimiter.exe /s
O4 - HKLM\..\Run: [Error Nuker] C:\Programas\Error Nuker\bin\ErrorNuker.exe autostart
O4 - HKLM\..\RunServices: [Microsoft WinUpdate] spoolsvs.exe
O4 - HKLM\..\RunServices: [Internet Content Publisher] icp.exe
O4 - HKLM\..\RunServices: [Microsoft Update] wuampd.exe
O4 - HKCU\..\Run: [Microsoft WinUpdate] spoolsvs.exe
O4 - HKCU\..\Run: [Internet Content Publisher] icp.exe
O4 - HKCU\..\Run: [Microsoft Update] wuampd.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Programas\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [BIAUTOSTART] "C:\Programas\Woize\Woize.exe"
O4 - HKCU\..\Run: [Skype] "d:\Programas\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Startup: SAM.lnk = C:\Programas\SAM\SAM.exe
O4 - Startup: VoipBuster.lnk = ?
O4 - Global Startup: IP Phone Center.lnk = C:\Programas\IP Phone Center\IPCenter.exe
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: &Call IP Phone Center - C:\Programas\IP Phone Center\call.htm
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O10 - Broken Internet access because of LSP provider 'c:\windows\system32\wshbth.dll' missing
O12 - Plugin for .spop: C:\Programas\Internet Explorer\Plugins\NPDocBox.dll
O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone
O16 - DPF: {10003000-1000-0000-1000-000000000000} - ms-its:mhtml:file://C:\foo.mht!http://bin.wordsx.cc...m::/on-line.exe
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windup...bridge-c283.cab
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://www-secure.s...sa/LSSupCtl.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {91433D86-9F27-402C-B5E3-DEBDD122C339} - http://www.netvenda..../pt/games10.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.s...sa/SymAData.cab
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IncrediMail) - http://www2.incredim...er/imloader.cab
O16 - DPF: {FC67BB52-AAB6-4282-9D51-2DAFFE73AFD0} - http://download.spys...rCabInstall.cab
O18 - Filter: text/html - (no CLSID) - (no file)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Remote Administrator Service (r_server) - Unknown owner - C:\WINDOWS\System32\r_server.exe" /service (file missing)
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programas\Analog Devices\SoundMAX\SMAgent.exe

rgds.hilario.
  • 0

Advertisements


#2
Kat

Kat

    Retired

  • Retired Staff
  • 19,711 posts
  • MVP
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP