Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

my task manger and regster edit or out


  • Please log in to reply

#1
HELLPMEE

HELLPMEE

    New Member

  • Member
  • Pip
  • 1 posts
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:40:05 AM, on 10/25/2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
F:\Windows\system32\taskhost.exe
F:\Windows\system32\Dwm.exe
F:\Windows\Explorer.EXE
F:\Program Files\Common Files\Java\Java Update\jusched.exe
F:\Program Files\Real\RealPlayer\Update\realsched.exe
F:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
F:\Program Files\AVG\AVG9\avgtray.exe
F:\Program Files\uTorrent\uTorrent.exe
F:\Program Files\Pando Networks\Media Booster\PMB.exe
F:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
F:\Program Files\DAEMON Tools Lite\DTLite.exe
F:\Program Files\Windows Live\Messenger\msnmsgr.exe
F:\Program Files\AVG\AVG9\Identity Protection\agent\bin\avgidsmonitor.exe
F:\Windows\system32\conhost.exe
F:\Program Files\Opera\opera.exe
F:\Windows\system32\taskeng.exe
F:\Windows\system32\taskeng.exe
F:\Users\mzias2\AppData\Local\Google\Update\1.3.21.79\GoogleCrashHandler.exe
F:\Windows\system32\SearchFilterHost.exe
F:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = ?ReturnUrl=%2f
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: myBabylon English Toolbar - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - F:\Program Files\myBabylon_English\tbmyBa.dll
R3 - URLSearchHook: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - F:\Program Files\Hotspot_Shield\tbHots.dll
R3 - URLSearchHook: (no name) - {EEE6C35D-6118-11DC-9C72-001320C79847} - (no file)
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - F:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - F:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - F:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - F:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - F:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Ant.com browser helper (video detector) - {346FDE31-DFF9-418A-90C8-BA31DC9FF2EF} - F:\Program Files\Ant.com\IE add-on\download.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - F:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - F:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - F:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - F:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - F:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: myBabylon English Toolbar - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - F:\Program Files\myBabylon_English\tbmyBa.dll
O2 - BHO: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - F:\Program Files\Hotspot_Shield\tbHots.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - F:\Program Files\Hotspot Shield\HssIE\HssIE.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - F:\Program Files\Yontoo Layers Client\YontooIEClient.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - F:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - F:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: myBabylon English Toolbar - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - F:\Program Files\myBabylon_English\tbmyBa.dll
O3 - Toolbar: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - F:\Program Files\Hotspot_Shield\tbHots.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - F:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - F:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Ant.com Video Downloader toolbar - {2E924F4F-67F0-4BD8-9560-49F468E843D2} - F:\Program Files\Ant.com\IE add-on\anttoolbar.dll
O4 - HKLM\..\Run: [YSearchProtection] "F:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKLM\..\Run: [NokiaMServer] F:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles
O4 - HKLM\..\Run: [GrooveMonitor] "F:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [VirtualDrive] "D:\Program Files\FarStone\VirtualDrive\VDTask.exe" /AutoRestore
O4 - HKLM\..\Run: [RAMDrive] "D:\Program Files\FarStone\VirtualDrive\VHD\RDTask.exe"
O4 - HKLM\..\Run: [QuickTime Task] "F:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "F:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "F:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] F:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "F:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "f:\program files\real\realplayer\Update\realsched.exe" -osboot
O4 - HKLM\..\Run: [TosNC] %ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe
O4 - HKLM\..\Run: [AVG9_TRAY] F:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/w...0"&"ver=9.0.894
O4 - HKCU\..\Run: [uTorrent] "F:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [Pando Media Booster] F:\Program Files\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] F:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "F:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [msnmsgr] "F:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [HW_OPENEYE_OUC_Zain Broadband] "F:\Program Files\Zain Broadband\UpdateDog\ouc.exe"
O4 - HKCU\..\Run: [GarenaMessenger] "F:\Users\mzias2\Desktop\Garena Messenger\GarenaMessenger.exe"
O4 - HKCU\..\Run: [Google Update] "F:\Users\mzias2\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "F:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] F:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] F:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: E&xport to Microsoft Excel - res://F:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: @F:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - F:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @F:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - F:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @F:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - F:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - F:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - F:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Download videos by Ant.com - {70AF6C9F-0818-4cf7-924A-BBDBB24211D3} - F:\Program Files\Ant.com\IE add-on\download.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: f:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: f:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: f:\windows\system32\prxernsp.dll
O10 - Unknown file in Winsock LSP: f:\windows\system32\prxerdrv.dll
O10 - Unknown file in Winsock LSP: f:\windows\system32\prxerdrv.dll
O10 - Unknown file in Winsock LSP: f:\windows\system32\prxerdrv.dll
O10 - Unknown file in Winsock LSP: f:\windows\system32\prxerdrv.dll
O10 - Unknown file in Winsock LSP: f:\windows\system32\prxerdrv.dll
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zon...nt.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m...ash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0FC766DD-9CAD-420D-B2B1-1F761E22AC7C}: NameServer = 80.90.160.135 80.90.160.136
O17 - HKLM\System\CCS\Services\Tcpip\..\{3D57D5CC-1432-4273-B276-56834F74A6B9}: NameServer = 80.90.160.135 80.90.160.136
O17 - HKLM\System\CCS\Services\Tcpip\..\{52BF8F47-3675-4D94-A8F0-79141AD8A3CF}: NameServer = 80.90.160.135 80.90.160.136
O17 - HKLM\System\CS1\Services\Tcpip\..\{0FC766DD-9CAD-420D-B2B1-1F761E22AC7C}: NameServer = 80.90.160.135 80.90.160.136
O17 - HKLM\System\CS2\Services\Tcpip\..\{0FC766DD-9CAD-420D-B2B1-1F761E22AC7C}: NameServer = 80.90.160.135 80.90.160.136
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - F:\PROGRA~1\MICROS~2\Office12\GRA32A~1.DLL
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - F:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - F:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Ant Toolbar updater service (AntUpdaterService) - Ant.com - F:\Program Files\Ant.com\IE add-on\AntUpdaterService.exe
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - F:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: AVG Firewall (avgfws9) - AVG Technologies CZ, s.r.o. - F:\Program Files\AVG\AVG9\avgfws9.exe
O23 - Service: AVG9IDSAgent (AVGIDSAgent) - AVG Technologies CZ, s.r.o. - F:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: bufssvr - BUFFALO INC. - F:\Program Files\BUFFALO\SLManagerEasy\Bufssvr.exe
O23 - Service: HWDeviceService.exe - Unknown owner - F:\ProgramData\DatacardService\HWDeviceService.exe
O23 - Service: iPod Service - Apple Inc. - F:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Zain Broadband. OUC (Zain Broadband. RunOuc) - Unknown owner - F:\Program Files\Zain Broadband\UpdateDog\ouc.exe

--
End of file - 12548 bytes

Edited by HELLPMEE, 24 October 2011 - 04:04 PM.

  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP