Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

First timer

Started by musicnan , Jan 05 2008 01:42 PM

  • Please log in to reply

#1
musicnan
Posted 05 January 2008 - 01:42 PM

musicnan

    New Member

  • Member
  • Pip
  • 1 posts
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:40:34 PM, on 1/5/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ntvdm.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\Multimedia Card Reader\shwicon2k.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\System32\hphmon05.exe
C:\Program Files\HP\HP Software

Update\hpwuSchd2.exe
C:\HP\KBD\KBD.EXE
C:\OPLIMIT\ocrawr32.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AdwareFilter\AdwareFilter.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\System32\cisvc.exe
C:\WINDOWS\System32\dllhost.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common

Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
C:\WINDOWS\System32\imapi.exe
C:\Program Files\Maxtor\Maxtor

Backup\MaxBackServiceInt.exe
C:\Program

Files\Maxtor\OneTouch\Utils\SyncServices.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AVANQU~1\SYSTEM~1\MXTask.exe
C:\Program Files\UPHClean\uphclean.exe
C:\WINDOWS\System32\dmadmin.exe
C:\PROGRA~1\AVANQU~1\SYSTEM~1\mxtask.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet

Explorer\Main,Default_Page_URL =

http://qus10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet

Explorer\Main,Default_Search_URL =

http://srch-qus10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet

Explorer\Main,Search Bar =

http://home.peoplepc.com/search
R0 - HKCU\Software\Microsoft\Internet

Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet

Explorer\Main,Default_Page_URL =

http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet

Explorer\Main,Default_Search_URL =

http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet

Explorer\Main,Search Bar = http://srch-qus10.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet

Explorer\Main,Search Page =

http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet

Explorer\Main,Start Page =

http://go.microsoft....k/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet

Explorer\Main,First Home Page =

http://go.microsoft....k/?LinkId=54843
R1 - HKCU\Software\Microsoft\Internet Connection

Wizard,ShellNext = http://qus10.hpwis.com/
F3 - REG:win.ini: load=C:\OPLIMIT\ocraware.exe
O2 - BHO: AcroIEHlprObj Class -

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -

C:\Program Files\Adobe\Acrobat

7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter -

{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -

C:\Program

Files\Avanquest\SystemSuite\LinkScannerIE.dll
O2 - BHO: SSVHelper Class -

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -

C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [Sunkist2k] C:\Program

Files\Multimedia Card Reader\shwicon2k.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program

Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Recguard]

C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility]

C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb

08.exe
O4 - HKLM\..\Run: [Fix-It AV]

C:\PROGRA~1\VCOM\SYSTEM~1\MemCheck.exe
O4 - HKLM\..\Run: [HPHmon05]

C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program

Files\HP\HP Software Update\hpwuSchd2.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [PS2]

C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [VirusScannerPro]

C:\PROGRA~1\AVANQU~1\SYSTEM~1\MemCheck.ex

e
O4 - HKLM\..\Run: [hpsysdrv]

c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program

Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe]

C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk =

C:\Program Files\Adobe\Acrobat

7.0\Reader\reader_sl.exe
O4 - Global Startup: AdwareFilter Background

Protection.lnk = C:\Program

Files\AdwareFilter\AdwareFilter.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk =

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: systray.lnk =

C:\WINDOWS\system32\systray.exe
O8 - Extra context menu item: E&xport to Microsoft

Excel -

res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EX

E/3000
O9 - Extra button: (no name) -

{08B0E5C0-4FCB-11CF-AAA5-00401C608501} -

C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console -

{08B0E5C0-4FCB-11CF-AAA5-00401C608501} -

C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) -

{e2e2dd38-d088-4134-82b7-f2ba38496583} -

C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 -

{e2e2dd38-d088-4134-82b7-f2ba38496583} -

C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger -

{FB5F1910-F110-11d2-BB9E-00C04F795683} -

C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -

{FB5F1910-F110-11d2-BB9E-00C04F795683} -

C:\Program Files\Messenger\msmsgs.exe
O16 - DPF:

{17492023-C23A-453E-A040-C7C580BBF700}

(Windows Genuine Advantage Validation Tool) -

http://go.microsoft....k/?linkid=39204
O16 - DPF:

{6414512B-B978-451D-A0D8-FCFDF33E833C}

(WUWebControl Class) -

http://update.micros...ate/v6/V5Contro

ls/en/x86/client/wuweb_site.cab?1120912514109
O16 - DPF:

{6E32070A-766D-4EE6-879C-DC1FA91D2FC3}

(MUWebControl Class) -

http://update.micros...date/v6/V5Contr

ols/en/x86/client/muweb_site.cab?1161357884296
O16 - DPF:

{74D05D43-3236-11D4-BDCD-00C04F9A3B61}

(HouseCall Control) -

http://a840.g.akamai...061001/housecal

l.trendmicro.com/housecall/xscan53.cab
O16 - DPF:

{AB86CE53-AC9F-449F-9399-D8ABCA09EC09}

(Get_ActiveX Control) -

https://h17000.www1....VA/Secure/HPGet

DownloadManager.ocx
O17 -

HKLM\System\CCS\Services\Tcpip\..\{9EA879FD-9E2A

-4186-A267-F1A1E281BD30}: NameServer =

198.190.226.30,198.190.226.3
O23 - Service: Creative Service for CDROM Access -

Creative Technology Ltd -

C:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: Digidesign MME Refresh Service

(DigiRefresh) - Digidesign, A Division of Avid

Technology, Inc. -

C:\PROGRA~1\DIGIDE~1\Drivers\MMEREF~1.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) -

Macrovision Corporation - C:\Program Files\Common

Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program

Files\iPod\bin\iPodService.exe
O23 - Service: MaxBackServiceInt - Unknown owner -

C:\Program Files\Maxtor\Maxtor

Backup\MaxBackServiceInt.exe
O23 - Service: MaxSyncService (NTService1) - -

C:\Program

Files\Maxtor\OneTouch\Utils\SyncServices.exe
O23 - Service: Pml Driver HPZ12 - HP -

C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SystemSuite Task Manager - Avanquest

Software USA, Inc. -

C:\PROGRA~1\AVANQU~1\SYSTEM~1\MXTask.exe

--
End of file - 7582 bytes
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP