Advertisement

There's no such thing as a stupid question, but they're the easiest to answer.
Login
Search

Advertisement

Search Search
Search for:
Tech Support Guy > > >

Hijack Daniel

(New)
(!)

coachessonny's Avatar
coachessonny coachessonny is offline
Member with 59 posts.
THREAD STARTER
 
Join Date: Feb 2006
Experience: Intermediate
13-Oct-2010, 04:38 PM #1
Hijack Daniel
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:15:33 AM, on 10/13/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17080)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://ccfiles.creative.com/Web/soft...01/CTSUEng.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1228797730812
O16 - DPF: {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} (P3DActiveX Control) - http://panda-plugin.disney.go.com/pl...p3dactivex.cab
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...nt/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/soft...5106/CTPID.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

--
End of file - 3725 bytes

DDS (Ver_09-09-29.01) - NTFSx86
Run by Daniel at 11:16:52.29 on Wed 10/13/2010
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.511.210 [GMT -7:00]

AV: AntiVir Desktop *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
svchost.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Daniel\Desktop\dds.com

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mPolicies-explorer: <NO NAME> =
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15101/CTSUEng.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1228797730812
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} - hxxp://panda-plugin.disney.go.com/plugin/win32/p3dactivex.cab
DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} - hxxp://www.superadblocker.com/activex/sabspx.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15106/CTPID.cab
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

============= SERVICES / DRIVERS ===============

R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2010-2-20 11608]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-2-17 67656]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2010-2-20 135336]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2010-2-20 267432]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2009-5-1 60936]
S2 Ca50xav;Digital Blue DMC2 Video Device;c:\windows\system32\drivers\Ca50xav.sys [2008-12-9 508304]
S2 Ca536av;Icatch(VII) Video Camera Device;c:\windows\system32\drivers\Ca536av.sys [2010-1-3 514859]
S3 idmc1aud;Intel(r) Play(tm) USB Audio Filter (WDM);c:\windows\system32\drivers\idmc1aud.sys [2010-10-7 15188]
S3 IDMC1Blk;Intel Play DMC Download Driver;c:\windows\system32\drivers\IDMC1Blk.sys [2010-10-7 14628]
S3 IDMC1Vxp;Intel(r) Play(tm) DMC Camera;c:\windows\system32\drivers\idmc1vme.sys [2010-10-7 416564]
S3 nenum13E;nenum13E;\??\c:\docume~1\daniel\locals~1\temp\nenum13e.sys --> c:\docume~1\daniel\locals~1\temp\nenum13E.sys [?]
S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2010-5-28 14896]
S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2010-2-17 12872]
S3 USBCamera;Icatch(VII) Still Camera Device;c:\windows\system32\drivers\Bulk536.sys [2010-1-3 11048]
S4 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-12-20 135664]
S4 RoxLiveShare10;LiveShare P2P Server 10;"c:\program files\common files\roxio shared\10.0\sharedcom\roxliveshare10.exe" --> c:\program files\common files\roxio shared\10.0\sharedcom\RoxLiveShare10.exe [?]
S4 SessionLauncher;SessionLauncher;c:\docume~1\daniel\locals~1\temp\dx9\sessio nlauncher.exe --> c:\docume~1\daniel\locals~1\temp\dx9\SessionLauncher.exe [?]
S4 wwEngineSvc;Window Washer Engine;c:\program files\webroot\washer\WasherSvc.exe [2008-12-10 598856]

=============== Created Last 30 ================

2010-10-12 14:56 <DIR> --d----- c:\docume~1\daniel\applic~1\CometPlayer
2010-10-07 10:03 <DIR> --d----- c:\windows\DMC1
2010-10-04 14:31 12,160 ac------ c:\windows\system32\dllcache\mouhid.sys
2010-10-04 14:31 12,160 a------- c:\windows\system32\drivers\mouhid.sys
2010-10-03 12:29 14,592 ac------ c:\windows\system32\dllcache\kbdhid.sys
2010-10-03 12:29 14,592 a------- c:\windows\system32\drivers\kbdhid.sys
2010-10-03 12:29 10,368 ac------ c:\windows\system32\dllcache\hidusb.sys
2010-10-03 12:29 10,368 a------- c:\windows\system32\drivers\hidusb.sys
2010-09-25 15:31 200 a------- c:\windows\WININIT.INI

==================== Find3M ====================

2010-08-17 06:17 58,880 -------- c:\windows\system32\spoolsv.exe
2010-07-22 08:49 590,848 -------- c:\windows\system32\rpcrt4.dll
2010-07-21 22:57 5,120 -------- c:\windows\system32\xpsp4res.dll
2010-05-14 22:18 75 a------- c:\documents and settings\daniel\jagex_runescape_preferences2.dat
2010-05-14 22:16 42 a------- c:\documents and settings\daniel\jagex_runescape_preferences.dat
2010-05-14 22:10 0 a------- c:\documents and settings\daniel\jagex__preferences3.dat
2009-09-10 12:39 2,901 a------- c:\program files\uninstal.log
2008-12-13 18:05 774,144 a------- c:\program files\RngInterstitial.dll

============= FINISH: 11:17:18.39 ===============
GMER 1.0.15.15315 - http://www.gmer.net
Rootkit scan 2010-10-13 13:33:38
Windows 5.1.2600 Service Pack 3
Running: 7rw0vt5h.exe; Driver: C:\DOCUME~1\Daniel\LOCALS~1\Temp\uwliqpog.sys


---- System - GMER 1.0.15 ----

SSDT F8B66026 ZwCreateKey
SSDT F8B6601C ZwCreateThread
SSDT F8B6602B ZwDeleteKey
SSDT F8B66035 ZwDeleteValueKey
SSDT spfc.sys ZwEnumerateKey [0xF8433CA4]
SSDT spfc.sys ZwEnumerateValueKey [0xF8434032]
SSDT F8B6603A ZwLoadKey
SSDT spfc.sys ZwOpenKey [0xF84150C0]
SSDT F8B66008 ZwOpenProcess
SSDT F8B6600D ZwOpenThread
SSDT spfc.sys ZwQueryKey [0xF843410A]
SSDT spfc.sys ZwQueryValueKey [0xF8433F8A]
SSDT F8B66044 ZwReplaceKey
SSDT F8B6603F ZwRestoreKey
SSDT F8B66030 ZwSetValueKey

INT 0x63 ? 82153BF8
INT 0x63 ? 82153BF8
INT 0x82 ? 82371BF8
INT 0x83 ? 82371BF8
INT 0xA4 ? 82153BF8
INT 0xB4 ? 82153BF8

---- Kernel code sections - GMER 1.0.15 ----

? spfc.sys The system cannot find the file specified. !
.text C:\WINDOWS\System32\DRIVERS\nv4_mini.sys section is writeable [0xF7BB3360, 0x37388D, 0xE8000020]
.text USBPORT.SYS!DllUnload F7B938AC 5 Bytes JMP 821531D8

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Internet Explorer\iexplore.exe[3380] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E1DF4B9 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3380] USER32.dll!DialogBoxIndirectParamW 7E432072 1 Byte [E9]
.text C:\Program Files\Internet Explorer\iexplore.exe[3380] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E352076 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3380] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E351FF7 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3380] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E35203B C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3380] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E351F83 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3380] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E351FBD C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3380] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3520B1 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3380] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E201772 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[3380] ole32.dll!OleLoadFromStream 77529C85 5 Bytes JMP 3E352273 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 823701F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{7DD8A627-09AC-4118-8245-FE5CB6C5AA43} 820C61F8
Device \Driver\usbuhci \Device\USBPDO-0 821521F8
Device \Driver\usbuhci \Device\USBPDO-1 821521F8
Device \Driver\usbuhci \Device\USBPDO-2 821521F8
Device \Driver\usbuhci \Device\USBPDO-3 821521F8
Device \Driver\usbehci \Device\USBPDO-4 821251F8
Device \Driver\prodrv06 \Device\ProDrv06 E1A0DC30
Device \Driver\Ftdisk \Device\HarddiskVolume1 823DF1F8
Device \Driver\Cdrom \Device\CdRom0 8210C1F8
Device \Driver\Cdrom \Device\CdRom1 8210C1F8
Device \Driver\atapi \Device\Ide\IdePort0 [F838FB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort0 prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 [F838FB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort1 [F838FB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort1 prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c [F838FB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-17 [F838FB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-17 prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\prohlp02 \Device\ProHlp02 E1014A58
Device \Driver\NetBT \Device\NetBt_Wins_Export 820C61F8
Device \Driver\NetBT \Device\NetbiosSmb 820C61F8
Device \Driver\usbuhci \Device\USBFDO-0 821521F8
Device \Driver\usbuhci \Device\USBFDO-1 821521F8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 817AD1F8
Device \Driver\usbuhci \Device\USBFDO-2 821521F8
Device \FileSystem\MRxSmb \Device\LanmanRedirector 817AD1F8
Device \Driver\usbuhci \Device\USBFDO-3 821521F8
Device \Driver\usbehci \Device\USBFDO-4 821251F8
Device \Driver\Ftdisk \Device\FtControl 823DF1F8
Device \FileSystem\Cdfs \Cdfs 820AB500

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A 64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A 64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A 64CEC@hdf12 0xCC 0x69 0x2D 0x65 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CE C (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CE C@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CE C@hdf12 0xCC 0x69 0x2D 0x65 ...

---- EOF - GMER 1.0.15 ----
Attachment Blocked
Attachments in the HJT forum are often designed to solve a specific issue and not meant to be used without instructions specific to your computer. If you want help specific to your computer, please post a HiJackThis Log. If you started this thread, please make sure you are logged in to be able to view attachments.
coachessonny's Avatar
coachessonny coachessonny is offline
Member with 59 posts.
THREAD STARTER
 
Join Date: Feb 2006
Experience: Intermediate
15-Nov-2010, 02:17 PM #2
Bump
As Seen On

BBC, Reader's Digest, PC Magazine, Today Show, Money Magazine
WELCOME TO TECH SUPPORT GUY!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.


(clock)
THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools


Similar Threads
Title Thread Starter Forum Replies Last Post
Internet explorer hijacked redirected etc jinkybhoy Virus & Other Malware Removal 5 13-Oct-2010 04:18 PM
google search hijack, no McAfee symbols, & infections found, repeatedly tarhlm Virus & Other Malware Removal 0 20-Jan-2009 03:40 PM
Can you help me hijack this? Mbandta Virus & Other Malware Removal 0 06-Sep-2008 04:16 AM
Is my continue button or browser hijacked? Kingy1311 General Security 4 03-Jul-2008 10:22 PM
Solved: IE7 link hijack http://www.starfeed2.com/feed/click.php DavidAdams5 Virus & Other Malware Removal 1 29-Jun-2008 07:20 PM

WELCOME
You Are Using: Server ID
Trusted Website Back to the Top ↑