gteamboywonda
Thread Starter
- Joined
- Apr 6, 2008
- Messages
- 1
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:56:37 PM, on 4/6/2008
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\csrss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\System32\alg.exe
D:\WINDOWS\System32\atievxx.exe
D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
D:\WINDOWS\System32\inetsrv\inetinfo.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\System32\wdfmgr.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
D:\WINDOWS\System32\SNDVOL32.EXE
D:\Program Files\AIM6\aim6.exe
D:\Program Files\AIM6\aolsoftware.exe
D:\Program Files\Maxthon2\Maxthon.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
D:\WINDOWS\System32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://myspace.com/
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {0E45F7B1-0532-1DB8-2F23-6A2D8FF1F2FB} - (no file)
O2 - BHO: On The Net Search Helper - {4E8F5D76-EF5B-46C8-B35B-C86F8BD6621A} - D:\WINDOWS\System32\memow.dll
O2 - BHO: (no name) - {5B55A33B-2D18-4CCF-9090-0B9E1D74EDB4} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7F30CE45-67C2-2113-D68C-508EA5CEDCFF} - (no file)
O2 - BHO: (no name) - {CD2344DD-C1A1-4CE5-B00E-169B8F8981E8} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKCU\..\Run: [comup] D:\WINDOWS\System32\mobjchku.exe
O8 - Extra context menu item: &Search - ?p=ZCfox000
O15 - Trusted Zone: *.amaena.com
O15 - Trusted Zone: *.avsystemcare.com
O15 - Trusted Zone: *.onerateld.com
O15 - Trusted Zone: *.safetydownload.com
O15 - Trusted Zone: *.trustedantivirus.com
O15 - Trusted Zone: *.virusschlacht.com
O15 - Trusted Zone: *.amaena.com (HKLM)
O15 - Trusted Zone: *.avsystemcare.com (HKLM)
O15 - Trusted Zone: *.onerateld.com (HKLM)
O15 - Trusted Zone: *.safetydownload.com (HKLM)
O15 - Trusted Zone: *.trustedantivirus.com (HKLM)
O15 - Trusted Zone: *.virusschlacht.com (HKLM)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - D:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1005.cab
O16 - DPF: {50BD5CDA-4BA8-4048-8FAA-763F222E41D8} - ms-its:mhtml:file://c:\\nores.mht!http://adxanet.net/code/chm/xpre.chm::/xpreload.ocx
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1195451550136
O17 - HKLM\System\CCS\Services\Tcpip\..\{D9C48CCB-8244-498A-B5BB-42DBF60613C4}: NameServer = 85.255.116.51,85.255.112.104
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.51 85.255.112.104
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.51 85.255.112.104
O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - D:\Program Files\Ares\chatServer.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
--
End of file - 3962 bytes
Scan saved at 7:56:37 PM, on 4/6/2008
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\csrss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\System32\alg.exe
D:\WINDOWS\System32\atievxx.exe
D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
D:\WINDOWS\System32\inetsrv\inetinfo.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\System32\wdfmgr.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
D:\WINDOWS\System32\SNDVOL32.EXE
D:\Program Files\AIM6\aim6.exe
D:\Program Files\AIM6\aolsoftware.exe
D:\Program Files\Maxthon2\Maxthon.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
D:\WINDOWS\System32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://myspace.com/
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {0E45F7B1-0532-1DB8-2F23-6A2D8FF1F2FB} - (no file)
O2 - BHO: On The Net Search Helper - {4E8F5D76-EF5B-46C8-B35B-C86F8BD6621A} - D:\WINDOWS\System32\memow.dll
O2 - BHO: (no name) - {5B55A33B-2D18-4CCF-9090-0B9E1D74EDB4} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7F30CE45-67C2-2113-D68C-508EA5CEDCFF} - (no file)
O2 - BHO: (no name) - {CD2344DD-C1A1-4CE5-B00E-169B8F8981E8} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKCU\..\Run: [comup] D:\WINDOWS\System32\mobjchku.exe
O8 - Extra context menu item: &Search - ?p=ZCfox000
O15 - Trusted Zone: *.amaena.com
O15 - Trusted Zone: *.avsystemcare.com
O15 - Trusted Zone: *.onerateld.com
O15 - Trusted Zone: *.safetydownload.com
O15 - Trusted Zone: *.trustedantivirus.com
O15 - Trusted Zone: *.virusschlacht.com
O15 - Trusted Zone: *.amaena.com (HKLM)
O15 - Trusted Zone: *.avsystemcare.com (HKLM)
O15 - Trusted Zone: *.onerateld.com (HKLM)
O15 - Trusted Zone: *.safetydownload.com (HKLM)
O15 - Trusted Zone: *.trustedantivirus.com (HKLM)
O15 - Trusted Zone: *.virusschlacht.com (HKLM)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - D:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1005.cab
O16 - DPF: {50BD5CDA-4BA8-4048-8FAA-763F222E41D8} - ms-its:mhtml:file://c:\\nores.mht!http://adxanet.net/code/chm/xpre.chm::/xpreload.ocx
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1195451550136
O17 - HKLM\System\CCS\Services\Tcpip\..\{D9C48CCB-8244-498A-B5BB-42DBF60613C4}: NameServer = 85.255.116.51,85.255.112.104
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.51 85.255.112.104
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.51 85.255.112.104
O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - D:\Program Files\Ares\chatServer.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
--
End of file - 3962 bytes