Jump to content

can't run malware


Recommended Posts

I've downloaded malware and can't run it. All boxes were checked in regards to updating software and then running it. I then proceeded to run hijack this and now have a log to post. Internet explorer redirects me to a different place when I click on a search result from google. This doesnot happen when I use dogpile.

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 9:18:59 AM, on 3/30/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\DELLMMKB.EXE

C:\PROGRA~1\MI948F~1\GAMECO~1\Common\SWTrayV4.exe

C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\Program Files\McAfee.com\Agent\mcagent.exe

C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe

C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

C:\WINDOWS\Nhksrv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\Logitech\SetPoint\SetPoint.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe

C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe

C:\Program Files\Tiger Technologies\DeskFlag\deskflag.exe

c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe

C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE

C:\Program Files\Netropa\OSD.exe

c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe

C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe

C:\Program Files\McAfee\MPF\MPFSrv.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://*.mcafee.com

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe

O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe

O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe

O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe

O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe

O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe

O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe

O23 - Service: Netropa NHK Server (Nhksrv) - Unknown owner - C:\WINDOWS\Nhksrv.exe

O24 - Desktop Component 0: (no name) - http://www.wilsoninfo.com/arizonaCx_c.gif

O24 - Desktop Component 1: (no name) - http://www.wilsoninfo.com/arizonaCx_c1.gif

O24 - Desktop Component 10: (no name) - http://members.aol.com/buckeye49/helmet_a.gif

O24 - Desktop Component 11: (no name) - http://www.ideaspot.net/flags/Big_10/mediu...t-white-med.gif

O24 - Desktop Component 12: (no name) - http://us.i1.yimg.com/us.yimg.com/i/ww/beta/y3.gif

O24 - Desktop Component 13: (no name) - http://us.i1.yimg.com/us.yimg.com/i/us/nt/ma/ma_mail_1.gif

O24 - Desktop Component 2: (no name) - http://www.pigskinpost.com/Ohio_St.gif

O24 - Desktop Component 3: (no name) - http://www.wilsoninfo.com/ohio_11c.gif

O24 - Desktop Component 4: (no name) - http://www.wilsoninfo.com/ohio_11cf.gif

O24 - Desktop Component 5: (no name) - http://www.sportingnews.com/cfootball/team...ohiostate-b.gif

O24 - Desktop Component 6: (no name) - http://www.rivalfanatics.com/images/galler...maine_joe00.jpg

O24 - Desktop Component 7: (no name) - http://www.ideaspot.net/flags/Big_10/medium/ohiost-med.gif

O24 - Desktop Component 8: (no name) - http://www.wilsoninfo.com/ohio_11cf2.gif

O24 - Desktop Component 9: (no name) - http://www.rivalfanatics.com/images/galler...maine_joe08.jpg

--

End of file - 9201 bytes

Link to post
Share on other sites

  • Staff

Duplicate thread: http://www.malwarebytes.org/forums/index.p...amp;#entry68722

Please do not start new threads with your problem, because that won't help to get help any faster. On the contrary.. because of the multiple threads, there's a backlog and people have to wait longer because of that.

In anyway, this thread is closed. Please stick with your other thread.

Thanks.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.