Jump to content

Check logs please


Recommended Posts

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 10:00:21 PM, on 7/28/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

D:\WINDOWS\System32\smss.exe

D:\WINDOWS\system32\winlogon.exe

D:\WINDOWS\system32\services.exe

D:\WINDOWS\system32\lsass.exe

D:\WINDOWS\system32\svchost.exe

D:\Program Files\Windows Defender\MsMpEng.exe

D:\WINDOWS\System32\svchost.exe

D:\WINDOWS\system32\svchost.exe

D:\WINDOWS\system32\spoolsv.exe

D:\Program Files\Bonjour\mDNSResponder.exe

D:\WINDOWS\system32\CTsvcCDA.exe

D:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe

D:\WINDOWS\system32\svchost.exe

D:\Program Files\Java\jre6\bin\jqs.exe

D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

D:\Program Files\Google\Update\1.2.183.7\GoogleCrashHandler.exe

D:\WINDOWS\system32\nvsvc32.exe

D:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe

D:\WINDOWS\System32\svchost.exe

D:\Program Files\Sandboxie\SbieSvc.exe

d:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

D:\WINDOWS\system32\svchost.exe

D:\WINDOWS\System32\TUProgSt.exe

D:\WINDOWS\system32\MsPMSPSv.exe

D:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

D:\Program Files\Canon\CAL\CALMAIN.exe

D:\WINDOWS\Explorer.EXE

D:\WINDOWS\PixArt\PAC7302\Monitor.exe

D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

D:\Program Files\Sandboxie\SbieCtrl.exe

D:\WINDOWS\system32\ctfmon.exe

D:\WINDOWS\System32\svchost.exe

D:\Program Files\Microsoft Office\Office12\WINWORD.EXE

C:\Malwarebytes' Anti-Malware\mbam.exe

D:\WINDOWS\hh.exe

D:\Documents and Settings\Kim Watkins\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

D:\Documents and Settings\Kim Watkins\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

D:\Documents and Settings\Kim Watkins\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

D:\Documents and Settings\Kim Watkins\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

D:\Documents and Settings\Kim Watkins\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

D:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Verizon Online

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll

O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - D:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - D:\Program Files\Google\Google Gears\Internet Explorer\0.5.30.0\gears.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - D:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

O4 - HKCU\..\Run: [sandboxieControl] "D:\Program Files\Sandboxie\SbieCtrl.exe"

O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "D:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "D:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O8 - Extra context menu item: &Links to this page - D:\Documents and Settings\All Users\Application Data\TuneUp Software\TuneUp Utilities\Web\gbacklinks.htm

O8 - Extra context menu item: &Similar pages - D:\Documents and Settings\All Users\Application Data\TuneUp Software\TuneUp Utilities\Web\gsimilar.htm

O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Open in &new window - D:\Documents and Settings\All Users\Application Data\TuneUp Software\TuneUp Utilities\Web\tuofinw.htm

O8 - Extra context menu item: Search with &Google - D:\Documents and Settings\All Users\Application Data\TuneUp Software\TuneUp Utilities\Web\gsearch.htm

O8 - Extra context menu item: Translate this page with Google - D:\Documents and Settings\All Users\Application Data\TuneUp Software\TuneUp Utilities\Web\gtranslate.htm

O8 - Extra context menu item: Zoom &in

Link to post
Share on other sites

Welcome to Malwarebytes!!!!! <_<

We need to see some additional information about what is happening in your machine.

Please perform the following scan:

  • Download DDS by sUBs from one of the following links. Save it to your desktop.

    [*]Double click on the DDS icon, allow it to run.

    [*]A small box will open, with an explanation about the tool.

    [*]When done, DDS will open two (2) logs

    1. DDS.txt

    2. Attach.txt

    [*] Save both reports to your desktop.

    [*] The instructions here ask you to attach the Attach.txt.

    DDS.jpg

    [*]Instead of attaching, please copy/past both logs into your next reply.

    [*]Close the program window, and delete the program from your desktop.

Please note: You may have to disable any script protection running if the scan fails to run.

After downloading the tool, disconnect from the internet and disable all antivirus protection.

Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

Link to post
Share on other sites

Hi sjpritch25.... <_<

User is being helped at:

http://www.malwarebytes.org/forums/index.p...mp;#entry104655

Hi,

Thank you both... I didn't know how to delete this post. Sorry for the duplicate submission.

Kimian111

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.