Jump to content

Recommended Posts

hi,

a frend of mine had a infection i cleaned it is there any leftovers in his hijackthis log?

hijackthtis

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 15:37:00, on 22.05.2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Avira\AntiVir Desktop\sched.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Avira\AntiVir Desktop\avguard.exe

C:\Program Files\Application Updater\ApplicationUpdater.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\mysql\bin\mysqld-nt.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\Winamp\winampa.exe

C:\WINDOWS\VMSnap3.exe

C:\WINDOWS\Domino.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Search Settings\SearchSettings.exe

C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Free Download Manager\fdm.exe

C:\Program Files\Software Informer\softinfo.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\DOCUME~1\jmj\LOCALS~1\Temp\RarSFX0\HASPHL2007.exe

C:\Program Files\Freedom Scientific\JAWS\9.0\jfw.exe

C:\WINDOWS\system32\msiexec.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://start.drp.su/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Ba

Link to post
Share on other sites

  • 4 weeks later...
  • 2 weeks later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.