develop Posted December 5, 2008 ID:38074 Share Posted December 5, 2008 Hello Good Peeps @ Malwarebytes,It seems I have downloaded a virus with winrar. I've tried AVG, McAfee Virus Enterprise, and MalwareBytes' AntiMalware. I just downloaded HijackThis. I'm wondering if everything is fixed past the point of deleting whatever needs to be deleted from the log. Anyhoo, heres the log. Thanks for the help! -devLogfile of Trend Micro HijackThis v2.0.2Scan saved at 4:17:14 PM, on 12/4/2008Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18241)Boot mode: NormalRunning processes:C:\windows\System32\smss.exeC:\windows\system32\winlogon.exeC:\windows\system32\services.exeC:\windows\system32\lsass.exeC:\windows\system32\svchost.exeC:\windows\System32\svchost.exeC:\windows\system32\svchost.exeC:\windows\system32\spoolsv.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\AskBarDis\bar\bin\AskService.exeC:\PROGRA~1\AVG\AVG8\avgwdsvc.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\McAfee\Common Framework\FrameworkService.exeC:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exeC:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exeC:\PROGRA~1\AVG\AVG8\avgam.exeC:\windows\system32\nvsvc32.exeC:\PROGRA~1\AVG\AVG8\avgrsx.exeC:\PROGRA~1\AVG\AVG8\avgnsx.exeC:\PROGRA~1\AVG\AVG8\avgemc.exeC:\windows\Explorer.EXEC:\Program Files\Analog Devices\SoundMAX\Smax4.exeC:\Program Files\Analog Devices\Core\smax4pnp.exeC:\windows\system32\rundll32.exeC:\Program Files\iTunes\iTunesHelper.exeC:\windows\system32\wuauclt.exeC:\PROGRA~1\AVG\AVG8\avgtray.exeC:\Program Files\McAfee\Common Framework\UdaterUI.exeC:\Program Files\McAfee\Common Framework\McTray.exeC:\Program Files\Messenger\msmsgs.exeC:\windows\system32\ctfmon.exeC:\Program Files\iPod\bin\iPodService.exeC:\Program Files\Trend Micro\HijackThis\HijackThis.exeR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.localO1 - Hosts: 61.157.217.210 www.yahoo.comO1 - Hosts: 61.157.217.210 www.google.comO1 - Hosts: 61.157.217.210 www.google.co.ukO1 - Hosts: 61.157.217.210 www.myspace.comO1 - Hosts: 61.157.217.210 www.youtube.comO1 - Hosts: 61.157.217.210 www.facebook.comO1 - Hosts: 61.157.217.210 www.antispy.comO1 - Hosts: 61.157.217.210 www.yahoo.comO1 - Hosts: 61.157.217.210 www.yahoo.co.ukO1 - Hosts: 61.157.217.210 www.antispyware.comO1 - Hosts: 61.157.217.210 antispyware.comO1 - Hosts: 61.157.217.210 antispy.comO1 - Hosts: 61.157.217.210 www.msn.comO1 - Hosts: 123.251.143.110 www.asdfasdfd.comO1 - Hosts: 123.251.143.110 www.gg.comO1 - Hosts: 123.251.143.110 www.ghfhj.comO1 - Hosts: 123.251.143.110 www.cvnbcvnb.comO1 - Hosts: 123.251.143.110 www.1.comO1 - Hosts: 123.251.143.110 www.3.comO1 - Hosts: 123.251.143.110 www.asdf4asdfd.comO1 - Hosts: 123.251.143.110 www.asdfawsdfd.comO1 - Hosts: 123.251.143.110 www.asdfatsdfd.comO1 - Hosts: 123.251.143.110 www.asdfasdfd.comO1 - Hosts: 123.251.143.110 www.asdfadsdfd.comO1 - Hosts: 123.251.143.110 www.asdfasdfd.comO1 - Hosts: 123.251.143.110 www.asdfafsdfd.comO1 - Hosts: 123.251.143.110 www.asdfasdfd.comO1 - Hosts: 123.251.143.110 www.asdfagsdfd.comO1 - Hosts: 123.251.143.110 www.asdfasgdfd.comO1 - Hosts: 123.251.143.110 www.asdfasdhfd.comO1 - Hosts: 123.251.143.110 www.asdfasdfjd.comO1 - Hosts: 123.251.143.110 www.asdfasdfkd.comO1 - Hosts: 123.251.143.110 www.asdfasdfld.comO1 - Hosts: 123.251.143.110 www.asdfasdf,d.comO1 - Hosts: 123.251.143.110 www.asxdfasdfd.comO1 - Hosts: 123.251.143.110 www.asdzfasdfd.comO1 - Hosts: 123.251.143.110 www.asdcfasdfd.comO1 - Hosts: 123.251.143.110 www.asdfvasdfd.comO1 - Hosts: 123.251.143.110 www.asdfabsdfd.comO1 - Hosts: 123.251.143.110 www.asdfasndfd.comO1 - Hosts: 123.251.143.110 www.asdfasdmfd.comO1 - Hosts: 123.251.143.110 www.asdfasdfd.comO1 - Hosts: 123.251.143.110 www.11asdfasdfd.comO1 - Hosts: 123.251.143.110 www.as222dfasdfd.comO1 - Hosts: 123.251.143.110 www.asdfa33sdfd.comO1 - Hosts: 123.251.143.110 www.asdfasd44fd.comO1 - Hosts: 123.251.143.110 www.asdfasdfd5.comO1 - Hosts: 123.251.143.110 www.as66dfasdfd.comO1 - Hosts: 123.251.143.110 www.asdf77asdfd.comO1 - Hosts: 123.251.143.110 www.asdf8asdfd.comO1 - Hosts: 123.251.143.110 www.asdf9asdfd.comO1 - Hosts: 123.251.143.110 www.asdf0asdfd.comO1 - Hosts: 123.251.143.110 www.asdf-asdfd.comO1 - Hosts: 123.251.143.110 www.aqqsdfasdfd.comO1 - Hosts: 123.251.143.110 www.aswwdfasdfd.comO1 - Hosts: 123.16.197.121 www.asdhhfasdfdyy.comO1 - Hosts: 61.157.217.210 www.live.comO1 - Hosts: 123.251.143.110 www.asdwwwfasdfd.comO1 - Hosts: 123.251.143.110 www.asdfeasdfd.comO1 - Hosts: 123.251.143.110 www.asdfrrasdfd.comO1 - Hosts: 123.251.143.110 www.asdfttasdfd.comO1 - Hosts: 123.251.143.110 www.asdfyyasdfd.comO1 - Hosts: 123.251.143.110 www.asdfuuuasdfd.comO1 - Hosts: 123.251.143.110 www.asdfaiisdfd.comO1 - Hosts: 123.251.143.110 www.asdfaoosdfd.comO1 - Hosts: 123.251.143.110 www.asdfappsdfd.comO1 - Hosts: 123.251.143.110 www.asdfasssdfd.comO1 - Hosts: 123.251.143.110 www.aswwdfasdfd.comO1 - Hosts: 123.251.143.110 www.asdeefasdfd.comO1 - Hosts: 123.251.143.110 www.asdfffasdfd.comO1 - Hosts: 123.251.143.110 www.asdfavvvsdfd.comO1 - Hosts: 123.251.143.110 www.asnnndfasdfd.comO1 - Hosts: 123.251.143.110 www.asdmmmfasdfd.comO1 - Hosts: 123.251.143.110 www.asdfaffsdfd.comO1 - Hosts: 123.251.143.110 www.asdhhfasdfd.comO2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dllO2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dllO2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\Scriptcl.dllO2 - BHO: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLLO3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dllO3 - Toolbar: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLLO4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /trayO4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exeO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [nwiz] nwiz.exe /installO4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInitO4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exeO4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottimeO4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exeO4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exeO4 - HKLM\..\Run: [shStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONEO4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKeyO4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /backgroundO4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exeO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dllO20 - AppInit_DLLs: avgrsstx.dllO23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeO23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exeO23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exeO23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exeO23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exeO23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exeO23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exeO23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exeO23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exeO23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\windows\system32\nvsvc32.exe--End of file - 9228 bytes Link to post Share on other sites More sharing options...
Tigger93 Posted December 9, 2008 ID:39167 Share Posted December 9, 2008 Sorry for the delay. Do you still require any assistance? Link to post Share on other sites More sharing options...
Recommended Posts