Computer Help and Spyware Removal Computer Help and Spyware Removal Computer Help and Spyware Removal Computer Help Forums Windows Startup Programs Database Virus, Spyware, and Malware Removal Guides Computer Tutorials Uninstall Database File Database Computer Glossary Computer Resources
 

Welcome Guest ( Log In | Click here to Register a free account now! )



Register a free account to unlock additional features at BleepingComputer.com
Welcome to Bleeping Computer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

> Forum Guidelines

Read this topic before posting a log.


DO NOT post a ComboFix log unless requested to.


Only members of the HijackThis Team or Moderators are allowed to help people with logs. Anyone else should refrain from posting to another user's log.


When posting a log please put the type of infection you have in the topic title. IE: Winfixer, Virtumonde, WinTools, WebSearch, Home Search Assistant, etc.


Do not bump your topic. We try to resolve logs on a first come/first served basis. By bumping your log you will be pushed back in line due to the new date of your bump.

> My Hijackthis Log, What Can I Be Without?
Zone7
post Jul 24 2008, 01:23 PM
Post #1


New Member
*

Group: Members
Posts: 1
Joined: 24-July 08
Member No.: 224,911
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:01:19, on 2008-07-24
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\Explorer.EXE
C:\Program\Delade filer\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program\Delade filer\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program\BitDefender\BitDefender 2008\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program\Analog Devices\SoundMAX\Smax4.exe
C:\Program\Analog Devices\Core\smax4pnp.exe
C:\Program\Java\jre1.6.0_05\bin\jusched.exe
C:\Program\Logitech\G-series Software\LGDCore.exe
C:\Program\Logitech\G-series Software\LCDMon.exe
C:\Program\Logitech\G-series Software\Applets\LCDCountdown\LCDCountdown.exe
C:\Program\Logitech\G-series Software\Applets\LCDPop3\LCDPOP3.exe
C:\Program\Logitech\G-series Software\Applets\LCDMedia.exe
C:\Program\Logitech\G-series Software\Applets\LCDClock.exe
C:\Program\Winamp\winampa.exe
C:\Program\BitDefender\BitDefender 2008\bdagent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program\Skype\Phone\Skype.exe
C:\Program\DAEMON Tools\daemon.exe
C:\Program\Windows Live\Messenger\MsnMsgr.Exe
C:\Program\iPod\bin\iPodService.exe
C:\Program\Hamachi\hamachi.exe
C:\Program\OpenOffice.org 2.3\program\soffice.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program\OpenOffice.org 2.3\program\soffice.BIN
C:\Program\Yahoo!\Widgets\YahooWidgets.exe
C:\Program\Yahoo!\Widgets\YahooWidgets.exe
C:\Program\Yahoo!\Widgets\YahooWidgets.exe
C:\Program\Yahoo!\Widgets\YahooWidgets.exe
C:\Program\Yahoo!\Widgets\YahooWidgets.exe
C:\Program\Skype\Plugin Manager\skypePM.exe
C:\Program\Internet Explorer\IEXPLORE.EXE
C:\Program\Mozilla Firefox\firefox.exe
C:\Program\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program\Xfire\xfire.exe
C:\Program\Steam\steam.exe
C:\Program\Mozilla Firefox\firefox.exe
C:\Program\Mozilla Firefox\firefox.exe
C:\Program\BitDefender\BitDefender 2008\uiscan.exe
C:\Program\QuickTime\QuickTimePlayer.exe
C:\Program\Ventrilo\Ventrilo.exe
C:\Documents and Settings\Nedladdade\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://swedish.ircfast2.com/index.php?rvs=hompag
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program\BitDefender\BitDefender 2008\IEToolbar.dll
O4 - HKLM\..\Run: [SoundMAX] "C:\Program\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\System32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [AsusStartupHelp] C:\Program\ASUS\AASP\1.00.15\AsRunHelp.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program\Logitech\G-series Software\LCDMon.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [WinSys2] C:\WINDOWS\system32\winsys2.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program\Winamp\winampa.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [BM9fcc21ff] Rundll32.exe "C:\WINDOWS\system32\suaabown.dll",s
O4 - HKLM\..\RunOnce: [Spybot - Search & Destroy] "C:\Program\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKLM\..\RunOnce: [SpybotSnD] "C:\Program\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] "c:\program\steam\steam.exe" -silent
O4 - HKCU\..\Run: [Skype] "C:\Program\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKAL TJÄNST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: Adobe Gamma.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: hamachi.lnk = C:\Program\Hamachi\hamachi.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: OpenOffice.org 2.3.lnk = C:\Program\OpenOffice.org 2.3\program\quickstart.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: Yahoo! Widgets.lnk = C:\Program\Yahoo!\Widgets\YahooWidgets.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Adobe Gamma.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe (User 'Default user')
O4 - .DEFAULT Startup: hamachi.lnk = C:\Program\Hamachi\hamachi.exe (User 'Default user')
O4 - .DEFAULT Startup: OpenOffice.org 2.3.lnk = C:\Program\OpenOffice.org 2.3\program\quickstart.exe (User 'Default user')
O4 - .DEFAULT Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe (User 'Default user')
O4 - .DEFAULT Startup: Yahoo! Widgets.lnk = C:\Program\Yahoo!\Widgets\YahooWidgets.exe (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: hamachi.lnk = C:\Program\Hamachi\hamachi.exe
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program\OpenOffice.org 2.3\program\quickstart.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: Yahoo! Widgets.lnk = C:\Program\Yahoo!\Widgets\YahooWidgets.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program\Yahoo!\Common\Yinsthelper.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program\DELADE~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program\Delade filer\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Ventrilo - Unknown owner - C:\Program\VentSrv\ventrilo_svc.exe (file missing)
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program\Delade filer\BitDefender\BitDefender Communicator\xcommsvr.exe

--
End of file - 8999 bytes
--
Appreciate your help! thumbup2.gif
Go to the top of the page
 
+Quote Post

Posts in this topic
Zone7   My Hijackthis Log, What Can I Be Without?   Jul 24 2008, 01:23 PM
Starbuck   Hi Zone7 I apologize for the delay in response t...   Aug 7 2008, 06:20 PM
Starbuck   Due to the lack of feedback, this Topic will now b...   Aug 14 2008, 01:51 PM

« Next Oldest · HijackThis Logs and Virus/Trojan/Spyware/Malware Removal · Next Newest »
 

Closed TopicStart new topic
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:

 

Display Mode: Switch to: Standard · Switch to: Linear+ · Outline

Track this topic · Email this topic · Print this topic · Subscribe to this forum

Lo-Fi Version Time is now: 21st November 2009 - 09:42 PM


Advertise   |   About Us   |   Terms of Use   |   Privacy Policy   |   Contact Us   |   Site Map   |   Chat   |   Tutorials   |   Uninstall List
Discussion Forums   |   The Computer Glossary   |   Resources   |   RSS Feeds   |   Startups   |   The File Database   |   Virus Removal Guides

© 2003-2009 All Rights Reserved Bleeping Computer LLC.

Powered By IP.Board © 2009  IPS, Inc.