Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Hijackthis log: Please help diagnose


  • Please log in to reply
1 reply to this topic

#1 AAV

AAV

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:02:45 AM

Posted 11 May 2005 - 10:37 AM

Logfile of HijackThis v1.99.1
Scan saved at 12:20:59, on 11/5/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\Arquivos de programas\Ahead\InCD\InCDsrv.exe
F:\WINDOWS\system32\spoolsv.exe
F:\ARQUIV~1\Grisoft\AVGFRE~1\avgamsvr.exe
F:\ARQUIV~1\Grisoft\AVGFRE~1\avgupsvc.exe
F:\WINDOWS\System32\drivers\CDAC11BA.EXE
F:\WINDOWS\System32\nvsvc32.exe
F:\WINDOWS\Explorer.EXE
F:\ARQUIV~1\Grisoft\AVGFRE~1\avgcc.exe
F:\ARQUIV~1\Grisoft\AVGFRE~1\avgemc.exe
F:\Arquivos de programas\Ahead\InCD\InCD.exe
F:\Arquivos de programas\Microsoft Money\System\reminder.exe
F:\WINDOWS\System32\rundll32.exe
F:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE
F:\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.newgenlook.info/ad/ad0278/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?p...er=6&ar=msnhome
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...B_PVER}&ar=home
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = iexplore
O3 - Toolbar: &Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - F:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [AVG7_CC] F:\ARQUIV~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] F:\ARQUIV~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [NeroFilterCheck] F:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] F:\Arquivos de programas\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKCU\..\Run: [Reminder] F:\Arquivos de programas\Microsoft Money\System\reminder.exe
O4 - Global Startup: Microsoft Office.lnk = F:\Arquivos de programas\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://F:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Arquivos de programas\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Arquivos de programas\Messenger\MSMSGS.EXE
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - F:\ARQUIV~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - F:\ARQUIV~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - F:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - F:\Arquivos de programas\Ahead\InCD\InCDsrv.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - F:\WINDOWS\System32\nvsvc32.exe

BC AdBot (Login to Remove)

 


#2 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:03:45 AM

Posted 11 May 2005 - 11:50 PM

Hello AAV and welocme to the BC forums. After reviewing your log I see no signs of viruses or malware at this time. Your log is clean.

Here are a couple of suggestions:

Download CleanUp! and install it. Start CCleaner and click on the Run Cleaner button in the lower right-hand corner. When it is finished close CCleaner.

Your operating system is extremely out of date. By not keeping your OS updated you leave yourself open to many of the infections that cannot be installed on a properly updated system. I strongly recommend that you go to the Windows Update site and install Service Pack 2. Once that is done, go back to the Windows Update site and install all available Critical Updates. This will patch your system with the most current security fixes and plug all the known holes which your present system has open.

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users