Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Pls check my Logfile of HijackThis


  • This topic is locked This topic is locked
3 replies to this topic

#1 Adhish

Adhish

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:07:35 PM

Posted 07 March 2013 - 02:51 AM

Logfile of HijackThis v1.99.1
Scan saved at 1:13:39 PM, on 07-Mar-13
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
 
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\COMODO\COMODO Internet Security\cis.exe
C:\Users\INTEL\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\INTEL\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\INTEL\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\INTEL\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\INTEL\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\INTEL\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\INTEL\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\INTEL\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Users\INTEL\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\INTEL\Downloads\Programs\HijackThis.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.glarysoft.com/?src=iehome
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.glarysoft.com/?src=iesearch
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.glarysoft.com/?src=iesearch
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.glarysoft.com/?src=iehome
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.glarysoft.com/?src=iehome
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.glarysoft.com/?src=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.glarysoft.com/?src=iesearch
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.glarysoft.com/?src=iehome
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://isearch.glarysoft.com/?q=%s&src=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://isearch.glarysoft.com/?q=%s&src=iesearch
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\hpb.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\hpb.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\hpb.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\hpb.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\hpb.dll
O11 - Options group: [INTERNATIONAL] International
O13 - Gopher Prefix: 
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\progra~2\browserprotect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\browserprotect.dll 
O20 - Winlogon Notify: igfxcui - C:\Windows\SYSTEM32\igfxdev.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\system32\IntelCpHeciSvc.exe
O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
O23 - Service: FreemakeVideoCapture - Ellora Assets Corp. - C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files\Futuremark\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe" /svc (file missing)
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc (file missing)
O23 - Service: Intel® Integrated Clock Controller Service - Intel® ICCS (ICCS) - Intel Corporation - C:\Program Files\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel® PROSet Monitoring Service - Intel Corporation - C:\Windows\system32\IProsetMonitor.exe
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Quality Windows Audio Video Experience (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Secondary Logon (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe


BC AdBot (Login to Remove)

 


#2 Adhish

Adhish
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:07:35 PM

Posted 07 March 2013 - 02:52 AM

help pls my pc is infected to such a high degree that it has latenc of 200+ in my country where it was 65-67 before.

regards.



#3 nasdaq

nasdaq

  • Malware Response Team
  • 40,528 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:09:05 AM

Posted 08 March 2013 - 10:08 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.
 
If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
===
HijackThis doesn't handle Windows 7 well. In your case I need to see a final DDS Log.
I would remove HijackThis using the Add/Remove Programs list.
 
Download DDS by sUBs from one of the following links if you no longer have it available.  Save it to your desktop.
 
1: DDS.scr (Not recommended if you use Chrome to download this .scr file. Use the other options.)
 
Double click on the DDS icon, allow it to run. 
A small box will open, with an explanation about the tool.  No input is needed, the scan is running. 
Notepad will open with the results. 
Follow the instructions that pop up for posting the results.[/list]Please note:  You may have to disable any script protection running if the scan fails to run.
 
dds_scr.gif
 
Please just paste the contents of the DDS.txt log in your next post. DO NOT attach the log.
===
 

Please run this security check for my review.
 
Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
===

Search and delete the AdWare, PUP (Potentially Unwanted Program) installed on your computer.
 
Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete tab follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Rn].txt (n is a number).


#4 nasdaq

nasdaq

  • Malware Response Team
  • 40,528 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:09:05 AM

Posted 14 March 2013 - 09:22 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users