Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

C-dilla Hijackthis Post


  • Please log in to reply
1 reply to this topic

#1 mechmaker

mechmaker

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Location:Mos Eisley
  • Local time:10:01 AM

Posted 18 May 2006 - 07:52 PM

Logfile of HijackThis v1.99.1
Scan saved at 5:41:42 PM, on 5/28/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\DVDRAMSV.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\PROGRA~1\Iomega\System32\AppServices.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\00THotkey.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Analog Devices\SoundMAX\PmProxy.exe
c:\program files\verizon wireless\venturi\Client\ventc.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\System32\TPWRTRAY.EXE
C:\Program Files\TOSHIBA\TouchED\TouchED.Exe
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\WINDOWS\System32\TFNF5.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\System32\EZSP_PX.EXE
C:\Program Files\Iomega\AutoDisk\ADService.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\Verizon Wireless\VZAccess Manager\VZAccess Manager.exe
c:\program files\verizon wireless\venturi\Configurator\ventcfg.exe
C:\Program Files\Teamspeak2_RC2\TeamSpeak.exe
C:\toshiba\ivp\ism\ivpsvmgr.exe
C:\PROGRA~1\MSNGAM~1\zone.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\MSNGAM~1\zproxy.exe
C:\PROGRA~1\MSNGAM~1\zclient.exe
C:\Program Files\Ventrilo\Ventrilo.exe
C:\Program Files\HJK\HijackThis.exe

O2 - BHO: (no name) - SOFTWARE - (no file)
O2 - BHO: (no name) - {03A185B2-56B3-4C46-90A7-B8E14CCB1E59} - (no file)
O2 - BHO: (no name) - {059F31F1-43B4-428B-93B3-F3E69806FDC7} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {08A813A4-0311-4C96-B4F7-30FE58BFEF81} - (no file)
O2 - BHO: (no name) - {14DF880D-0A26-485C-A2D6-02E09D85B06E} - (no file)
O2 - BHO: (no name) - {15DAFEFC-995E-402D-AF9E-7ED4FAACA65E} - (no file)
O2 - BHO: (no name) - {1A897E58-6152-4095-BC05-E5D4B2D50A71} - (no file)
O2 - BHO: (no name) - {2277944D-A607-4DF3-8AA7-E83172D88465} - (no file)
O2 - BHO: (no name) - {269360CC-6132-427D-91F7-8C815FF4B423} - (no file)
O2 - BHO: (no name) - {2755C8B0-D7F9-420E-B48C-4D73CDF7F6D7} - (no file)
O2 - BHO: (no name) - {282792BB-A9E1-415D-8B3E-6091EA1D1B8D} - (no file)
O2 - BHO: (no name) - {28563ED9-4951-487F-A688-C76924958F79} - (no file)
O2 - BHO: (no name) - {29C9CE5F-6A4D-4E0D-9A5A-B5FA2AC7355A} - (no file)
O2 - BHO: (no name) - {29F9BD2C-2BFD-44B0-BFCB-A98894EE0AC4} - (no file)
O2 - BHO: (no name) - {2B76DBFE-D42C-4307-B7C5-CBD386CD7F46} - (no file)
O2 - BHO: (no name) - {2D047FC0-4FBF-43F2-A089-3DB372053E5E} - (no file)
O2 - BHO: (no name) - {2EFB4DCD-2A58-4672-BA40-6A484B7FE5D0} - (no file)
O2 - BHO: (no name) - {3199BB10-C39D-4E6E-8A7A-D5208F7A27B6} - (no file)
O2 - BHO: (no name) - {33D11D03-B239-4CF2-9E6D-A9B1AF8C6B52} - (no file)
O2 - BHO: (no name) - {361334B4-5872-4432-8B87-72661AEFF2DE} - (no file)
O2 - BHO: (no name) - {363E84A8-CBE4-4C0D-8594-B4321DD7AB88} - (no file)
O2 - BHO: (no name) - {3B2EC387-FC0B-488C-A836-052A96928203} - (no file)
O2 - BHO: (no name) - {3EA5E2BD-FAB6-4F99-B08B-EA2451A83ED9} - (no file)
O2 - BHO: (no name) - {40E685A1-1B2D-4622-8ACD-5BF944F38687} - (no file)
O2 - BHO: (no name) - {4162283A-F9C2-4429-83CC-EB8060602672} - (no file)
O2 - BHO: (no name) - {41F6C5CE-4D9C-4282-9392-B03E2328BA72} - (no file)
O2 - BHO: (no name) - {4589A018-39F7-403B-9276-6873E1C70F6C} - (no file)
O2 - BHO: (no name) - {47024796-CAC7-411D-9A53-3B48F7634926} - (no file)
O2 - BHO: (no name) - {49654748-E370-4CAF-99F8-7D1EE2220D6B} - (no file)
O2 - BHO: (no name) - {4A439357-45C5-4CD8-89E3-DF6AA1C3A8C1} - (no file)
O2 - BHO: (no name) - {4CF7A8FC-0698-4F8F-9CD7-DAA834ED3EB8} - (no file)
O2 - BHO: (no name) - {4E5AA96D-C5C0-4DC7-ABA9-ADD827B9DC5A} - (no file)
O2 - BHO: (no name) - {4EDD5A8C-58B2-4FC7-8802-4AB9A4339F30} - (no file)
O2 - BHO: (no name) - {4F7AEDA3-B312-4A2E-B593-D6715089DB88} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5370BA68-11AC-4BCD-B39C-F80B515DB3E5} - (no file)
O2 - BHO: (no name) - {56032D9E-8353-4BAE-865C-C70BB968E922} - (no file)
O2 - BHO: (no name) - {568A1CD8-4E64-4FE7-88E5-7B474B3BEB04} - (no file)
O2 - BHO: (no name) - {66FCA943-3402-495C-A021-4F321B08DDA1} - (no file)
O2 - BHO: (no name) - {6AAB0BC8-89ED-4B11-B617-15354E659BBE} - (no file)
O2 - BHO: (no name) - {6B7AB497-D340-48A5-84B6-7AB465FBF427} - (no file)
O2 - BHO: (no name) - {735B5773-A6BC-4C3B-8837-E7BB12FABA73} - (no file)
O2 - BHO: (no name) - {76E58B3B-2249-4258-AB65-73C9F6681E03} - (no file)
O2 - BHO: (no name) - {797D2FD8-EC49-44ED-8B0A-CBD6BE4CAD6B} - (no file)
O2 - BHO: (no name) - {7D1623C9-469A-43BA-A471-A6014FC5648B} - (no file)
O2 - BHO: (no name) - {7E6C42BD-3C94-49A1-8BB4-664811A74D67} - (no file)
O2 - BHO: (no name) - {80117CD2-F899-48E1-A189-A5310B6238C4} - (no file)
O2 - BHO: (no name) - {86A45B53-D614-4B5F-A701-8FB733DCC0CB} - (no file)
O2 - BHO: (no name) - {8776B1C2-6B0F-4C67-94BB-DF9F9055A819} - (no file)
O2 - BHO: (no name) - {877B1C00-4EC0-4CCB-9CF8-01DE897C63C4} - (no file)
O2 - BHO: (no name) - {888FAB24-C0E6-4087-BA95-87BAF6CB9F3D} - (no file)
O2 - BHO: (no name) - {8C712752-A1FC-4D1C-BACC-9C45460CDBDF} - (no file)
O2 - BHO: (no name) - {8CB3C1F4-F921-4E38-A1D2-7A7F3F317A5C} - (no file)
O2 - BHO: (no name) - {8D904630-56EA-46DC-AA3B-8B3E4D789352} - (no file)
O2 - BHO: (no name) - {9131FA21-2F73-4D77-BF1C-F6D1CB76A823} - (no file)
O2 - BHO: (no name) - {91BA7E82-472C-4CD7-B19E-6CD72FC704A7} - (no file)
O2 - BHO: (no name) - {936822AE-F9F1-4D53-AD50-D30857905E8B} - (no file)
O2 - BHO: (no name) - {9A5510CD-F188-491F-A19D-0F8056033ED8} - (no file)
O2 - BHO: (no name) - {9C72D1EE-EE9C-49AB-BB5A-D2713E1609C1} - (no file)
O2 - BHO: (no name) - {9F52DC42-4957-4BB0-98AE-C6BAC0FA361A} - (no file)
O2 - BHO: (no name) - {A0267A89-587D-469B-968B-EE3C8C4FFA41} - (no file)
O2 - BHO: (no name) - {A1A3CE05-5076-4181-8047-E4550F0DD729} - (no file)
O2 - BHO: (no name) - {A3293B87-0645-4A21-9F7C-50FE90866CB6} - (no file)
O2 - BHO: (no name) - {A727F757-AED2-49F8-BB27-55854D64CA35} - (no file)
O2 - BHO: (no name) - {A72AEA44-4EC7-430B-BB4A-D86531FCA019} - (no file)
O2 - BHO: (no name) - {A9BE8A97-35B3-4369-B071-5EBF3023F758} - (no file)
O2 - BHO: (no name) - {AB5246B4-26B4-4257-9D3D-2BD877F49416} - (no file)
O2 - BHO: (no name) - {AC1A0B07-CAE7-4F1D-BD97-C18B6F85768F} - (no file)
O2 - BHO: (no name) - {B497DC0F-59A3-4948-8085-1BE6CD769941} - (no file)
O2 - BHO: (no name) - {B5102A23-2E29-403A-9BD3-55734CA8A416} - (no file)
O2 - BHO: (no name) - {B9A05468-7878-4A9A-A7C6-64DAF51BF49C} - (no file)
O2 - BHO: (no name) - {BE7CB12F-11BE-4BF1-B158-2477275F874D} - (no file)
O2 - BHO: (no name) - {BF3340DB-1DD2-427B-BA40-397CB7449BA5} - (no file)
O2 - BHO: (no name) - {BF7EBA9E-6524-476F-A50A-FF6DC8E51A3B} - (no file)
O2 - BHO: (no name) - {C2983678-C494-4C19-A234-054133F760C5} - (no file)
O2 - BHO: (no name) - {C38441CA-DF35-4D5E-A746-5B9C4E6149D1} - (no file)
O2 - BHO: (no name) - {C390A99F-1842-4C77-812D-4DE66654C37E} - (no file)
O2 - BHO: (no name) - {C63663DB-D6DF-438B-AD4E-95BF0654B2F9} - (no file)
O2 - BHO: (no name) - {CA2BC7D8-3088-48F2-8C13-56A2F32FF63E} - (no file)
O2 - BHO: (no name) - {CBF2AE99-4D31-4156-BD17-F6E8E32B993F} - (no file)
O2 - BHO: (no name) - {CCF635A8-096E-462E-B8C0-001D1EEE7E45} - (no file)
O2 - BHO: (no name) - {CE1AD0C7-D4DB-4942-B8C6-8AB6BF8181D7} - (no file)
O2 - BHO: (no name) - {CECF4254-B804-4232-82C5-8574B6B6FC41} - (no file)
O2 - BHO: (no name) - {D8262DA5-D398-40FA-9A34-7DF5BE31326C} - (no file)
O2 - BHO: (no name) - {D8B5B89E-B361-4A94-93CD-8158C54CDFE5} - (no file)
O2 - BHO: (no name) - {DBFB78FA-4893-41AC-9CA1-CEAB35A6938F} - (no file)
O2 - BHO: (no name) - {DD5D5A49-42D5-40CB-BA07-92C430EDF7D7} - (no file)
O2 - BHO: (no name) - {DD5FD473-EDD9-446E-8DBB-868D0143156A} - (no file)
O2 - BHO: (no name) - {E4B0AEFE-37F5-42C9-A239-FEE589F53A92} - (no file)
O2 - BHO: (no name) - {E582E69D-7E8A-4821-AC5C-644E406742E7} - (no file)
O2 - BHO: (no name) - {EB231FF7-6982-4FBF-A068-547FFBB5C633} - (no file)
O2 - BHO: (no name) - {F03A7786-4D09-47BE-9427-19A11C3AEE36} - (no file)
O2 - BHO: (no name) - {F17AA946-7294-4336-A135-8EE79215C43B} - (no file)
O2 - BHO: (no name) - {F447F412-A236-4B5B-A1D4-21F93F571D7E} - (no file)
O2 - BHO: (no name) - {F9730F44-F937-4FD5-BB73-45DDC4874ED6} - (no file)
O2 - BHO: (no name) - {FF207A86-A021-4D5B-826F-3EB64598098A} - (no file)
O2 - BHO: (no name) - {FFA0AAE4-E31C-4E55-9104-3EF47A524E3D} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\System32\00THotkey.exe
O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
O4 - HKLM\..\Run: [PmProxy] C:\Program Files\Analog Devices\SoundMAX\PmProxy.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [Tpwrtray] TPWRTRAY.EXE
O4 - HKLM\..\Run: [TouchED] C:\Program Files\TOSHIBA\TouchED\TouchED.Exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe /Type 28
O4 - HKLM\..\Run: [TFNF5] TFNF5.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\EZSP_PX.EXE
O4 - HKLM\..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run
O4 - HKLM\..\Run: [TSysSMon] c:\toshiba\sysstability\tsyssmon.exe /detect
O4 - HKLM\..\Run: [ADUserMon] C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
O4 - HKLM\..\Run: [Iomega Drive Icons] C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
O4 - HKLM\..\Run: [Deskup] C:\Program Files\Iomega\DriveIcons\deskup.exe /IMGSTART
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - Startup: VZAccess Manager.lnk = C:\Program Files\Verizon Wireless\VZAccess Manager\VZAccess Manager.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.toshiba.com
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamespyarcade.com/software/launch/alaunch.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B2488186-FF17-490D-9ACD-D7141E4D6505}: NameServer = 66.174.95.44 66.174.92.14
O20 - AppInit_DLLs: mad.dll
O21 - SSODL: mtklef - {D985BF2B-21A4-4F6C-3788-3CB301F5B17D} - (no file)
O21 - SSODL: mtklefa - {D1310B6C-C441-4E53-658B-6D6EBD7BA85A} - (no file)
O21 - SSODL: FIBAEFFC - {6D1C51F2-364F-170C-380A-05605E9F5888} - (no file)
O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: DVD-RAM_Service - Matsubleepa Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Venturi Client (Venturi2) - Venturi Wireless - c:\program files\verizon wireless\venturi\Client\ventc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) - Iomega Corporation - C:\Program Files\Iomega\AutoDisk\ADService.exe
"Infection is the death's second cousin next to disease."

BC AdBot (Login to Remove)

 


#2 jurgenv

jurgenv

  • Members
  • 1,093 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Belgium
  • Local time:03:01 PM

Posted 20 May 2006 - 02:53 PM

* Please download, install, and update the free version of Ewido Security Suite:
  • When installing, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
  • When you run Ewido for the first time, you will get a warning "Database could not be found!". Click OK. We will fix this in a moment.
  • From the main Ewido screen, click on update in the left menu, then click the Start update button.
  • After the update finishes, the status bar at the bottom will display "Update successful"
  • Exit Ewido. DO NOT run a scan yet.
* If you do not already have Ad-Aware SE 1.06 installed, follow these download and setup instructions. Also check for updates:
Ad-Aware SE Setup
Again, do NOT run a scan yet.


* Next, please reboot your computer in Safe Mode by doing the following:
  • Restart your computer
  • After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
  • Instead of Windows loading as normal, a menu should appear
  • Select the first option, to run Windows in Safe Mode.
* open hijackthis and put a check next to the following:
===================================================
O2 - BHO: (no name) - SOFTWARE - (no file)
O2 - BHO: (no name) - {03A185B2-56B3-4C46-90A7-B8E14CCB1E59} - (no file)
O2 - BHO: (no name) - {059F31F1-43B4-428B-93B3-F3E69806FDC7} - (no file)
O2 - BHO: (no name) - {08A813A4-0311-4C96-B4F7-30FE58BFEF81} - (no file)
O2 - BHO: (no name) - {14DF880D-0A26-485C-A2D6-02E09D85B06E} - (no file)
O2 - BHO: (no name) - {15DAFEFC-995E-402D-AF9E-7ED4FAACA65E} - (no file)
O2 - BHO: (no name) - {1A897E58-6152-4095-BC05-E5D4B2D50A71} - (no file)
O2 - BHO: (no name) - {2277944D-A607-4DF3-8AA7-E83172D88465} - (no file)
O2 - BHO: (no name) - {269360CC-6132-427D-91F7-8C815FF4B423} - (no file)
O2 - BHO: (no name) - {2755C8B0-D7F9-420E-B48C-4D73CDF7F6D7} - (no file)
O2 - BHO: (no name) - {282792BB-A9E1-415D-8B3E-6091EA1D1B8D} - (no file)
O2 - BHO: (no name) - {28563ED9-4951-487F-A688-C76924958F79} - (no file)
O2 - BHO: (no name) - {29C9CE5F-6A4D-4E0D-9A5A-B5FA2AC7355A} - (no file)
O2 - BHO: (no name) - {29F9BD2C-2BFD-44B0-BFCB-A98894EE0AC4} - (no file)
O2 - BHO: (no name) - {2B76DBFE-D42C-4307-B7C5-CBD386CD7F46} - (no file)
O2 - BHO: (no name) - {2D047FC0-4FBF-43F2-A089-3DB372053E5E} - (no file)
O2 - BHO: (no name) - {2EFB4DCD-2A58-4672-BA40-6A484B7FE5D0} - (no file)
O2 - BHO: (no name) - {3199BB10-C39D-4E6E-8A7A-D5208F7A27B6} - (no file)
O2 - BHO: (no name) - {33D11D03-B239-4CF2-9E6D-A9B1AF8C6B52} - (no file)
O2 - BHO: (no name) - {361334B4-5872-4432-8B87-72661AEFF2DE} - (no file)
O2 - BHO: (no name) - {363E84A8-CBE4-4C0D-8594-B4321DD7AB88} - (no file)
O2 - BHO: (no name) - {3B2EC387-FC0B-488C-A836-052A96928203} - (no file)
O2 - BHO: (no name) - {3EA5E2BD-FAB6-4F99-B08B-EA2451A83ED9} - (no file)
O2 - BHO: (no name) - {40E685A1-1B2D-4622-8ACD-5BF944F38687} - (no file)
O2 - BHO: (no name) - {4162283A-F9C2-4429-83CC-EB8060602672} - (no file)
O2 - BHO: (no name) - {41F6C5CE-4D9C-4282-9392-B03E2328BA72} - (no file)
O2 - BHO: (no name) - {4589A018-39F7-403B-9276-6873E1C70F6C} - (no file)
O2 - BHO: (no name) - {47024796-CAC7-411D-9A53-3B48F7634926} - (no file)
O2 - BHO: (no name) - {49654748-E370-4CAF-99F8-7D1EE2220D6B} - (no file)
O2 - BHO: (no name) - {4A439357-45C5-4CD8-89E3-DF6AA1C3A8C1} - (no file)
O2 - BHO: (no name) - {4CF7A8FC-0698-4F8F-9CD7-DAA834ED3EB8} - (no file)
O2 - BHO: (no name) - {4E5AA96D-C5C0-4DC7-ABA9-ADD827B9DC5A} - (no file)
O2 - BHO: (no name) - {4EDD5A8C-58B2-4FC7-8802-4AB9A4339F30} - (no file)
O2 - BHO: (no name) - {4F7AEDA3-B312-4A2E-B593-D6715089DB88} - (no file)
O2 - BHO: (no name) - {5370BA68-11AC-4BCD-B39C-F80B515DB3E5} - (no file)
O2 - BHO: (no name) - {56032D9E-8353-4BAE-865C-C70BB968E922} - (no file)
O2 - BHO: (no name) - {568A1CD8-4E64-4FE7-88E5-7B474B3BEB04} - (no file)
O2 - BHO: (no name) - {66FCA943-3402-495C-A021-4F321B08DDA1} - (no file)
O2 - BHO: (no name) - {6AAB0BC8-89ED-4B11-B617-15354E659BBE} - (no file)
O2 - BHO: (no name) - {6B7AB497-D340-48A5-84B6-7AB465FBF427} - (no file)
O2 - BHO: (no name) - {735B5773-A6BC-4C3B-8837-E7BB12FABA73} - (no file)
O2 - BHO: (no name) - {76E58B3B-2249-4258-AB65-73C9F6681E03} - (no file)
O2 - BHO: (no name) - {797D2FD8-EC49-44ED-8B0A-CBD6BE4CAD6B} - (no file)
O2 - BHO: (no name) - {7D1623C9-469A-43BA-A471-A6014FC5648B} - (no file)
O2 - BHO: (no name) - {7E6C42BD-3C94-49A1-8BB4-664811A74D67} - (no file)
O2 - BHO: (no name) - {80117CD2-F899-48E1-A189-A5310B6238C4} - (no file)
O2 - BHO: (no name) - {86A45B53-D614-4B5F-A701-8FB733DCC0CB} - (no file)
O2 - BHO: (no name) - {8776B1C2-6B0F-4C67-94BB-DF9F9055A819} - (no file)
O2 - BHO: (no name) - {877B1C00-4EC0-4CCB-9CF8-01DE897C63C4} - (no file)
O2 - BHO: (no name) - {888FAB24-C0E6-4087-BA95-87BAF6CB9F3D} - (no file)
O2 - BHO: (no name) - {8C712752-A1FC-4D1C-BACC-9C45460CDBDF} - (no file)
O2 - BHO: (no name) - {8CB3C1F4-F921-4E38-A1D2-7A7F3F317A5C} - (no file)
O2 - BHO: (no name) - {8D904630-56EA-46DC-AA3B-8B3E4D789352} - (no file)
O2 - BHO: (no name) - {9131FA21-2F73-4D77-BF1C-F6D1CB76A823} - (no file)
O2 - BHO: (no name) - {91BA7E82-472C-4CD7-B19E-6CD72FC704A7} - (no file)
O2 - BHO: (no name) - {936822AE-F9F1-4D53-AD50-D30857905E8B} - (no file)
O2 - BHO: (no name) - {9A5510CD-F188-491F-A19D-0F8056033ED8} - (no file)
O2 - BHO: (no name) - {9C72D1EE-EE9C-49AB-BB5A-D2713E1609C1} - (no file)
O2 - BHO: (no name) - {9F52DC42-4957-4BB0-98AE-C6BAC0FA361A} - (no file)
O2 - BHO: (no name) - {A0267A89-587D-469B-968B-EE3C8C4FFA41} - (no file)
O2 - BHO: (no name) - {A1A3CE05-5076-4181-8047-E4550F0DD729} - (no file)
O2 - BHO: (no name) - {A3293B87-0645-4A21-9F7C-50FE90866CB6} - (no file)
O2 - BHO: (no name) - {A727F757-AED2-49F8-BB27-55854D64CA35} - (no file)
O2 - BHO: (no name) - {A72AEA44-4EC7-430B-BB4A-D86531FCA019} - (no file)
O2 - BHO: (no name) - {A9BE8A97-35B3-4369-B071-5EBF3023F758} - (no file)
O2 - BHO: (no name) - {AB5246B4-26B4-4257-9D3D-2BD877F49416} - (no file)
O2 - BHO: (no name) - {AC1A0B07-CAE7-4F1D-BD97-C18B6F85768F} - (no file)
O2 - BHO: (no name) - {B497DC0F-59A3-4948-8085-1BE6CD769941} - (no file)
O2 - BHO: (no name) - {B5102A23-2E29-403A-9BD3-55734CA8A416} - (no file)
O2 - BHO: (no name) - {B9A05468-7878-4A9A-A7C6-64DAF51BF49C} - (no file)
O2 - BHO: (no name) - {BE7CB12F-11BE-4BF1-B158-2477275F874D} - (no file)
O2 - BHO: (no name) - {BF3340DB-1DD2-427B-BA40-397CB7449BA5} - (no file)
O2 - BHO: (no name) - {BF7EBA9E-6524-476F-A50A-FF6DC8E51A3B} - (no file)
O2 - BHO: (no name) - {C2983678-C494-4C19-A234-054133F760C5} - (no file)
O2 - BHO: (no name) - {C38441CA-DF35-4D5E-A746-5B9C4E6149D1} - (no file)
O2 - BHO: (no name) - {C390A99F-1842-4C77-812D-4DE66654C37E} - (no file)
O2 - BHO: (no name) - {C63663DB-D6DF-438B-AD4E-95BF0654B2F9} - (no file)
O2 - BHO: (no name) - {CA2BC7D8-3088-48F2-8C13-56A2F32FF63E} - (no file)
O2 - BHO: (no name) - {CBF2AE99-4D31-4156-BD17-F6E8E32B993F} - (no file)
O2 - BHO: (no name) - {CCF635A8-096E-462E-B8C0-001D1EEE7E45} - (no file)
O2 - BHO: (no name) - {CE1AD0C7-D4DB-4942-B8C6-8AB6BF8181D7} - (no file)
O2 - BHO: (no name) - {CECF4254-B804-4232-82C5-8574B6B6FC41} - (no file)
O2 - BHO: (no name) - {D8262DA5-D398-40FA-9A34-7DF5BE31326C} - (no file)
O2 - BHO: (no name) - {D8B5B89E-B361-4A94-93CD-8158C54CDFE5} - (no file)
O2 - BHO: (no name) - {DBFB78FA-4893-41AC-9CA1-CEAB35A6938F} - (no file)
O2 - BHO: (no name) - {DD5D5A49-42D5-40CB-BA07-92C430EDF7D7} - (no file)
O2 - BHO: (no name) - {DD5FD473-EDD9-446E-8DBB-868D0143156A} - (no file)
O2 - BHO: (no name) - {E4B0AEFE-37F5-42C9-A239-FEE589F53A92} - (no file)
O2 - BHO: (no name) - {E582E69D-7E8A-4821-AC5C-644E406742E7} - (no file)
O2 - BHO: (no name) - {EB231FF7-6982-4FBF-A068-547FFBB5C633} - (no file)
O2 - BHO: (no name) - {F03A7786-4D09-47BE-9427-19A11C3AEE36} - (no file)
O2 - BHO: (no name) - {F17AA946-7294-4336-A135-8EE79215C43B} - (no file)
O2 - BHO: (no name) - {F447F412-A236-4B5B-A1D4-21F93F571D7E} - (no file)
O2 - BHO: (no name) - {F9730F44-F937-4FD5-BB73-45DDC4874ED6} - (no file)
O2 - BHO: (no name) - {FF207A86-A021-4D5B-826F-3EB64598098A} - (no file)
O2 - BHO: (no name) - {FFA0AAE4-E31C-4E55-9104-3EF47A524E3D} - (no file)
O20 - AppInit_DLLs: mad.dll
O21 - SSODL: mtklef - {D985BF2B-21A4-4F6C-3788-3CB301F5B17D} - (no file)
O21 - SSODL: mtklefa - {D1310B6C-C441-4E53-658B-6D6EBD7BA85A} - (no file)
O21 - SSODL: FIBAEFFC - {6D1C51F2-364F-170C-380A-05605E9F5888} - (no file)

===================================================
* After you check the items, close all browsers and windows, except for HijackThis, then click on the Fix Checked button on HijackThis

* Delete following file if it's present:

C:\WINDOWS\System32\mad.dll

* Next, run Ad-aware and perform a full scan. Remove everything found.

* Now open Ewido Security Suite
  • Click on Scanner
  • Click on Complete System Scan and the scan will begin.
  • NOTE: During some scans with ewido it is finding cases of false positives. You will need to step through the process of cleaning files one-by-one. If ewido detects a file you KNOW to be legitimate, select none as the action.
  • DO NOT select "Perform action on all infections"
  • When the scan is finished, click the Save report button at the bottom of the screen.
  • Save the report to your desktop
  • Close Ewido
* boot back into normal mode

* Please download ATF Cleaner by Atribune.
This program is for XP and Windows 2000 onlyDouble-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.
If you use Firefox browserClick Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browserClick Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.
For Technical Support, double-click the e-mail address located at the bottom of each menu.

* Now, post a new hijackthis log here with the report from ewido
Greets Jürgenv

Donation: Click me.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users