Home   News  Product reviews  Website reviews  Forums   Competitions  Subscribe 
Search
You are not logged in.
Login | New user registration 		Main Index | Search | Active Topics | Who's Online | FAQ / HELP

Security >> HijackThis logs help and analysis
Previous thread Previous   View all threads Index   Next thread Next   Flat Mode Flat  

 |  Print Thread
foofighter25
regular


Reg'd: Wed
Posts: 119
Loc: away with the fairies
hijack this log please trojan and worm found
      Mon Apr 14 2008 01:15 PM
Reply to this post Reply   Reply to this post Quote  

hi there guys
upon start up this morning a trojan and worm were found,were quarantined with avg straight away.But laptop has slowed down quite a bit.Could someone please go through my log and check everything is clean and sound.Thank you very much for your help which is appreciated.Foofighter25

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:14:19, on 14/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Free\a2service.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ThreatFire\TFService.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Comodo\Firewall\cfp.exe
C:\Program Files\ThreatFire\TFTray.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O2 - BHO: QFX Software KeyScrambler - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files\KeyScrambler\keyscramblerIE.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [ThreatFire] C:\Program Files\ThreatFire\TFTray.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\keyscramblerIE.dll
O9 - Extra 'Tools' menuitem: &KeyScrambler... - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\keyscramblerIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: ThreatFire - PC Tools - C:\Program Files\ThreatFire\TFService.exe

--
End of file - 4703 bytes

--------------------
AVG8/Comodo Firewall Pro/Malwarebytes AntiMalware//Keyscrambler/SpywareBlaster/Glary Utilities

Post Extras Print Post   Remind Me!     Notify Moderator
Rate this thread

Jump to


Entire topic
Subject Posted by Posted on
* hijack this log please trojan and worm found foofighter25 Mon Apr 14 2008 01:15 PM
. * * Re: hijack this log please trojan and worm found bricatModerator   Mon Apr 14 2008 06:44 PM
. * * Re: hijack this log please trojan and worm found foofighter25   Mon Apr 14 2008 09:10 PM
. * * Re: hijack this log please trojan and worm found bricatModerator   Mon Apr 14 2008 10:48 PM
. * * Re: hijack this log please trojan and worm found foofighter25   Tue Apr 15 2008 12:47 PM
. * * Re: hijack this log please trojan and worm found bricatModerator   Tue Apr 15 2008 03:07 PM
. * * Re: hijack this log please trojan and worm found foofighter25   Tue Apr 15 2008 04:58 PM
. * * Re: hijack this log please trojan and worm found foofighter25   Thu Apr 17 2008 08:19 PM
. * * Re: hijack this log please trojan and worm found bricatModerator   Thu Apr 17 2008 10:20 PM
. * * Re: hijack this log please trojan and worm found foofighter25   Fri Apr 18 2008 02:59 PM
. * * Re: hijack this log please trojan and worm found bricatModerator   Fri Apr 18 2008 04:35 PM
. * * Re: hijack this log please trojan and worm found foofighter25   Wed Apr 23 2008 07:39 PM
. * * Re: hijack this log please trojan and worm found bricatModerator   Wed Apr 23 2008 10:35 PM
. * * Re: hijack this log please trojan and worm found foofighter25   Wed Apr 23 2008 11:25 PM
. * * Re: hijack this log please trojan and worm found bricatModerator   Wed Apr 23 2008 11:37 PM
. * * Re: hijack this log please trojan and worm found foofighter25   Thu Apr 24 2008 12:05 AM
. * * Re: hijack this log please trojan and worm found bricatModerator   Thu Apr 24 2008 08:37 AM
. * * Re: hijack this log please trojan and worm found foofighter25   Thu Apr 24 2008 05:16 PM
. * * Re: hijack this log please trojan and worm found bricatModerator   Thu Apr 24 2008 06:25 PM
. * * Re: hijack this log please trojan and worm found foofighter25   Thu Apr 24 2008 09:51 PM
. * * Re: hijack this log please trojan and worm found bricatModerator   Thu Apr 24 2008 10:58 PM
. * * Re: hijack this log please trojan and worm found foofighter25   Tue Apr 29 2008 10:08 PM
. * * Re: hijack this log please trojan and worm found bricatModerator   Tue Apr 29 2008 11:48 PM
. * * Re: hijack this log please trojan and worm found foofighter25   Wed Apr 30 2008 11:35 AM

Extra information
2 registered and 10 anonymous users are browsing this forum.

Moderator:  putasolutions, greysts, bricat, AndrewC, Joe_London, John_McKenna, Mouse, Hello_There, TheFatControlleR, Nanook, Noviciate 


Print Thread
Forum Permissions
      You cannot start new topics
      You cannot reply to topics
      HTML is disabled
      Mark-up is enabled

Rating:
Thread views: 0

Contact Us | Privacy statement Main website
Hitwise Top 10 Award Winner - Jan-Mar 2005

About us | Contact us | Link to us | Terms & Conditions | Privacy Policy
© Copyright IPC Media Limited, All rights reserved