Jump to content

Build Theme!
  •  
  • Unreplied Topics
  • Downloads
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93112 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Hijackthis Log - Iomhar De Algach

Started by Iomhar de Algach , Aug 04 2007 01:20 PM

  • This topic is locked This topic is locked
No replies to this topic

#1 Iomhar de Algach

Iomhar de Algach

    New Member

  • New Member
  • Pip
  • 1 posts

Posted 04 August 2007 - 01:20 PM

Hi!
It's the HijackThis Log from me PC - plz read, check and analize it and help me to fix the errors! Thanxxx!

Logfile of HijackThis v1.99.1
Scan saved at 3:13:30, on 05.08.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\AntiVir PersonalEdition Classic\sched.exe
D:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
D:\Program Files\Comodo\Firewall\cmdagent.exe
D:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Raxco\PerfectDisk\PDAgent.exe
D:\Program Files\Spyware Terminator\sp_rsser.exe
D:\WINDOWS\system32\ufdsvc.exe
D:\Program Files\UFS Explorer\ufsxagent.exe
D:\WINDOWS\system32\UTSCSI.EXE
D:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
D:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
D:\WINDOWS\NewMixer.exe
D:\Program Files\Comodo\Firewall\CPF.exe
D:\Program Files\Raxco\PerfectDisk\PDEngine.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\VIA\RAID\raid_tool.exe
D:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
D:\Program Files\AnVir Task Manager\AnVir.exe
D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
D:\Program Files\MemInfo\meminfo.exe
D:\Program Files\Hmonitor\hmonitor.exe
D:\Program Files\HACE\Mmm\Mmm.exe
D:\Program Files\Positive Technologies\Startup Monitor\PTstartmon.exe
D:\Program Files\Startup Faster 2004\sfAgent.exe
D:\PROGRA~1\BXNEWF~1\bxExpHelper.exe
D:\PROGRA~1\MOZILL~1\FIREFOX.EXE
D:\Portable Warez\aps\aps.exe
D:\WINDOWS\system32\notepad.exe
D:\Portable Warez\HiJackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ru/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Ссылки
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - D:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SpywareBlock Class - {0A87E45F-537A-40B4-B812-E2544C21A09F} - D:\Program Files\SpyCatcher\SCActiveBlock.dll
O2 - BHO: ClickCatcher MSIE handler - {16664845-0E00-11D2-8059-000000000000} - D:\Program Files\Common Files\ReGet Shared\Catcher.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - D:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: bxNewFolder - {51C8BCA8-2524-4523-BF09-738C4EEBFC58} - D:\PROGRA~1\BXNEWF~1\BXNEWF~1.DLL
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - D:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - D:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: ReGet Bar - {17939A30-18E2-471E-9D3A-56DD725F1215} - D:\Program Files\ReGetDx\iebar.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - D:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O3 - Toolbar: PrivBar - {300BC64A-BF32-4cc8-8917-91148CEFE700} - D:\WINDOWS\system32\PrivBar.dll
O4 - HKLM\..\Run: [StartupFaster] "D:\Program Files\Startup Faster 2004\StrpFstCfg.exe" -run SFAURUN SFCURUN SFAUSTARTUP SFCUSTARTUP
O8 - Extra context menu item: &Download all by Orbit - res://D:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: &Download by Orbit - res://D:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Download selected by Orbit - res://D:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: &Grab video by Orbit - res://D:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Search Current News - file://\program files\powershell-xp3\search5.htm
O8 - Extra context menu item: Search Encyclopedia - file://\program files\powershell-xp3\search4.htm
O8 - Extra context menu item: Search for Images - file://\program files\powershell-xp3\search3.htm
O8 - Extra context menu item: Search Newsgroups - file://\program files\powershell-xp3\search2.htm
O8 - Extra context menu item: Search the Web - file://\program files\powershell-xp3\search.htm
O8 - Extra context menu item: Закачать &все при помощи ReGet Deluxe - D:\Program Files\Common Files\ReGet Shared\CC_All.htm
O8 - Extra context menu item: Закачать при помощи Re&Get Deluxe - D:\Program Files\Common Files\ReGet Shared\CC_Link.htm
O8 - Extra context menu item: Заполнить формы - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Настроить Меню - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Сохранить формы - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Тулбар RoboForm - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Заполнить - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Заполнить формы - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Сохранить - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Сохранить формы - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: Тулбар RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://D:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O15 - Trusted Zone: *.p0rt2.com
O16 - DPF: {33331111-1111-1111-1111-615111193427} - http://www.www2.p0rt...es/epl99bf2.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{774DF18C-2F6B-42DC-A8D8-FB243A8ABD42}: NameServer = 217.116.128.9 217.116.129.9
O20 - AppInit_DLLs: secuload.dll
O20 - Winlogon Notify: !SASWinLogon - D:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O20 - Winlogon Notify: MCPClient - D:\PROGRA~1\COMMON~1\Stardock\mcpstub.dll
O20 - Winlogon Notify: sudown - D:\WINDOWS\SYSTEM32\sudown.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - D:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - D:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - D:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - D:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: Журнал событий (Eventlog) - Корпорация Майкрософт - D:\WINDOWS\system32\services.exe
O23 - Service: Служба COM записи компакт-дисков IMAPI (ImapiService) - Корпорация Майкрософт - D:\WINDOWS\system32\imapi.exe
O23 - Service: NetMeeting Remote Desktop Sharing (mnmsrvc) - Корпорация Майкрософт - D:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: NBService - Nero AG - D:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: PDAgent - Raxco Software, Inc. - D:\Program Files\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - D:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: Plug and Play (PlugPlay) - Корпорация Майкрософт - D:\WINDOWS\system32\services.exe
O23 - Service: PMounter - Unknown owner - D:\WINDOWS\system32\PMounter.exe
O23 - Service: Диспетчер сеанса справки для удаленного рабочего стола (RDSessMgr) - Корпорация Майкрософт - D:\WINDOWS\system32\sessmgr.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Смарт-карты (SCardSvr) - Корпорация Майкрософт - D:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - D:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Журналы и оповещения производительности (SysmonLog) - Корпорация Майкрософт - D:\WINDOWS\system32\smlogsvc.exe
O23 - Service: UFD Command Service (UFDSVC) - Generic - D:\WINDOWS\system32\ufdsvc.exe
O23 - Service: UFS Explorer Professional, Business Network Agent (UFS Explorer NetAgent) - SysDevSoftware Ltd. - D:\Program Files\UFS Explorer\ufsxagent.exe
O23 - Service: CLCV0 (UTSCSI) - Unknown owner - D:\WINDOWS\system32\UTSCSI.EXE
O23 - Service: Теневое копирование тома (VSS) - Корпорация Майкрософт - D:\WINDOWS\System32\vssvc.exe
O23 - Service: Адаптер производительности WMI (WmiApSrv) - Корпорация Майкрософт - D:\WINDOWS\system32\wbem\wmiapsrv.exe
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - D:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

    Advertisements

Register to Remove

Related Topics

Back to Virus, Spyware & Malware Removal · Next Unread Topic →

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

  1. What the Tech
  2. Spyware / Malware / Virus Removal
  3. Virus, Spyware & Malware Removal
  4. Privacy Policy
  5. Terms of Use ·