Your Ad Here

Wednesday, February 25, 2009

Please help me with my problem, thanks!

Lately, each time I first open an internet explorer window upon booting my computer, my BitDefender software will detect a "Trojan.Generic.1375154", and claim that the "file has been deleted". However, this happens every time I open an IE window for the FIRST time upon booting, and the file name will always be the same. I suspect it could be a regenerating file, but I cant seem to find that file by myself, even in the stated file directory.

Second, my IE windows have been closing by itself quite often.

Third, I cant seem to run Windows Update anymore, because of an error "Code 80072F8F". Apparently its because my computer clock is not synchronised with the Windows clock, but Ive seen to that, but nothing seems to work.

Id really appreciate if you could help me with my problems! Thank you in advance! :)

-----------------------------------------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:01:28 PM, on 25/02/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:Windowssystem32taskeng.exe
C:Windowssystem32Dwm.exe
C:WindowsExplorer.EXE
C:Program FilesWindows DefenderMSASCui.exe
C:WindowsRtHDVCpl.exe
C:WindowsSystem32SysMonitor.exe
C:AcerEmpowering TechnologyeDataSecurityeDSloader.exe
C:Program FilesBitDefenderBitDefender 2008bdagent.exe
C:Program FilesCanonCanon IJ Network Scan UtilityCNMNSUT.EXE
C:Program FilesJavajre6binjusched.exe
C:Program FilesWindows LiveMessengermsnmsgr.exe
C:Windowsehomeehtray.exe
C:Program FilesWindows Media Playerwmpnscfg.exe
C:Program FilesImationImationFlashDetect.exe
C:Windowsehomeehmsas.exe
C:AcerEmpowering

TechnologyACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:AcerEmpowering TechnologyeRecoveryERAGENT.EXE
C:Program FilesInternet Explorerieuser.exe
C:Windowssystem32wuauclt.exe
C:Program FilesCommon FilesMicrosoft SharedWindows

LiveWLLoginProxy.exe
C:Program FilesInternet Exploreriexplore.exe
C:Windowssystem32MacromedFlashFlashUtil10a.exe
C:Program FilesSports InteractiveFootball Manager 2009fm.exe
C:Program FilesTrend MicroHijackThisHijackThis.exe
C:Windowssystem32SearchFilterHost.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page =

http://sg.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =

http://en.sg.acer.yahoo.com/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =

http://en.sg.acer.yahoo.com
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL =

http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page =

http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page =

http://en.sg.acer.yahoo.com
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R1 - HKCUSoftwareMicrosoftInternet ExplorerSearchURL,(Default) =

http://sg.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet

Settings,ProxyOverride = *.local
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-

0090271D4F88} - C:Program FilesYahoo!CompanionInstallscpnyt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-

7695ECA05670} - C:Program FilesYahoo!CompanionInstallscpnyt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-

784B7D6BE0B3} - C:Program FilesCommon

FilesAdobeAcrobatActiveXAcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-

A0F997BA588C} - C:Program FilesSkypeToolbarsInternet

ExplorerSkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer -

{3049C3E9-B461-4BC5-8870-4C09146192CA} - C:Program

FilesRealRealPlayerrpbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-

D4DAF1D92D43} - C:Program FilesJavajre6binssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no

file)
O2 - BHO: EndNote Web - {82D2E569-25A7-4e4d-9FA3-C5025B4B7912} -

C:Program FilesEndNote WebENWIEPlug.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-

45B6B8505E96} - C:Windowssystem32ActiveToolBand.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-

5164760863C6} - C:Program FilesCommon FilesMicrosoft

SharedWindows LiveWindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-

8273-0445EE161910} - C:Program FilesAdobeAcrobat 8.0

AcrobatAcroIEFavClient.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-

64B5B4FF55D0} - C:Program FilesWindows Live Toolbarmsntb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-

9C25C1C588A9} - C:Program FilesJavajre6binjp2ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88}

- C:Program FilesYahoo!CompanionInstallscpnyt.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-

A7DD-396DB0476E29} - C:Windowssystem32eDStoolbar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -

C:Program FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-

64B5B4FF55D0} - C:Program FilesWindows Live Toolbarmsntb.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-

FC6124A40F8C} - C:Program FilesBitDefenderBitDefender 2008

IEToolbar.dll
O3 - Toolbar: EndNote Web - {945C8270-A848-11D5-A805-00B0D092F45B} -

C:Program FilesEndNote WebENWIEPlug.dll
O4 - HKLM..Run: [Windows Defender] %ProgramFiles%Windows

DefenderMSASCui.exe -hide
O4 - HKLM..Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM..Run: [Acer Empowering Technology Monitor]

C:Windowssystem32SysMonitor.exe
O4 - HKLM..Run: [eDataSecurity Loader] C:AcerEmpowering

TechnologyeDataSecurityeDSloader.exe
O4 - HKLM..Run: [Microsoft Genuine Logon] svchost.exe
O4 - HKLM..Run: [ISUSScheduler] "C:Program FilesCommon

FilesInstallShieldUpdateServiceissch.exe" -start
O4 - HKLM..Run: [BDAgent] "C:Program FilesBitDefenderBitDefender

2008bdagent.exe"
O4 - HKLM..Run: [IJNetworkScanUtility] C:Program FilesCanonCanon IJ

Network Scan UtilityCNMNSUT.EXE
O4 - HKLM..Run: [SunJavaUpdateSched] "C:Program FilesJavajre6

binjusched.exe"
O4 - HKCU..Run: [MessengerPlus3] "C:Program FilesMessengerPlus! 3

MsgPlus.exe" /WinStart
O4 - HKCU..Run: [msnmsgr] "C:Program FilesWindows

LiveMessengermsnmsgr.exe" /background
O4 - HKCU..Run: [updateMgr] C:Program FilesAdobeAcrobat 7.0

ReaderAdobeUpdateManager.exe AcRdB7_0_0
O4 - HKCU..Run: [ehTray.exe] C:WindowsehomeehTray.exe
O4 - HKCU..Run: [WMPNSCFG] C:Program FilesWindows Media

PlayerWMPNSCFG.exe
O4 - HKUSS-1-5-19..Run: [Sidebar] %ProgramFiles%Windows

SidebarSidebar.exe /detectMem (User LOCAL SERVICE)
O4 - HKUSS-1-5-19..Run: [WindowsWelcomeCenter] rundll32.exe

oobefldr.dll,ShowWelcomeCenter (User LOCAL SERVICE)
O4 - HKUSS-1-5-20..Run: [Sidebar] %ProgramFiles%Windows

SidebarSidebar.exe /detectMem (User NETWORK SERVICE)
O4 - Startup: ImationFlashDetect.lnk = C:Program

FilesImationImationFlashDetect.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:Program

FilesWindows Live Toolbarmsntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites -

http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Append to existing PDF - res://C:Program

FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF -

res://C:Program FilesAdobeAcrobat 8.0

AcrobatAcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF -

res://C:Program FilesAdobeAcrobat 8.0

AcrobatAcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF -

res://C:Program FilesAdobeAcrobat 8.0

AcrobatAcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF -

res://C:Program FilesAdobeAcrobat 8.0

AcrobatAcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF -

res://C:Program FilesAdobeAcrobat 8.0

AcrobatAcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF -

res://C:Program FilesAdobeAcrobat 8.0

AcrobatAcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:Program

FilesAdobeAcrobat 8.0AcrobatAcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel -

res://C:PROGRA~1MICROS~2Office12EXCEL.EXE/3000
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600}

- C:Program FilesWindows LiveWriterWriterBrowserExtension.dll
O9 - Extra Tools menuitem: &Blog This in Windows Live Writer - {219C3416

-8CB2-491a-A3C7-D9FCDDC9D600} - C:Program FilesWindows

LiveWriterWriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-

5663EE0C6C49} - C:PROGRA~1MICROS~2Office12ONBttnIE.dll
O9 - Extra Tools menuitem: S&end to OneNote - {2670000A-7350-4f3c-

8081-5663EE0C6C49} - C:PROGRA~1MICROS~2Office12ONBttnIE.dll
O9 - Extra button: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} -

C:Program FilesICQICQ.exe
O9 - Extra Tools menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd}

- C:Program FilesICQICQ.exe
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} -

C:Program FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263}

- C:PROGRA~1MICROS~2Office12REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo

Uploader 5 Control) -

http://upload.facebook.com/controls/200 ... PhotoUploa

der5.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo

Upload Tool) - http://gfx2.mail.live.com/mail/w1/resou ... MSNPUplden

-sg.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire

Showdown Class) -

http://messenger.zone.msn.com/binary/So ... b56986.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo

Uploader 4 Control) -

http://upload.facebook.com/controls/Fac ... oader3.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo

Uploader Control) -

http://upload.facebook.com/controls/Fac ... loader.cab
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk

MapGuide ActiveX Control) - http://www.can.com.sg/mwf/mgaxctrl.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072}

(MessengerStatsClient Class) -

http://messenger.zone.msn.com/binary/Me ... t.cab56907.

cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave

Flash Object) -

http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools

WebPlayer Class) - http://3dlifeplayer.dl.3dvia.com/player ... taller.exe
O16 - DPF: {E85362EF-40D4-4E5D-BE07-D6B036CCA277} (GoPets Control)

- https://secure.gopetslive.com/dev/gopets.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper

Flags Class) -

http://messenger.zone.msn.com/binary/Mi ... b56986.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb

Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D}

- C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL
O20 - AppInit_DLLs: C:PROGRA~1GoogleGOOGLE~1GOEC62~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft -

C:Program FilesLavasoftAd-Awareaawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:Program

FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:Program FilesCommon

FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. -

C:Windowssystem32Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:Program

FilesBonjourmDNSResponder.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd -

C:Windowssystem32brsvc01a.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. -

C:AcerEmpowering TechnologyeRecoveryeRecoveryService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. -

C:Program FilesCommon FilesMacrovision SharedFLEXnet

PublisherFNPLicensingService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service

(LightScribeService) - Hewlett-Packard Company - C:Program

FilesCommon FilesLightScribeLSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender

SRL - C:Program FilesCommon FilesBitDefenderBitDefender Update

Servicelivesrv.exe
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) -

Unknown owner - C:Program FilesCommon FilesSymantec

SharedccSvcHst.exe (file missing)
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. -

C:Program FilesBitDefenderBitDefender 2008vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender -

C:Program FilesCommon FilesBitDefenderBitDefender

Communicatorxcommsvr.exe

--
End of file - 13008 bytes

Read More...
Your Ad Here
Posted by Kishore Vengala at 1:24 AM

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)