i just got my new comp, and i got this msn virus that sends random stuff, and after a few days, i got antivirus pro 2009 worm, and now i cant open taskmanager, which i thought i could solve by using regedit, but it closed after 1/2 second.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:31:08 PM, on 19/03/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:Windowssystem32Dwm.exe
C:WindowsExplorer.EXE
C:Program FilesIntelIntel Matrix Storage ManagerIAAnotif.exe
C:Program FilesATI TechnologiesATI.ACECore-StaticMOM.exe
C:Program FilesMcAfee.comAgentmcagent.exe
C:Program FilesDell DataSafe OnlineDataSafeOnline.exe
C:Program FilesDell Support Centerbinsprtcmd.exe
C:Windowsfxsteller.exe
C:Program FilesiTunesiTunesHelper.exe
C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe
C:WindowsSystem32kav64.exe
C:Program FilesWindows Sidebarsidebar.exe
C:Windowsehomeehtray.exe
C:Program FilesWindows Media Playerwmpnscfg.exe
C:Windowsehomeehmsas.exe
C:Program FilesDellDellDockDellDock.exe
C:Program FilesWindows Sidebarsidebar.exe
C:Program FilesATI TechnologiesATI.ACECore-StaticCCC.exe
C:Windowssystem32wuauclt.exe
C:Windowssystem32taskeng.exe
C:Program FilesDellDellDockDellDock.exe
c:PROGRA~1mcafeeVIRUSS~1mcvsshld.exe
C:Program Filesinternet exploreriexplore.exe
C:Windowssystem32conime.exe
C:Program FilesWindows LiveToolbarwltuser.exe
C:Program FilesWindows LiveMessengermsnmsgr.exe
C:Program FilesWindows LiveContactswlcomm.exe
C:Program FilesTrend MicroHijackThisHijackThis.exe
R3 - URLSearchHook: Wr-Haxers Toolbar - {48657fac-c1ea-4cbf-9127-156acc40b539} - C:Program FilesWr-HaxerstbWr-H.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:PROGRA~1mcafeemskmcapbho.dll
O2 - BHO: Wr-Haxers Toolbar - {48657fac-c1ea-4cbf-9127-156acc40b539} - C:Program FilesWr-HaxerstbWr-H.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:Program FilesMicrosoftSearch Enhancement PackSearch HelperSearchHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:PROGRA~1MICROS~3Office12GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.6.0_07binssv.dll
O2 - BHO: BOC ProcessProtect Class - {776B71E2-B4CC-4C94-BC7C-09103AA690B6} - ProcessProtection.dll (file missing)
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:Program FilesMcAfeeVirusScanscriptsn.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:Program FilesGoogleGoogleToolbarNotifier5.0.926.3450swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:Program FilesGoogleGoogle ToolbarComponentfastsearch_219B3E1547538286.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:Program FilesDellBAEBAE.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:Program FilesWindows LiveToolbarwltcore.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:Program FilesWindows LiveToolbarwltcore.dll
O3 - Toolbar: Wr-Haxers Toolbar - {48657fac-c1ea-4cbf-9127-156acc40b539} - C:Program FilesWr-HaxerstbWr-H.dll
O4 - HKLM..Run: [Windows Defender] %ProgramFiles%Windows DefenderMSASCui.exe -hide
O4 - HKLM..Run: [ECenter] C:DellE-CenterEULALauncher.exe
O4 - HKLM..Run: [UpdReg] C:WindowsUpdReg.EXE
O4 - HKLM..Run: [IAAnotif] "C:Program FilesIntelIntel Matrix Storage ManagerIaanotif.exe"
O4 - HKLM..Run: [StartCCC] "C:Program FilesATI TechnologiesATI.ACECore-StaticCLIStart.exe" MSRun
O4 - HKLM..Run: [Adobe Reader Speed Launcher] "c:Program FilesAdobeReader 9.0ReaderReader_sl.exe"
O4 - HKLM..Run: [mcagent_exe] C:Program FilesMcAfee.comAgentmcagent.exe /runkey
O4 - HKLM..Run: [Google Desktop Search] "C:Program FilesGoogleGoogle Desktop SearchGoogleDesktop.exe" /startup
O4 - HKLM..Run: [Dell DataSafe Online] "C:Program FilesDell DataSafe OnlineDataSafeOnline.exe" /m
O4 - HKLM..Run: [dellsupportcenter] "C:Program FilesDell Support Centerbinsprtcmd.exe" /P dellsupportcenter
O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeQTTask.exe" -atboottime
O4 - HKLM..Run: [Windows UDP Control Center] fxsteller.exe
O4 - HKLM..Run: [iTunesHelper] "C:Program FilesiTunesiTunesHelper.exe"
O4 - HKLM..Run: [Microsoft Update] KAV64.EXE
O4 - HKLM..Run: [GrooveMonitor] "C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe"
O4 - HKCU..Run: [msnmsgr] "C:Program FilesWindows LiveMessengermsnmsgr.exe" /background
O4 - HKCU..Run: [swg] C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
O4 - HKCU..Run: [Sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun
O4 - HKCU..Run: [RGSC] C:Program FilesRockstar GamesRockstar Games Social ClubRGSCLauncher.exe /silent
O4 - HKCU..Run: [ehTray.exe] C:WindowsehomeehTray.exe
O4 - HKCU..Run: [WMPNSCFG] C:Program FilesWindows Media PlayerWMPNSCFG.exe
O4 - HKCU..RunOnce: [Microsoft Update] KAV64.EXE
O4 - HKUSS-1-5-19..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User LOCAL SERVICE)
O4 - HKUSS-1-5-19..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User LOCAL SERVICE)
O4 - HKUSS-1-5-20..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User NETWORK SERVICE)
O4 - HKUSS-1-5-18..RunOnce: [FlashPlayerUpdate] C:Windowssystem32MacromedFlashFlashUtil10a.exe (User SYSTEM)
O4 - HKUS.DEFAULT..RunOnce: [FlashPlayerUpdate] C:Windowssystem32MacromedFlashFlashUtil10a.exe (User Default user)
O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:Program FilesDellDellDockDellDock.exe (User Default user)
O4 - Startup: Adobe Gamma.lnk = C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
O4 - Startup: CPUFSB.lnk = C:Program FilesCPUFSBCPUFSB.exe
O4 - Startup: Dell Dock.lnk = C:Program FilesDellDellDockDellDock.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:PROGRA~1MICROS~3Office12EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:PROGRA~1JavaJRE16~1.0_0binssv.dll
O9 - Extra Tools menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:PROGRA~1JavaJRE16~1.0_0binssv.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:Program FilesWindows LiveWriterWriterBrowserExtension.dll
O9 - Extra Tools menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:Program FilesWindows LiveWriterWriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:PROGRA~1MICROS~3Office12ONBttnIE.dll
O9 - Extra Tools menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:PROGRA~1MICROS~3Office12ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~3Office12REFIEBAR.DLL
O13 - Gopher Prefix:
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {99CAAA27-FA0C-4FA4-B88A-4AB1CC7A17FE} (MGLaunch_v1004 Class) - http://op7.netgame.com/launch/object/mg ... Av1004.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:PROGRA~1MICROS~3Office12GR99D3~1.DLL
O20 - AppInit_DLLs: C:PROGRA~1GoogleGOOGLE~2GOEC62~1.DLL
O20 - Winlogon Notify: GoToAssist - C:Program FilesCitrixGoToAssist514G2AWinLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:Windowssystem32Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:Program FilesBonjourmDNSResponder.exe
O23 - Service: Creative Labs Licensing Service - Creative Labs - C:Program FilesCommon FilesCreative Labs SharedServiceCreativeLicensing.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:Windowssystem32CTsvcCDA.exe
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:Program FilesDellDellDockDockLogin.exe
O23 - Service: GoogleDesktopManager - Google - C:Program FilesGoogleGoogle Desktop SearchGoogleDesktop.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:Program FilesCitrixGoToAssist514g2aservice.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:Program FilesIntelIntel Matrix Storage ManagerIaantmon.exe
O23 - Service: iPod Service - Apple Inc. - C:Program FilesiPodbiniPodService.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:PROGRA~1McAfeeMSCmcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:PROGRA~1COMMON~1mcafeemnamcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:PROGRA~1McAfeeVIRUSS~1mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:PROGRA~1COMMON~1mcafeemcproxymcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:PROGRA~1McAfeeVIRUSS~1mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:PROGRA~1McAfeeVIRUSS~1mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:Program FilesMcAfeeMPFMPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:Program FilesMcAfeeMSKMskSrver.exe
O23 - Service: PnkBstrA - Unknown owner - C:Windowssystem32PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:Windowssystem32PnkBstrB.exe
O23 - Service: LiveShare P2P Server 10 (RoxLiveShare10) - Sonic Solutions - C:Program FilesCommon FilesRoxio Shared10.0SharedCOMRoxLiveShare10.exe
O23 - Service: RoxMediaDB10 - Sonic Solutions - C:Program FilesCommon FilesRoxio Shared10.0SharedCOMRoxMediaDB10.exe
O23 - Service: Roxio Hard Drive Watcher 10 (RoxWatch10) - Sonic Solutions - C:Program FilesCommon FilesRoxio Shared10.0SharedCOMRoxWatch10.exe
O23 - Service: SessionLauncher - Unknown owner - C:UsersADMINI~1AppDataLocalTempDX9SessionLauncher.exe (file missing)
O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:Program FilesDell Support Centerbinsprtsvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:Windowssystem32STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:Program FilesCommon FilesSureThing Sharedstllssvr.exe
O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:Program FilesTeamViewerVersion4TeamViewer_Service.exe
O23 - Service: Stardock WindowBlinds (WindowBlinds) - Stardock Corporation - C:Program FilesStardockMyColorsVistaSrv.exe
--
End of file - 11968 bytes
Ty to any1 who can help in advance
Read More...
Thursday, March 19, 2009
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment