Your Ad Here

Tuesday, April 7, 2009

Flashy folder appears in every flash drive I plug to my pc..

Here is the logfile.

Hope you can help with my problem.
My Registry Edit has been disabled was well as my task manager.
My Folder option in control panel also disappear.

I was trying to fix it by using gpedit.msc but I cant.

I believe that this Flashy.exe is the one reason why i have this problem in my pc.

Tnx a lot in advance!



Logfile of HijackThis v1.99.1
Scan saved at 8:25:36 AM, on 4/6/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:PROGRA~1GrisoftAVG7avgamsvr.exe
C:PROGRA~1GrisoftAVG7avgupsvc.exe
C:PROGRA~1GrisoftAVG7avgemc.exe
C:Program FilesBonjourmDNSResponder.exe
C:WINDOWSsystem32CTsvcCDA.EXE
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32wscntfy.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32VTtrayp.exe
C:WINDOWSsystem32VTTimer.exe
C:PROGRA~1GrisoftAVG7avgcc.exe
C:Program FilesZangobin10.3.65.0OEAddOn.exe
C:Program FilesZangobin10.3.65.0ZangoSA.exe
C:WINDOWSsystem32Flashy.exe
C:WINDOWSsystem32driverssvchost.exe
C:Program FilesMozilla Firefoxfirefox.exe
C:Program FilesHijackThisHijackThis.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://g.msn.com/0SEENUS/SAOS11
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://search.orbitdownloader.com
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
R1 - HKCUSoftwareMicrosoftInternet ExplorerSearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page =
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
F2 - REG:system.ini: UserInit=userinit.exe,password_viewer.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 5.0ReaderActiveXAcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.6.0_03binssv.dll
O2 - BHO: (no name) - {89BAF38F-4097-4577-A368-CB56DD136717} - (no file)
O2 - BHO: Zango - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - C:Program FilesZangobin10.3.65.0HostIE.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:Program FilesGoogleGoogleToolbarNotifier5.1.1309.3572swg.dll
O3 - Toolbar: Zango - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - C:Program FilesZangobin10.3.65.0HostIE.dll
O4 - HKLM..Run: [VTTrayp] VTtrayp.exe
O4 - HKLM..Run: [VTTimer] VTTimer.exe
O4 - HKLM..Run: [AVG7_CC] C:PROGRA~1GrisoftAVG7avgcc.exe /STARTUP
O4 - HKLM..Run: [ZangoOE] C:Program FilesZangobin10.3.65.0OEAddOn.exe
O4 - HKLM..Run: [ZangoSA] "C:Program FilesZangobin10.3.65.0ZangoSA.exe"
O4 - HKLM..Run: [Flashy Bot] C:WINDOWSsystem32Flashy.exe
O4 - HKCU..Run: [SVCHOST.EXE] C:WINDOWSsystem32driverssvchost.exe
O4 - Startup: systemID.pif = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:PROGRA~1MICROS~2Office10EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_03binssv.dll
O9 - Extra Tools menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_03binssv.dll
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file)
O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra Tools menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra button: SpeechExpert - {9963BBF2-4056-4899-87FA-ECAA6724C46F} - C:WINDOWSsystem32shdocvw.dll (HKCU)
O9 - Extra Tools menuitem: &SpeechExpert - {9963BBF2-4056-4899-87FA-ECAA6724C46F} - C:WINDOWSsystem32shdocvw.dll (HKCU)
O10 - Unknown file in Winsock LSP: c:program filesbonjourmdnsnsp.dll
O12 - Plugin for .pdf: C:Program FilesInternet ExplorerPLUGINSnppdf32.dll
O12 - Plugin for .spop: C:Program FilesInternet ExplorerPluginsNPDocBox.dll
O17 - HKLMSystemCCSServicesTcpip..{8CBFDA0D-2E29-4314-A8FB-22DD6A2BE28C}: NameServer = 85.255.114.93,85.255.112.235
O17 - HKLMSystemCCSServicesTcpip..{AF7D214D-18FD-4743-9EDB-846ED0C40EFE}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLMSystemCCSServicesTcpip..{BB594E8E-4BAC-43DB-8ED4-00FFB7CD25B0}: NameServer = 85.255.114.93,85.255.112.235
O17 - HKLMSystemCS1ServicesTcpipParameters: NameServer = 85.255.114.93 85.255.112.235
O17 - HKLMSystemCS1ServicesTcpip..{8CBFDA0D-2E29-4314-A8FB-22DD6A2BE28C}: NameServer = 85.255.114.93,85.255.112.235
O17 - HKLMSystemCS2ServicesTcpipParameters: NameServer = 85.255.114.93 85.255.112.235
O17 - HKLMSystemCS2ServicesTcpip..{8CBFDA0D-2E29-4314-A8FB-22DD6A2BE28C}: NameServer = 85.255.114.93,85.255.112.235
O17 - HKLMSystemCCSServicesTcpipParameters: NameServer = 85.255.114.93 85.255.112.235
O20 - Winlogon Notify: winbue32 - winbue32.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:PROGRA~1GrisoftAVG7avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:PROGRA~1GrisoftAVG7avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:PROGRA~1GrisoftAVG7avgemc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:Program FilesBonjourmDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:WINDOWSsystem32CTsvcCDA.EXE
O23 - Service: Google Software Updater (gusvc) - Google - C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:Program FilesiPodbiniPodService.exe
O23 - Service: ServiceLayer - Nokia. - C:Program FilesPC Connectivity SolutionServiceLayer.exe

Read More...
Your Ad Here

No comments: