2007-11-05 20:44 tengo algun problema en windows
hola a todos quisiera saber si tengo algún problema en mi windows o en alguna parte del ordenador de mi pc, bueno este es lo que me da el HijackThis -------------------------------------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:38:44, on 05/11/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\sys …
Read more on “Foro de Spyware”
|
Tags:
|
ARCHIV Grisoft AVG,
ARCHIV SPYBOT SDHelper,
AVG Run,
AcroRd,
Adobe PDF Reader,
Adobe Reader,
Archivo,
Are,
Ares Development Group,
AresChatServer,
AudioDeck,
BHO Aplicación,
BHO SSVHelper Class,
Bueno,
CACE Technologies,
Consola,
Control,
Descargar,
Enviar,
Extra,
Extra Tools,
Flas,
FlashGet,
FlashGet FlashGet,
HP Digital Imaging,
HPZipm,
Hewlett-Packard Company,
HijackThis,
Internet Explorer,
Java,
LightScribe LSSrvc,
LinkId,
Logfile,
MSN Messenger,
Macrovision Corporation,
Messenger,
MessengerStat,
MessengerStatsClient Class,
Microsoft Excel,
Mozilla Firefox,
NVIDIA Corporation,
NameServer,
Normal Running,
NvCpl,
NvCplDaemon RUNDLL,
NvStartup,
OneNote,
PhotoUpload MsnPUpld,
Protocol,
Reader,
Research,
Service Ares Chatroom,
Service STI Simulator,
Sun Java,
Trend Micro HijackThis,
Unknown,
UnoCtrl Class,
User Default,
User SERVICIO LOCAL,
User SYSTEM,
User Servicio,
VIAudioi SBADeck ADeck,
WINDOWS Explorer,
WINDOWS Network Diagnostic,
WINDOWS System,
WINDOWS System PAStiSvc,
WUWebControl Class,
WinPcap,
Windows Messenger,
Yodm,
..
|
2007-11-05 20:11 maquina suuuuuper lenta
Hola chicos... les digo, que ya pase el AVG, El Adware SE, y el spybot, solo me queda esto.. aver si mejora... les dejo el log Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:06:50, on 05/11/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WIN …
Read more on “Foro de Spyware”
|
Tags:
|
ACNotify,
ACTray,
ACWLIcon,
ARCHIV Grisoft AVG,
AVG Run,
AcroIEHelper,
Adobe Acrobat,
Archivo,
BHO AcroIEHlprObj Class,
Consola,
Corel Photo Downloader,
Diskeeper Corporation,
DiskeeperSystray,
Extra,
Extra Tools,
HP Software Update,
HPZipm,
IBM Java,
IBM ThinkVantage Rescue,
ISUSPM Startup,
ISUSScheduler,
InstallShield UpdateService,
InstallerSf Control,
Internet Explorer,
LPManager,
Lenovo,
Lenovo HOTKEY TPHKMGR,
Lenovo HOTKEY TpWAudAp,
Logfile,
Macrovision Corporation,
Messenger,
Microsoft Excel,
NeroCheck,
NeroFilterCheck,
Normal Running,
Option,
PMHandler,
PMSveH,
Picasa Media Detector,
Picasa PicasaMediaDetector,
PsaSrv,
Recovery,
Service Diskeeper,
Service PMSveH,
Service TVT Scheduler,
SoundMan SOUNDMAN,
SpyBro SpyBro,
SpyBrowser,
SynTPEnh,
Synaptics SynTP SynTPEnh,
ThinkPad ConnectUtilities ACTray,
ThinkPad ConnectUtilities ACWLIcon,
ThinkPad ConnectUtilities AcPrfMgrSvc,
ThinkPad ConnectUtilities AcSvc,
ThinkVantage AMSG Amsg,
ThinkVantage SystemUpdate UCLauncher,
ThinkVantage SystemUpdate UCLauncherServi,
Trend Micro HijackThis,
URLSearchHook Barra Yahoo,
Unknown,
User Default,
User SERVICIO LOCAL,
User SYSTEM,
User Servicio,
WINDOWS Explorer,
WINDOWS SYSTEM PMHandler,
WINDOWS System,
Windows Messenger,
Winlogon Notify ACNotify,
..
|
2007-10-23 06:39 Lentitud general sin motivo aparente...
Buenos días, el terminal de casa, ultimamente me va bastante lento en todo, y no veo ningún proceso que ocupe recursos... Podeis echarme una mano Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:24:53, on 20/10/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32 …
Read more on “Foro de Spyware”
|
Tags:
|
ATI Technologies Inc,
AcroIEHelper,
Adobe Reader,
Alcmtr ALCMTR,
BHO AcroIEHlprObj Class,
BHO EpsonToolBandKicker Class,
BHO Skype,
BgMonitor,
BitTorrent,
Extra,
Extra Tools,
Global Startup Inicio,
Internet Explorer,
Kaspersky Lab,
Logfile,
MSN PUpld,
Macrovision Corporation,
Messenger,
Microsoft Excel,
MsnMsgr,
NMBgMonitor,
NeroFilterCheck,
Normal Running,
Program Files,
Program Files BitTorrent,
Program Files Messenger,
Protocol,
Referencia,
RemoteControl,
Service ATI Smart,
Service Kaspersky Anti-Virus,
SkyTel SkyTel,
Skype,
Toolbar EPSON Web-To-Page,
Toolbar Google,
Trend Micro HijackThis,
Unknown,
User Default,
User SYSTEM,
WINDOWS Explorer,
WINDOWS System,
WLSetupSvc,
Web Anti-Virus,
Windows Messenger,
..
|
2007-10-22 04:08 Sikartus-Mensaje de HistoriaLout-frvaldes
Hola de nuevo Sikartus, siguiendo tus instrucciones te anexo el registro de HijackThis que me salió al final de todas las eliminaciones y comprobaciones que hice. Si se requiere algo más por favor no dudes en solicitarlo. Gracias nuevamente: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:42:46 p.m., on 21/10/2007 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16546) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32 …
Read more on “Foro de Spyware”
|
Tags:
|
A-A NameServer,
BHO SSVHelper Class,
BHO Yahoo,
CPSHelpRunner,
Conexant Systems Inc,
Consola,
Creative Labs,
Default,
DelayShred,
Extra,
Extra Tools,
FaxCenterServer,
Global Startup,
Gopher Prefix,
Helper,
HijackThis,
HistoriaLout-frvaldes,
Host,
HotKeysCmds,
ISUSPM Startup,
ISUSScheduler,
IgfxTray,
Install,
Internet Explorer,
LinkId,
Logfile,
Macrovision Corporation,
McAfee Inc,
MicroVision Development Inc,
Microsoft Excel,
Monitor,
MskAgentexe,
Normal Running,
PCMService,
PROGRA McAfee MPS,
PROGRA McAfee MSC,
PROGRA McAfee VIRUSS,
Persistence,
Program Files Java,
Program Files Yahoo,
QuickTime Task,
Reader,
Referencia,
RoxMediaDB,
RoxWatch,
RoxWatchTray,
RoxioDragToDisc,
SUPERAntiSpyware,
Service,
Service McAfee Services,
Service RoxMediaDB,
Service XAudioService,
Shockwave Flash Object,
ShowWelcomeCenter,
ShrCL,
Sidebar,
SigmaTel Inc,
SigmatelSysTrayApp,
Sikartus,
Sonic Solutions,
Startup,
Sun Java,
SunJavaUpdateSched,
SynTPEnh,
Toolbar Barra Yahoo,
Trend Micro HijackThis,
URLSearchHook Barra Yahoo,
Unknown,
User SERVICIO LOCAL,
User Servicio,
Window,
Windows Explorer,
Windows System,
Windows TEMP,
WindowsWelcomeCenter,
Winlogon Notify,
YInstStarter Class,
..
|
2007-10-20 18:16 Pop Ups de publicidad
Estimados amigos: Tengo problemas serios con las ventanas emergente al iniciar internet. Siempre me salen ventanas de publicidad muy diversa. Les anexo mi log para qe por favor me den una mano. Saludos: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:41:38, on 20/10/2007 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16546) Boot mode: Normal Running processes: C:\Program Files (x86)\MSN Messenger\msnmsgr.exe C:\Program Files (x86)\Google\GoogleToolba …
Read more on “Foro de Spyware”
|
Tags:
|
Adobe PDF Reader,
Adobe Reader,
Ares Ares,
BHO Aplicación,
BHO SSVHelper Class,
BHO Yahoo,
BgMonitor,
BrMfcWnd,
Brother Brmfcmon BrMfcWnd,
Brother ControlCenter,
Consola,
ControlCenter,
DivXBrowserPlugin,
DivXBrowserPlugin Object,
Eset,
Extra,
Extra Tools,
Google,
Google GoogleToolbarNotifier,
Gopher Prefix,
Helper,
Hewlett-Packard Company,
Host,
IndexSearch,
Install,
Internet Explorer,
Java,
KeyIso,
LinkId,
Locator,
Logfile,
MSN Messenger,
MSN Messenger MsnMsgr,
Macrovision Corporation,
Microsoft Excel,
MsnMsgr,
NBKeyScan,
Nero AG,
Netlogon,
Normal Running,
Oki Data Corporation,
PaperPort PTD,
Program Files,
ProtectedStorage,
QuickTime QTTask,
QuickTime Task,
Reader,
Referencia,
RpcLocator,
SLsvc,
SSBkgdUpdate,
SamS,
ScanSoft PaperPort,
ScanSoft PaperPort IndexSearch,
Service,
Service HASP Loader,
Service NMIndexingService,
Service SystemRoot,
Service SystemRoot System,
Service Systemroot,
Sidebar,
Speech Recognition,
Spooler,
Sun Java,
SunJavaUpdateSched,
Tengo,
Toolbar Barra Yahoo,
Toolbar Google,
Trend Micro HijackThis,
UI Detect,
URLSearchHook Barra Yahoo,
Unknown,
User SERVICIO LOCAL,
User Servicio,
UserInit,
WMPNetworkSvc,
WinZip WZQKPICK,
Window,
Windows Live Favorites,
Windows Live Search,
Windows Live Toolbar,
Windows Media Player,
Windows Speech Common,
Windows SysWOW,
Windows System,
WindowsWelcomeCenter,
WmiApSrv,
YInstStarter Class,
Yahoo,
..
|
2007-10-18 20:13 Tengo el Pc Lento aqui mi log...
Buenas formatie mi pc hace 5 días, pero hace dos días anda muy lento y no se por que, aqui dejo mi log: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 03:10:49 p.m., on 18/10/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16544) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost …
Read more on “Foro de Spyware”
|
Tags:
|
AcroIEHelper,
Actualizador,
AddAllLink,
AddLink,
AddVideo,
Adobe Acrobat,
Archivo,
BHO BitComet ClickCapture,
BHO SSVHelper Class,
BitComet,
BitComet BitComet,
BitComet Search,
BitCometBHO,
Consola,
Control,
Eset,
Extra,
Extra Tools,
FileZilla Project,
FileZilla Server,
Internet Explorer,
Java,
LaunchINFSectionEx,
LinkId,
Logfile,
MSN PUpld,
Macrovision Corporation,
Microsoft Excel,
NameServer,
No-IP DUC,
Nokia,
Normal Running,
PCSuiteTrayApplication,
Pc Lento,
Referencia,
Service ServiceLayer,
Sidebar,
Startup No-IP DUC,
Sun Java,
Trend Micro HijackThis,
User Default,
User SERVICIO LOCAL,
User SYSTEM,
User Servicio,
VistaStart,
Vistadrv,
Visual Tooltip VisualToolTip,
VisualToolTip,
WINDOWS Explorer,
WINDOWS ISSO VIPhd,
WINDOWS Network Diagnostic,
WINDOWS System,
Windows Live Messenger,
Windows Sidebar,
..
|
2007-10-15 19:26 ayuda kontra un spyware
olas, ncesito vuestra ayuda porfa hay una specie de espia (spywarerning.mht) y en el spacio de la URL figura esto,C:\WINDOWS\systen32\spywarerning.mht, ademas comence a leer los mensajes del foro y segui algunos pasos, komo desactivar el restaurador de sistema y iniciar en modo aprueba de fallos, y descargue, todo lo que decia en el foro, pero = sigue el problema aka les dejo los reportes k salieron de los programas k ejecute. esto es lo que bot el Fixwareout Username "user" - 15/10/2007 12:49:4 …
Read more on “Foro de Spyware”
|
Tags:
|
ATI Technologies Inc,
AcroIEHelper,
Adobe Acrobat,
Analog Devices Inc,
Archivo,
Asistente,
BHO Complemento,
BHO SSVHelper Class,
BHO Yahoo,
Barra,
CCleaner,
CONFIG Temp,
Click,
Consola,
Current,
CyberLink PowerDVD PDVDServ,
CyberLink Shared,
DelPSGuard,
Desktop Component,
Encarta,
Extra,
Extra Tools,
FIX Cheked,
FileASSASSIN,
Fixwareout,
Fixwareout Username,
Global Startup Actualización,
HKLM SOFTWARE Winlogon,
Helper,
HijackThis,
Install,
Internet,
Internet Explorer,
Java,
LanguageShortcut,
Lexmark International Inc,
Logfile,
MSConfig,
MSN Messenger MsnMsgr,
Messenger,
Microsoft Excel,
NVIDIA Corporation,
NvCpl,
NvCplDaemon RUNDLL,
NvMcTray,
NvMediaCenter RUNDLL,
NvStartup,
NvStartup LanguageShortcut,
NvTaskbarInit,
NvTaskbarInit NvCplDaemon RUNDLL,
PER Antivirus,
PER Systems,
Persystems Perav PAVSS,
Persystems Perav PERUPD,
Persystems Perav PERVACNT,
Photodex ProShowGold ScsiAccess,
Prerun,
Referencia,
RemoteControl,
RichVideo,
Run SsAAD,
Run Yahoo,
Running,
SSODL Internet Explorer,
SSODL TIozoSL,
SUPERAntiSpyware,
SUPERAntiSpyware SASWINLO,
SUPERAntiSpyware SUPERAntiSpyware,
Safe,
Service ATI Smart,
Service FCI,
Service ICF,
Service MSCSPTISRV,
Service PACSPTISVR,
Service PER Antivirus,
Service ScsiAccess,
Sony Corporation,
SoundMAX,
SoundMAXPnP,
SsAAD,
Startup Webshots,
Sun Java,
System,
Toolbar Asistente,
Toolbar Barra Yahoo,
Trend Micro HijackThis,
URLSearchHook Barra Yahoo,
Unknown,
User Default,
User SYSTEM,
User Servicio,
UserInit,
WINDOWS Explorer,
WINDOWS System,
Webshots WebshotsTray,
WinZip WZQKPICK,
Window,
Windows Live Search,
Windows Live Toolbar,
Windows Messenger,
Winlogon Notify,
Winsock LSP,
YInstStarter Class,
Yahoo,
YahooMessenger,
Zone Labs LLC,
Zone Labs ZoneAlarm,
ZoneAlarm Client,
ZoneLabs,
..
|
2007-09-05 13:58 Pc Se Reinicia Solo
Este es mi log, a ver si me podeis ayudar!...: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:57:28, on 05/09/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16473) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Archivos de programa\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\W …
Read more on “Foro de Spyware”
|
Tags:
|
ANIWZCS Service,
Adobe PDF Reader,
Alcmtr ALCMTR,
Alpha Networks Inc,
Archivo,
BHO Aplicación,
BHO SSVHelper Class,
Consola,
Descargar,
Extra,
Extra Tools,
Flas,
FlashGet,
FlashGet FlashGet,
Google,
Google GoogleToolbarNotifier,
Google GoogleToolbarNotifier GoogleToolba,
Internet Explorer,
Java,
Kaspersky Lab,
LVPrcSrv,
LaunchINFSectionEx,
LinkId,
Logishrd LQCVFX COCIManager,
Logitech Inc,
Logitech LComMgr LVComSX,
Logitech QuickCam QuickCam,
Logitech SrvLnch SrvLnch,
LogitechCommunicationsManager,
LogitechQuickCamRibbon,
LogitechSetup,
Microsoft Excel,
NVIDIA Corporation,
Normal Running,
NvCpl,
NvCplDaemon RUNDLL,
NvMcTray,
NvMediaCenter RUNDLL,
NvStartup,
NvTaskbarInit,
Referencia,
Se Reinicia Solo,
Search Destroy SDHelper,
Service Kaspersky Anti-Virus,
Service LVSrvLauncher,
Setup Setup,
SkyTel SkyTel,
Spybot,
Sun Java,
Toolbar Google,
Trend Micro HijackThis,
Unknown,
User Default,
User SERVICIO LOCAL,
User SYSTEM,
User Servicio,
WINDOWS Explorer,
WINDOWS Network Diagnostic,
WINDOWS System,
WLSetupSvc,
Web Anti-Virus,
Windows Defender,
Windows Defender MSASCui,
Windows Defender MsMpEng,
Windows Live,
Windows Live Messenger,
..
|
2007-08-22 17:19 Hijackthis - Spyware, Viruses, Worms, Trojans Oh My! :: coq.dll
Author: addiction2k1 Subject: coq.dll Posted: Wed Aug 22, 2007 5:19 pm (GMT 0) coq.dll tries to run when I open internet explorer everytime. Right now I tiny personal software which is blocking coq.dll from running...called virtual protect Logfile of HijackThis v1.99.1 Scan saved at 1:14:41 PM, on 8/22/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16473) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32 …
Read more on “CastleCops Recent Posts”
|
Tags:
|
ActiveX AcroIEHelper,
America Online Inc,
AppInit DLLs,
Apple Inc,
AppleMobileDeviceService,
BHO AcroIEHlprObj Class,
BHO DriveLetterAccess,
BHO SSVHelper Class,
BHO XTTBPos,
BHO Yahoo,
Control,
Document,
Extra,
Extra Tools,
FacebookPhotoUploader,
Helper,
HijackThis,
INTERNATIONAL International,
Installation Support,
Install,
Internet Explorer,
Lavasoft AB,
LinkId,
Logfile,
MSConfig,
Messenger,
Microsoft WLAN Tray,
Network Diagnostic,
Option,
Posted Wed Aug,
Preference,
Program Files,
Program Files AIM,
Program Files Java,
Program Files Messenger,
Program Files Yahoo,
Protocol,
Real,
Service,
Service Ad-Aware Service,
Services Button,
Settings Kevin Desktop,
Shdocvw,
Shell Explorer,
Shockwave Flash Object,
Subject,
Suggest,
Sun Java Console,
Tiny Software Inc,
Toolbar ICQ Toolbar,
Toolbar Yahoo,
URLSearchHook ICQ Toolbar,
URLSearchHook Yahoo,
UmxSbxExw,
Unknown,
WINDOWS Explorer,
WINDOWS SYSTEM UmxWnp,
WINDOWS SYSTEM WgaLogon,
WINDOWS System,
WINDOWS System WLTRYSVC,
Windows Messenger,
Windows Services Agent,
Windows Wireless Services,
Winlogon Notify,
Winlogon Notify PFW,
Winlogon Notify WBSrv,
Winlogon Notify WgaLogon,
Wireless System Startup,
YSearchSuggest,
Yahoo,
YahooMessenger,
Yinsthelper,
..
|
2007-08-20 05:55 Help Please!!! HJT Report Attached.
I recently have had some nasties infect my computer including Virtumonde and win32.murlo.ff and probably a few more that the programs I have won't detect. I have pasted the most recent HJT report below, but please keep in mind that this is the only computer I have and it is on very slow dial-up, so some programs that you may request that I use may be difficult for me to download, and also that with these viruses, the computer tends to crash a little here and there. ALSO I should tell you that I …
Read more on “Safer Networking Forums”
|
Tags:
|
ATIPTA Atiptaxx,
AcroIEHelper,
Apple Inc,
Atiptaxx,
BHO AcroIEHlprObj Class,
BHO PBlockHelper Class,
Crawler,
Document,
Extra,
Extra Tools,
FF MsnMessengerSetupDownloadControl Class,
HijackThis,
Internet Explorer,
MCW Startup,
Messenger,
NameServer,
PROGRA SPYBOT SDHelper,
PROGRA SPYWAR SpywareTerminatorShield,
PhotoUpload MsnPUpld,
Please,
Program Files,
Program Files Java,
Program Files Messenger,
Program Files Spybot,
Program Files Winamp,
Protocol,
Report Attached,
Research,
Search Destroy TeaTimer,
Service,
Service BOCore,
SiSoftware,
Spybot,
SpybotSD TeaTimer,
SpywareTerminator,
Sun Java Console,
SunJavaUpdateSched,
Virtumonde,
Vundofix,
WINDOWS Explorer,
WINDOWS System,
WinampAgent,
Windows Defender,
Windows Messenger,
Winlogon Notify,
..
|
2007-08-20 05:18 my computer acting slow lately...
it has been acting really slow lately, just want to see if i missed anything. i tried the kaspersky online scan and it failed before it even downloaded. then i tried the one you guys mention below it and it didn't work either. heres my hijack this log: Logfile of HijackThis v1.99.1 Scan saved at 9:15:23 PM, on 8/19/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16512) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WIN …
Read more on “Safer Networking Forums”
|
Tags:
|
ATI Technologies Inc,
AcRdB,
AcroIEHelper,
ActiveScan Installer Class,
AdobeUpdateManager,
Apple Inc,
AppleMobileDeviceService,
BHO SSVHelper Class,
CKAVWebScan Object,
Cpqset,
Extra,
Extra Tools,
F-Secure Online Scanner,
HGPlugin USA Class,
HP Software Update,
Hewlett-Packard Development Company,
HijackThis,
IMEName,
INTERNATIONAL International,
Internet Explorer,
LinkId,
Logfile,
Macrovision Corporation,
Messenger,
Network Diagnostic,
Option,
PHIME ASync,
PROGRA SPYBOT SDHelper,
Program Files,
Program Files Java,
Program Files Messenger,
Protocol,
QuickTime Task,
SSODL WPDShServiceObj,
Service,
Service Kaspersky Anti-Virus,
Spoil RemAdvDef Migration,
Start,
Sun Java Console,
SunJavaUpdateSched,
SynTPEnh,
SynTPLpr,
Unknown,
WINDOWS Explorer,
WINDOWS SYSTEM WgaLogon,
WINDOWS System,
WPDShServiceObj,
Web Anti-Virus,
Windows Messenger,
Winlogon Notify,
Winlogon Notify WgaLogon,
..
|
2007-08-20 04:38 SpyWare problems
I have been infected today by a couple of spyware/trojans. Virtumonde, webbuyer, doubleclick, mediaplex, and winsoftware. I've read through the forums and tried to remove them on my own. Virtumonde and webbuyer seem to be gone now but I do hear clicking sounds as if I was browsing with internet explorer even when I'm not doing anything. I'm worried because I have very important stuff which I have to log into through the internet. Here are my HiJackThis and Combofix logs respectively. Logfile of …
Read more on “Safer Networking Forums”
|
Tags:
|
AIM Search,
AOpenClient,
ATI Technologies Inc,
AbsolutePoker,
AcRdB,
AcroIEHelper,
AdobeUpdateManager,
Agent,
Backward Links,
Binn,
Block,
BluetoothAuthenticationAgent,
Bodog Poker,
Cached Snapshot,
Combofix,
Corporation,
Creative Detector,
DellSupport,
Document,
English,
Extra,
Extra Tools,
Google Search,
GoogleToolbar,
HiJackThis,
HijackThis,
HotKeysCmds,
HydraVisionDesktopManager,
HydraVisionViewport,
INTERNATIONAL International,
IgfxTray,
Install,
Intel,
Internet Explorer,
LinkId,
MCAgentExe,
MCUpdateExe,
Macrovision Corporation,
McAfee Inc,
McShield McShield,
McUpdate,
Messenger,
NameServer,
NeroCheck,
NeroFilterCheck,
Network Diagnostic,
OASClnt,
Open Client,
Option,
PROGRA McAfee,
PROGRA SPYBOT SDHelper,
Page,
Program Files,
Program Files AIM,
Program Files DellSupport,
Program Files Java,
Program Files McAfee,
Program Files Messenger,
Program Files PostgreSQL,
Program Files QuickTime,
Program Files Spybot,
Program Files Trillian,
Program Files VentSrv,
Program Files Winamp,
Program Files Yahoo,
Protocol,
QuickTime Task,
Real,
Search Destroy SpybotSD,
Send To Bluetooth,
Service ATI Smart,
Service Bluetooth Service,
Service DSBrokerService,
Service MEKZRF,
Service McAfee,
Service TabletService,
Service Ventrilo,
Shdocvw,
Similar Pages,
SoundMAXPnP,
SunJavaUpdateSched,
Tablet,
TkBellExe,
Toolbar Google,
Toolbar McAfee VirusScan,
Toolbar Yahoo,
Translate English Word,
Translate Page,
URLSearchHook,
URLSearchHook Yahoo,
UltimateBet,
UltimateBuddy,
Unknown,
VSOCheckTask,
VirusScan Online,
WINDOWS Explorer,
WINDOWS SYSTEM WgaLogon,
WINDOWS System,
Wacom Technology Corp,
WinampAgent,
Windows Messenger,
Winlogon Notify,
Winlogon Notify WgaLogon,
..
|
2007-08-20 04:12 clean bill of health 2
Hi I work away all week and my wife says the PC going very slow (again)! with the screen blaning out now and again for 2-3 seconds Would like to know if there is anything amiss here done on-line scan, run spybot in safe mode results below many thanks ------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Sunday, August 19, 2007 6:29:44 PM Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky Online Scan …
Read more on “Safer Networking Forums”
|
Tags:
|
AcroIEHelper,
Anti-Virus,
AppEvent,
CKAVWebScan Object,
CatRoot,
Critical Areas,
Duration,
Extra,
Extra Tools,
FC MUWebControl Class,
Google,
HijackThis,
INTERNATIONAL International,
Internet,
Internet Explorer,
Kaspersky Anti-Virus,
LOCALS Temp DFC,
LinkId,
Messenger,
NVIDIA Corporation,
Network Diagnostic,
Number,
NvCplDaemon RUNDLL,
NvStartup,
Object,
Option,
PROGRA Grisoft AVG,
PROGRA SPYBOT SDHelper,
Program Files Messenger,
Program Files Spybot,
Repository FS INDEX,
Repository FS MAPPING,
Repository FS OBJECTS,
SAM Object,
SECURITY Object,
Scan,
Scan Archives,
Scan Mail Bases,
Scan Settings Scan,
Scan Target,
Search Destroy SpybotSD,
Search Destroy TeaTimer,
SecEvent,
Service MATLAB Server,
Service WLTRYSVC,
Shockwave Flash Object,
Sony Corporation,
SpybotSD TeaTimer,
SpybotSnD,
SymDlBrg,
SysEvent,
Toolbar,
Toolbar Google,
URLSearchHook Yahoo,
Uniblue RegistryBooster,
Unknown,
WINDOWS Debug PASSWD,
WINDOWS Explorer,
WINDOWS SYSTEM WgaLogon,
WINDOWS SchedLgU,
WINDOWS SoftwareDistribution EventCache,
WINDOWS SoftwareDistribution ReportingEvents,
WINDOWS Sti Trace,
WINDOWS System,
WINDOWS System NvCpl,
WINDOWS WindowsUpdate,
WUWebControl Class,
Windows Messenger,
Winlogon Notify WgaLogon,
Would,
..
|
2007-08-20 02:55 Command Service
Help! I am getting warnings of trojans, worms, viruses, and thousands of pop-ups from savetheinformation, bestsellerantivirus, protectroom, onlinehelpmate, storageprotector and b2ad2.com. A Spybot scan comes up with Command Service, but I am not able to delete this even at the source. The HJT log is: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:51:12 PM, on 8/19/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Runni …
Read more on “Safer Networking Forums”
|
Tags:
|
ADA DwnldGroupMgr Class,
ActiveX AcroIEHelper,
AppInit DLLs,
BHO AcroIEHlprObj Class,
BHO DriveLetterAccess,
BHO SSVHelper Class,
BHO Yahoo,
CDROM Access,
CTsvcCDA,
Command Service,
Corporation,
Creative Technology Ltd,
DellSupport,
EarthLink Installer,
Extra,
Extra Tools,
FC MUWebControl Class,
Google,
Google Desktop Search,
Helper,
Icon,
Install,
Intel,
IntelMeM,
Internet Explorer,
Lexmark International Inc,
Logfile,
Macrovision Corporation,
McAfee,
McAfee Inc,
Messenger,
Microsoft Excel,
Musicnotes Viewer,
Normal Running,
Operating System Class,
PCMService,
PROGRA McAfee MPS,
PROGRA McAfee MSC,
PROGRA McAfee VIRUSS,
PROGRA Yahoo,
Program Files AIM,
Program Files DellSupport,
Program Files Java,
Program Files Messenger,
Program Files QuickTime,
Program Files Spybot,
Program Files Winamp,
Program Files Yahoo,
QuickTime Task,
Real,
Search,
Search Destroy SDHelper,
Search Destroy SpybotSD,
Service,
Service Creative Service,
Service DSBrokerService,
Service GoogleDesktopManager,
Service MSCSPTISRV,
Service McAfee Services,
Service PACSPTISVR,
Services Button,
Shdocvw,
Sony Corporation,
SoundMAXPnP,
Spybot,
SpybotSnD,
SsAAD,
Startup Event Reminder,
Sun Java Console,
SunJavaUpdateSched,
TkBellExe,
Toolbar Google,
Toolbar Security Toolbar,
Toolbar Yahoo,
Trend Micro HijackThis,
Trusted Zone,
URLSearchHook Yahoo,
Unknown,
UpdateManager,
WINDOWS Explorer,
WINDOWS System,
WinampAgent,
Windows Messenger,
Winlogon Notify,
YInstStarter Class,
YPager,
Yahoo,
ZUxdm MMUS,
..
|
2007-08-12 08:47 My registry editor problem...
Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 01:45:04 ص, on 12/08/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\UStorSrv. …
Read more on “Computer Forum”
|
Tags:
|
ActiveX AcroIEHelper,
BHO AcroIEHlprObj Class,
BHO Megaupload Toolbar,
BHO SSVHelper Class,
BHO Yahoo,
CloneCDElbyCDFL,
CloneCDTray,
DataLayer,
Desktop Component,
Document,
ElbyCDFL,
Extra,
Extra Tools,
Helper,
HiJackThis,
InCD,
Install,
Internet Explorer,
LoadService,
Messenger,
Microsoft Excel,
NeroCheck,
Normal Running,
PCSuiteTrayApplication,
Plugin,
Program Files,
Program Files Java,
Program Files Messenger,
Program Files Yahoo,
RavAV,
Research,
SharedTaskScheduler,
SoundMan SOUNDMAN,
Sun Java Console,
SunJavaUpdateSched,
SysTask,
System DisableRegedit,
TkBellExe,
Tok-Cirrhatus,
Toolbar,
Toolbar Megaupload Toolbar,
Toolbar Protection Bar,
Toolbar Yahoo,
Trend Micro HijackThis,
URLSearchHook Yahoo,
UStorSrv,
Unknown,
User Default,
User SYSTEM,
WINDOWS Explorer,
WINDOWS RavMonE,
WINDOWS System,
WgaTray,
WinampAgent,
Windows Messenger,
YInstStarter Class,
Yahoo,
YahooMessenger,
..
|
2007-08-10 10:51 zlob dns changer
Hello: Spybot seems unable to remove zlob from my computer after many attempts. Here is my Hijack This log: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 6:43:21 AM, on 10/08/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16473) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx …
Read more on “Safer Networking Forums”
|
Tags:
|
ATI Technologies Inc,
AVG Run,
AcroIEHelper,
Anonymizer,
Anti Trojan Elite,
BHO SSVHelper Class,
BHO Spybot-S,
BHO Yahoo,
EAEB CFFF NameServer,
Evidence Eliminator,
Extra,
Extra Tools,
F-Secure Online Scanner,
Google,
Helper,
Hijack This,
IE Protection,
ISUSPM Startup,
ISUSScheduler,
Internet Explorer,
Lavasoft AB,
LinkId,
Logfile,
Macrovision Corporation,
Microsoft Excel,
Normal Running,
PROGRA Grisoft AVG,
PROGRA SPYBOT SDHelper,
Program Files Eazfix,
Program Files Java,
Program Files Messenger,
Program Files Spybot,
Research,
SUPERAntiSpyware,
Search Destroy Configuration,
Search Destroy TeaTimer,
Service Ad-Aware Service,
Service MSCSPTISRV,
Service PACSPTISVR,
Service SHDSERV,
Shockwave Flash Object,
Sony Corporation,
Spybot,
SpybotSD TeaTimer,
SsAAD,
Toolbar Yahoo,
Tracks Eraser Pro,
Trend Micro HijackThis,
Unknown,
User Default,
User SYSTEM,
WINDOWS Explorer,
WINDOWS Network Diagnostic,
WINDOWS System,
Winlogon Notify,
Zone Labs LLC,
ZoneAlarm Client,
ZoneLabs,
..
|
2007-08-09 22:35 Ultimate Cleaner Headache!
Hi all, Seems my PC is riddled with this Ultimate Cleaner. My desktop background has been changed to one big link "Protecting my Privacy", Theres so many popups and fake alerts its hard to get through a sentence without 10 more! :banghead: Im not so good with these types of things but having read through, heres the HJT report: Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 11:21:50 PM, on 8/9/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\W …
Read more on “Safer Networking Forums”
|
Tags:
|
ALUAlert,
AVG Run,
AcRdB,
AcroIEHelper,
ActiveX Control,
AdobeUpdateManager,
AntiSpyWare Guard,
Apple Inc,
AppleMobileDeviceService,
BHO MSVPS System,
BHO SSVHelper Class,
Backward Links,
C-Media Mixer Mixer,
Cached Snapshot,
Cleaner Headache,
Document,
ESC Trusted Zone,
English,
Extra,
Extra Tools,
Global Startup DSLMON,
Google Search,
GoogleToolbar,
Hewlett-Packard Company,
InCD,
KEMailKb,
Logfile,
Macrovision Corporation,
Messenger,
MsnMsgr,
MsnPUpld,
NVIDIA Corporation,
Nero AG,
NeroCheck,
NeroFilterCheck,
Nicosia,
Normal Running,
NvCpl,
NvCplDaemon RUNDLL,
NvMcTray,
NvMediaCenter RUNDLL,
NvStartup,
NvTaskbarInit,
PROGRA Grisoft AVG,
PROGRA KEMailKb KEMailKb,
Page,
Plugin,
PnkBstrA,
PnkBstrB,
Privacy Theres,
Program Files,
Program Files Java,
Program Files Messenger,
Program Files Spybot,
Program Files Yahoo,
Protecting,
QuickTime Task,
Scan,
Search Destroy SDHelper,
Seem,
Service,
Service MSCSPTISRV,
Service Memeo BMUService,
Service PACSPTISVR,
Service PnkBstrA,
Service PnkBstrB,
SharedTaskScheduler Browseui,
SharedTaskScheduler Component Categories,
Similar Pages,
Sony Corporation,
SpySweeper,
SpybotDeletingA,
SpybotDeletingB,
SpybotDeletingC,
SpybotDeletingD,
Startup Memeo Launcher,
Sun Java Console,
SunJavaUpdateSched,
Symantec Corporation,
SystemTray SysTray,
System,
Tanagra Inc,
Thank,
Toolbar,
Toolbar Google,
Translate English Word,
Translate Page,
Trend Micro HijackThis,
Ultimate Cleaner,
Unknown,
User Default,
User SYSTEM,
VTTimer,
VTTimer VTTimer,
VTTrayp VTtrayp,
WINDOWS Explorer,
WINDOWS Mixer,
WINDOWS System,
Webroot Software Inc,
Windows Messenger,
Wireless Assistant,
Yahoo,
YahooMessenger,
..
|
2007-08-09 22:00 Zlob.DNSchanger and possibly other malware
HI, I've been having trouble with Zlob.DNSchanger and possibly with several other malware as well. I followed the instructions in the ``BEFORE you POST'' topic : 1) eTrust Web Scanner did not find any infections (also it did not produce a log-file) and I used this scanner several times over the course of about a week. 2) Trend Micro did initially find infections, namely ADWARE_BHOT_E-VENTURES (13 infections), ADWARE_BHOT_IEHELPER (1 infection) and TSPY_BLASTER (1 infection). Incidentally, the ts …
Read more on “Safer Networking Forums”
|
Tags:
|
ActiveX AcroIEHelper,
Administrator,
Anti-Virus,
AppEvent,
AttachMail,
BHO AcroIEHlprObj Class,
Backdoor,
CKAVWebScan Object,
Control,
DEFAULT Object,
Document,
Duration,
Extra,
FC MUWebControl Class,
HPDJ Taskbar Utility,
HijackThis,
IM-Worm,
Infected IM-Worm,
Inno,
Kaspersky,
Kaspersky Anti-Virus,
McAfeeUpdaterUI,
Micro,
My Computer,
Net-Worm,
Network Associates Inc,
Number,
Object,
PROGRA Yahoo,
Program Files,
Program Files Support,
Program Files Yahoo,
SAM Object,
SECURITY Object,
SOFTWARE Object,
SYSTEM Object,
Safe Mode,
Scan,
Scan Archives,
Scan Mail Bases,
Scan Settings Scan,
Scan Statistics Total,
Scan Target,
SecEvent,
Service,
Settings Administrator,
Settings Administrator Cookies,
Settings Administrator NTUSER,
ShStatEXE,
Spybot,
StartedFromRunKey,
Startup Manager,
Synchronization Manager,
SysEvent,
TFTP Infected Backdoor,
Trend Micro,
URLSearchHook,
URLSearchHook Yahoo,
Unknown,
VERITAS Software Corp,
WINNT CSC Object,
WINNT Debug,
WINNT Debug PASSWD,
WINNT Internet Logs,
WINNT SchedLgU,
WINNT SoftwareDistribution ReportingEvents,
WINNT System,
WINNT System TFTP,
WINNT Temp ZLT,
WINNT WindowsUpdate,
WUWebControl Class,
Web Scanner,
YInstStarter Class,
Yahoo,
Yahoo Messenger,
Zlob,
Zone Labs LLC,
ZoneAlarm Client,
ZoneLabs,
..
|
2007-08-09 20:56 Yet another VirtuMonde
:banghead: I have the DLL that I can't get rid of... Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 4:32:08 PM, on 8/9/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16473) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\C …
Read more on “Safer Networking Forums”
|
Tags:
|
ATI Technologies Inc,
AlertEng,
America Online,
America Online Inc,
AudioDrvEmulator,
BHO DriveLetterAccess,
Browser,
CDROM Access,
CDownloadCtrl Object,
CLTNetCnService,
CTsvcCDA,
Class,
Creative SoundFont Synthesizer,
Creative Technology Ltd,
DC- MSN Games,
DMXLauncher,
DivXBrowserPlugin Object,
Document,
Extra,
Extra Tools,
FC MUWebControl Class,
FE LSSupCtl Class,
GSDACtl Class,
GpcContainer Class,
ICQ Lite,
ISUSPM Startup,
ISUSScheduler,
Installer,
Internet Explorer,
LSSupCtl,
LinkId,
Macrovision Corporation,
Messenger,
MessengerStatsClient Class,
Normal Running,
PIFSvc,
PROGRA SPYBOT SDHelper,
Program Files Java,
Program Files Messenger,
Real,
Research,
Service COM Host,
Service Creative Service,
Service LiveUpdate,
SetDefaultMIDI MIDIDEF,
Shdocvw,
Sun Java Console,
SymAData,
Symantec Corporation,
Symantec PIF AlertEng,
Trend Micro HijackThis,
Unknown,
UpdReg,
User SYSTEM,
VirtuMonde,
VolPanel,
WINDOWS Explorer,
WINDOWS Network Diagnostic,
WINDOWS System,
WINDOWS UpdReg,
Windows Messenger,
Winlogon Notify,
ZoneUpwords Object,
..
|
2007-07-25 17:09 Trojans/viruses thanks to MSN
I opened a link to a zip file from one of my friends on MSN, who clearly has this trojan/virus..Now it's doing the same thing, sending messages via MSN to open zip files.. Here is the result of the online virus scan.. Scan Results: 82232 files scanned. 45 viruses were detected. File Infection Status Path add[1].exe Win32/Chepvil!generic cannot cure C:\Documents and Settings\Shannon\Local Settings\Temporary Internet Files\Content.IE5\4ZP3SOXC\ album2.zip Win32/Checkout.B cannot cure C:\WINDOWS\ a …
Read more on “Safer Networking Forums”
|
Tags:
|
ADA DwnldGroupMgr Class,
AOLSoftware,
ATI Technologies Inc,
AcroIEHelper,
Agent,
Apple Computer Inc,
BHO SSVHelper Class,
CostcoActivia,
Cpqset,
DC- MSN Games,
Document,
EA WScanCtl Class,
Extra,
Extra Tools,
FC MUWebControl Class,
Firewall,
Global Startup BTTray,
Google,
HP Component Manager,
HP Software Update,
HPZipm,
Here,
Hewlett-Packard Company,
Hewlett-Packard Development Company,
HijackThis,
Hijackthis,
HostManager,
INTERNATIONAL International,
IPHSend,
Infection Status Path,
Init,
Installer,
Internet Explorer,
Java Runtime Environment,
LSBWatcher,
LinkId,
MCAgentExe,
MCUpdateExe,
MPFExe,
MSN Chat Control,
McAfee,
McAfee Corporation,
McAfee Inc,
Messenger,
Microsoft Excel,
MsnMsgr,
MySpaceIM,
Network Diagnostic,
OASClnt,
Operating System Class,
Option,
PERSON MpfAgent,
PERSON MpfService,
PERSON MpfTray,
PROGRA McAfee,
PSIService,
Program Files,
Program Files HP,
Program Files Java,
Program Files McAfee,
Program Files Messenger,
Program Files QuickTime,
Protocol,
QuickTime Task,
Research,
Result,
Send To Bluetooth,
Service,
Service Bluetooth Service,
Service ProtexisLicensing,
Start,
Sun Java Console,
SunJavaUpdateSched,
SynTPEnh,
SynTPLpr,
Thank,
Toolbar Google,
Toolbar HP,
Toolbar McAfee VirusScan,
URLSearchHook Yahoo,
Unknown,
VSOCheckTask,
VirusScan Online,
WIDCOMM Inc,
WINDOWS SYSTEM WgaLogon,
WINDOWS System,
Win Checkout,
Win Chepvil,
Windows Messenger,
Winlogon Notify WgaLogon,
..
|
2007-07-25 13:01 zlob.dnschanger problem
Hello there, Hopefully someone can help me out as I followed a previous thread http://forums.spybot.info/showthread.phpt=15015 and followed the advice, it appeared to go through the motions but Icould not find the Delete following file and post back when it's done: C:\WINDOWS\Temp\kdlem.ren to delete and after restarting and running Spybot again the zlob came back. Here is the Hijack log: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:48:28, on 25/07/2007 Platform: Windows XP SP2 (Win …
Read more on “Safer Networking Forums”
|
Tags:
|
ATI Technologies Inc,
AcroIEHelper,
Adobe Systems,
AlertEng,
BHO NAV Helper,
C-Dilla Ltd,
CDROM Access,
CLIStart,
CTHelper CTHELPER,
CTSysVol,
CTsvcCDA,
Creative Technology Ltd,
Delete,
Document,
Downlo,
Extra,
Extra Tools,
FC MUWebControl Class,
HP Component Manager,
HPDJ Taskbar Utility,
HPHmon,
HPZipm,
Hijack,
Hopefully,
Icould,
Install,
Internet Explorer,
Logfile,
MediaFace Integration,
Messenger,
Microsoft Excel,
MsPMSPSv,
NameServer,
Normal Running,
PIFSvc,
PROGRA SPYBOT SDHelper,
PROGRA Yahoo,
PSDrvCheck,
PinnacleDriverCheck,
Plugin,
Program Files HP,
Program Files Hewlett-Packard,
Program Files Java,
Program Files Messenger,
Program Files QuickTime,
Program Files Yahoo,
QuickTime Task,
RemoteCenter,
Research,
SBDrvDet,
SaveImageFiles Class,
Search,
Service ATI Smart,
Service C-DillaCdaC BA,
Service COM Host,
Service Creative Service,
Service LiveUpdate,
Share-to-Web Namespace Daemon,
Spybot,
Sun Java Console,
Symantec Corporation,
Symantec PIF AlertEng,
Toolbar Norton AntiVirus,
Toolbar Yahoo,
Tray Options,
Trend Micro HijackThis,
Unknown,
User Default,
User LOCAL SERVICE,
User NETWORK SERVICE,
User SYSTEM,
WINDOWS Explorer,
WINDOWS System,
WINDOWS System CTFMON,
WINDOWS Temp,
WUWebControl Class,
Windows Messenger,
Yahoo,
..
|
2007-07-25 11:18 Vundo Trojan and other problems
I ran VundoFix to remove the Vundo trojan this computer had but I want to make sure it's gone! I also have been having lots of pop-ups and other issues with it. I have posted my HijackThis log so any help I could get would be greatly appreciated. Thanks so much in advance! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 3:08:55 AM, on 7/25/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16473) Boot mode: Normal Running processes: C:\WINDOWS\System3 …
Read more on “Safer Networking Forums”
|
Tags:
|
AcRdB,
AcroIEHelper,
AdobeUpdateManager,
Aida,
AlertEng,
America Online Inc,
Apple Computer Inc,
AxCtp,
BHO DriveLetterAccess,
BHO NAV Helper,
DVDSentry,
DadApp,
Dell QuickSet,
Document,
DwlClient,
ExploreUpdSched,
Extra,
Extra Tools,
HPDJ Taskbar Utility,
HPHmon,
HijackThis,
HotKeysCmds,
Icon,
IgfxTray,
Internet Explorer,
Lavasoft AB,
LinkId,
MMTray,
Macrovision Corporation,
Messenger,
Microsoft Excel,
MoneyAgent,
NAV CfgWiz,
Normal Running,
PIFSvc,
Phdg,
Program Files,
Program Files Messenger,
Program Files QuickTime,
Program Files WinPop,
QuickTime Task,
Real,
Research,
Salestart,
Service,
Service Ad-Aware Service,
Service LiveUpdate,
Service Net Agent,
Service SPBBCSvc,
SfKg,
Share-to-Web Namespace Daemon,
Sonic RecordNow,
Startup TA Start,
Startup Think-Adz,
StorageGuard,
Sun Java Console,
Symantec Corporation,
Symantec PIF AlertEng,
SynTPEnh,
SynTPLpr,
TkBellExe,
Toolbar Norton AntiVirus,
Trend Micro HijackThis,
Trojan,
UniPatch,
Unknown,
User,
Vundo,
VundoFix,
WINDOWS Network Diagnostic,
WINDOWS System,
WINDOWS System DSentry,
WINDOWS System HPHipm,
WINDOWS System Shdocvw,
WebBuying,
WinPop,
WinTouch,
Windows Messenger,
Winlogon Notify,
..
|
2007-07-25 05:41 Ultimate Cleaner, Ultimate Defender, Ultimate Fixer, Security Monitor
Hello, I noticed today that I have been infected with this. I have researched the forums and tried several things, hijack this, spyware doctor, and the online scan at http://www.kaspersky.com/downloads/kws/kavwebscan.htm. Below are my logs as I have not yet gotten rid of it. Any help is greatly appreciated. P.S. I will post the kaspersky log as soon as it is done. Hijack This Log: Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 1:29:42 AM, on 7/25/2007 Platform: Windows XP SP2 (Win …
Read more on “Safer Networking Forums”
|
Tags:
|
AVG Run,
AcRdB,
AcroIEHelper,
Adobe Systems,
AdobeUpdateManager,
Apple Inc,
BHO SSVHelper Class,
CACE Technologies,
CKAVWebScan Object,
Desktop Component,
Document,
ED Support,
EFFAEF NCWeb,
EPSON Stylus Photo,
Extra,
Extra Tools,
Hewlett-Packard Company,
INCA Internet Co,
InCD,
Init,
Installer,
LinkID,
MSWindowsUpdate,
Macrovision Corporation,
MemoryManager,
Messenger,
MetaStreamCtl Class,
Microsoft Excel,
MsPMSPSv,
NVIDIA Corporation,
Name,
NameServer,
Nero AG,
NeroCheck,
NeroFilterCheck,
Normal Running,
NvCpl,
NvCplDaemon RUNDLL,
NvMcTray,
NvMediaCenter RUNDLL,
NvStartup,
NvTaskbarInit,
PC Tools,
PROGRA Grisoft AVG,
Program,
Program Files,
Program Files AIM,
Program Files Java,
Program Files Messenger,
Program Files QuickTime,
Program Files USoft,
Program Files WinPcap,
QuickTime Task,
Registration,
RemoteControl,
Rodolofo,
SDTray,
Scan,
Serie,
Service,
Service MySQL,
SharedTaskScheduler Browseui,
SharedTaskScheduler Component Categories,
Sothink SWF Catcher,
SoundMan SOUNDMAN,
SpyHunter,
Startup Adobe Gamma,
Startup Epson,
Stylus Photo,
Sun Java Console,
SunJavaUpdateSched,
This Log Logfile,
Titles Ereg EPSONREG,
Trend Micro HijackThis,
Unknown,
User Default,
User SYSTEM,
WINDOWS Explorer,
WINDOWS System,
WgaTray,
Windows Messenger,
Windows Update Host,
WindowsFirewallSvc,
Winlogon Notify,
Zune Launcher,
..
|
2007-07-20 22:27 Hijackthis - Spyware, Viruses, Worms, Trojans Oh My! :: RE: ZA working overtime...winzzxx\bot.exe
Author: emo44jeep Posted: Fri Jul 20, 2007 10:27 pm (GMT 0) Hi magictouch! Thanks for the quick reply. Your link to the Dr.Web-Cureit is linked to an out-of-date version but I downloaded the current version anyway. Here are the log files. Current HijackThis log Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 5:18:12 PM, on 7/20/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16473) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C …
Read more on “CastleCops Recent Posts”
|
Tags:
|
AHQInit,
AVG Run,
AdobeCollabSync,
Alex Feinman,
Apple Inc,
Applications Tool,
BC MessengerStatsClient Class,
BHO Ipswitch,
BHO MSNToolBandBHO,
BgMonitor,
BigDogPath,
CDROM Access,
CRAVOnline Object,
Conferencing,
Creative Technology Ltd,
Current Dr,
Current SuperAntiSpyware,
DC- ZoneIntro Class,
Deleted,
DellTouch,
Excursion,
ExcursionXBeta Program,
Extra,
Extra Tools,
File,
GMT Hi,
Generated,
GeoShell,
HJT HiJackThis,
HPDJ Taskbar Utility,
HijackThis,
Host,
HouseCall Control,
Internet Explorer,
KodakCCS,
Lexmark International Inc,
Lexmark Series,
LinkId,
Logfile,
MSN Chat Control,
Memory,
Messenger,
MessengerStatsPAClient,
Microsoft Excel,
MoneySide,
NMBgMonitor,
NVIDIA Corporation,
NeroFilterCheck,
Network VNCServer Program,
Normal Running,
Nukenabber Program,
NvCplDaemon RUNDLL,
NvQTwk NvCplDaemon,
PM Application Version,
PROGRA Grisoft AVGFRE,
PROGRA MICAC System,
PartyPoker,
PartyPokerNet RunPF,
Posted Fri Jul,
Privoxy,
Probably BINARYRES Incurable,
Program,
Program Files,
Program Files Java,
Program Files Messenger,
Program Files PartyGaming,
Program Files QuickTime,
Program Files ScrubXP,
Program Files Spybot,
QuickTime Task,
Registry,
Research,
SUPERAntiSpyware Scan Log,
SYSTEM Program,
Search Destroy,
Service,
Service Creative Service,
Service Imapi Helper,
Startup Privoxy,
Sun Java Console,
SunJavaUpdateSched,
Toolbar MSN,
TorCP,
Trend Micro HijackThis,
UBCD WinA,
UBCD WinA BartPE,
USB VGA Camera,
Unknown,
UpdReg,
User Default,
User SYSTEM,
Video Multimedia Driver,
WINDOWS Explorer,
WINDOWS Network Diagnostic,
WINDOWS Nhksrv,
WINDOWS Probably DLOADER,
WINDOWS SYSTEM ZoneLabs,
WINDOWS System,
WINDOWS System CTsvcCDA,
WINDOWS System MsPMSPSv,
WINDOWS Updreg,
Windows Messenger,
Winlogon Notify,
Yahoo,
ZIntro,
Zone Labs Client,
Zone Labs Inc,
..
|
2007-07-20 22:19 Hijackthis - Spyware, Viruses, Worms, Trojans Oh My! :: RE: trojan.w32.looksky - ucleaner
Author: kauffybreak Posted: Fri Jul 20, 2007 10:19 pm (GMT 0) Thanks for responding so fast. My SDFix log, ComboFix log, and new HijackThis log are all included. ------------------------------------------------------------------------------- SDFIX SDFix: Version 1.92 Run by Admin on 07/20/07 at 05:51 PM Microsoft Windows XP [Version 5.1.2600] Running From: C:\SDFix\SDFix Safe Mode: Checking Services: Restoring Windows Registry Values Restoring Windows Default Hosts File Restoring Default IE Home …
Read more on “CastleCops Recent Posts”
|
Tags:
|
AcRdB,
AcroIEHelper,
Admin,
AdobeUpdateManager,
AlbumArtSmall,
Anti-Spyware,
Apoint,
AppleSoftwareUpdate,
AvgAsCln,
BHO DriveLetterAccess,
BHO SSVHelper Class,
Backups Folder,
CPlayFirstTriJinxControl Object,
Check,
Check Remaining Services,
Class,
ComboFix,
ComboFix Admin,
ComboFix-quarantined-files,
Completion,
Corel Photo Downloader,
DC- MSN Games,
DOCUME Admin APPLIC,
DVDLauncher,
Deleted,
Deleted Folder,
Dell Inc,
DinerDash,
Disabled,
Disabled LEXPPS,
Disabled RealPlayer,
Document,
Dog Problems AlbumArtSmall,
Dog Problems Folder,
EasyShare,
Enabled,
Enabled AOL,
Enabled AOL Loader,
Enabled America Online,
EvMon,
EventMonitor,
Extra,
Extra Tools,
FacebookPhotoUploader,
File,
Files Created,
Find,
Finished,
Folder,
From,
GMT Thanks,
Gmer,
Hidden Attributes,
HijackThis,
HijackThis Logfile,
ISUSPM Startup,
ISUSScheduler,
Installer,
Intel Corporation,
Intel PROSet Wireless,
IntelWireless,
KGyGaAvL,
Lavasoft AB,
Lexmark International Inc,
LinkId,
Live,
MJLauncherCtrl Class,
Mamma,
McAfeeUpdaterUI,
Messenger,
Microsoft Excel,
MimBoot,
NSDriver,
Network Associates Inc,
Network Diagnostic,
Normal Running,
PCMService,
Pack NTFS,
PopCapLoader Object,
Posted Fri Jul,
Program Files AIM,
Program Files HJTInstall,
Program Files HiJackThis,
Program Files Java,
Program Files Kodak,
Program Files Lavasoft,
Program Files Messenger,
Program Files QuickTime,
Program Files Viewpoint,
QuickTime Task,
Real,
Remaining Files,
Report,
Research,
Rootkit,
SDFIX SDFix Version,
SDFix,
SDFix SDFix,
Scan,
Scheduled Tasks,
Search Destroy,
Service Ad-Aware Service,
Service EvtEng,
Service NICCONFIGSVC,
Service RegSrvc,
Service WLANKEEPER,
ShStatEXE,
SharedTaskScheduler Browseui,
SharedTaskScheduler Component Categories,
Shdocvw,
SnapfishActivia,
Source,
Sun Java Console,
SunJavaUpdateSched,
TheFo DogPr,
TkBellExe,
Trend Micro HijackThis,
TriJinx,
WINDOWS No,
WINDOWS System,
Window,
Windows Messenger,
XP Vista,
ZIntro,
..
|
» Click here for older entries about Acroiehelper (page 2)
en.blogoholix.com is a blog search engine in development. The tech and design work is still in progress, so please send an e-mail to info@blogoholix.com if you have any suggestions on how to improve the site.