Jump to content


Photo

Is it OK?


  • This topic is locked This topic is locked
1 reply to this topic

#1 Steff23

Steff23

    Member

  • Full Member
  • Pip
  • 24 posts

Posted 29 June 2007 - 08:22 AM

Hi Guys,

I'm not experiencing a particular problem (Unless can help me with split ends) Jus kiddin ... I know puter security is no laughing matter! That's why I'm postin a new "log" I just made. My puter kinda runs a little slow (I've been told "Statbar" is a resource hog but I kingda like it. So the puter is slow and with me being on "Dial Up" I know it's not goin to set records. But I like to shop ebay and other sites and I'm pretty leery of someone takin my info and makin charges .... I can barely afford my own as it it. So take a look and tell me what you think



PPPPPPPPLLLLLLLLLLLLLEEEEEEEEEAASSSSSSSSSSSSS!!!!!!!!!!!!!!!!!!!!!!!!



Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 5:47:47 AM, on 7/29/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\Program Files\Norton GoBack\GBPoll.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\Program Files\ActiveTracker 2.0 for Outlook Express\ReadNotify.exe
C:\Program Files\HACE\Mmm\Mmm.exe
C:\Program Files\StatBar\StatBar.exe
C:\Program Files\Norton GoBack\GBTray.exe
C:\Program Files\Kazubon Software\TCLOCK.exe
C:\Program Files\ISPWest Internet\dialer.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZENG04.EXE
C:\Program Files\HijackThis\HiJackThis_v2.exe
C:\Program Files\Maxthon\Maxthon.exe
C:\Program Files\Propel Accelerator\PropelAC.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

http://start.ispwest.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

http://yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title =

Internet Service provided by ISPWest
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet

Settings,ProxyServer = http=localhost:8080
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}

- C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Yapta Tagger - {2020dfef-8c87-4229-aa41-549d82210355} -

C:\Program Files\Yapta\YaptaOverlay.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} -

C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Accelerator Plugin - {656EC4B7-072B-4698-B504-2A414C1F0037}

- C:\PROGRA~1\PROPEL~1\PRPL_I~2.DLL
O2 - BHO: FDMIECookiesBHO Class -

{CC59E0F9-7E43-44FA-9FAA-8377850BF205} -

C:\PROGRA~1\FREEDO~1\iefdmcks.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe

/STARTUP
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program

Files\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [BMMLREF] C:\Program

Files\ThinkPad\Utilities\BMMLREF.EXE
O4 - HKLM\..\Run: [BMMMONWND] rundll32.exe

C:\PROGRA~1\ThinkPad\UTILIT~1\BatInfEx.dll,BMMAutonomicMonitor
O4 - HKLM\..\Run: [ActiveTracker for Outlook Express] C:\Program

Files\ActiveTracker 2.0 for Outlook Express\ReadNotify.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0

-k
O4 - HKCU\..\Run: [Mmm] "C:\Program Files\HACE\Mmm\Mmm.exe"
O4 - HKCU\..\Run: [StatBar] C:\Program Files\StatBar\StatBar.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run]

C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run]

C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run]

C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run]

C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Startup: TASKBARCLOCK.lnk = C:\Program Files\Kazubon

Software\TCLOCK.exe
O4 - Global Startup: Norton GoBack.lnk = C:\Program Files\Norton

GoBack\GBTray.exe
O8 - Extra context menu item: &Email It - C:\Program

Files\QuickSend\quicksend.html
O8 - Extra context menu item: Allow pop-ups from this site -

C:\Program Files\Propel Accelerator\pac-addwl.html
O8 - Extra context menu item: Download all with Free Download Manager

- file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download

Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download with Free Download Manager -

file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Refresh Pa&ge with Full Quality -

C:\Program Files\Propel Accelerator\pac-page.html
O8 - Extra context menu item: Refresh Pi&cture with Full Quality -

C:\Program Files\Propel Accelerator\pac-image.html
O8 - Extra context menu item: Snipe It with BidNip -

http://www.bidnip.co...s/reg_snipe.php
O9 - Extra button: Yapta.com - {0094A600-9BDD-4019-BAFE-487284F7D476}

- http://www.yapta.com/user (file missing)
O9 - Extra button: Yapta Tagger Settings -

{0362b485-11fe-469c-ae98-42f478e581a0} - C:\Program

Files\Yapta\YaptaSettings.exe
O9 - Extra 'Tools' menuitem: Yapta Tagger Settings... -

{0362b485-11fe-469c-ae98-42f478e581a0} - C:\Program

Files\Yapta\YaptaSettings.exe
O17 -

HKLM\System\CCS\Services\Tcpip\..\{FA7D020C-7348-4C5D-88B0-7943D5BA581

9}: NameServer = 209.116.241.10 216.99.225.31
O22 - SharedTaskScheduler: Browseui preloader -

{438755C2-A8BA-11D1-B96B-00A0C90312E1} -

C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon -

{8C7461EF-2B13-11d2-BE35-3078302C2030} -

C:\WINDOWS\system32\browseui.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o.

- C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. -

C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. -

C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: AZUP - Unknown owner -

C:\DOCUME~1\Steve\LOCALS~1\Temp\AZUP.exe (file missing)
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO -

C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: GoBack Polling Service (GBPoll) - Symantec Corporation

- C:\Program Files\Norton GoBack\GBPoll.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo -

C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental)

(rpcapd) - NetGroup - Politecnico di Torino - C:\Program

Files\WinPcap\rpcapd.exe
End of file - 6030 bytes


Well? THANKS!


#2 Indrid_Cold

Indrid_Cold

    Forum Deity

  • Emeritus
  • PipPipPipPipPip
  • 7,070 posts

Posted 14 September 2007 - 04:43 PM

This Topic is closed.
Hope is not a method.

If I have helped in some way, please consider donating to SpywareInfo's crusade against Malware See Here

Member of ASAP since 2004 Alliance of Security Analysis Professionals
Member of UNITE since 2006 United Network of Instructors and Trained Eliminators

Fight back Malware Complaints




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button