Jump to content


About to go crazy.

  • This topic is locked This topic is locked
1 reply to this topic

#1 tangtang



  • Full Member
  • Pip
  • 3 posts

Posted 22 December 2007 - 04:05 PM

popups popus and slow slow everything.
Please HELP
here is hijack file. I dont even know where to start to fix this.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:01:33 PM, on 12/22/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\Program Files\HPQ\One-Touch\OneTouch.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Lexmark 7100 Series\lxbxmon.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01
O4 - HKLM\..\Run: [QT4HPOT] C:\Program Files\HPQ\One-Touch\OneTouch.EXE
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [lxbxmon.exe] "C:\Program Files\Lexmark 7100 Series\lxbxmon.exe"
O4 - HKLM\..\Run: [FaxCenterServer4_in_1] "C:\Program Files\Lexmark 7100 Series\fm3032.exe" /s
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKLM\..\Run: [3ca824ea] rundll32.exe "C:\WINDOWS\system32\gigxlcab.dll",b
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://*.avrealestate.com
O15 - Trusted Zone: http://*.barstowmls.com
O15 - Trusted Zone: http://*.cincymls.net
O15 - Trusted Zone: http://*.columbianor...dutchessmls.com
O15 - Trusted Zone: http://*.dabr.com
O15 - Trusted Zone: http://*.firelandsmls.com
O15 - Trusted Zone: http://*.fresnomls.com
O15 - Trusted Zone: http://*.gniarmls.com
O15 - Trusted Zone: http://*.greenemls.com
O15 - Trusted Zone: http://*.ivbor.com
O15 - Trusted Zone: http://*.ivrealestate.com
O15 - Trusted Zone: http://*.lbarmls.com
O15 - Trusted Zone: http://*.lvarmls.com
O15 - Trusted Zone: http://*.mariposabor.com
O15 - Trusted Zone: http://*.marmls.com
O15 - Trusted Zone: http://*.metrolist.net
O15 - Trusted Zone: http://*.midlandsmls.com
O15 - Trusted Zone: http://*.northernarizonamls.com
O15 - Trusted Zone: http://*.northernkentuckymls.com
O15 - Trusted Zone: http://*.nwmls.com
O15 - Trusted Zone: http://*.odbrmls.com
O15 - Trusted Zone: http://*.ojaivalleymls.com
O15 - Trusted Zone: http://*.portervillemls.com
O15 - Trusted Zone: http://*.rapmls.com
O15 - Trusted Zone: http://*.somls.com
O15 - Trusted Zone: http://*.swmric.com
O15 - Trusted Zone: http://*.tcmls.org
O15 - Trusted Zone: http://*.vvmls.com
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.t...ivex/hcImpl.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://static.ak.stu...geUploader4.cab
O16 - DPF: {DF05D910-DC8E-403A-93B0-5C866F3200D1} (PtClickLoan Control) - https://www.clickloa...PtClickLoan.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.co...aploader_v6.cab
O16 - DPF: {FD5A684E-B2FE-4039-9068-48CF8B740E14} (LOSInterface.LOSIface) - https://www.novastar...OSInterface.CAB
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: DomainService - - C:\WINDOWS\system32\fjwwwhrf.exe
O23 - Service: lxbx_device - Lexmark International, Inc. - C:\WINDOWS\System32\lxbxcoms.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe

End of file - 6179 bytes

#2 miekiemoes


    Malware Expert

  • Global Moderator
  • PipPipPipPipPip
  • 20,026 posts

Posted 22 December 2007 - 04:22 PM

This thread is closed since you already started a thread here:

I also closed the other duplicate you started.

Please do not start any new threads with the same problem if you have not received help yet, because that won't work to receive help in a faster way... on the contrary, because we always try to deal with the older logs/threads first. Many people are posting their log here everyday, so everyone has to be patient. After all, we are still doing this for free in our free time and we can't help all people at the same time.
Thanks for understanding.

Also read our Forum FAQ here: http://forums.spywar...howtopic=101063

In case you have not received a response after three days, post a reply to the topic Not getting help with your log? with the link to your thread.

AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! My computer is slow!---My Blog---Follow me on Twitter.
Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details.

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button