- Joined
- Jan 14, 2007
- Messages
- 343 (0.05/day)
- Location
- iowa
| Processor | AMD A64 X2 4600 |
|---|---|
| Motherboard | Asus M2A-Vm |
| Memory | 1 G Kingston DDR2 PC2 5300 |
| Video Card(s) | onboard |
| Storage | seagate 250GB Samsung 500GB |
| Power Supply | Thermaltake |
| Software | Micorsoft Windows XP Version 2002 Service Pack 2 (Tweaked) |
hi i did a scan with hijachthis can someone help here is the log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:06:58 AM, on 8/14/2007
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\WINDOWS\g4356cbvy63.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\WINDOWS\system32\sdadlrow-t2.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\mscdex.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\sdadlrow-t2.exe
C:\WINDOWS\g4356cbvy63.exe
C:\Program Files\Outerinfo\Outerinfo.exe
C:\WINDOWS\System32\dumprep.exe
C:\Program Files\analyse.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\dwwin.exe
O2 - BHO: (no name) - {1167E9A9-0F2B-4FAE-8233-C1A926C190F9} - C:\Program Files\Outlook Express\niwyk455101.dll
O2 - BHO: (no name) - {2E9D4C81-9F27-4c14-B804-7B0F6BC88A4F} - C:\Program Files\Outerinfo\Outerinfo.dll
O2 - BHO: (no name) - {33901416-306F-4A2B-86CF-04283DD3A56B} - C:\Program Files\Outlook Express\niwyk455101.dll
O2 - BHO: (no name) - {33C5FFA6-91E2-4B02-846E-7B6B71E6DB71} - C:\Program Files\Outlook Express\niwyk455101.dll
O2 - BHO: (no name) - {358BED08-CE9B-4EC0-9D91-A7D652EEE857} - C:\Program Files\Outlook Express\niwyk455101.dll
O2 - BHO: (no name) - {3EDB5D29-FC94-4A6E-9286-F952F6400C85} - C:\Program Files\Outlook Express\niwyk455101.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Microsoft Internet Explorer Helper Class - {58FCC0A4-CB3F-4F17-8DD6-9FF0AE4B08A1} - C:\WINDOWS\System32\CryptUI32.dll (file missing)
O2 - BHO: (no name) - {68F801F9-5C93-41E1-804D-5B24E06F44A2} - C:\Program Files\Outlook Express\niwyk455101.dll
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {82BA4BC6-7D9A-4DCB-B3B6-48F3DD22D522} - C:\Program Files\Outlook Express\niwyk5555.dll
O2 - BHO: (no name) - {90CE8F2B-7687-4E5C-8925-E423DDBF3283} - C:\WINDOWS\shwol.dll (file missing)
O2 - BHO: (no name) - {9424EF82-783C-482E-A3C5-DA3A77897256} - C:\Program Files\Outlook Express\niwyk455101.dll
O2 - BHO: (no name) - {CB0C630E-5032-4A33-AB66-5DDF75225ACA} - C:\Program Files\Outlook Express\niwyk455101.dll
O2 - BHO: (no name) - {DADCCF1B-35A8-4BBB-B54F-CA6F6387124E} - C:\Program Files\Outlook Express\niwyk455101.dll
O2 - BHO: (no name) - {F171F284-C7AC-4626-B06B-58A28B52BDD9} - C:\Program Files\Outlook Express\niwyk455101.dll
O2 - BHO: (no name) - {F23AD7E1-4F12-440E-9CDB-160A7DA6D347} - C:\Program Files\Outlook Express\niwyk455101.dll
O2 - BHO: (no name) - {F7072D4E-7872-453E-9C9D-39D45D6505F7} - C:\Program Files\Outlook Express\niwyk455101.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [g4356cbvy63] C:\WINDOWS\g4356cbvy63
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [bantool] C:\WINDOWS\system32\sdadlrow-t2.exe
O4 - HKLM\..\Run: [{ZN}] C:\WINDOWS\system32\TISKY008.exe SKY008
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [OuterinfoUpdate] "C:\Program Files\Outerinfo\OuterinfoUpdate.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Startup: TA_Start.lnk = C:\WINDOWS\system32\TISKY008.exe
O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: dumpregged - Unknown owner - C:\WINDOWS\mscdex.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
--
End of file - 7315 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:06:58 AM, on 8/14/2007
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\WINDOWS\g4356cbvy63.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\WINDOWS\system32\sdadlrow-t2.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\mscdex.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\sdadlrow-t2.exe
C:\WINDOWS\g4356cbvy63.exe
C:\Program Files\Outerinfo\Outerinfo.exe
C:\WINDOWS\System32\dumprep.exe
C:\Program Files\analyse.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\dwwin.exe
O2 - BHO: (no name) - {1167E9A9-0F2B-4FAE-8233-C1A926C190F9} - C:\Program Files\Outlook Express\niwyk455101.dll
O2 - BHO: (no name) - {2E9D4C81-9F27-4c14-B804-7B0F6BC88A4F} - C:\Program Files\Outerinfo\Outerinfo.dll
O2 - BHO: (no name) - {33901416-306F-4A2B-86CF-04283DD3A56B} - C:\Program Files\Outlook Express\niwyk455101.dll
O2 - BHO: (no name) - {33C5FFA6-91E2-4B02-846E-7B6B71E6DB71} - C:\Program Files\Outlook Express\niwyk455101.dll
O2 - BHO: (no name) - {358BED08-CE9B-4EC0-9D91-A7D652EEE857} - C:\Program Files\Outlook Express\niwyk455101.dll
O2 - BHO: (no name) - {3EDB5D29-FC94-4A6E-9286-F952F6400C85} - C:\Program Files\Outlook Express\niwyk455101.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Microsoft Internet Explorer Helper Class - {58FCC0A4-CB3F-4F17-8DD6-9FF0AE4B08A1} - C:\WINDOWS\System32\CryptUI32.dll (file missing)
O2 - BHO: (no name) - {68F801F9-5C93-41E1-804D-5B24E06F44A2} - C:\Program Files\Outlook Express\niwyk455101.dll
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {82BA4BC6-7D9A-4DCB-B3B6-48F3DD22D522} - C:\Program Files\Outlook Express\niwyk5555.dll
O2 - BHO: (no name) - {90CE8F2B-7687-4E5C-8925-E423DDBF3283} - C:\WINDOWS\shwol.dll (file missing)
O2 - BHO: (no name) - {9424EF82-783C-482E-A3C5-DA3A77897256} - C:\Program Files\Outlook Express\niwyk455101.dll
O2 - BHO: (no name) - {CB0C630E-5032-4A33-AB66-5DDF75225ACA} - C:\Program Files\Outlook Express\niwyk455101.dll
O2 - BHO: (no name) - {DADCCF1B-35A8-4BBB-B54F-CA6F6387124E} - C:\Program Files\Outlook Express\niwyk455101.dll
O2 - BHO: (no name) - {F171F284-C7AC-4626-B06B-58A28B52BDD9} - C:\Program Files\Outlook Express\niwyk455101.dll
O2 - BHO: (no name) - {F23AD7E1-4F12-440E-9CDB-160A7DA6D347} - C:\Program Files\Outlook Express\niwyk455101.dll
O2 - BHO: (no name) - {F7072D4E-7872-453E-9C9D-39D45D6505F7} - C:\Program Files\Outlook Express\niwyk455101.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [g4356cbvy63] C:\WINDOWS\g4356cbvy63
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [bantool] C:\WINDOWS\system32\sdadlrow-t2.exe
O4 - HKLM\..\Run: [{ZN}] C:\WINDOWS\system32\TISKY008.exe SKY008
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [OuterinfoUpdate] "C:\Program Files\Outerinfo\OuterinfoUpdate.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Startup: TA_Start.lnk = C:\WINDOWS\system32\TISKY008.exe
O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: dumpregged - Unknown owner - C:\WINDOWS\mscdex.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
--
End of file - 7315 bytes