API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Feb 26th, 2015
293
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 10.86 KB | None | 0 0
raw download clone embed print report
  1. Logfile of Trend Micro HijackThis v2.0.5
  2. Scan saved at 14:58, on 27/02/2015
  3. Platform: Windows XP SP3 (WinNT 5.01.2600)
  4. MSIE: Internet Explorer v8.00 (8.00.6001.18702)
  5.  
  6.  
  7. Boot mode: Normal
  8.  
  9. Running processes:
  10. C:\WINDOWS\System32\smss.exe
  11. C:\WINDOWS\system32\winlogon.exe
  12. C:\WINDOWS\system32\services.exe
  13. C:\WINDOWS\system32\lsass.exe
  14. C:\WINDOWS\system32\svchost.exe
  15. C:\WINDOWS\System32\svchost.exe
  16. C:\WINDOWS\system32\svchost.exe
  17. C:\WINDOWS\system32\spoolsv.exe
  18. C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
  19. C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe
  20. C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
  21. C:\Program Files\Common Files\EPSON\eEBAPI\eEBSVC.exe
  22. C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
  23. C:\Program Files\Bonjour\mDNSResponder.exe
  24. C:\PC_EFT\EftClnt.exe
  25. C:\PC_EFT\EMSCLT.exe
  26. C:\Program Files\EPSON\TMCOMUSB\Service\EpsonPE.exe
  27. C:\Program Files\EPSON\EPuras\EPurasLog.exe
  28. C:\Program Files\Java\jre7\bin\jqs.exe
  29. C:\WINDOWS\System32\svchost.exe
  30. C:\PC_EFT\Controller.exe
  31. C:\WINDOWS\System32\svchost.exe
  32. C:\PC_EFT\Eftsrv.exe
  33. C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
  34. C:\WINDOWS\System32\svchost.exe
  35. C:\Program Files\TightVNC\tvnserver.exe
  36. C:\Program Files\EPSON\EPuras\EPuras.exe
  37. C:\Program Files\Trend Micro\Security Agent\tmlisten.exe
  38. C:\WINDOWS\System32\svchost.exe
  39. C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.exe
  40. C:\WINDOWS\Explorer.EXE
  41. C:\WINDOWS\system32\wuauclt.exe
  42. C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
  43. C:\WINDOWS\System32\hkcmd.exe
  44. C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
  45. C:\Program Files\QuickTime\QTTask.exe
  46. C:\Program Files\TightVNC\tvnserver.exe
  47. C:\WINDOWS\system32\wfxsnt40.exe
  48. C:\PROGRA~1\WinFax\WFXSWTCH.exe
  49. C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe
  50. C:\WINDOWS\system32\ctfmon.exe
  51. C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
  52. C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
  53. C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
  54. C:\WINDOWS\System32\wbem\unsecapp.exe
  55. C:\Program Files\TightVNC\tvnserver.exe
  56. C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
  57. C:\Program Files\Acronis\DriveMonitor\adm_tray.exe
  58. C:\Program Files\Google\Chrome\Application\chrome.exe
  59. C:\Program Files\Google\Chrome\Application\chrome.exe
  60. C:\Program Files\Google\Chrome\Application\chrome.exe
  61. C:\WINDOWS\system32\cmd.exe
  62. C:\Program Files\AskPartnerNetwork\ChromeUtils\APNNativeMsgHost.exe
  63. C:\Documents and Settings\General User\Desktop\HijackThis.exe
  64.  
  65. R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ninemsn.com.au/?pc=B8DF&ocid=bb7hp
  66. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
  67. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
  68. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  69. R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
  70. R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN
  71. R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
  72. O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1242\6.6.1089\TmIEPlg.dll
  73. O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
  74. O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
  75. O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll
  76. O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll
  77. O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
  78. O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
  79. O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll" (file missing)
  80. O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe irprops.cpl,,BluetoothAuthenticationAgent
  81. O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
  82. O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
  83. O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
  84. O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
  85. O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
  86. O4 - HKLM\..\Run: [tvncontrol] "C:\Program Files\TightVNC\tvnserver.exe" -controlservice -slave
  87. O4 - HKLM\..\Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
  88. O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
  89. O4 - HKLM\..\Run: [WinFaxAppPortStarter] wfxsnt40.exe
  90. O4 - HKLM\..\Run: [WFXSwtch] C:\PROGRA~1\WinFax\WFXSWTCH.exe
  91. O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
  92. O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
  93. O4 - HKLM\..\Run: [adm_tray.exe] C:\Program Files\Acronis\DriveMonitor\adm_tray.exe
  94. O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
  95. O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
  96. O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
  97. O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
  98. O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
  99. O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
  100. O4 - Global Startup: Shortcut to UpdatePOS.lnk = ?
  101. O4 - Global Startup: TM-T88V Utility(Automatic Restore).lnk = ?
  102. O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
  103. O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre7\bin\jp2iexp.dll
  104. O9 - Extra 'Tools' menuitem: IBM Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre7\bin\jp2iexp.dll
  105. O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
  106. O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
  107. O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
  108. O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
  109. O11 - Options group: [JAVA_IBM] Java (IBM)
  110. O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1204949070730
  111. O16 - DPF: {8A5BE387-D09A-4DFA-A56B-DCB89BD11468} (20-20 3D Viewer for WEB) - http://designer3d.com.au/planner/Core/Player/2020PlayerAX_WEB_Win32.cab
  112. O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = pacsoft.local
  113. O17 - HKLM\Software\..\Telephony: DomainName = pacsoft.local
  114. O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = pacsoft.local
  115. O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.6.1242\6.6.1089\TmIEPlg.dll
  116. O18 - Protocol: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Security Agent\UIFramework\ProToolbarIMRatingActiveX.dll
  117. O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
  118. O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
  119. O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
  120. O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
  121. O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
  122. O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
  123. O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
  124. O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
  125. O23 - Service: CrossLoop Service (CrossLoopService) - Unknown owner - C:\Documents and Settings\General User.PACSOFT.000\Local Settings\Application Data\CrossLoop\CrossLoopService.exe (file missing)
  126. O23 - Service: PC-EFTPOS Client (CSDEftposClient) - PC-EFTPOS Pty Ltd - C:\PC_EFT\EftClnt.exe
  127. O23 - Service: EMS-Client (EMSClientService) - Unknown owner - C:\PC_EFT\EMSCLT.exe
  128. O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\eEBAPI\eEBSVC.exe
  129. O23 - Service: Epson Port Emulator Service (EpsonPEService) - Seiko Epson Corporation - C:\Program Files\EPSON\TMCOMUSB\Service\EpsonPE.exe
  130. O23 - Service: Epson Puras Service (EpsonPuras) - SEIKO EPSON CORPORATION - C:\Program Files\EPSON\EPuras\EPuras.exe
  131. O23 - Service: Epson Puras Log Service (EpsonPurasLog) - SEIKO EPSON CORPORATION - C:\Program Files\EPSON\EPuras\EPurasLog.exe
  132. O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
  133. O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
  134. O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
  135. O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
  136. O23 - Service: PC-EFTPOS Controller (PceCntrl) - Unknown owner - C:\PC_EFT\Controller.exe
  137. O23 - Service: EFT-Server (RemedyEFTPOSServer) - PC-EFTPOS Pty Ltd - C:\PC_EFT\Eftsrv.exe
  138. O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
  139. O23 - Service: Trend Micro Security Agent Communicator (TmListen) - Trend Micro Inc. - C:\Program Files\Trend Micro\Security Agent\tmlisten.exe
  140. O23 - Service: TightVNC Server (tvnserver) - GlavSoft LLC. - C:\Program Files\TightVNC\tvnserver.exe
  141.  
  142. --
  143. End of file - 11117 bytes
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!