API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Feb 15th, 2014
108
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 12.07 KB | None | 0 0
raw download clone embed print report
  1. Logfile of Trend Micro HijackThis v2.0.5
  2. Scan saved at 6:56:29 PM, on 2/15/2014
  3. Platform: Windows XP SP2 (WinNT 5.01.2600)
  4. MSIE: Unable to get Internet Explorer version!
  5. CHROME: 28.0.1500.52
  6.  
  7. Boot mode: Normal
  8.  
  9. Running processes:
  10. C:\WINDOWS\System32\smss.exe
  11. C:\WINDOWS\system32\winlogon.exe
  12. C:\WINDOWS\system32\services.exe
  13. C:\WINDOWS\system32\lsass.exe
  14. C:\WINDOWS\system32\nvsvc32.exe
  15. C:\WINDOWS\system32\svchost.exe
  16. C:\Program Files\PC Speed Up\PCSUService.exe
  17. C:\WINDOWS\System32\svchost.exe
  18. C:\WINDOWS\Explorer.EXE
  19. C:\WINDOWS\arservice.exe
  20. C:\WINDOWS\eHome\ehRecvr.exe
  21. C:\WINDOWS\eHome\ehSched.exe
  22. C:\WINDOWS\system32\dmwu.exe
  23. C:\Program Files\SoftwareUpdater\SystemStore.exe
  24. C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe
  25. C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
  26. C:\WINDOWS\system32\jmdp\stij.exe
  27. C:\Program Files\IObit\Game Booster 3\gbtray.exe
  28. C:\Documents and Settings\marcus\Application Data\mjusbsp\magicJack.exe
  29. C:\Program Files\Java\jre7\bin\jqs.exe
  30. C:\Program Files\common files\Java\Java Update\jusched.exe
  31. C:\Program Files\common files\Java\Java Update\jusched.exe
  32. C:\Program Files\common files\Java\Java Update\jusched.exe
  33. C:\Program Files\IObit\Game Booster 3\Boost.exe
  34. C:\WINDOWS\system32\svchost.exe
  35. C:\Program Files\SpeedItup Free\speeditupfree.exe
  36. C:\Documents and Settings\marcus\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
  37. C:\Documents and Settings\marcus\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
  38. C:\Documents and Settings\marcus\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
  39. C:\Documents and Settings\marcus\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
  40. C:\Documents and Settings\marcus\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
  41. C:\Documents and Settings\marcus\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
  42. C:\Documents and Settings\marcus\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
  43. C:\Documents and Settings\marcus\My Documents\Downloads\HijackThis.exe
  44.  
  45. R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com/?ctid=CT3314199&octid=CT3314199&SearchSource=61&CUI=UN56837340252842166&UM=2&UP=SP5BE1ADF7-DDED-40AE-9A7B-C05042C8FA61
  46. R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN
  47. R3 - URLSearchHook: (no name) - {D8278076-BC68-4484-9233-6E7F1628B56C} - (no file)
  48. R3 - URLSearchHook: YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
  49. R3 - URLSearchHook: WhiteSmoke New Toolbar - {739df940-c5ee-4bab-9d7e-270894ae687a} - C:\Program Files\WhiteSmoke_New\prxtbWhi0.dll
  50. R3 - URLSearchHook: KeyBar 1.8 Toolbar - {9ed31f84-c8b3-4926-b950-dff74047ff79} - C:\Program Files\KeyBar_1.8\prxtbKey2.dll
  51. O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
  52. O2 - BHO: CrossriderApp0012555 - {11111111-1111-1111-1111-110111251155} - C:\Program Files\JollyWallet\JollyWallet.dll
  53. O2 - BHO: CrossriderApp0026278 - {11111111-1111-1111-1111-110211621178} - C:\Program Files\Solid Savings\Solid Savings.dll
  54. O2 - BHO: Drop Coupons Plugin - {513ECFF3-C9D8-421E-B216-7C9D594942EE} - C:\Program Files\DropCoupon\DropCoupons.dll
  55. O2 - BHO: IE BHO Utility - {5AB7104A-B71F-49AD-9154-F7F8806AE848} - C:\Program Files\Surf Canyon\surfcanyon.dll
  56. O2 - BHO: WhiteSmoke New - {739df940-c5ee-4bab-9d7e-270894ae687a} - C:\Program Files\WhiteSmoke_New\prxtbWhi0.dll
  57. O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
  58. O2 - BHO: HelloWorldBHO - {878B8524-AED5-4870-9A96-A515440DAC75} - C:\Program Files\OApps\SelectionLinks.dll
  59. O2 - BHO: Browse For Change BHO - {912C156F-05CF-4B62-851A-96E167A677B0} - mscoree.dll (file missing)
  60. O2 - BHO: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - (no file)
  61. O2 - BHO: KeyBar 1.8 - {9ed31f84-c8b3-4926-b950-dff74047ff79} - C:\Program Files\KeyBar_1.8\prxtbKey2.dll
  62. O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - (no file)
  63. O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
  64. O2 - BHO: hpWebHelper Class - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll
  65. O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll
  66. O2 - BHO: WordOv - {B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE} - C:\Documents and Settings\marcus\Local Settings\Application Data\WordOv\temp.dat
  67. O2 - BHO: Updater By SweetPacks Helper - {C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} - C:\Program Files\Updater By SweetPacks\Extension32.dll
  68. O2 - BHO: WeCareReminder - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\Documents and Settings\All Users\Application Data\WeCareReminder\IEHelperv2.5.0.dll
  69. O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
  70. O2 - BHO: PricePeep - {FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} - C:\Program Files\PricePeep\pricepeep.dll
  71. O2 - BHO: Yontoo Layer (Drop Down Deals)s - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Runtime\YontooIEClient.dll
  72. O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
  73. O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
  74. O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - (no file)
  75. O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file)
  76. O3 - Toolbar: WhiteSmoke New Toolbar - {739df940-c5ee-4bab-9d7e-270894ae687a} - C:\Program Files\WhiteSmoke_New\prxtbWhi0.dll
  77. O3 - Toolbar: (no name) - {06C7AD57-B655-418D-9AB8-9526A6D2E052} - (no file)
  78. O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
  79. O3 - Toolbar: KeyBar 1.8 Toolbar - {9ed31f84-c8b3-4926-b950-dff74047ff79} - C:\Program Files\KeyBar_1.8\prxtbKey2.dll
  80. O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
  81. O4 - HKLM\..\Run: [SpeetItUpFree] "C:\Program Files\SpeedItup Free\speeditupfree.exe"
  82. O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
  83. O4 - HKCU\..\Run: [cdloader] "C:\Documents and Settings\marcus\Application Data\mjusbsp\cdloader2.exe" MAGICJACK
  84. O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\marcus\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
  85. O4 - HKUS\S-1-5-19\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'LOCAL SERVICE')
  86. O4 - HKUS\S-1-5-20\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'NETWORK SERVICE')
  87. O4 - HKUS\S-1-5-21-3499596684-2541738641-2010183389-1010\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User '?')
  88. O4 - HKUS\S-1-5-21-3499596684-2541738641-2010183389-1010\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?')
  89. O4 - HKUS\S-1-5-21-3499596684-2541738641-2010183389-1010\..\Run: [DW6] "C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe" (User '?')
  90. O4 - HKUS\S-1-5-21-3499596684-2541738641-2010183389-1013\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'UpdatusUser')
  91. O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_9_900_170_ActiveX.exe -update activex (User 'SYSTEM')
  92. O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_9_900_170_ActiveX.exe -update activex (User 'Default user')
  93. O4 - S-1-5-19 Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe (User 'LOCAL SERVICE')
  94. O4 - S-1-5-21-3499596684-2541738641-2010183389-1010 Startup: AXEL.DAV (User '?')
  95. O4 - S-1-5-21-3499596684-2541738641-2010183389-1013 Startup: AXEL.DAV (User 'UpdatusUser')
  96. O4 - S-1-5-21-3499596684-2541738641-2010183389-1013 User Startup: AXEL.DAV (User 'UpdatusUser')
  97. O4 - S-1-5-18 Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe (User 'SYSTEM')
  98. O4 - .DEFAULT Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe (User 'Default user')
  99. O4 - .DEFAULT User Startup: AXEL.DAV (User 'Default user')
  100. O4 - Startup: AXEL.DAV
  101. O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
  102. O9 - Extra 'Tools' menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
  103. O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
  104. O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
  105. O15 - Trusted Zone: http://*.trymedia.com (HKLM)
  106. O16 - DPF: {000F1EA4-5E08-4564-A29B-29076F63A37A} (SOE Web Installer) - http://launch.soe.com/plugin/web/SOEWebInstaller.cab
  107. O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Chessmaster%20Challenge/Images/stg_drm.ocx
  108. O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
  109. O16 - DPF: {75A6AEA3-F26E-4608-AE9B-8DA78C87576E} (Wizard101GameLauncher) - https://kingsisle.hs.llnwd.net/e1/static/themes/wizard101A/activex/Wizard101GameLauncher.CAB
  110. O16 - DPF: {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} (P3DActiveX Control) - http://panda-plugin.disney.go.com/plugin/win32/p3dactivex.cab
  111. O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/Chessmaster%20Challenge/Images/armhelper.ocx
  112. O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
  113. O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
  114. O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
  115. O23 - Service: Symantec Network Proxy (ccProxy) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccProxy.exe (file missing)
  116. O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
  117. O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
  118. O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
  119. O23 - Service: IBUpdaterService - Unknown owner - C:\WINDOWS\system32\dmwu.exe
  120. O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
  121. O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
  122. O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
  123. O23 - Service: PC Speed Up Service (PCSUService) - Unknown owner - C:\Program Files\PC Speed Up\PCSUService.exe
  124. O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe (file missing)
  125. O23 - Service: System Store (SystemStoreService) - Unknown owner - C:\Program Files\SoftwareUpdater\SystemStore.exe
  126. O23 - Service: Updater By SweetPacks - Unknown owner - C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe
  127. O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
  128.  
  129. --
  130. End of file - 12361 bytes
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!