Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Logfile of Trend Micro HijackThis v2.0.4
- Scan saved at 00:08:24, on 25/03/2012
- Platform: Windows 7 SP1 (WinNT 6.00.3505)
- MSIE: Internet Explorer v9.00 (9.00.8112.16421)
- Boot mode: Normal
- Running processes:
- C:\Windows\System32\smss.exe
- C:\Windows\system32\csrss.exe
- C:\Windows\system32\wininit.exe
- C:\Windows\system32\csrss.exe
- C:\Windows\system32\services.exe
- C:\Windows\system32\lsass.exe
- C:\Windows\system32\lsm.exe
- C:\Windows\system32\winlogon.exe
- C:\Windows\system32\svchost.exe
- C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
- C:\Program Files\Emsisoft Anti-Malware\a2service.exe
- C:\Windows\system32\nvvsvc.exe
- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
- C:\Windows\system32\svchost.exe
- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
- C:\Windows\system32\svchost.exe
- C:\Windows\System32\svchost.exe
- C:\Windows\System32\svchost.exe
- C:\Windows\system32\svchost.exe
- C:\Windows\system32\svchost.exe
- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
- C:\Windows\system32\nvvsvc.exe
- C:\Windows\System32\spoolsv.exe
- C:\Windows\system32\svchost.exe
- C:\Program Files\Comodo\Dragon\dragon_updater.exe
- C:\Windows\system32\Dwm.exe
- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
- C:\Windows\Explorer.EXE
- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
- C:\Windows\system32\svchost.exe
- C:\Program Files\KeyScrambler\KeyScrambler.exe
- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
- C:\Program Files\Shadow Defender\DefenderDaemon.exe
- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
- C:\Windows\system32\SearchIndexer.exe
- C:\Windows\system32\svchost.exe
- C:\Program Files\Z8Games\CrossFire AL\HGWC.exe
- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
- C:\Program Files\Java\jre7\bin\javaw.exe
- C:\Program Files\Mozilla Firefox\firefox.exe
- C:\Program Files\Mozilla Firefox\plugin-container.exe
- C:\Program Files\Mozilla Firefox\plugin-container.exe
- C:\Windows\system32\SearchProtocolHost.exe
- C:\Users\AVERTCOM\Desktop\backup-28-02-2012\HiJackThis.exe
- C:\Windows\system32\wbem\wmiprvse.exe
- C:\Windows\System32\svchost.exe
- R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
- R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
- R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
- R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
- R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
- O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
- O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
- O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
- O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
- O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
- O4 - HKLM\..\Run: [KeyScrambler] C:\Program Files\KeyScrambler\keyscrambler.exe /a
- O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
- O4 - HKLM\..\Run: [Shadow Defender Daemon] "C:\Program Files\Shadow Defender\DefenderDaemon.exe" /Auto
- O4 - HKUS\S-1-5-21-3635735338-2964006992-2461654254-1004\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
- O4 - HKUS\S-1-5-21-3635735338-2964006992-2461654254-1004\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
- O8 - Extra context menu item: Baixar com Mipony - file://C:\Program Files\MiPony\Browser\IEContext.htm
- O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
- O8 - Extra context menu item: Fazer o download de todos os links usando o IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
- O8 - Extra context menu item: Fazer o download usando o IDM - C:\Program Files\Internet Download Manager\IEExt.htm
- O8 - Extra context menu item: Free YouTube Download - C:\Users\AVERTCOM\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
- O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
- O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
- O9 - Extra button: (no name) - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
- O9 - Extra 'Tools' menuitem: &KeyScrambler Options - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
- O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
- O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
- O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
- O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
- O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
- O20 - AppInit_DLLs: C:\Windows\System32\guard32.dll C:\Windows\System32\guard32.dll
- O23 - Service: Emsisoft Anti-Malware 6.0 - Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\Emsisoft Anti-Malware\a2service.exe
- O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
- O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
- O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Unknown owner - C:\Program Files\Comodo\Dragon\dragon_updater.exe
- O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
- O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
- O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
- O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
- --
- End of file - 6935 bytes
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement