Recent Posts
Anonymous
ASM (NASM) | 19 sec ago
mase_wk
HTML | 24 sec ago
Anonymous
None | 25 sec ago
Anonymous
JavaScript | 27 sec ago
Anonymous
None | 44 sec ago
GF
None | 53 sec ago
Anonymous
None | 1 min ago
TSOR-Kiwi-PM
None | 1 min ago
Anonymous
None | 1 min ago
mihanson
None | 1 min ago
Sitereport
Find cool info about any domain on the internet?
visit sitereport
Free Subdomains
Want a pastebin.com sub-domain for your community?
learn more...
What is pastebin?
Pastebin is a website that hosts all your text & code on dedicated servers for easy sharing.
learn more...
Learn a little bit about the new Pastebin.com on our help page. hide message
By analia on the 9th of Feb 2010 09:30:03 PM Download | Raw | Embed | Report
  1. Logfile of Trend Micro HijackThis v2.0.2
  2. Scan saved at 19:27:11, on 9/2/2010
  3. Platform: Windows XP SP3 (WinNT 5.01.2600)
  4. MSIE: Internet Explorer v8.00 (8.00.6001.18702)
  5. Boot mode: Normal
  6.  
  7. Running processes:
  8. C:\WINDOWS\System32\smss.exe
  9. C:\WINDOWS\system32\winlogon.exe
  10. C:\WINDOWS\system32\services.exe
  11. C:\WINDOWS\system32\lsass.exe
  12. C:\ARQUIV~1\GbPlugin\GbpSv.exe
  13. C:\WINDOWS\system32\svchost.exe
  14. C:\WINDOWS\System32\svchost.exe
  15. C:\WINDOWS\system32\svchost.exe
  16. C:\WINDOWS\system32\spoolsv.exe
  17. C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe
  18. C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe
  19. C:\WINDOWS\Explorer.EXE
  20. C:\WINDOWS\system32\netdde.exe
  21. C:\WINDOWS\system32\cmpe.exe
  22. C:\Arquivos de programas\Nero\Nero 7\InCD\InCDsrv.exe
  23. C:\WINDOWS\system32\lxczcoms.exe
  24. C:\Arquivos de programas\VIAudioi\SBADeck\ADeck.exe
  25. C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe
  26. C:\WINDOWS\system32\VTtrayp.exe
  27. C:\Arquivos de programas\Software Informer\softinfo.exe
  28. C:\WINDOWS\system32\ctfmon.exe
  29. C:\WINDOWS\system32\svchost.exe
  30. C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe
  31. C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe
  32. C:\Arquivos de programas\Mozilla Firefox\firefox.exe
  33. C:\HiJackThis.exe
  34.  
  35. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
  36. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
  37. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  38. O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
  39. O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_01\bin\ssv.dll
  40. O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
  41. O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Arquivos de programas\GbPlugin\gbieh.dll
  42. O4 - HKLM\..\Run: [AudioDeck] C:\Arquivos de programas\VIAudioi\SBADeck\ADeck.exe 1
  43. O4 - HKLM\..\Run: [avgnt] "C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe" /min
  44. O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
  45. O4 - HKCU\..\Run: [Software Informer] "C:\Arquivos de programas\Software Informer\softinfo.exe" -autorun
  46. O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
  47. O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background
  48. O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_01\bin\ssv.dll
  49. O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_01\bin\ssv.dll
  50. O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
  51. O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
  52. O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
  53. O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
  54. O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
  55. O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
  56. O16 - DPF: {2EDF75C0-5ABD-49f9-BAB6-220476A32034} (System Requirements Lab) - http://intel-drv-cdn.systemrequirementslab.com/multi/bin/sysreqlab_srlx.cab
  57. O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1247679614843
  58. O20 - Winlogon Notify:  GbPluginBb - C:\Arquivos de programas\GbPlugin\gbieh.dll
  59. O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe
  60. O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe
  61. O23 - Service: Context Manager Process Extension (cmpe) - LightComm - C:\WINDOWS\system32\cmpe.exe
  62. O23 - Service: Gbp Service (GbpSv) -   - C:\ARQUIV~1\GbPlugin\GbpSv.exe
  63. O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Arquivos de programas\Nero\Nero 7\InCD\InCDsrv.exe
  64. O23 - Service: lxcz_device -   - C:\WINDOWS\system32\lxczcoms.exe
  65. O23 - Service: NBService - Nero AG - C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe
  66. O23 - Service: NMIndexingService - Nero AG - C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexingService.exe
  67.  
  68. --
  69. End of file - 4896 bytes
Submit a correction or amendment below. Make A New Post
To highlight particular lines, prefix each line with @h@
Syntax highlighting:
Post expiration:
Post exposure:
Name / Title:
Email: