API tools faq
paste
Advertisement
Guest User

RandomZero

a guest
Feb 11th, 2010
343
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 10.87 KB | None | 0 0
raw download clone embed print report
  1. Logfile of Trend Micro HijackThis v2.0.3 (BETA)
  2. Scan saved at 1:00:39 AM, on 2/12/2010
  3. Platform: Unknown Windows (WinNT 6.01.3504)
  4. MSIE: Internet Explorer v8.00 (8.00.7600.16385)
  5. Boot mode: Normal
  6.  
  7. Running processes:
  8. C:\Windows\system32\taskhost.exe
  9. C:\Windows\system32\rdpclip.exe
  10. C:\Windows\system32\Dwm.exe
  11. C:\Windows\Explorer.EXE
  12. C:\Program Files\DynDNS Updater\DynTray.exe
  13. C:\Windows\system32\taskhost.exe
  14. C:\Program Files\uTorrent\uTorrent.exe
  15. C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe
  16. C:\Users\ServU\Desktop\procexp.exe
  17.  
  18. R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  19. R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
  20. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
  21. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
  22. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  23. R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
  24. R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
  25. R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
  26. R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:80
  27. R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
  28. O4 - HKCU\..\Run: [Google Update] "C:\Users\ServU\AppData\Local\Google\Update\GoogleUpdate.exe" /c
  29. O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
  30. O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
  31. O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
  32. O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
  33. O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
  34. O4 - Global Startup: DynDNS Updater Tray Icon.lnk = C:\Program Files\DynDNS Updater\DynTray.exe
  35. O13 - Gopher Prefix:
  36. O17 - HKLM\System\CCS\Services\Tcpip\..\{E60C4D6C-69CF-41E6-98C6-939C662FAFC6}: NameServer = 4.2.2.3,4.2.2.4
  37. O23 - Service: DynDNS Updater - Dynamic Network Services, Inc. - C:\Program Files\DynDNS Updater\DynUpSvc.exe
  38.  
  39. --
  40. End of file - 2531 bytes
  41.  
  42.  
  43. ========================================================================================================================================================================================================================================
  44.  
  45. Process PID CPU Description Company Name
  46. System Idle Process 0 86.36
  47. Interrupts n/a Hardware Interrupts
  48. DPCs n/a Deferred Procedure Calls
  49. System 4
  50. smss.exe 264 Windows Session Manager Microsoft Corporation
  51. csrss.exe 368 Client Server Runtime Process Microsoft Corporation
  52. wininit.exe 420 Windows Start-Up Application Microsoft Corporation
  53. services.exe 496 Services and Controller app Microsoft Corporation
  54. svchost.exe 636 Host Process for Windows Services Microsoft Corporation
  55. WmiPrvSE.exe 332 WMI Provider Host Microsoft Corporation
  56. dllhost.exe 3424 COM Surrogate Microsoft Corporation
  57. svchost.exe 704 Host Process for Windows Services Microsoft Corporation
  58. svchost.exe 804 Host Process for Windows Services Microsoft Corporation
  59. svchost.exe 856 1.52 Host Process for Windows Services Microsoft Corporation
  60. dwm.exe 2404 Desktop Window Manager Microsoft Corporation
  61. svchost.exe 884 Host Process for Windows Services Microsoft Corporation
  62. svchost.exe 988 Host Process for Windows Services Microsoft Corporation
  63. svchost.exe 1120 Host Process for Windows Services Microsoft Corporation
  64. rdpclip.exe 2328 RDP Clip Monitor Microsoft Corporation
  65. spoolsv.exe 1276 Spooler SubSystem App Microsoft Corporation
  66. svchost.exe 1304 Host Process for Windows Services Microsoft Corporation
  67. svchost.exe 1552 0.76 Host Process for Windows Services Microsoft Corporation
  68. vmnat.exe 1628 VMware NAT Service VMware, Inc.
  69. vmnetdhcp.exe 1672 VMware VMnet DHCP service VMware, Inc.
  70. DynUpSvc.exe 1708 DynDNS� Updater Service Dynamic Network Services, Inc.
  71. vmware-authd.exe 1844 VMware Authorization Service VMware, Inc.
  72. svchost.exe 724 Host Process for Windows Services Microsoft Corporation
  73. taskhost.exe 2204 Host Process for Windows Tasks Microsoft Corporation
  74. UI0Detect.exe 2116 Interactive services detection Microsoft Corporation
  75. taskhost.exe 3168 Host Process for Windows Tasks Microsoft Corporation
  76. lsass.exe 532 Local Security Authority Process Microsoft Corporation
  77. lsm.exe 540 Local Session Manager Service Microsoft Corporation
  78. csrss.exe 432 Client Server Runtime Process Microsoft Corporation
  79. winlogon.exe 504 Windows Logon Application Microsoft Corporation
  80. LogonUI.exe 828 Windows Logon User Interface Host Microsoft Corporation
  81. csrss.exe 1872 Client Server Runtime Process Microsoft Corporation
  82. winlogon.exe 2024 Windows Logon Application Microsoft Corporation
  83. explorer.exe 2428 Windows Explorer Microsoft Corporation
  84. DynTray.exe 2696 DynDNS� Notification Icon Dynamic Network Services, Inc.
  85. uTorrent.exe 4284 10.61 �Torrent BitTorrent, Inc.
  86. HiJackThis.exe 5632 HijackThis Trend Micro Inc.
  87. notepad.exe 1864 Notepad Microsoft Corporation
  88. procexp.exe 2340 0.76 Sysinternals Process Explorer Sysinternals
  89.  
  90. Process: uTorrent.exe Pid: 4284
  91.  
  92. Name Description Company Name Version
  93. ADVAPI32.dll Advanced Windows 32 Base API Microsoft Corporation 6.01.7600.16385
  94. ATL.DLL ATL Module for Windows XP (Unicode) Microsoft Corporation 3.05.2284.0000
  95. CLBCatQ.DLL COM+ Configuration Catalog Microsoft Corporation 2001.12.8530.16385
  96. COMCTL32.dll User Experience Controls Library Microsoft Corporation 6.10.7600.16385
  97. comdlg32.dll Common Dialogs DLL Microsoft Corporation 6.01.7600.16385
  98. credssp.dll Credential Delegation Security Package Microsoft Corporation 6.01.7600.16385
  99. CRYPT32.dll Crypto API32 Microsoft Corporation 6.01.7600.16385
  100. CRYPTBASE.dll Base cryptographic API DLL Microsoft Corporation 6.01.7600.16385
  101. CRYPTSP.dll Cryptographic Service Provider API Microsoft Corporation 6.01.7600.16385
  102. dhcpcsvc.DLL DHCP Client Service Microsoft Corporation 6.01.7600.16385
  103. dhcpcsvc6.DLL DHCPv6 Client Microsoft Corporation 6.01.7600.16385
  104. DnsApi.dll DNS Client API DLL Microsoft Corporation 6.01.7600.16385
  105. FirewallAPI.dll Windows Firewall API Microsoft Corporation 6.01.7600.16385
  106. fwpuclnt.dll FWP/IPsec User-Mode API Microsoft Corporation 6.01.7600.16385
  107. GDI32.dll GDI Client DLL Microsoft Corporation 6.01.7600.16385
  108. GPAPI.dll Group Policy Client API Microsoft Corporation 6.01.7600.16385
  109. hnetcfg.dll Home Networking Configuration Manager Microsoft Corporation 6.01.7600.16385
  110. hnetcfg.dll.mui Home Networking Configuration Manager Microsoft Corporation 6.01.7600.16385
  111. iertutil.dll Run time utility for Internet Explorer Microsoft Corporation 8.00.7600.16385
  112. IMM32.DLL Multi-User Windows IMM32 API Client DLL Microsoft Corporation 6.01.7600.16385
  113. Iphlpapi.dll IP Helper API Microsoft Corporation 6.01.7600.16385
  114. kernel32.dll Windows NT BASE API Client DLL Microsoft Corporation 6.01.7600.16385
  115. KERNELBASE.dll Windows NT BASE API Client DLL Microsoft Corporation 6.01.7600.16385
  116. KernelBase.dll.mui Windows NT BASE API Client DLL Microsoft Corporation 6.01.7600.16385
  117. locale.nls
  118. LPK.dll Language Pack Microsoft Corporation 6.01.7600.16385
  119. MSASN1.dll ASN.1 Runtime APIs Microsoft Corporation 6.01.7600.16415
  120. MSCTF.dll MSCTF Server DLL Microsoft Corporation 6.01.7600.16385
  121. msvcrt.dll Windows NT CRT DLL Microsoft Corporation 7.00.7600.16385
  122. mswsock.dll Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation 6.01.7600.16385
  123. msxml3.dll MSXML 3.0 SP11 Microsoft Corporation 8.110.7600.16385
  124. msxml3r.dll XML Resources Microsoft Corporation 8.110.7600.16385
  125. msxml3r.dll.mui XML Resources Microsoft Corporation 8.110.7600.16385
  126. netshell.dll Network Connections Shell Microsoft Corporation 6.01.7600.16385
  127. netutils.dll Net Win32 API Helpers DLL Microsoft Corporation 6.01.7600.16385
  128. nlaapi.dll Network Location Awareness 2 Microsoft Corporation 6.01.7600.16385
  129. npmproxy.dll Network List Manager Proxy Microsoft Corporation 6.01.7600.16385
  130. NSI.dll NSI User-mode interface DLL Microsoft Corporation 6.01.7600.16385
  131. ntdll.dll NT Layer DLL Microsoft Corporation 6.01.7600.16385
  132. ntmarta.dll Windows NT MARTA provider Microsoft Corporation 6.01.7600.16385
  133. ole32.dll Microsoft OLE for Windows Microsoft Corporation 6.01.7600.16385
  134. oleaut32.dll Microsoft Corporation 6.01.7600.16385
  135. profapi.dll User Profile Basic API Microsoft Corporation 6.01.7600.16385
  136. rasadhlp.dll Remote Access AutoDial Helper Microsoft Corporation 6.01.7600.16385
  137. RPCRT4.dll Remote Procedure Call Runtime Microsoft Corporation 6.01.7600.16385
  138. RpcRtRemote.dll Remote RPC Extension Microsoft Corporation 6.01.7600.16385
  139. rsaenh.dll Microsoft Enhanced Cryptographic Provider Microsoft Corporation 6.01.7600.16385
  140. sechost.dll Host for SCM/SDDL/LSA Lookup APIs Microsoft Corporation 6.01.7600.16385
  141. SHELL32.dll Windows Shell Common Dll Microsoft Corporation 6.01.7600.16385
  142. shfolder.dll Shell Folder Service Microsoft Corporation 6.01.7600.16385
  143. SHLWAPI.dll Shell Light-weight Utility Library Microsoft Corporation 6.01.7600.16385
  144. slc.dll Software Licensing Client Dll Microsoft Corporation 6.01.7600.16385
  145. SortDefault.nls
  146. SSDPAPI.dll SSDP Client API DLL Microsoft Corporation 6.01.7600.16385
  147. SspiCli.dll Security Support Provider Interface Microsoft Corporation 6.01.7600.16385
  148. StaticCache.dat
  149. SXS.DLL Fusion 2.5 Microsoft Corporation 6.01.7600.16385
  150. upnp.dll UPnP Control Point API Microsoft Corporation 6.01.7600.16385
  151. urlmon.dll OLE32 Extensions for Win32 Microsoft Corporation 8.00.7600.16490
  152. USER32.dll Multi-User Windows USER API Client DLL Microsoft Corporation 6.01.7600.16385
  153. USERENV.dll Userenv Microsoft Corporation 6.01.7600.16385
  154. USP10.dll Uniscribe Unicode script processor Microsoft Corporation 1.626.7600.16385
  155. uTorrent.exe �Torrent BitTorrent, Inc. 2.00.0000.17920
  156. UxTheme.dll Microsoft UxTheme Library Microsoft Corporation 6.01.7600.16385
  157. VERSION.dll Version Checking and File Installation Libraries Microsoft Corporation 6.01.7600.16385
  158. webio.dll Web Transfer Protocols API Microsoft Corporation 6.01.7600.16385
  159. WINHTTP.dll Windows HTTP Services Microsoft Corporation 6.01.7600.16385
  160. WINNSI.DLL Network Store Information RPC interface Microsoft Corporation 6.01.7600.16385
  161. wkscli.dll Workstation Service Client DLL Microsoft Corporation 6.01.7600.16385
  162. WLDAP32.dll Win32 LDAP API DLL Microsoft Corporation 6.01.7600.16385
  163. WS2_32.dll Windows Socket 2.0 32-Bit DLL Microsoft Corporation 6.01.7600.16385
  164. wship6.dll Winsock2 Helper DLL (TL/IPv6) Microsoft Corporation 6.01.7600.16385
  165. wshtcpip.dll Winsock2 Helper DLL (TL/IPv4) Microsoft Corporation 6.01.7600.16385
  166.  
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!