Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Please help : Can't update Spybot :

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Please help : Can't update Spybot :

Unread postby Cotrim » September 22nd, 2006, 4:38 pm

I just love the PORN, now my Spybot won't update ....
Might have been infected ...

Logfile of HijackThis v1.99.1
Scan saved at 21:30:22, on 22-09-2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Windows folder: C:\WINDOWS
System folder: C:\WINDOWS\SYSTEM32
Hosts file: C:\WINDOWS\System32\drivers\etc\hosts

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Programas\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Programas\Hp\HP Software Update\HPWuSchd2.exe
C:\Programas\Synaptics\SynTP\SynTPEnh.exe
C:\Programas\HP\QuickPlay\QPService.exe
C:\Programas\HPQ\Quick Launch Buttons\EabServr.exe
C:\WINDOWS\system32\svchost.exe
C:\Programas\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Programas\Lexmark 2300 Series\ezprint.exe
C:\Programas\MSN Messenger\MsnMsgr.Exe
C:\Programas\Spybot - Search & Destroy\TeaTimer.exe
C:\Programas\RealVNC\VNC4\WinVNC4.exe
C:\Programas\Hewlett-Packard\Shared\hpqwmiex.exe
C:\PROGRA~1\hpq\Shared\HPQTOA~1.EXE
C:\Documents and Settings\çotrim luis filipe\Ambiente de trabalho\Z020 Connect\Z020Connect.exe
C:\WINDOWS\system32\svchost.exe
C:\Programas\Hamachi\hamachi.exe
C:\Programas\Lexmark 2300 Series\lxcgmon.exe
C:\WINDOWS\system32\lxcgcoms.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgwb.dat
C:\Documents and Settings\çotrim luis filipe\Ambiente de trabalho\programas\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pt/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = C:\WINDOWS\system32\blank.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = C:\WINDOWS\system32\blank.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = C:\WINDOWS\system32\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = C:\WINDOWS\system32\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = C:\WINDOWS\system32\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = C:\WINDOWS\system32\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programas\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (filesize 54248 bytes, MD5 FC7850324464E4D19A24A03D882B5CC4)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programas\Java\jre1.5.0_06\bin\ssv.dll (filesize 184423 bytes, MD5 F01726F7CA8538FDD4663C9DB8FEAEDC)
O4 - HKLM\..\Run: [ATIPTA] "C:\Programas\ATI Technologies\ATI Control Panel\atiptaxx.exe" (filesize 344064 bytes, MD5 48F8EA99EA19BAC2E3165EC5BED68C62)
O4 - HKLM\..\Run: [HP Software Update] C:\Programas\Hp\HP Software Update\HPWuSchd2.exeC:\Programas\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programas\Synaptics\SynTP\SynTPEnh.exeC:\Programas\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Programas\HP\QuickPlay\QPService.exe" (filesize 94208 bytes, MD5 827AB61E9FE4CED3CD3D9A75050B2EB2)
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Programas\HPQ\Quick Launch Buttons\EabServr.exe /Start (filesize 409600 bytes, MD5 5D8ADFC63002FD8D5F5F663CBFFDD78B)
O4 - HKLM\..\Run: [Cpqset] C:\Programas\HPQ\Default Settings\cpqset.exeC:\Programas\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exeC:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Programas\hpq\HP Wireless Assistant\HP Wireless Assistant.exeC:\Programas\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP (filesize 369664 bytes, MD5 32E0D24EAD2A5C7EE7B6AD516EAFE8EE)
O4 - HKLM\..\Run: [EzPrint] "C:\Programas\Lexmark 2300 Series\ezprint.exe" (filesize 94208 bytes, MD5 4ED0205AF32EC7483C7FC1CF634A2EAB)
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programas\MSN Messenger\MsnMsgr.Exe" /background (filesize 5354792 bytes, MD5 B346D93BAB6F2C214977031C9D8FB401)
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programas\Spybot - Search & Destroy\TeaTimer.exeC:\Programas\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: hamachi.lnk = C:\Programas\Hamachi\hamachi.exe (filesize 389120 bytes, MD5 407EF929A0D136E5DABD6F45B47C1F9D)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.5.0_06\bin\ssv.dll (filesize 184423 bytes, MD5 F01726F7CA8538FDD4663C9DB8FEAEDC)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.5.0_06\bin\ssv.dll (filesize 184423 bytes, MD5 F01726F7CA8538FDD4663C9DB8FEAEDC)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe (filesize 1694208 bytes, MD5 74E6E96C6F0E2ECA4EDBB7F7A468F259)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe (filesize 1694208 bytes, MD5 74E6E96C6F0E2ECA4EDBB7F7A468F259)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 6767048359
O17 - HKLM\System\CCS\Services\Tcpip\..\{0C6E194D-8CC3-4B87-B7B6-24E4C9E9BA01}: NameServer = 10.5.1.10 10.5.1.11
O17 - HKLM\System\CS1\Services\Tcpip\..\{0C6E194D-8CC3-4B87-B7B6-24E4C9E9BA01}: NameServer = 10.5.1.10 10.5.1.11
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL (filesize 53032 bytes, MD5 63B9431B6785172D85812D187E11D944)
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL (filesize 53032 bytes, MD5 63B9431B6785172D85812D187E11D944)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exeC:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exeC:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exeC:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Programas\Hewlett-Packard\Shared\hpqwmiex.exeC:\Programas\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: lxcg_device - - C:\WINDOWS\system32\lxcgcoms.exeC:\WINDOWS\system32\lxcgcoms.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Programas\RealVNC\VNC4\WinVNC4.exe" -service (file missing)



And don't say me to stay out of Porn sites ...
Thanks in advance.
Cotrim
Cotrim
 
Advertisement
Register to Remove

Unread postby LDTate » September 23rd, 2006, 10:03 am

You are wasting our valuable time trying to clean your PC just to be re-infected. We will not reply to your infected PC.

You love the porn? Well they love you too. They love to steal passwords, email address and your bank account.

Have fun :roll:
User avatar
LDTate
WTT Teacher
WTT Teacher
 
Posts: 3920
Joined: February 18th, 2005, 8:38 pm
Location: Missouri, USA


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 68 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware