Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

My Hijackthis log

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

My Hijackthis log

Unread postby masternitro » May 30th, 2010, 7:13 am

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:07:26, on 30-5-2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18904)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\Psyxib.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\APVXDWIN.EXE
C:\Program Files\amBX\Control Panel\amBXDaemon.exe
C:\Program Files\amBX\Gaming FXGen\win32\amBXFxGen.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\amBX\Effects\amBX Event Manager.exe
C:\Program Files\amBX\Illuminate\Illuminate.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\WebProxy.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\cmd.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\javaw.exe
C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Users\Daniel\AppData\Local\Temp\Pbd.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Daniel\Download\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Users\Daniel\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hyves.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 174.142.104.57:3128
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MyIdentityDefender - {A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6} - C:\Users\Daniel\AppData\LocalLow\CyberDefender\cdmyidd.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: MyIdentityDefender - {A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6} - C:\Users\Daniel\AppData\LocalLow\CyberDefender\cdmyidd.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NPCTray] C:\Program Files\Norman\npc\bin\npc_tray.exe /LOAD
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [amBX Daemon] "C:\Program Files\amBX\Control Panel\amBXDaemon.exe"
O4 - HKLM\..\Run: [amBX System Tray Application] C:\Program Files\amBX\Gaming FXGen\win32\amBXFxGen.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [recinfo] c:\recinfo\recinfo.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Windows Runtime] C:\Users\Daniel\javalib.jar
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Halo2] rundll32.exe C:\Windows\system32\sshnas21.dll,Beep16
O4 - HKCU\..\Run: [M5T8QL3YW3] C:\Users\Daniel\AppData\Local\Temp\Pbd.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [fsc-reg] c:\fsc-reg\fscreg.exe (User 'SYSTEEM')
O4 - HKUS\.DEFAULT\..\Run: [fsc-reg] c:\fsc-reg\fscreg.exe (User 'Default user')
O4 - Global Startup: amBX Effects.lnk = C:\Program Files\amBX\Effects\amBX Event Manager.exe
O4 - Global Startup: amBX Illuminate.lnk = C:\Program Files\amBX\Illuminate\Illuminate.exe
O8 - Extra context menu item: Download alles met Free Download Manager. - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download met Free Download Manager. - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Download selectie met Free Download Manager. - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/Mi ... b56986.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: amBX Service - amBX - C:\Program Files\amBX\System\amBX_Service.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - Unknown owner - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updateservice (gupdate1c9cd04468bf89c) (gupdate1c9cd04468bf89c) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Panda Software Controller - Panda Software International - C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\PsCtrls.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Unknown owner - C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\pavsrvx86.exe
O23 - Service: Philips amBX USB HAL - Philips - C:\Program Files\amBX\Device Drivers\Philips USB\Philips_amBX_USB_HAL.exe
O23 - Service: Philips HAL Starter - Unknown owner - C:\Program Files\amBX\Device Drivers\Philips USB\Philips_HAL_Starter.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
O23 - Service: Panda Host Service (PSHost) - Unknown owner - c:\program files\panda security\panda antivirus + firewall 2008\firewall\PSHOST.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\PsImSvc.exe
O23 - Service: Panda PSK service (PskSvcRetail) - Panda Software International - C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\PskSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) - Fujitsu Siemens Computers - C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Software International - C:\Program Files\Panda Security\Panda Antivirus + Firewall 2008\TPSrv.exe

--
End of file - 11775 bytes
masternitro
Regular Member
 
Posts: 41
Joined: February 20th, 2009, 3:13 pm
Advertisement
Register to Remove

Re: My Hijackthis log

Unread postby vict0r » May 31st, 2010, 2:04 pm

Hello and welcome to MWR.

Please read the following information carefully.

IMPORTANT: Whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.

To make cleaning this machine easier:

  • Continue to respond to this thread until I I tell you that the logs are clean!
  • Please DO NOT uninstall/install any programs unless asked to. It is more difficult when files/programs appear or disappear from the logs.
  • Please do not run any scans other than those requested and do not post any logs/reports unless specifically requested to do so.
  • Please follow all instructions in the order posted.
  • If you have any questions or do not understand instructions, please ask before continuing.
  • Please reply to this thread. Do not start a new topic.


Uninstall list

Make an uninstall list using HijackThis. To access the Uninstall Manager, do the following:

  • Start HijackThis (right click the icon and choose "Run As Administrator")
  • Click on the Config button
  • Click on the Misc Tools button
  • Click on the Open Uninstall Manager button.
  • Click on the Save list... button and specify where you would like to save this file. When you press Save button a notepad will open with the contents of that file.
    Simply copy and paste the contents of that notepad here on your next reply.
vict0r
Regular Member
 
Posts: 1043
Joined: December 3rd, 2008, 3:00 pm

Re: My Hijackthis log

Unread postby masternitro » May 31st, 2010, 5:53 pm

Hey vict0r

Activation Assistant for the 2007 Microsoft Office suites
Ad-Aware
Ad-Aware
Ad-Aware Email Scanner for Outlook
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)
Adobe Anchor Service CS4
Adobe Color Common Settings
Adobe Color Common Settings
Adobe CSI CS4
Adobe Dreamweaver CS4
Adobe Dreamweaver CS4
Adobe ExtendScript Toolkit 2
Adobe ExtendScript Toolkit 2
Adobe Flash Player 10 Plugin
Adobe Reader 8.1.2 - Nederlands
Adobe Search for Help
Adobe Service Manager Extension
Adobe Setup
Adobe Setup
Adobe Setup
Adobe Update Manager CS4
Allok 3GP PSP MP4 iPod Video Converter 4.2.0608
amBX Audio FXGen 3.1.1
amBX Control Panel 1.2.2
amBX Effects 1.1.2
amBX Gaming FXGen 3.5.7
amBX Illuminate 1.0.2
amBX System 1.1.3.2
Ares 2.1.1
Avanquest update
AVS Audio Converter version 6.1
AVS Update Manager 1.0
AVS4YOU Software Navigator 1.3
Catalyst Control Center - Branding
Catalyst Control Center - Branding
CCleaner
Compatibiliteitspakket voor het 2007 Microsoft Office system
Connect
DisplayFusion
DVD Shrink 3.2
FileZilla Client 3.3.2.1
Free Download Manager 2.5
GEAR 32bit Driver Installer
Google Earth
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
Google Update Helper
Google Updater
GrabIt 1.7.2 Beta 4 (build 997)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
IL Download Manager
Intel(R) Integrated Performance Primitives RTI 4.0
Java DB 10.4.1.3
Java(TM) 6 Update 2
Java(TM) 6 Update 20
Java(TM) 6 Update 7
Java(TM) SE Development Kit 6 Update 11
Junk Mail filter update
K-Lite Codec Pack 4.3.4 (Full)
kuler
Live 7.0.3
Macromedia Dreamweaver MX 2004
Macromedia Extension Manager
Magic ISO Maker v5.4 (build 0256)
MediaMonkey 3.0
Medieval CUE Splitter
Messenger Plus! Live
Microsoft .NET Framework 3.5 Language Pack SP1 - nld
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft Choice Guard
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (Dutch) 2007
Microsoft Office Home and Student 2007
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (Dutch) 2007
Microsoft Office PowerPoint MUI (Dutch) 2007
Microsoft Office PowerPoint Viewer 2007 (Dutch)
Microsoft Office Proof (Dutch) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proofing (Dutch) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (Dutch) 2007
Microsoft Office Word MUI (Dutch) 2007
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
MixMeister Studio 7.2.2
Mozilla Firefox (3.6.3)
Mp3tag v2.45a
MSVCRT
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MyIdentityDefender Toolbar
NCH Toolbox
Nero 8 Essentials
neroxml
OJOsoft Total Video Converter
Panda Antivirus + Firewall 2008
PC Connectivity Solution
Philips amBX V1.4
Powersim Constructor Lite 2.51
Realtek High Definition Audio Driver
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for 2007 Microsoft Office System (KB978380)
Security Update for Microsoft Office Excel 2007 (KB978382)
Security Update for Microsoft Office PowerPoint 2007 (KB957789)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
ShortKeys Lite
Skype web features
Skype™ 4.1
Sony Ericsson PC Suite 4.010.00
Spelling Dictionaries Support For Adobe Reader 8
Suite Shared Configuration CS4
System Requirements Lab
SystemDiagnostics
Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL
Teach2000 8.43
Update for 2007 Microsoft Office System (KB967642)
Update for 2007 Microsoft Office System (KB981715)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office InfoPath 2007 (KB976416)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office Word 2007 (KB974561)
Update voor Microsoft Office Excel 2007 Help (KB963678)
Update voor Microsoft Office Powerpoint 2007 Help (KB963669)
Update voor Microsoft Office Word 2007 Help (KB963665)
VCRedistSetup
Vegas Movie Studio Platinum 9.0
Virtual DJ - Atomix Productions
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VSO Image Resizer 3.0.1.76
Windows Live - Hulpprogramma voor uploaden
Windows Live aanmeldhulp
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Media Player Firefox Plugin
Windows-stuurprogrammapakket - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0)
Windows-stuurprogrammapakket - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0)
Windows-stuurprogrammapakket - Nokia pccsmcfd (10/12/2007 6.85.4.0)
WinRAR
Wisdom-soft AutoScreenRecorder 1.0 Free
World of Warcraft FREE Trial
YouTube Downloader 2.5.3

Note: I installed mixmeister before I read your response, hope it doesnt cause too much confusion.
masternitro
Regular Member
 
Posts: 41
Joined: February 20th, 2009, 3:13 pm

Re: My Hijackthis log

Unread postby vict0r » June 1st, 2010, 7:28 am

Hi

Are you using a proxyserver, did you set this: ProxyServer = 174.142.104.57:3128 ?


Remove P2P Programs

  • I notice there are signs of one or more P2P (Person to Person) File Sharing Programs on your computer.

    Ares 2.1.1

  • Please read the Guidelines for P2P Programs where we explain why it's not a good idea to have them.
  • Note: Even if you are using a malware free P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their malware.

  • Click on Start > All programs > Accessories > Run.
  • In the open text box copy/paste appwiz.cpl Then click Ok.
  • Uninstall the programs listed above (in red) and any other P2P software you have installed.
  • Take care when answering any questions posed by an uninstaller. Some questions may be worded to deceive you into keeping the program.


CKScanner
Download CKScanner by askey127 from Here & save it to your Desktop.
  • Right click the CKScanner.exe icon and choose Run As Administrator
  • When the cursor hourglass disappears, click Save List To File
  • A message box will verify the file saved
  • Double-click the CKFiles.txt icon on your desktop then copy/paste the contents in your next reply


When finished, reply with:
  • Answer to my question.
  • the CKScanner-log
vict0r
Regular Member
 
Posts: 1043
Joined: December 3rd, 2008, 3:00 pm

Re: My Hijackthis log

Unread postby masternitro » June 1st, 2010, 10:38 am

I don't think i've set that proxy, I few months ago I set one but deleted it because I couldn't login on msn anymore.

CKScanner - Additional Security Risks - These are not necessarily bad
c:\downloads\mixmeister studio 7.4.4.0_keygen_.rar
c:\users\daniel\download\software\djvibezz - fl studio 8 with crack.rar
c:\users\daniel\download\software\corel paint shop photo pro x3\keygen.exe
c:\users\daniel\download\software\sonyvegas\plugins\newblue fx\cracks\artblendsvegas.dll
c:\users\daniel\download\software\sonyvegas\plugins\newblue fx\cracks\arteffectsvegas.dll
c:\users\daniel\download\software\sonyvegas\plugins\newblue fx\cracks\d3dexplosionsvegas.dll
c:\users\daniel\download\software\sonyvegas\plugins\newblue fx\cracks\d3dtransformationsvegas.dll
c:\users\daniel\download\software\sonyvegas\plugins\newblue fx\cracks\filmeffectsvegas.dll
c:\users\daniel\download\software\sonyvegas\plugins\newblue fx\cracks\motionblendsvegas.dll
c:\users\daniel\download\software\sonyvegas\plugins\newblue fx\cracks\motioneffectsvegas.dll
c:\users\daniel\download\software\sonyvegas\plugins\newblue fx\cracks\newblue_cracks.nfo
c:\users\daniel\download\software\sonyvegas\plugins\newblue fx\cracks\serials.reg
c:\users\daniel\download\software\sonyvegas\plugins\spicemaster pro v. 2.5\keygen.exe
c:\users\daniel\download\software\virtual dj pro v6.0.1 + crack\lees mij!.txt
c:\users\daniel\download\software\virtual dj pro v6.0.1 + crack\virtual dj pro v6.0.1.exe
c:\users\daniel\download\software\virtual dj pro v6.0.1 + crack\crack\virtualdj.exe
scanner sequence 3.HH.11
----- EOF -----

Also I get alerts of a trojan horse. But I think windows defender deleted them.
masternitro
Regular Member
 
Posts: 41
Joined: February 20th, 2009, 3:13 pm

Re: My Hijackthis log

Unread postby vict0r » June 1st, 2010, 3:20 pm

Illegal Software

This forum's policy says we will not help people who use cracked or pirated software.

More information:
Illegal Copies of Software

If you still want me to help you I suggest you remove all the illegal software from your computer:
  • Delete the illegal files shown in the CKScanner-log
  • Uninstall corresponding installed programs.

Your use of P2P and illegal software is most likely the reason why your computer is infected.

Please decide what you are going to do and let me know.

NOTE: If you give me advice that all illegal software has been removed and I find it has not (the tools we use can and will detect it) then I will have no choice but to have this thread closed.
vict0r
Regular Member
 
Posts: 1043
Joined: December 3rd, 2008, 3:00 pm

Re: My Hijackthis log

Unread postby vict0r » June 3rd, 2010, 2:02 pm

Hello...
It has been 2 days since my last post to you.
  • Do you still need help with this problem?
  • Do you need more time?
  • Are you having any trouble uninstalling the requested software? If so then tell me, I can find a solution to the problem.

Just let me know what's going on otherwise... After 24 hrs., if you have not replied to this thread... it will be closed!

Please post back even if you do not wish to continue.[/quote]
vict0r
Regular Member
 
Posts: 1043
Joined: December 3rd, 2008, 3:00 pm

Re: My Hijackthis log

Unread postby masternitro » June 3rd, 2010, 5:14 pm

Hey

I deleted the install files,
But I use one of the programs everyday, so I'm not going to delete it, sorry.
I'm pretty sure that doesnt cause the problems, because I have that installed way before the problem.
But I accept the forum policy ;)

Thanks for your help :)
masternitro
Regular Member
 
Posts: 41
Joined: February 20th, 2009, 3:13 pm

Re: My Hijackthis log

Unread postby vict0r » June 4th, 2010, 6:35 am

Then you have not understood the policy.

Your use of P2P and pirated software is most likely the reason why your computer is infected.

If you do not wish to uninstall the pirated software, your best option is to reformat and reinstall windows as other helpers (in any forums) that I know of work by the identical policy. It does not matter if the pirated software you need to use everyday did not come with any bundled malware.

If you need to use this one software suite, then you should buy a legitimate copy or find a free alternative. I can give you some advise where it may be possible to find one. Until then you will need to uninstall. You can backup your saved work, but not the software.

Please reply as soon as possible so this topic can be closed or we can start on the malwareremoval process.
vict0r
Regular Member
 
Posts: 1043
Joined: December 3rd, 2008, 3:00 pm

Re: My Hijackthis log

Unread postby masternitro » June 4th, 2010, 9:54 am

All p2p software is deleted (I think) if not please notify me.
Because I have download accelerators.

Pirated software is also deleted.
masternitro
Regular Member
 
Posts: 41
Joined: February 20th, 2009, 3:13 pm

Re: My Hijackthis log

Unread postby vict0r » June 4th, 2010, 12:14 pm

Download DDS

Please download DDS by sUBs from one of the links below and save it to your desktop:

Image

Link1
Link2 (right click -> Save link as...)

  • Right-Click on dds.scr(/com/pif) And select " Run as administrator "... and a command window will appear. This is normal.
  • Shortly after two logs will appear:
    • DDS.txt
    • Attach.txt
  • A window will open instructing you save & post the logs
  • Save the logs to a convenient place such as your desktop
  • Copy the contents of both logs into your next reply
vict0r
Regular Member
 
Posts: 1043
Joined: December 3rd, 2008, 3:00 pm

Re: My Hijackthis log

Unread postby masternitro » June 5th, 2010, 7:26 pm

The problem is gone, I no longer have those pop-ups.
I used CCleaner, and it got removed. But earlier CCleaner freezed when I tried to scan.
So It's solved, thank you for the effort ;)

This topic can be locked.
masternitro
Regular Member
 
Posts: 41
Joined: February 20th, 2009, 3:13 pm

Re: My Hijackthis log

Unread postby vict0r » June 6th, 2010, 5:17 am

Absence of symptoms does not necessarily mean that your computer is clean!

As far as I can see, CCleaner may have cleaned some of the infections on your computer. However it is still infected and it is highly likely that the malware will exponentially download/install more malware over time, eventually your machine will cease to function and/or not boot-up at all.

Post the DDS logs if you want to continue, if not post back one more time.
vict0r
Regular Member
 
Posts: 1043
Joined: December 3rd, 2008, 3:00 pm

Re: My Hijackthis log

Unread postby masternitro » June 6th, 2010, 6:17 am

I can't run DDS as an administrator.
Right click gives the options:
-Test
-Configuration
-Install

When I click test, my computer runs slower and freezes a bit.
masternitro
Regular Member
 
Posts: 41
Joined: February 20th, 2009, 3:13 pm

Re: My Hijackthis log

Unread postby vict0r » June 6th, 2010, 5:25 pm

Hi.

If you did not download the scr version of dds, then download it here:
Link

Make sure you saved it to your desktop.

  • Click the Windows Start > All programs > Accessories then Run
  • Write the following into the run box, then right click the text and select Run as administrator:
    cmd
  • Copy/paste the following into the command window and hit Enter:
    %userprofile%\desktop\dds.scr


If the instructions above does not work, just double click the dds-icon.
vict0r
Regular Member
 
Posts: 1043
Joined: December 3rd, 2008, 3:00 pm
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 29 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware