Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Infected PC can you help me

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Infected PC can you help me

Unread postby mustfirstregister » August 5th, 2011, 2:11 am

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:35:46 PM, on 8/4/2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Users\baby\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\baby\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\baby\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\baby\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\baby\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\baby\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\baby\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\baby\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\baby\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\baby\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/home?AF=18826
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
O1 - Hosts: 62.212.84.38 tracker.empornium.us
O1 - Hosts: 62.212.84.38 download.empornium.us
O1 - Hosts: 62.212.84.235 www.empornium.usforums.empornium.usempornium.us
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers\YontooIEClient.dll (file missing)
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O15 - Trusted Zone: http://*.pps.tv
O15 - Trusted Zone: http://*.ppstream.com
O15 - Trusted Zone: http://*.webscache.com
O15 - ESC Trusted Zone: http://*.pps.tv
O15 - ESC Trusted Zone: http://*.ppstream.com
O15 - ESC Trusted Zone: http://*.webscache.com
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = local
O17 - HKLM\Software\..\Telephony: DomainName = local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = local
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = local
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: OpenVPNTech Instantiator Service AS (OpenVPNTechOVPN_Instantiator) - Unknown owner - C:\Program Files\OpenVPNTech\bin\instant-xmlserv.exe
O23 - Service: Sybase BCKServer _ BABYPC_BS (SYBBCK_BABYPC_BS) - Unknown owner - C:\sybase\ASE-15_0\bin\bcksrvr.exe (file missing)
O23 - Service: Sybase BCKServer _ SYBASE_BS (SYBBCK_SYBASE_BS) - Unknown owner - C:\sybase\ASE-15_0\bin\bcksrvr.exe (file missing)
O23 - Service: Sybase MONServer _ BABYPC_MS (SYBMON_BABYPC_MS) - Unknown owner - C:\sybase\ASE-15_0\bin\monsrvr.exe (file missing)
O23 - Service: Sybase MONServer _ SYBASE_MS (SYBMON_SYBASE_MS) - Unknown owner - C:\sybase\ASE-15_0\bin\monsrvr.exe (file missing)

--
End of file - 4488 bytes
mustfirstregister
Active Member
 
Posts: 4
Joined: August 5th, 2011, 2:10 am
Advertisement
Register to Remove

Re: Infected PC can you help me

Unread postby deltalima » August 6th, 2011, 3:15 pm

You have already requested help with this problem at another forum .....

http://forums.malwarebytes.org/index.php?showuser=90145&tab=topics

May I draw your attention to THIS topic, which you should have read before posting for help, and THIS where we tell you why this is not a good idea.

This topic is now closed
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 282 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware