Free Malware Removal Forum

[jag1ed]

Logfile of HijackThis v1.99.1
Scan saved at 4:24:12 PM, on 11/14/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
J:\windows\System32\smss.exe
J:\windows\system32\winlogon.exe
J:\windows\system32\services.exe
J:\windows\system32\lsass.exe
J:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe
J:\windows\system32\svchost.exe
J:\windows\System32\svchost.exe
J:\windows\Explorer.EXE
J:\windows\system32\LEXBCES.EXE
J:\windows\system32\spoolsv.exe
J:\windows\system32\LEXPPS.EXE
J:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
J:\Program Files\ISS\BlackICE\blackd.exe
J:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
J:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
J:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
J:\windows\system32\nvsvc32.exe
J:\Program Files\Registry Defragmentation\RegManServ.exe
J:\windows\system32\ctfmon.exe
J:\windows\System32\svchost.exe
J:\Program Files\ISS\BlackICE\blackice.exe
J:\Program Files\Zone Labs\ZoneAlarm\zapro.exe
J:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
J:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
J:\WINDOWS\system32\ZoneLabs\vsmon.exe
J:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
J:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe
J:\Program Files\Mozilla Firefox\firefox.exe
J:\Documents and Settings\nofear.NOFEAR-3X09N7CM\Desktop\New Folder (5)\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - J:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - J:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: IE_PopupBlocker Class - {656EC4B7-072B-4698-B504-2A414C1F0037} - J:\Program Files\BellSouth Accelerator Technology\prpl_IePopupBlocker.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - J:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {8bb79b7a-b850-4115-984c-a007af62485e} - J:\windows\system32\yeneriho.dll (file missing)
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - J:\Program Files\Google\GoogleToolbarNotifier\4.1.805.1852\swg.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - J:\PROGRA~1\FlashFXP\IEFlash.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - J:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: &Save Flash - {4064EA35-578D-4073-A834-C96D82CBCF40} - J:\Program Files\Save Flash\SaveFlash.dll
O4 - HKLM\..\Run: [NvCplDaemon] "J:\windows\system32\RUNDLL32.EXE" J:\windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [MSConfig] J:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [manehafozu] Rundll32.exe "J:\windows\system32\hatasefa.dll",s
O4 - HKCU\..\Run: [ctfmon.exe] J:\windows\system32\ctfmon.exe
O4 - Global Startup: BlackICE PC Protection.lnk = J:\Program Files\ISS\BlackICE\blackice.exe
O4 - Global Startup: ZoneAlarm Pro.lnk = J:\Program Files\Zone Labs\ZoneAlarm\zapro.exe
O8 - Extra context menu item: Add to AMV Convert Tool... - J:\Program Files\MP3 Player Utilities 4.00\AMVConverter\grab.html
O8 - Extra context menu item: Add to Media Manager... - J:\Program Files\MP3 Player Utilities 4.00\MediaManager\grab.html
O8 - Extra context menu item: Download All by FlashGet - J:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - J:\Program Files\FlashGet\jc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - J:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - J:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - J:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - J:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - J:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - J:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - J:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - J:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - J:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - J:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/St ... b55579.cab
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games – Buddy Invite) - http://zone.msn.com/BinFrameWork/v10/ZB ... b55579.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10/ZP ... b55579.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 8330209484
O16 - DPF: {7E9522CF-6B95-46D6-8E2F-7638F507313F} (BLS_SpeedOP.systemcheck) - http://www.fastaccess.drivers.bellsouth ... peedop.cab
O16 - DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} (MSN Games – Texas Holdem Poker) - http://zone.msn.com/bingame/zpagames/zp ... b75406.cab
O16 - DPF: {A4110378-789B-455F-AE86-3A1BFC402853} (ZPA_SHVL Object) - http://zone.msn.com/bingame/zpagames/zp ... b55579.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v ... b56649.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games – Game Communicator) - http://zone.msn.com/binframework/v10/St ... b55579.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{EBF6C453-7128-4D8D-BF58-5718A622F1DD}: NameServer = 69.78.96.14 66.174.95.44
O20 - AppInit_DLLs: J:\windows\system32\wotunivo.dll j:\windows\system32\pibovijo.dll j:\windows\system32\lavupiho.dll j:\windows\system32\lukopijo.dll
O20 - Winlogon Notify: klogon - J:\windows\system32\klogon.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - J:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe LM Service - Adobe Systems - J:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - J:\Program Files\Ares\chatServer.exe
O23 - Service: AutoComplete Service (Autocomplete) - Acesoft - J:\Program Files\Acesoft\Tracks Eraser Pro\delautocomp.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Unknown owner - J:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" -r (file missing)
O23 - Service: BlackICE - Internet Security Systems, Inc. - J:\Program Files\ISS\BlackICE\blackd.exe
O23 - Service: Diskeeper - Diskeeper Corporation - J:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: eV2AZ0Vf5nr24dkyR2yRcL73aNEYK3 - Unknown owner - J:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\Avp32.exe (file missing)
O23 - Service: GoogleDesktopManager - Unknown owner - J:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - J:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - J:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel(R) Active Monitor (imonNT) - Intel Corp. - J:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe
O23 - Service: iPod Service - Apple Computer, Inc. - J:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - J:\windows\system32\LEXBCES.EXE
O23 - Service: MOPeI2VyNk5338+wh0 - Unknown owner - J:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\Avp32.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - J:\windows\system32\nvsvc32.exe
O23 - Service: pxbid1muRwX2k721W19UwPW2 - Unknown owner - J:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\Avp32.exe (file missing)
O23 - Service: RapApp - Internet Security Systems, Inc. - J:\Program Files\ISS\BlackICE\rapapp.exe
O23 - Service: Registry Management Service (RegManServ) - Unknown owner - J:\Program Files\Registry Defragmentation\RegManServ.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - J:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - J:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: vBF3k3Gjic92oPCj23 - Unknown owner - J:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\Avp32.exe (file missing)
O23 - Service: vipIK1ZvZH50mzpxg3XyZCs153Czb2Gb5OW1Vku6q3 - Unknown owner - J:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\Avp32.exe (file missing)
O23 - Service: VpADm2zVIFb1sMgQX2VKoUr0YKArR0aKIN71wKgYK1 - Unknown owner - J:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\Avp32.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - J:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Vzh442wNngg15VZ9s3t8Cyb0 - Unknown owner - J:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\Avp32.exe (file missing)
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. (www.webroot.com) - J:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
O23 - Service: Webroot Client Service (WRConsumerService) - Webroot Software, Inc. - J:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe

[Shaba]

You got already help here and that thread got closed due to cracks.

As per forum policy, this thread is now closed.