Go Back   Computer Juice > Computer Software > Virus, Spyware & Security
Reload this Page

Endless search...and stupid firefox...

Register Members New Posts Donate Unanswered Posts Site Spy Search


Reply
 
Thread Tools
  #1  
Old 05-01-2008, 04:26 PM
Nikronius's Avatar
CJ Member
Intel Nvidia
Nikronius is offline
Send a message via MSN to Nikronius Send a message via Yahoo to Nikronius Send a message via Skype™ to Nikronius
  
Join Date: Dec 2007
Last Online: 03-09-2008 04:37 PM
Posts: 67
iTrader: (0)
Nikronius is on a distinguished road
Default Endless search...and stupid firefox...
well, I have never seen this before but whenever i click on the search button from windows and make any search it keeps "searching" for the files even if i click on stop button, I am not sure if is a virus but really bothers me cause if i want to search for another file then i have to close this window and open it again...

another thing that keeps bothering me is that when I am in firefox for example, if im watching a video in youtube full screen it goes to small screen in certain amount of time over and over again or if I am typing something, for some misterious reason I cant type anymore, like if I selected another window or something... then I have to click in firefox again to continue my typing (that had happened more than 10 times in just this little msg...driving me crazy, im telling you!)

my pc is acting weird and karpersky antivirus says i have nothing wrong...

I have been working with computers for long time now but this is something I havent seen and havent heard yet... may be im becoming paranoid
Digg this postDel.icio.us this postTechnorati this postNetscape this postStumble this post
Reply With Quote
  #2  
Old 05-01-2008, 04:44 PM
evilfantasy's Avatar
CJ Moderator
Intel ATi
evilfantasy is offline
Send a message via Yahoo to evilfantasy
 
Join Date: Jul 2007
Last Online: Today 12:57 AM
Posts: 4,601
iTrader: (0)
evilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond repute
Default Endless search...and stupid firefox...
Lets take a closer look.

Download and rename HijackThis (HJT)
  • Double-click on HJTInstall.
  • Click on the Install button.
  • It will automatically place HJT in C:\Program Files\TrendMicro\HijackThis\HijackThis.exe.
  • Upon install, HijackThis should open for you.
    • Close HijackThis and rename it.
    • Go to C:\Program Files\Trend Micro\HijackThis.exe
    • Right click on HijackThis.exe and select Rename.
    • Type in sniper.exe and press Enter.
    • Right-click on sniper.exe and select Send To > Desktop (create shortcut)
  • From the desktop open HiackThis.
  • If using Windows Vista, be sure to Run As Administrator
  • Click on the Do a system scan and save a log file button
  • HijackThis will scan and then a log will open in notepad.
  • Copy and then paste the log in your post.
    • Don't have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.
Even though we have renamed HijackThis to sniper, we will still refer to it as HijackThis or HJT.
__________________
.
.
Digg this postDel.icio.us this postTechnorati this postNetscape this postStumble this post
Reply With Quote
  #3  
Old 05-01-2008, 05:08 PM
Nikronius's Avatar
CJ Member
Intel Nvidia
Nikronius is offline
Send a message via MSN to Nikronius Send a message via Yahoo to Nikronius Send a message via Skype™ to Nikronius
  
Join Date: Dec 2007
Last Online: 03-09-2008 04:37 PM
Posts: 67
iTrader: (0)
Nikronius is on a distinguished road
Default Endless search...and stupid firefox...
This is what i get:

**************************************************
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 02:08:32 p.m., on 05/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Archivos de programa\ABBYY FineReader 9.0\NetworkLicenseServer.exe
C:\Archivos de programa\LogMeIn\x86\RaMaint.exe
C:\Archivos de programa\LogMeIn\x86\LogMeIn.exe
C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\Archivos de programa\LogMeIn\x86\LogMeInSystray.exe
C:\WINDOWS\system32\SVOHOST.exe
C:\Archivos de programa\DAEMON Tools\daemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Archivos de programa\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Archivos de programa\Skype\Phone\Skype.exe
C:\Archivos de programa\Mozilla Firefox\firefox.exe
C:\Archivos de programa\Trend Micro\HijackThis\asdf.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDO WS\system32\ODBCJET.exe,
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Archivos de programa\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [SoundMam] C:\WINDOWS\system32\SVOHOST.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Archivos de programa\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Archivos de programa\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Comrade.exe] C:\Archivos de programa\GameSpy\Comrade\Comrade.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide1] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Servicio de red')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Servicio de red')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARCHIV~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/ES-LA/.../GAME_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary...o.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{BAA62A6B-DD15-4E55-A719-401AF676E3A9}: NameServer = 10.0.0.1,10.0.0.2
O20 - Winlogon Notify: usbmon - C:\WINDOWS\system32\usbmons.dll
O23 - Service: ABBYY FineReader 9.0 Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Archivos de programa\ABBYY FineReader 9.0\NetworkLicenseServer.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Archivos de programa\Ares\chatServer.exe
O23 - Service: BCL easyPDF SDK 5 Loader (bepldr) - Unknown owner - C:\Archivos de programa\Archivos comunes\BCL Technologies\easyPDF 5\bepldr.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Archivos de programa\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Archivos de programa\LogMeIn\x86\LogMeIn.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Archivos de programa\Spyware Doctor\svcntaux.exe
O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Archivos de programa\Spyware Doctor\swdsvc.exe

--
End of file - 5942 bytes
Last edited by Nikronius : 05-01-2008 at 05:17 PM.
Digg this postDel.icio.us this postTechnorati this postNetscape this postStumble this post
Reply With Quote
  #4  
Old 05-01-2008, 05:24 PM
evilfantasy's Avatar
CJ Moderator
Intel ATi
evilfantasy is offline
Send a message via Yahoo to evilfantasy
 
Join Date: Jul 2007
Last Online: Today 12:57 AM
Posts: 4,601
iTrader: (0)
evilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond repute
Default Endless search...and stupid firefox...
Yep, you have some nasty ones on there.

1. It has disabled your antivirus.
2. It is a mass-mailing worm with backdoor and keylogging capabilities.
3. It has set restrictions on the Control Panel.

---------------

Please download Combofix by sUBs from either here or here

IMPORTANT - Save Combofix.exe to your your Desktop.
  • Close any open Web browsers. (Firefox, Internet Explorer, etc)
  • Double click combofix.exe & follow the prompts.
  • From the keyboard select 1 and press Enter
  • When finished, it will produce a log for you.
  • Post that log in your next reply.
Do not mouseclick combofix's window while it's running. That may cause your computer to stall


Next post please add
combofix log
new hijackthis log
__________________
.
.
Last edited by evilfantasy : 05-01-2008 at 05:25 PM.
Digg this postDel.icio.us this postTechnorati this postNetscape this postStumble this post
Reply With Quote
  #5  
Old 05-01-2008, 06:33 PM
Nikronius's Avatar
CJ Member
Intel Nvidia
Nikronius is offline
Send a message via MSN to Nikronius Send a message via Yahoo to Nikronius Send a message via Skype™ to Nikronius
  
Join Date: Dec 2007
Last Online: 03-09-2008 04:37 PM
Posts: 67
iTrader: (0)
Nikronius is on a distinguished road
Default Endless search...and stupid firefox...
ComboFix 08-01-06.3 - Administrador 2008-01-05 14:48:48.1 - NTFSx86
Se ejecuta desde: C:\Documents and Settings\Administrador\Escritorio\ComboFix.exe
.

(((((((((((((((((((((((((((((((((((( Otras eliminaciones )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\install.exe
C:\WINDOWS\system32\svohost.exe
C:\WINDOWS\system32\winscok.dll

.

(((((((((((((((((((((((((((((((((((((( Reporte Find3M )))))))))))))))))))))))))))))))))))))))))))))))))) )
.
2008-01-05 18:49 --------- d-----w C:\Documents and Settings\Administrador\Datos de programa\Skype
2008-01-05 15:21 --------- d---a-w C:\Documents and Settings\All Users\Datos de programa\TEMP
2008-01-05 13:00 --------- d-----w C:\Documents and Settings\Administrador\Datos de programa\Azureus
2007-12-26 22:39 --------- d-----w C:\Documents and Settings\Administrador\Datos de programa\U3
2007-12-24 14:38 --------- d--h--w C:\Archivos de programa\InstallShield Installation Information
2007-12-23 04:15 --------- d-----w C:\Archivos de programa\Azureus
2007-12-13 14:40 11,973 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-12-11 15:46 --------- d-----w C:\Archivos de programa\Archivos comunes\InstallShield
2007-12-05 20:12 --------- d-----w C:\Documents and Settings\Administrador\Datos de programa\JAM Software
2007-12-05 20:09 --------- d-----w C:\Archivos de programa\JAM Software
2007-12-04 19:25 --------- d-----w C:\Documents and Settings\All Users\Datos de programa\Office Genuine Advantage
2007-12-03 15:32 --------- d-----w C:\Archivos de programa\FinalData
2007-12-02 17:05 --------- d-----w C:\Documents and Settings\Administrador\Datos de programa\Media Player Classic
2007-12-02 16:43 --------- d-----w C:\Documents and Settings\All Users\Datos de programa\WM
2007-12-02 14:42 --------- d-----w C:\Documents and Settings\Administrador\Datos de programa\WM
2007-12-02 14:39 --------- d-----w C:\Archivos de programa\Word Magic Software
2007-12-02 00:44 --------- d-----w C:\Documents and Settings\Administrador\Datos de programa\BSplayer Pro
2007-12-02 00:19 70,656 ----a-w C:\WINDOWS\ScUnin.exe
2007-11-30 22:17 --------- d-----w C:\Archivos de programa\DivX
2007-11-30 22:01 --------- d-----w C:\Archivos de programa\Microsoft Works
2007-11-30 21:45 --------- d-----w C:\Documents and Settings\Dimart\Datos de programa\Talkback
2007-11-30 21:19 --------- d-----w C:\Archivos de programa\DAEMON Tools
2007-11-30 21:13 685,816 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2007-11-30 20:28 --------- d-----w C:\Documents and Settings\All Users\Datos de programa\Azureus
2007-11-30 13:42 --------- d-----w C:\Documents and Settings\Administrador\Datos de programa\Talkback
2007-11-30 12:38 220,160 ----a-w C:\WINDOWS\system32\uxtheme.dll
2007-11-30 12:38 --------- d-----w C:\Archivos de programa\Skype
2007-11-30 12:37 --------- d-----w C:\Documents and Settings\All Users\Datos de programa\Apple Computer
2007-11-30 12:37 --------- d-----w C:\Archivos de programa\Windows Media Connect 2
2007-11-30 12:37 --------- d-----w C:\Archivos de programa\Real Alternative
2007-11-30 12:37 --------- d-----w C:\Archivos de programa\QuickTime Alternative
2007-11-30 12:37 --------- d-----w C:\Archivos de programa\Media Player Classic
2007-11-30 12:35 --------- d-----w C:\Archivos de programa\K-Lite Codec Pack
2007-11-30 12:35 --------- d-----w C:\Archivos de programa\Java
2007-11-30 12:35 --------- d-----w C:\Archivos de programa\Archivos comunes\Java
2007-11-30 12:34 --------- d-----w C:\Archivos de programa\Webteh
2007-11-30 12:34 --------- d-----w C:\Archivos de programa\Lavalys
2007-11-30 12:34 --------- d-----w C:\Archivos de programa\Archivos comunes\Adobe
2007-11-30 12:23 --------- d-----w C:\Archivos de programa\Archivos comunes\MSSoap
2007-11-30 12:15 --------- d-----w C:\Archivos de programa\Archivos comunes\SpeechEngines
2007-11-30 12:15 --------- d-----w C:\Archivos de programa\Archivos comunes\ODBC
2007-11-15 22:46 23,736 ----a-w C:\WINDOWS\system32\lmimirr.dll
2007-11-15 22:46 10,040 ----a-w C:\WINDOWS\system32\lmimirr2.dll
2007-11-14 07:28 450,560 ------w C:\WINDOWS\system32\dllcache\jscript.dll
2007-10-30 10:17 3,079,680 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-29 22:43 1,293,824 ------w C:\WINDOWS\system32\dllcache\quartz.dll
2007-10-25 16:56 8,496,640 ------w C:\WINDOWS\system32\dllcache\shell32.dll
2007-10-25 13:28 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
2007-10-25 13:28 222,720 ------w C:\WINDOWS\system32\dllcache\wmasf.dll
2007-10-20 00:56 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2007-10-20 00:56 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2007-10-18 15:31 51,224 ----a-w C:\WINDOWS\system32\sirenacm.dll
2007-10-11 06:12 96,768 ------w C:\WINDOWS\system32\dllcache\inseng.dll
2007-10-11 06:12 662,016 ------w C:\WINDOWS\system32\dllcache\wininet.dll
2007-10-11 06:12 616,448 ----a-w C:\WINDOWS\system32\dllcache\urlmon.dll
2007-10-11 06:12 55,808 ------w C:\WINDOWS\system32\dllcache\extmgr.dll
2007-10-11 06:12 532,480 ------w C:\WINDOWS\system32\dllcache\mstime.dll
2007-10-11 06:12 474,624 ----a-w C:\WINDOWS\system32\dllcache\shlwapi.dll
2007-10-11 06:12 449,024 ------w C:\WINDOWS\system32\dllcache\mshtmled.dll
2007-10-11 06:12 39,424 ------w C:\WINDOWS\system32\dllcache\pngfilt.dll
2007-10-11 06:12 357,888 ------w C:\WINDOWS\system32\dllcache\dxtmsft.dll
2007-10-11 06:12 251,392 ------w C:\WINDOWS\system32\dllcache\iepeers.dll
2007-10-11 06:12 205,312 ------w C:\WINDOWS\system32\dllcache\dxtrans.dll
2007-10-11 06:12 16,384 ------w C:\WINDOWS\system32\dllcache\jsproxy.dll
2007-10-11 06:12 151,552 ----a-w C:\WINDOWS\system32\dllcache\cdfview.dll
2007-10-11 06:12 146,432 ------w C:\WINDOWS\system32\dllcache\msrating.dll
2007-10-11 06:12 1,495,040 ----a-w C:\WINDOWS\system32\dllcache\shdocvw.dll
2007-10-11 06:12 1,056,256 ------w C:\WINDOWS\system32\dllcache\danim.dll
2007-10-11 06:12 1,023,488 ----a-w C:\WINDOWS\system32\dllcache\browseui.dll
2007-10-10 11:16 18,432 ------w C:\WINDOWS\system32\dllcache\iedw.exe
2006-11-07 14:29 145,920 ----a-w C:\WINDOWS\inf\hdaudio.sys
2006-09-05 08:18 20,992 --sha-r C:\WINDOWS\system32\usbmons.exe
.

((((((((((((((((((((((((((((((((( Cargando Puntos Reg ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* entradas vacías & entradas legítimas predeterminadas no son mostradas

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"DAEMON Tools"="C:\Archivos de programa\DAEMON Tools\daemon.exe" [2007-09-18 10:16 171464]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 08:42 30208]
"MsnMsgr"="C:\Archivos de programa\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]
"Comrade.exe"="C:\Archivos de programa\GameSpy\Comrade\Comrade.exe" [2007-12-20 13:47 36864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"LogMeIn GUI"="C:\Archivos de programa\LogMeIn\x86\LogMeInSystray.exe" [2007-08-03 15:09 63048]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-19 08:42 30208]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"DisableStatusMessages"= 0 (0x0)
"HideShutdownScripts"= 0 (0x0)
"RunLogonScriptSync"= 0 (0x0)
"RunStartupScriptSync"= 0 (0x0)
"HideStartupScripts"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\system]
"DisableLockWorkstation"= 0 (0x0)
"DisableChangePassword"= 0 (0x0)
"HideLogonScripts"= 0 (0x0)
"HideLogoffScripts"= 0 (0x0)
"HideLegacyLogonScripts"= 0 (0x0)

[HKEY_USERS\.default\software\microsoft\windows\cur rentversion\policies\system]
"NoDispCPL"= 0 (0x0)
"NoDispAppearancePage"= 0 (0x0)
"NoDispScrSavPage"= 0 (0x0)
"NoDispSettingsPage"= 0 (0x0)
"NoVisualStyleChoice"= 0 (0x0)
"NoColorChoice"= 0 (0x0)
"NoSizeChoice"= 0 (0x0)
"DisableLockWorkstation"= 0 (0x0)
"DisableChangePassword"= 0 (0x0)
"HideLogonScripts"= 0 (0x0)
"HideLogoffScripts"= 0 (0x0)
"HideLegacyLogonScripts"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\explorer]
"NoDesktopCleanupWizard"= 1 (0x1)
"ForceClassicControlPanel"= 1 (0x1)
"NoWelcomeScreen"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\explorer]
"NoChangeKeyboardNavigationIndicators"= 0 (0x0)
"NoChangeAnimation"= 0 (0x0)
"NoAddPrinter"= 0 (0x0)
"NoDeletePrinter"= 0 (0x0)
"RestrictCpl"= 0 (0x0)
"DisallowCpl"= 0 (0x0)
"NoViewOnDrive"= 0 (0x0)
"RestrictRun"= 0 (0x0)
"DisallowRun"= 0 (0x0)
"NoRecycleFiles"= 0 (0x0)
"ForceRecycleBinSize"= 0 (0x0)
"NoCustomizeWebView"= 0 (0x0)
"NoWinKeys"= 0 (0x0)
"NoFileAssociate"= 0 (0x0)
"NoDFSTab"= 0 (0x0)
"NoInstrumentation"= 0 (0x0)
"NoCustomizeThisFolder"= 0 (0x0)
"NoWebView"= 0 (0x0)
"DontShowSuperHidden"= 0 (0x0)
"NoOnlinePrintsWizard"= 0 (0x0)
"NoPublishingWizard"= 0 (0x0)
"NoSMConfigurePrograms"= 0 (0x0)
"NoSMMyPictures"= 0 (0x0)
"NoStartMenuMyMusic"= 0 (0x0)
"NoFavoritesMenu"= 0 (0x0)
"NoHelp"= 0 (0x0)
"NoCommonGroups"= 0 (0x0)
"NoStartMenuMFUprogramsList"= 0 (0x0)
"NoStartMenuPinnedList"= 0 (0x0)
"NoUserNameInStartMenu"= 0 (0x0)
"NoStartMenuMorePrograms"= 0 (0x0)
"NoStartMenuEjectPC"= 0 (0x0)
"NoSimpleStartMenu"= 0 (0x0)
"ForceStartMenuLogoff"= 0 (0x0)
"NoStartMenuSubFolders"= 0 (0x0)
"NoDisconnect"= 0 (0x0)
"NoNtSecurity"= 0 (0x0)
"NoSetFolders"= 0 (0x0)
"GreyMSIAds"= 0 (0x0)
"ForceMaxRecentDocs"= 0 (0x0)
"NoSMBalloonTip"= 0 (0x0)
"NoSMBalloonTips"= 0 (0x0)
"NoTrayContextMenu"= 0 (0x0)
"LockTaskbar"= 0 (0x0)
"NoTaskGrouping"= 0 (0x0)
"NoWebServices"= 0 (0x0)
"NoFileUrl"= 0 (0x0)
"NoBandCustomize"= 0 (0x0)
"NoToolbarCustomize"= 0 (0x0)
"NoExpandedNewMenu"= 0 (0x0)
"SpecifyDefaultButtons"= 0 (0x0)
"NoRecentDocsNetHood"= 0 (0x0)
"EnforceShellExtensionSecurity"= 0 (0x0)
"NoLogOff"= 0 (0x0)
"NoRunasInstallPrompt"= 0 (0x0)
"PromptRunasInstallNetPath"= 1 (0x1)
"NoResolveTrack"= 0 (0x0)
"NoResolveSearch"= 0 (0x0)
"NoDevMgrUpdate"= 0 (0x0)
"NoThumbnailCache"= 0 (0x0)
"ForceCopyAclwithFile"= 0 (0x0)
"StartRunNoHOMEPATH"= 0 (0x0)

[HKEY_USERS\.default\software\microsoft\windows\cur rentversion\policies\explorer]
"NoThemesTab"= 0 (0x0)
"NoChangeKeyboardNavigationIndicators"= 0 (0x0)
"NoChangeAnimation"= 0 (0x0)
"NoAddPrinter"= 0 (0x0)
"NoDeletePrinter"= 0 (0x0)
"RestrictCpl"= 0 (0x0)
"DisallowCpl"= 0 (0x0)
"NoViewOnDrive"= 0 (0x0)
"RestrictRun"= 0 (0x0)
"DisallowRun"= 0 (0x0)
"NoRecycleFiles"= 0 (0x0)
"ForceRecycleBinSize"= 0 (0x0)
"NoCustomizeWebView"= 0 (0x0)
"NoViewContextMenu"= 0 (0x0)
"NoWinKeys"= 0 (0x0)
"NoFileAssociate"= 0 (0x0)
"NoDFSTab"= 0 (0x0)
"NoInstrumentation"= 0 (0x0)
"NoCustomizeThisFolder"= 0 (0x0)
"NoWebView"= 0 (0x0)
"DontShowSuperHidden"= 0 (0x0)
"NoOnlinePrintsWizard"= 0 (0x0)
"NoPublishingWizard"= 0 (0x0)
"NoRun"= 0 (0x0)
"NoSMConfigurePrograms"= 0 (0x0)
"NoSMMyPictures"= 0 (0x0)
"NoStartMenuMyMusic"= 0 (0x0)
"NoFavoritesMenu"= 0 (0x0)
"NoHelp"= 0 (0x0)
"NoCommonGroups"= 0 (0x0)
"NoFind"= 0 (0x0)
"NoFolderOptions"= 0 (0x0)
"NoStartMenuMFUprogramsList"= 0 (0x0)
"NoStartMenuPinnedList"= 0 (0x0)
"NoUserNameInStartMenu"= 0 (0x0)
"NoStartMenuMorePrograms"= 0 (0x0)
"NoStartMenuEjectPC"= 0 (0x0)
"NoSimpleStartMenu"= 0 (0x0)
"ForceStartMenuLogoff"= 0 (0x0)
"StartMenuLogoff"= 0 (0x0)
"NoStartMenuSubFolders"= 0 (0x0)
"NoDisconnect"= 0 (0x0)
"NoNtSecurity"= 0 (0x0)
"NoSetFolders"= 0 (0x0)
"GreyMSIAds"= 0 (0x0)
"ForceMaxRecentDocs"= 0 (0x0)
"NoSMBalloonTip"= 0 (0x0)
"NoSMBalloonTips"= 0 (0x0)
"NoTrayContextMenu"= 0 (0x0)
"LockTaskbar"= 0 (0x0)
"HideClock"= 0 (0x0)
"NoTaskGrouping"= 0 (0x0)
"NoActiveDesktopChanges"= 0 (0x0)
"NoWebServices"= 0 (0x0)
"NoFileUrl"= 0 (0x0)
"NoBandCustomize"= 0 (0x0)
"NoToolbarCustomize"= 0 (0x0)
"NoExpandedNewMenu"= 0 (0x0)
"SpecifyDefaultButtons"= 0 (0x0)
"NoRecentDocsNetHood"= 0 (0x0)
"EnforceShellExtensionSecurity"= 0 (0x0)
"NoClose"= 0 (0x0)
"NoLogOff"= 0 (0x0)
"NoRunasInstallPrompt"= 0 (0x0)
"PromptRunasInstallNetPath"= 1 (0x1)
"NoResolveTrack"= 0 (0x0)
"NoResolveSearch"= 0 (0x0)
"NoDevMgrUpdate"= 0 (0x0)
"NoThumbnailCache"= 0 (0x0)
"ForceCopyAclwithFile"= 0 (0x0)
"StartRunNoHOMEPATH"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
LMIinit.dll 2007-11-15 18:46 87352 C:\WINDOWS\system32\LMIinit.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Caffe-Server]
--a------ 2006-07-09 15:27 4803072 C:\Program Files\Caffe\Server.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cmaudio]


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2004-08-19 08:42 30208 C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
--a------ 2005-09-20 10:32 77824 C:\WINDOWS\system32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
--a------ 2005-09-20 10:36 114688 C:\WINDOWS\system32\igfxpers.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
--a------ 2005-09-20 10:35 94208 C:\WINDOWS\system32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\kis]
C:\Archivos de programa\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Archivos de programa\MSN Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TaskSwitchXP]
C:\Archivos de programa\TaskSwitchXP\TaskSwitchXP.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Archivos de programa\Winamp\winampa.exe

R1 NtFsLdf20;NtFsLdf20;C:\WINDOWS\system32\drivers\Nt FsLdf20.sys [2002-07-04 13:52]
R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Archivos de programa\LogMeIn\x86\RaInfo.sys [2007-08-03 15:09]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\WINDOWS\system32\drivers\LMIRfsDriver.sy s [2007-08-03 15:09]
R3 usbscan;Controlador de escáner USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2006-08-17 21:32]
S2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 Licensing Service;"C:\Archivos de programa\ABBYY FineReader 9.0\NetworkLicenseServer.exe" [2007-09-25 00:11]
S3 bepldr;BCL easyPDF SDK 5 Loader;"C:\Archivos de programa\Archivos comunes\BCL Technologies\easyPDF 5\bepldr.exe" [2007-08-22 16:19]
S3 USBSTOR;Dispositivo de almacenamiento masivo de datos USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 23:08]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalService REG_MULTI_SZ Alerter WebClient LmHosts upnphost SSDPSRV

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{5714de88-a427-11dc-861c-00196604d2ae}]
\Shell\Auto\command - H:\Cn911.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Cn911.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{68ae8df5-aca4-11dc-81b1-00196604d2ae}]
\Shell\AutoRun\command - auto.exe
\Shell\explore\Command - RavMon.exe -e
\Shell\open\Command - RavMon.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{805ec9a7-a004-11dc-8615-00196604d2ae}]
\Shell\AutoRun\command - G:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{92ef7850-a108-11dc-8619-00196604d2ae}]
\Shell\Auto\command - H:\Cn911.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Cn911.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{92ef78aa-a108-11dc-8619-00196604d2ae}]
\Shell\Auto\command - H:\Cn911.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Cn911.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{92ef78b4-a108-11dc-8619-00196604d2ae}]
\Shell\Auto\command - H:\Cn911.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Cn911.exe

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{b05019b3-a665-11dc-a263-00196604d2ae}]
\Shell\AutoRun\command - ntde1ect.com
\Shell\explore\Command - ntde1ect.com
\Shell\open\Command - ntde1ect.com

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{d79ae692-9f95-11dc-8614-00196604d2ae}]
\Shell\AutoRun\command - G:\ntde1ect.com
\Shell\explore\Command - G:\ntde1ect.com
\Shell\open\Command - G:\ntde1ect.com

*Newly Created Service* - COMSYSAPP
*Newly Created Service* - PROCEXP90
.
Contenido de carpeta 'Tareas Programadas'
"2007-12-08 20:22:33 C:\WINDOWS\Tasks\McDefragTask.job"
.
************************************************** ************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-06 14:51:38
Windows 5.1.2600 Service Pack 2 NTFS

escaneando procesos ocultos ...

escaneando entradas ocultas de autostart ...

escaneando archivos ocultos ...

disk error: C:\WINDOWS\

************************************************** ************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\c atchme]
"ImagePath"="\??\C:\Windows\Temp\catchme.sys"
.
--------------------- DLLs cargados bajo los procesos en ejecución ---------------------

PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\WINDOWS\system32\usbmons.dll
.
Tiempo completado: 2008-01-06 14:52:51
ComboFix-quarantined-files.txt 2008-01-06 18:51:58
.
2007-12-18 03:51:13 --- E O F ---


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 03:32:28 p.m., on 06/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Archivos de programa\LogMeIn\x86\RaMaint.exe
C:\Archivos de programa\LogMeIn\x86\LogMeIn.exe
C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Archivos de programa\LogMeIn\x86\LogMeInSystray.exe
C:\Archivos de programa\DAEMON Tools\daemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\explorer.exe
C:\Archivos de programa\Mozilla Firefox\firefox.exe
C:\Archivos de programa\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Archivos de programa\Trend Micro\HijackThis\asdf.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Archivos de programa\Java\jre1.5.0_09\bin\ssv.dll
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Archivos de programa\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Archivos de programa\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Archivos de programa\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Comrade.exe] C:\Archivos de programa\GameSpy\Comrade\Comrade.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Servicio de red')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Archivos de programa\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARCHIV~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/ES-LA/.../GAME_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary...o.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{BAA62A6B-DD15-4E55-A719-401AF676E3A9}: NameServer = 10.0.0.1,10.0.0.2
O23 - Service: ABBYY FineReader 9.0 Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Archivos de programa\ABBYY FineReader 9.0\NetworkLicenseServer.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Archivos de programa\Ares\chatServer.exe
O23 - Service: BCL easyPDF SDK 5 Loader (bepldr) - Unknown owner - C:\Archivos de programa\Archivos comunes\BCL Technologies\easyPDF 5\bepldr.exe
O23 - Service: Indexing Service (CiSvc) - Unknown owner - C:\WINDOWS\system32\cisvc.exe (file missing)
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Archivos de programa\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Archivos de programa\LogMeIn\x86\LogMeIn.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Archivos de programa\Spyware Doctor\svcntaux.exe
O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Archivos de programa\Spyware Doctor\swdsvc.exe

--
End of file - 4754 bytes
Digg this postDel.icio.us this postTechnorati this postNetscape this postStumble this post
Reply With Quote
  #6  
Old 05-01-2008, 06:52 PM
evilfantasy's Avatar
CJ Moderator
Intel ATi
evilfantasy is offline
Send a message via Yahoo to evilfantasy
 
Join Date: Jul 2007
Last Online: Today 12:57 AM
Posts: 4,601
iTrader: (0)
evilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond repute
Default Endless search...and stupid firefox...
That got a few of them but there is still more.

Download SDFix.exe and save it to your Desktop.

Double click SDFix.exe and it will extract the files to %systemdrive%
(Drive that contains the Windows Directory, typically C:\SDFix)

Please then reboot your computer in Safe Mode by doing the following:
  • Restart your computer
  • After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
  • Instead of Windows loading as normal, the Advanced Options Menu should appear;
  • Select the first option, to run Windows in Safe Mode, then press Enter.
  • Choose your usual account.
  • Open the extracted SDFix folder and double click RunThis.bat to start the script.
  • Type Y to begin the cleanup process.
  • It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot.
  • Press any Key and it will restart the PC.
  • When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
  • Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt
    (Report.txt will also be copied to Clipboard).
  • Finally add the contents of the Report.txt in your next post as an Attachment with a new HijackThis log


Next post
SDFix log
New Hijackthis log
__________________
.
.
Last edited by evilfantasy : 05-01-2008 at 06:53 PM.
Digg this postDel.icio.us this postTechnorati this postNetscape this postStumble this post
Reply With Quote
  #7  
Old 06-01-2008, 03:58 PM
Nikronius's Avatar
CJ Member
Intel Nvidia
Nikronius is offline
Send a message via MSN to Nikronius Send a message via Yahoo to Nikronius Send a message via Skype™ to Nikronius
  
Join Date: Dec 2007
Last Online: 03-09-2008 04:37 PM
Posts: 67
iTrader: (0)
Nikronius is on a distinguished road
Default Endless search...and stupid firefox...
problem solved. :) thnx
Digg this postDel.icio.us this postTechnorati this postNetscape this postStumble this post
Reply With Quote
  #8  
Old 06-01-2008, 06:47 PM
evilfantasy's Avatar
CJ Moderator
Intel ATi
evilfantasy is offline
Send a message via Yahoo to evilfantasy
 
Join Date: Jul 2007
Last Online: Today 12:57 AM
Posts: 4,601
iTrader: (0)
evilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond reputeevilfantasy has a reputation beyond repute
Default Endless search...and stupid firefox...
Originally Posted by Nikronius View Post
problem solved. :) thnx



Would you mind posting the logs?
__________________
.
.
Digg this postDel.icio.us this postTechnorati this postNetscape this postStumble this post
Reply With Quote
  #9  
Old 09-01-2008, 03:36 PM
Nikronius's Avatar
CJ Member
Intel Nvidia
Nikronius is offline
Send a message via MSN to Nikronius Send a message via Yahoo to Nikronius Send a message via Skype™ to Nikronius
  
Join Date: Dec 2007
Last Online: 03-09-2008 04:37 PM
Posts: 67
iTrader: (0)
Nikronius is on a distinguished road
Default Endless search...and stupid firefox...
no prob.
Digg this postDel.icio.us this postTechnorati this postNetscape this postStumble this post
Reply With Quote

Please support this forum, donate towards our running costs.


Reply

« maybe trojan | Problem Updating AVG free edition »

Thread Tools

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
XP SP3 cripples some PCs with endless reboots SocialWarfare Windows Operating Systems 5 09-05-2008 04:56 PM
Did Something Stupid FunkyJuice CPUs, Motherboards & RAM 10 05-02-2008 11:09 PM
Endless Problems, Windows Wont Start Now Polkigtry General Hardware Chat 2 13-01-2008 08:06 AM
I know it sounds stupid, but do you actually need a pc... rampagetrav PC & Console Gaming 8 11-11-2007 09:28 AM
Does Firefox have a "create search" feature like bimmer5427 Web Browsers & FTP Clients 1 01-04-2007 12:02 PM


Copyright ©2006 - 2008 Computer Juice.
Contact Us - Computer Juice - Sitemap - Privacy Statement - Top

Powered by vBulletin® Copyright ©2000 - 2008 Jelsoft Enterprises Ltd. SEO by vBSEO ©2008, Crawlability, Inc.

Page copy protected against web site content infringement by Copyscape