Forum     

Go Back   Digit Technology Discussion Forum > Portables, Peripherals and Electronics > QnA (read only)
my friend's hijack this file.. pls help my friend's hijack this file.. pls help
Register FAQ Calendar Mark Forums Read

QnA (read only) Mods please help transfer the contents of this forum to proper sections. :)


 
 
LinkBack Thread Tools Search this Thread Display Modes
Old 29-07-2005, 06:09 PM   #1 (permalink)
Alpha Geek
 
Join Date: Feb 2005
Posts: 959
Default my friend's hijack this file.. pls help

Quote:
Originally Posted by Logfile of HijackThis v1.99.1
Scan saved at 6:06:18 PM, on 07/29/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\csrss.exe
D:\WINDOWS\SYSTEM32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\pctspk.exe
D:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
D:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
D:\Program Files\Softwin\BitDefender8\vsserv.exe
D:\WINDOWS\System32\igfxtray.exe
D:\WINDOWS\System32\hkcmd.exe
D:\Program Files\Conexant\AccessRunner ADSL\CnxDslTb.exe
D:\Program Files\Softwin\BitDefender8\bdoesrv.exe
D:\Program Files\Softwin\BitDefender8\bdnagent.exe
D:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
D:\Program Files\MSN Messenger\msnmsgr.exe
D:\Documents and Settings\Administrator\My Documents\My Received Files\_softwares\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://searchmiracle.com/sp.php
R3 - URLSearchHook: (no name) - {C4F795D5-BE94-7581-5E24-8F2B105B46E7} - ExchangeMaster.dll (file missing)
F2 - REG:system.ini: UserInit=userinit.exe,xpjava.exe
O1 - Hosts: localhost 127.0.0.1
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: CInterfaceObj Object - {58F07DD3-924D-4141-BC74-299F523A95F1} - D:\WINDOWS\pxwma.dll
O4 - HKLM\..\Run: [CnxDslTaskBar] "D:\Program Files\Conexant\AccessRunner ADSL\CnxDslTb.exe"
O4 - HKLM\..\Run: [checkrun] D:\windows\system32\elitemol32.exe
O4 - HKLM\..\Run: [BDMCon] C:\Program Files\Softwin\BitDefender8\bdmcon2.exe
O4 - HKLM\..\Run: [BDOESRV] "D:\Program Files\Softwin\BitDefender8\bdoesrv.exe"
O4 - HKLM\..\Run: [BDNewsAgent] "D:\Program Files\Softwin\BitDefender8\bdnagent.exe"
O4 - HKLM\..\Run: [mouse] mouse.exe
O4 - HKLM\..\Run: [Kargo] FLKPT.exe
O4 - HKLM\..\Run: [UserSp1] init32.exe
O4 - HKLM\..\Run: [ms ownage] winPE.exe
O4 - HKLM\..\Run: [MSConfig] D:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\RunServices: [ServicesUpdateStart] Msn7.exe
O4 - HKLM\..\RunServices: [mouse] mouse.exe
O4 - HKLM\..\RunServices: [ms ownage] winPE.exe
O4 - HKCU\..\Run: [ngpw36] C:\windows\system32\ngpw36.exe
O4 - HKCU\..\Run: [DCC_send] MNTP.exe
O4 - HKCU\..\Run: [Preliminary] Kargo.exe
O4 - HKCU\..\Run: [DTOURS] driver32.exe
O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\MSN Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: &Google Search - res://D:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://D:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://D:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Download with IDM - D:\PROGRA~1\INTERN~3\IEExt.htm
O8 - Extra context menu item: Similar Pages - res://D:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://D:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS\web\related.htm
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - D:\PROGRA~1\YAHOO!\MESSEN~1\YPAGER.EXE
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - D:\PROGRA~1\YAHOO!\MESSEN~1\YPAGER.EXE
O15 - Trusted Zone: http://ny.contentmatch.net (HKLM)
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/ms...downloader.cab
O16 - DPF: {FC67BB52-AAB6-4282-9D51-2DAFFE73AFD0} - http://download.spyspotter.com/spysp...CabInstall.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4EFA96CC-6894-459A-B1A6-9417A4B39CA4}: NameServer = 203.145.184.13 202.56.250.5
O20 - Winlogon Notify: igfxcui - D:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - D:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - D:\WINDOWS\system32\pctspk.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - D:\Program Files\Softwin\BitDefender8\vsserv.exe" /service (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - D:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
/legolas
__________________
A computer lets you make more mistakes faster than any invention in human history - with the possible exceptions of handguns and tequila.
legolas is offline  
Advertisements. Register and be a member of the community to get rid of them.
Advertisement

Old 29-07-2005, 06:30 PM   #2 (permalink)
Distinguished Member
 
anandk's Avatar
 
Join Date: Mar 2005
Location: Pune
Posts: 3,783
Default
infected with malaware. eg kargo.exe
download install update and run microsoft anti-spyware and adaware-or-spybot from www.download.com.
__________________
> www.TheWindowsClub.com <
= www.WinVistaClub.com =
Microsoft® MVP
anandk is offline  
 

Bookmarks

« Previous Thread | Next Thread »
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

 
Latest Threads
Indie bundles/deals
- by Krow
Urgent help required!
- by nikhilnayak
Max Payne 3
- by abhidev
Activision vs Jason West/Vince Zampella
- by cyborg47
Kingdom of Amalur: Reckoning discussion
- by vamsi_krishna
Samsung Green DDR3 8GB 1600MHz 30nm Review
- by topgear
Sniper Elite V2 discussion
- by 101gamzer
Must Watch Movies Recommended By Digitians
- by ~Phenom~
who wanna buy Galaxy s3?
- by clmlbx
Your Gaming Backlog/Progress Report!
- by Ethan_Hunt

Advertisement




All times are GMT +5.5. The time now is 07:02 AM.

Contact Us - Thinkdigit.com - Archive - Top

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2012, vBulletin Solutions, Inc.

Search Engine Optimization by vBSEO 3.3.2