Forum     

Go Back   Digit Technology Discussion Forum > Portables, Peripherals and Electronics > QnA (read only)
help yaarrrr............... help yaarrrr...............
Register FAQ Calendar Mark Forums Read

QnA (read only) Mods please help transfer the contents of this forum to proper sections. :)


 
 
LinkBack Thread Tools Search this Thread Display Modes
Old 08-07-2008, 09:36 PM   #1 (permalink)
.........Access Denied!!!
 
salilrane's Avatar
 
Join Date: Dec 2005
Location: Mumbai
Posts: 168
Default help yaarrrr...............

http://img28.zoomin.com/1215514836/239624434_v.jpg
i m getting this mesage

i scan for IE antivirus

but the scan showed nothing...

how to get rid of it ....

i m getting directed to this website
http://free-viruscan.com/id/4912933/4/1/


this is mine hijack log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:21:25 PM, on 7/8/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\PowerMenu\PowerMenu.exe
C:\Program Files\Intel\Intel(R) Active Monitor\imontray.exe
C:\WINDOWS\StartupMonitor.exe
C:\Program Files\SamsungODD\Magic Speed\MagicSL.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Cyberlink\Shared Files\brs.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
C:\Program Files\MagicDisc\MagicDisc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Cyberlink\Shared files\RichVideo.exe
C:\WINDOWS\system32\locator.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\Spyware Doctor\pctsGui.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
C:\WINDOWS\system32\vmnat.exe
C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe
C:\WINDOWS\system32\vmnetdhcp.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\regedit.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: XTTBPos00 - {E014A78F-34DC-4BE5-83BB-58CA12E384B6} - C:\WINDOWS\system32\wdol_bho.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O4 - HKLM\..\Run: [PowerMenu] "C:\Program Files\PowerMenu\PowerMenu.exe" -hideself on
O4 - HKLM\..\Run: [IMONTRAY] "C:\Program Files\Intel\Intel(R) Active Monitor\imontray.exe"
O4 - HKLM\..\Run: [Run StartupMonitor] StartupMonitor.exe
O4 - HKLM\..\Run: [MagicSpeed] "C:\Program Files\SamsungODD\Magic Speed\MagicSL.exe" /autorun
O4 - HKLM\..\Run: [SoundMAXPnP] "C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe"
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] "rundll32.exe" bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [BDRegion] "C:\Program Files\Cyberlink\Shared Files\brs.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [BtTray] "C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SRS Audio Sandbox] "C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe" /hideme
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Open using &Advanced JPEG Compressor - C:\Program Files\Advanced JPEG Compressor\ajcieex.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{2DBC70C2-962C-4B62-B014-8CCC0D919ED0}: NameServer = 203.94.227.70,203.94.243.70
O17 - HKLM\System\CCS\Services\Tcpip\..\{457D0D2D-0DB2-4B83-A51B-7F6D6AF98826}: NameServer = 59.185.0.50 203.94.243.70
O17 - HKLM\System\CS1\Services\Tcpip\..\{2DBC70C2-962C-4B62-B014-8CCC0D919ED0}: NameServer = 203.94.227.70,203.94.243.70
O17 - HKLM\System\CS2\Services\Tcpip\..\{2DBC70C2-962C-4B62-B014-8CCC0D919ED0}: NameServer = 203.94.227.70,203.94.243.70
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BlueSoleilCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
O23 - Service: BsHelpCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
O23 - Service: Intel(R) Active Monitor (imonNT) - Intel Corp. - C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe
O23 - Service: McAfee Real-time Scanner (McShield) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe (file missing)
O23 - Service: McAfee SystemGuards (McSysmon) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.8\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.0.51a\bin\mysqld-nt.exe

--
End of file - 11825 bytes
Attached Thumbnails
help yaarrrr...............-spy.jpg  
__________________
Core 2 Duo 2.53Ghz E7200|Asus P5K PL CM Intel G31/ICH7 Chipset 1333 FSB|Kingston DDR 2*1 GB /800 Mhz|Samsung 2033|Western Digital 250 GB+Samsung 80 GB|Samsung 20x SATA SH-203B|Custom Caby
Help ??
Last edited by salilrane; 08-07-2008 at 09:41 PM. Reason: added directed site
salilrane is offline  
Advertisements. Register and be a member of the community to get rid of them.
Advertisement

Old 08-07-2008, 11:20 PM   #2 (permalink)
Human Spambot
 
kumarmohit's Avatar
 
Join Date: May 2005
Location: Riding an Oliphaunt
Posts: 2,173
Default Re: help yaarrrr...............
Its spyware, run complete Adaware scan!

Here are the culprits

O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
E23E045} - (no file)
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
__________________
The real and only freedom is Public Domain. Everything else in unfree! Even those who claim to be the self styled evangelists of freedom are not free because freedom cannot be forced by any means!
kumarmohit is offline  
Old 09-07-2008, 08:33 AM   #3 (permalink)
.........Access Denied!!!
 
salilrane's Avatar
 
Join Date: Dec 2005
Location: Mumbai
Posts: 168
Default Re: help yaarrrr...............
Quote:
Originally Posted by kumarmohit View Post
Its spyware, run complete Adaware scan!

Here are the culprits

O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
E23E045} - (no file)
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)


are u sure these are culprits

its IE antivirus thts bugging me
__________________
Core 2 Duo 2.53Ghz E7200|Asus P5K PL CM Intel G31/ICH7 Chipset 1333 FSB|Kingston DDR 2*1 GB /800 Mhz|Samsung 2033|Western Digital 250 GB+Samsung 80 GB|Samsung 20x SATA SH-203B|Custom Caby
Help ??
salilrane is offline  
Old 09-07-2008, 11:53 AM   #4 (permalink)
Human Spambot
 
kumarmohit's Avatar
 
Join Date: May 2005
Location: Riding an Oliphaunt
Posts: 2,173
Default Re: help yaarrrr...............
Ask anyone about Megaupload toolbar!
__________________
The real and only freedom is Public Domain. Everything else in unfree! Even those who claim to be the self styled evangelists of freedom are not free because freedom cannot be forced by any means!
kumarmohit is offline  
Old 09-07-2008, 02:03 PM   #5 (permalink)
Broken In
 
Join Date: Jun 2004
Posts: 179
Default Re: help yaarrrr...............
Yes, Megaupload toolbar is definately a culprit
prabhatmohit is offline  
Old 09-07-2008, 02:42 PM   #6 (permalink)
.........Access Denied!!!
 
salilrane's Avatar
 
Join Date: Dec 2005
Location: Mumbai
Posts: 168
Default Re: help yaarrrr...............
i also posted this log on Vishals blog

he advised

^^ Fix following:

O2 - BHO: XTTBPos00 - {E014A78F-34DC-4BE5-83BB-58CA12E384B6} - C:\WINDOWS\system32\wdol_bho.dll


i followed now problem is solved

thnkxxx VG
__________________
Core 2 Duo 2.53Ghz E7200|Asus P5K PL CM Intel G31/ICH7 Chipset 1333 FSB|Kingston DDR 2*1 GB /800 Mhz|Samsung 2033|Western Digital 250 GB+Samsung 80 GB|Samsung 20x SATA SH-203B|Custom Caby
Help ??
salilrane is offline  
Old 09-07-2008, 04:12 PM   #7 (permalink)
Tech'ing life seriously!!
 
sude's Avatar
 
Join Date: Sep 2005
Location: Tech City - Bengaluru
Posts: 395
Default Re: help yaarrrr...............
its a spyware for SURE..

Goto www.spywareremove.com/removeIEAntivirus.html
for the method to eradicate it....

-SUDE
__________________
Hi! Any1 pursuing PG from SCDL (Symbiosis Distnce Learnin) frm Bangalore? If yes PM me. We cn form a study group (on weekends). Ths wil b mutually beneficial!
Rgds. SUDE | www.lifeethiquette.co.nr
sude is offline  
 

Bookmarks

« Previous Thread | Next Thread »
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

 
Latest Threads
Your Gaming Backlog/Progress Report!
- by Ethan_Hunt
National Telecom Policy 2012 Approved
- by ssk_the_gr8
who wanna buy Galaxy s3?
- by clmlbx
the FOOTBALL channel
- by Arsenal_Gunners
FAO Ice Cream Sanwich users
- by ico
Anonymous Strikes again!!
- by clinton
Language learners' discussion thread !! :D
- by icebags
Battlefield 3 Multiplayer Discussion
- by Charan
Should I buy Galaxy S2 now?
- by techlover
Diablo III Discussion
- by Gaurav Bhattacharjee

Advertisement




All times are GMT +5.5. The time now is 01:22 AM.

Contact Us - Thinkdigit.com - Archive - Top

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2012, vBulletin Solutions, Inc.

Search Engine Optimization by vBSEO 3.3.2