Infected By Trojan - Need help - Lavasoft Support Forums

Welcome Guest ( Log In | Register )

Lavasoft Support Forums > Archived Topics > Archives: Resolved/Inactive Topics > Resolved/Inactive HijackThis Logs

Infected By Trojan - Need help, Infected By Trojan - Need help

PremMeena View Member Profile	Aug 9 2010, 04:49 AM Post #1
Member Group: Members Posts: 27 Joined: 11-May 08 Member No.: 57,331	Hi, My wife's PC has been infected by a Trojan. I have followed the instructions step 1 thru 5. I however was not able to get teh GMER.log as the scan hangs up my machine everytime I tried it. I am herewith attaching and pasting the HJT log. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:51:38, on 24-07-2010 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18470) Boot mode: Normal Running processes: C:Windowssystem32Dwm.exe C:WindowsExplorer.EXE C:Windowssystem32taskeng.exe C:Program FilesDellTPadApoint.exe C:WindowsSystem32hkcmd.exe C:WindowsSystem32igfxpers.exe C:Program FilesCommon FilesJavaJava Updatejusched.exe C:Windowssystem32igfxsrvc.exe C:Program FilesGoogleGoogle Desktop SearchGoogleDesktop.exe C:Program FilesCyberLinkPowerDVD DXPDVDDXSrv.exe C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe C:UserssahanaAppDataRoamingGoogleGoogle Talkgoogletalk.exe C:Program FilesDellTPadApMsgFwd.exe C:Program FilesDellTPadHidFind.exe C:Program FilesDellTPadApntex.exe C:Program FilesSkypePhoneSkype.exe C:Program FilesIndiagames GoDGPlayer.exe C:Program FilesToshibaBluetooth Toshiba StackTosBtMng.exe C:Program FilesToshibaBluetooth Toshiba StackTosA2dp.exe C:Program FilesToshibaBluetooth Toshiba StackTosBtHid.exe C:Program FilesToshibaBluetooth Toshiba StackTosBtHsp.exe C:ProgramDataa81897bSMa818_302.exe C:Program FilesToshibaBluetooth Toshiba StackTosAVRC.exe C:Program FilesToshibaBluetooth Toshiba StacktosOBEX.exe C:Program FilesToshibaBluetooth Toshiba StackTosBtProc.exe C:Program FilesTrend MicroHijackThisHijackThis.exe C:Program FilesInternet Exploreriexplore.exe R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://in.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.cnn.com/ R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://in.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://in.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch = R1 - HKCUSoftwareMicrosoftInternet ExplorerSearchURL,(Default) = http://in.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Window Title = Internet Explorer provided by Dell R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:PROGRA~1Yahoo!CompanionInstallscpnyt.dll O1 - Hosts: ::1 localhost O1 - Hosts: ::1 localhost O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:PROGRA~1Yahoo!CompanionInstallscpnyt.dll O2 - BHO: ALOT Toolbar Helper - {14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6} - C:Program Filesalotbinalot.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:Program FilesGoogleGoogleToolbarNotifier5.5.5126.1836swg.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:Program FilesDellBAEBAE.dll O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program FilesJavajre6binjp2ssv.dll O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:PROGRA~1Yahoo!CompanionInstallscpnYTSingleInstance.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:PROGRA~1Yahoo!CompanionInstallscpnyt.dll O3 - Toolbar: ALOT Toolbar - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:Program Filesalotbinalot.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:Program FilesGoogleGoogle ToolbarGoogleToolbar_32.dll O4 - HKLM..Run: [Windows Defender] %ProgramFiles%Windows DefenderMSASCui.exe -hide O4 - HKLM..Run: [Apoint] C:Program FilesDellTPadApoint.exe O4 - HKLM..Run: [IgfxTray] C:Windowssystem32igfxtray.exe O4 - HKLM..Run: [HotKeysCmds] C:Windowssystem32hkcmd.exe O4 - HKLM..Run: [Persistence] C:Windowssystem32igfxpers.exe O4 - HKLM..Run: [SunJavaUpdateSched] "C:Program FilesCommon FilesJavaJava Updatejusched.exe" O4 - HKLM..Run: [ITSecMng] %ProgramFiles%TOSHIBABluetooth Toshiba StackItSecMng.exe /START O4 - HKLM..Run: [Google Desktop Search] "C:Program FilesGoogleGoogle Desktop SearchGoogleDesktop.exe" /startup O4 - HKLM..Run: [PDVDDXSrv] "C:Program FilesCyberLinkPowerDVD DXPDVDDXSrv.exe" O4 - HKCU..Run: [swg] "C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe" O4 - HKCU..Run: [googletalk] C:UserssahanaAppDataRoamingGoogleGoogle Talkgoogletalk.exe /autostart O4 - HKCU..Run: [Skype] "C:Program FilesSkypePhoneSkype.exe" /nosplash /minimized O4 - HKCU..Run: [Exetender] C:Program FilesIndiagames GoDGPlayer.exe /runonstartup O4 - HKCU..Run: [Security Master AV] "C:ProgramDataa81897bSMa818_302.exe" /s /d O4 - HKUSS-1-5-19..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUSS-1-5-19..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUSS-1-5-20..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Global Startup: Bluetooth Manager.lnk = ? O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:PROGRA~1MICROS~3OFFICE11EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:Program FilesGoogleGoogle ToolbarComponentGoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~3OFFICE11REFIEBAR.DLL O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL O20 - AppInit_DLLs: C:PROGRA~1GoogleGOOGLE~3GOEC62~1.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:Windowssystem32browseui.dll O23 - Service: Google Desktop Manager 5.9.909.30391 (GoogleDesktopManager-093009-130223) - Google - C:Program FilesGoogleGoogle Desktop SearchGoogleDesktop.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:Program FilesGoogleUpdateGoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:Program FilesCommon FilesSureThing Sharedstllssvr.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:Program FilesToshibaBluetooth Toshiba StackTosBtSrv.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:Windowssystem32DRIVERSxaudio.exe -- End of file - 7430 bytes Can you please tell me if I am missing any information? I have posted the HJT log but have not heard back from anyone. Please let me knowif I need to furnish further information. This post has been edited by visitor: Aug 11 2010, 04:02 AM Reason for edit: meged posts to keep 0 replies - please don't bump threads. Attached File(s) HJT.log ( 7.26k ) Number of downloads: 13

Posts in this topic

PremMeena Infected By Trojan - Need help Aug 9 2010, 04:49 AM

Blade81 Hi, Download DDS and save it to your desktop from... Aug 12 2010, 10:16 AM

PremMeena Thank you so much for your response. I really appr... Aug 13 2010, 02:27 AM

Blade81 Hi, Thanks for the logs. Please visit this webpa... Aug 13 2010, 06:27 AM

PremMeena RE: Infected By Trojan - Need help Aug 14 2010, 02:04 AM

Blade81 Hi again, Open notepad and copy/paste the text i... Aug 14 2010, 02:20 PM

PremMeena RE: Infected By Trojan - Need help Aug 15 2010, 11:55 PM

Blade81 Hi, Show hidden files ----------------- 1. Open F... Aug 16 2010, 06:13 AM

PremMeena Thank you so much. My computer is working fine now... Aug 18 2010, 03:23 PM

Blade81 Since this issue appears to be resolved ... this T... Aug 18 2010, 06:52 PM

« Next Oldest · Resolved/Inactive HijackThis Logs · Next Newest »

1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)

0 Members:

Display Mode: Switch to: Standard · Switch to: Linear+ · Outline

Track this topic · Email this topic · Print this topic · Subscribe to this forum

Lo-Fi Version

Time is now: 3rd September 2010 - 09:33 AM

Need Expert Help?

Get Ad-Aware Pro and

Get immediate support by chat or e-mail
Direct, in-product access to help 24/7
Enhance your protection against online threats

Premium Services

Get immediate help to solve your computer problems. Just sit back and relax, our security experts can help you.

Use of Lavasoft Premium Services constitutes an acceptance of SupportSpace Terms of Service & Privacy Policy