COVID-19
CES 2021 FULL COVERAGE
The Latest New Products Must-See
Harman's automotive experience concepts are a glimpse into the future
JLab unveils $49 alternative to Bose Frames audio sunglasses
All the best products
Award Winners Versus Best Headphones Best Laptops Best Phones Best TVs Best Speakers Best Routers Best Smart Home Best Tablets Best Digital Cameras Best Hard Drives Best AV Receivers Best Media Streamers Best iPhone Apps Best Coffee Machines Best Cash Back Credit Cards Best TV Streaming Services Best VPN Service Best Massage Guns Best Mattresses
All reviews
Appliances Audio Cameras Cars Desktops Drones Headphones Laptops Media Streamers Monitors Networking Phones 5G Phones Printers Smart Home Speakers Tablets TVs VPNs Wearables & VR Web Hosting
All news
5G Apple Computers Culture Games Google Internet Microsoft Mobile Sci-Tech Security Tech Industry
More
Newsletters Now What Photo Galleries Special Features Videos
All how to
5G Mobility Appliances Computers Gaming Home Entertainment Internet Mobile Apps Personal Finance Phones Photography Security Smart Home Streaming TV Tablets Wearable Tech Q&A Forums
All personal finance
Credit Cards Taxes Budgeting Investing
All health and wellness
Fitness Sleep Healthy Eating Caregiving Personal Care
All smart home
Best smart home devices Guide to smart living Voice-powered smart home News Tour our smart apartment Tour our smart house
Product compatibility
Amazon Alexa Apple HomeKit Belkin WeMo Google Assistant Lutron Nest Philips Hue Samsung SmartThings Wink
Roadshow
Reviews Video News Pictures Recalls AutoComplete Carfection Cooley On Cars Car Audio Electric Cars Auto Buying Program
Best cars
Best Affordable Cars Best Crossovers Best Electric Cars Best Family Cars Best Fuel-Efficient Cars Best Hybrids Best Sedans Best SUVs Best Trucks
All deals
The Cheapskate Antivirus Deals Identity Theft Protection Deals Mattress Deals Meal Kit Deals Password Manager Deals Pillow Deals Prescription Glasses Deals Tax Service Deals VPN Deals Web Hosting Deals
All coupons
Adidas Coupons AliExpress Coupons DoorDash Promo Codes eBay Coupons ExpressVPN Coupons Nike Coupons Office Depot Coupons Overstock Coupons Postmates Coupons Samsung Coupons Staples Coupons Verizon Promo Codes Vistaprint Coupons Walmart Coupons
5G
Editions
English France Germany Japan Korea
Settings
My Profile Forums Sign Out
Join / Sign In
  • Forums
  • Computer Help

Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

Question

Could someone translate this log?

by aleggmds May 4, 2015 4:12AM PDT

Lately, my computer (Acer aspire 4752 ; Windows 7) seems to have conections issues. Very often my computer disconnects the internet network and its not able to connect again untill I restart the computer. I am sure the problem is not on my router because others computers are connect and they don't have this problem.

I've run HiJackthis and got this log, could someone tell me what is wrong?


--
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 14:56:39, on 04/05/2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17631)
CHROME: 42.0.2311.135
FIREFOX: 34.0.5 (x86 pt-BR)
Boot mode: Normal

Running processes:
C:\PROGRA~2\GbPlugin\GbpSv.exe
C:\Users\BLACKHOLE\AppData\Local\Akamai\netsession_win.exe
C:\Users\BLACKHOLE\AppData\Local\Akamai\netsession_win.exe
C:\Users\BLACKHOLE\AppData\Roaming\DesktopCal\desktopcal.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Users\BLACKHOLE\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\BLACKHOLE\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\BLACKHOLE\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\BLACKHOLE\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\BLACKHOLE\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\BLACKHOLE\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\BLACKHOLE\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\BLACKHOLE\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\BLACKHOLE\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll
O3 - Toolbar: Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\BLACKHOLE\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\BLACKHOLE\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [Bitdefender Wallet Agent] "C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files (x86)\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [CCleaner] "C:\Program Files (x86)\CCleaner\CCleaner64.exe" /AUTO
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [DesktopCal] C:\Users\BLACKHOLE\AppData\Roaming\DesktopCal\desktopcal.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SISTEMA')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: Monitorar alertas de tinta - HP Deskjet 1510 series.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.aeriagames.com
O15 - Trusted Zone: www.bancobrasil.com.br
O15 - Trusted Zone: www14.bancobrasil.com.br
O15 - Trusted Zone: www2.bancobrasil.com.br
O15 - Trusted Zone: www.bb.com.br
O15 - Trusted Zone: http://www.bb.com.br
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: GbPluginBb - C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Bitdefender Desktop Parental Control (BdDesktopParental) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: RemoteServerWin - Unified Intents AB - C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: SafeBox - Bitdefender - C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Bitdefender Desktop Update Service (UPDATESRV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: Bitdefender Virus Shield (VSSERV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
O23 - Service: Warsaw Technology - GAS Tecnologia LTDA - C:\Program Files\Diebold\Warsaw\core.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10391 bytes

Discussion is locked

1 Posts
- Collapse + Expand Details
- Collapse -
Answer
To me it looks like the old Trojan Banker infection.
by r. proffitt Former Forum moderator May 4, 2015 4:57AM PDT
http://www.symantec.com/security_response/writeup.jsp?docid=2011-052405-0550-99&tabid=2

There are more but this machine definitely looks infected. Given the nature of this infection I'd consider a wipe of the drive.
Bob
Back to Computer Help forum

CNET Forums

Operating Systems
  • Windows 10
  • Windows 8
  • Windows 7
  • Windows Vista
  • Windows Legacy OS
  • Mac OS
  • Linux
  • Chrome OS
  • Android
Software
  • PC Applications
  • Mac Applications
  • Mobile Applications
  • Spyware, Viruses, & Security
  • Office & Productivity Software
  • Audio & Video Software
  • Photo Editing & Graphic Design
  • Browsers, E-mail, & Web Apps
Electronics & Gadgets
  • Cameras
  • Video Cameras
  • TVs & Home Theaters
  • HDTV Picture Setting
  • Smart Home & Appliances
  • Video Games & Consoles
Hardware
  • Desktops
  • Mac Desktops
  • Laptops
  • MacBooks
  • PC Hardware
  • Mac Hardware
  • Storage
  • Networking & Wireless
  • Peripherals
Tablets & Mobile Devices
  • Phones
  • Tablets
  • iPhones, iPods, & iPads
  • E-readers
  • Headphones & Mp3 Players
  • Wearable Tech
General Help
  • Computer Help
  • Computer Newbies
  • How To
  • Web Hosting, Design, & Coding
  • Internet Service Providers
  • Small business & Startups
Brand Forums
  • Avast & AVG
  • Dell
  • HP
  • LG
  • Samsung
  • Sony
Roadshow Autos
  • Car Buying Tips - Roadshow
  • Car Parts, Gadgets, & How-to's - Roadshow
  • Car News, Rumors, & Concepts - Roadshow
  • Auto Repair - Roadshow
  • Community Garage - Roadshow
Off Topic
  • The CNET Lounge
  • Speakeasy
  • Download.com Site Feedback
  • Tech Deals
  • Forum Feedback & Announcements
  • Test

Other Forums

Chowhound
Comic Vine
GameFAQs
GameSpot
Giant Bomb
TechRepublic

Forum Info

  • Real-Time Activity
  • Resolved Questions
  • My Tracked Discussions
  • FAQs
  • Policies
  • Moderators
MORE FROM CNET
Stimulus check updates
Upgrade to Windows 10 for free right now
Best VPN service of 2021
The best Wi-Fi routers for 2021
Windows 10 tips and tricks
About
About CNET
Newsletter
Sitemap
Careers
Help Center
Licensing
Policies
Privacy Policy
Terms of Use
Cookie Settings
Do Not Sell My Information
Follow
© 2021 CNET, A RED VENTURES COMPANY. ALL RIGHTS RESERVED.