COVID-19
Holiday Gift Guide 2020
Shop By Price
Best gifts under $30 Best gifts under $50 Best gifts under $100 Best gifts under $250 Best gifts under $500
Top Categories
Phones Laptops Smart Home Headphones TVs and Streamers
More Guides
Gifts that Give Back Gifts for Telecommuters Holiday Thrive Guide Black Friday Deals Cyber Monday Deals
Best Cyber Monday deals still available: AirPods, Amazon Echo, laptops and more
PS5 restock update: Check inventory at GameStop, Best Buy, Walmart, Amazon and Target
Best Buy flash sale: You've got 12 hours to score deals on Fitbit Versa 3, Theragun, earbuds and more
All the best products
Award Winners Versus Best Headphones Best Laptops Best Phones Best TVs Best Speakers Best Routers Best Smart Home Best Tablets Best Digital Cameras Best Hard Drives Best AV Receivers Best Media Streamers Best iPhone Apps Best Coffee Machines Best Cash Back Credit Cards Best TV Streaming Services Best VPN Service Best Massage Guns Best Mattresses
All reviews
Appliances Audio Cameras Cars Desktops Drones Headphones Laptops Media Streamers Monitors Networking Phones 5G Phones Printers Smart Home Speakers Tablets TVs VPNs Wearables & VR Web Hosting
All news
5G Apple Computers Culture Games Google Internet Microsoft Mobile Sci-Tech Security Tech Industry
More
Newsletters Now What Photo Galleries Special Features Videos
All how to
5G Mobility Appliances Computers Gaming Home Entertainment Internet Mobile Apps Personal Finance Phones Photography Security Smart Home Streaming TV Tablets Wearable Tech Q&A Forums
All personal finance
Credit Cards Taxes Budgeting Investing
All health and wellness
Fitness Sleep Healthy Eating Caregiving Personal Care
All smart home
Best smart home devices Guide to smart living Voice-powered smart home News Tour our smart apartment Tour our smart house
Product compatibility
Amazon Alexa Apple HomeKit Belkin WeMo Google Assistant Lutron Nest Philips Hue Samsung SmartThings Wink
Roadshow
Reviews Video News Pictures Recalls AutoComplete Carfection Cooley On Cars Car Audio Electric Cars Auto Buying Program
Best cars
Best Affordable Cars Best Crossovers Best Electric Cars Best Family Cars Best Fuel-Efficient Cars Best Hybrids Best Sedans Best SUVs Best Trucks
All deals
The Cheapskate Antivirus Deals Identity Theft Protection Deals Mattress Deals Meal Kit Deals Password Manager Deals Pillow Deals Prescription Glasses Deals Tax Service Deals VPN Deals Web Hosting Deals
All coupons
Adidas Coupons AliExpress Coupons DoorDash Promo Codes eBay Coupons ExpressVPN Coupons Nike Coupons Office Depot Coupons Overstock Coupons Postmates Coupons Samsung Coupons Staples Coupons Verizon Promo Codes Vistaprint Coupons Walmart Coupons
5G
Editions
English Español France Germany Japan Korea
Settings
My Profile Forums Sign Out
Join / Sign In
  • Forums
  • Download.com Site Feedback

Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

HIJACK THIS LOG

by sumanth2011 Jan 31, 2011 3:06PM PST

THIS IS MY HIJACK THIS LOG....COMP INFECTED WITH SURABAYA VIRUS, NOT ABLE 2 EXECUTE ANTIVIRUS FILES, TASK MGR, CMD, REEDIT, MSCONFIG DISABLED


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:21:08 PM, on 2/1/2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscript.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\chrome.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Startup.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\Explorer.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\winsjte.exe
C:\Documents and Settings\Administrator\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://h1.ripway.com/poojasharma/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://h1.ripway.com/poojasharma/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://h1.ripway.com/poojasharma/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://h1.ripway.com/poojasharma/index.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://h1.ripway.com/poojasharma/index.html
F2 - REG:system.ini: Shell=Explorer.exe chrome.exe
O1 - Hosts: 74.125.45.100 4-open-davinci.com
O1 - Hosts: 74.125.45.100 securitysoftwarepayments.com
O1 - Hosts: 74.125.45.100 privatesecuredpayments.com
O1 - Hosts: 74.125.45.100 secure.privatesecuredpayments.com
O1 - Hosts: 74.125.45.100 getantivirusplusnow.com
O1 - Hosts: 74.125.45.100 secure-plus-payments.com
O1 - Hosts: 74.125.45.100 www.getantivirusplusnow.com
O1 - Hosts: 74.125.45.100 www.secure-plus-payments.com
O1 - Hosts: 74.125.45.100 www.getavplusnow.com
O1 - Hosts: 74.125.45.100 safebrowsing-cache.google.com
O1 - Hosts: 74.125.45.100 urs.microsoft.com
O1 - Hosts: 74.125.45.100 www.securesoftwarebill.com
O1 - Hosts: 74.125.45.100 secure.paysecuresystem.com
O1 - Hosts: 74.125.45.100 paysoftbillsolution.com
O1 - Hosts: 74.125.45.100 protected.maxisoftwaremart.com
O1 - Hosts: 173.232.149.92 www.google.com
O1 - Hosts: 173.232.149.92 google.com
O1 - Hosts: 173.232.149.92 google.com.au
O1 - Hosts: 173.232.149.92 www.google.com.au
O1 - Hosts: 173.232.149.92 google.be
O1 - Hosts: 173.232.149.92 www.google.be
O1 - Hosts: 173.232.149.92 google.com.br
O1 - Hosts: 173.232.149.92 www.google.com.br
O1 - Hosts: 173.232.149.92 google.ca
O1 - Hosts: 173.232.149.92 www.google.ca
O1 - Hosts: 173.232.149.92 google.ch
O1 - Hosts: 173.232.149.92 www.google.ch
O1 - Hosts: 173.232.149.92 google.de
O1 - Hosts: 173.232.149.92 www.google.de
O1 - Hosts: 173.232.149.92 google.dk
O1 - Hosts: 173.232.149.92 www.google.dk
O1 - Hosts: 173.232.149.92 google.fr
O1 - Hosts: 173.232.149.92 www.google.fr
O1 - Hosts: 173.232.149.92 google.ie
O1 - Hosts: 173.232.149.92 www.google.ie
O1 - Hosts: 173.232.149.92 google.it
O1 - Hosts: 173.232.149.92 www.google.it
O1 - Hosts: 173.232.149.92 google.co.jp
O1 - Hosts: 173.232.149.92 www.google.co.jp
O1 - Hosts: 173.232.149.92 google.nl
O1 - Hosts: 173.232.149.92 www.google.nl
O1 - Hosts: 173.232.149.92 google.no
O1 - Hosts: 173.232.149.92 www.google.no
O1 - Hosts: 173.232.149.92 google.co.nz
O1 - Hosts: 173.232.149.92 www.google.co.nz
O1 - Hosts: 173.232.149.92 google.pl
O1 - Hosts: 173.232.149.92 www.google.pl
O1 - Hosts: 173.232.149.92 google.se
O1 - Hosts: 173.232.149.92 www.google.se
O1 - Hosts: 173.232.149.92 google.co.uk
O1 - Hosts: 173.232.149.92 www.google.co.uk
O1 - Hosts: 173.232.149.92 google.co.za
O1 - Hosts: 173.232.149.92 www.google.co.za
O1 - Hosts: 173.232.149.92 www.google-analytics.com
O1 - Hosts: 173.232.149.92 www.bing.com
O1 - Hosts: 173.232.149.92 search.yahoo.com
O1 - Hosts: 173.232.149.92 www.search.yahoo.com
O1 - Hosts: 173.232.149.92 uk.search.yahoo.com
O1 - Hosts: 173.232.149.92 ca.search.yahoo.com
O1 - Hosts: 173.232.149.92 de.search.yahoo.com
O1 - Hosts: 173.232.149.92 fr.search.yahoo.com
O1 - Hosts: 173.232.149.92 au.search.yahoo.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [My Security Engine] "C:\Documents and Settings\All Users\Application Data\42df039\MS42df.exe" /s /d
O4 - HKCU\..\Run: [WordWeb] "C:\Program Files\WordWeb\wweb32.exe" -startup
O4 - HKCU\..\Run: [Yahoo Messengger] C:\WINDOWS\system32\chrome.exe
O4 - HKLM\..\Policies\Explorer\Run: [SysDll11] wscript.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\stop-virus.vbs
O4 - .DEFAULT User Startup: Startup.exe (User 'Default user')
O4 - Startup: Adobe Online.com
O4 - Startup: Adobe update.com
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: Startup.exe
O4 - Global Startup: Startup.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1261043470203
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1261043441046
O17 - HKLM\System\CCS\Services\Tcpip\..\{43EDF376-37A4-4E5E-A194-6BE1780DC56B}: NameServer = 218.248.255.147 218.248.255.146
O17 - HKLM\System\CCS\Services\Tcpip\..\{5B4EA04C-F17F-4822-9A66-23E748CC30EB}: NameServer = 119.82.116.34,203.122.63.154
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (file missing)
O20 - Winlogon Notify: cryptnet32 - cryptnet32.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O24 - Desktop Component 0: (no name) - http://www.kritya.in/common_images/en/index_en_01.gif
O24 - Desktop Component 1: (no name) - http://www.agilearchitect.org/images/architectural%20roles.gif

--
End of file - 9701 bytes

Discussion is locked

1 Posts
- Collapse + Expand Details
- Collapse -
Sorry.
by MarkFlax Forum moderator Jan 31, 2011 9:01PM PST

Sorry but we don't do HJT logs in these forums. Have a look at the sticky post here for more information;
http://forums.cnet.com/7723-6132_102-255339.html?tag=threadListing;forum-threads

That post will help you choose an alternative HJT Analyser forum where you can post your updated HJT log.

Good luck.

Mark

Back to Download.com Site Feedback forum

CNET Forums

Operating Systems
  • Windows 10
  • Windows 8
  • Windows 7
  • Windows Vista
  • Windows Legacy OS
  • Mac OS
  • Linux
  • Chrome OS
  • Android
Software
  • PC Applications
  • Mac Applications
  • Mobile Applications
  • Spyware, Viruses, & Security
  • Office & Productivity Software
  • Audio & Video Software
  • Photo Editing & Graphic Design
  • Browsers, E-mail, & Web Apps
Electronics & Gadgets
  • Cameras
  • Video Cameras
  • TVs & Home Theaters
  • HDTV Picture Setting
  • Smart Home & Appliances
  • Video Games & Consoles
Hardware
  • Desktops
  • Mac Desktops
  • Laptops
  • MacBooks
  • PC Hardware
  • Mac Hardware
  • Storage
  • Networking & Wireless
  • Peripherals
Tablets & Mobile Devices
  • Phones
  • Tablets
  • iPhones, iPods, & iPads
  • E-readers
  • Headphones & Mp3 Players
  • Wearable Tech
General Help
  • Computer Help
  • Computer Newbies
  • How To
  • Web Hosting, Design, & Coding
  • Internet Service Providers
  • Small business & Startups
Brand Forums
  • Avast & AVG
  • Dell
  • HP
  • LG
  • Samsung
  • Sony
Roadshow Autos
  • Car Buying Tips - Roadshow
  • Car Parts, Gadgets, & How-to's - Roadshow
  • Car News, Rumors, & Concepts - Roadshow
  • Auto Repair - Roadshow
  • Community Garage - Roadshow
Off Topic
  • The CNET Lounge
  • Speakeasy
  • Download.com Site Feedback
  • Tech Deals
  • Forum Feedback & Announcements
  • Test

Other Forums

Chowhound
Comic Vine
GameFAQs
GameSpot
Giant Bomb
TechRepublic

Forum Info

  • Real-Time Activity
  • Resolved Questions
  • My Tracked Discussions
  • FAQs
  • Policies
  • Moderators
English | Español
MORE FROM CNET
Upgrade to Windows 10 for free right now
The best games on Nintendo Switch
The best Wi-Fi routers of 2020
Windows 10 tips and tricks
The best VPN service for 2020
About
About CNET
Newsletter
Sitemap
Careers
Help Center
Licensing
Policies
Privacy Policy
Terms of Use
Cookie Settings
Do Not Sell My Information
Get the CNET app
App Store
|
Google Play
Follow
© 2020 CNET, A RED VENTURES COMPANY. ALL RIGHTS RESERVED.