home hardware prices news articles forums photos user reviews
Go Back   Tech Support Forums - TechIMO.com > PC Hardware and Tech > Technical Support
Trojan horse SecThought.E Trojan horse SecThought.E
Ask a Tech Support Question (free)!

Trojan horse SecThought.E

Reply
Get bargains at  »  Dealighted.com
 
Thread Tools Search this Thread
Currently Active Users: 2075
Discussions: 200,959, Posts: 2,379,530, Members: 246,329
Old October 15th, 2004, 04:07 PM   Digg it!   #1 (permalink)
Junior Member
 
Join Date: Sep 2004
Posts: 3
Cool
Trojan horse SecThought.E
So I got this virus, and I need help with my hijackthis log. Thanks!


Code:
Logfile of HijackThis v1.98.2
Scan saved at 3:04:35 PM, on 10/15/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
C:\MATLAB6p1\webserver\bin\win32\matlabserver.exe
C:\WINDOWS\System32\QCONSVC.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ThinkPad\UTILIT~1\TP98TRAY.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exe
C:\WINDOWS\System32\hphmon03.exe
C:\Program Files\Grisoft\AVG6\avgcc32.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Winamp3\winampa.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\IMWEBSTA.EXE
C:\WINDOWS\system32\RUNDLL32.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\MIT\Kerberos\bin\leash32.exe
C:\Program Files\MIT\Kerberos\bin\krbcc32s.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\AIM95\aim.exe
C:\DOCUME~1\Bethany\LOCALS~1\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cmu.edu/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R3 - URLSearchHook: (no name) - {87766247-311C-43B4-8499-3D5FEC94A183} - (no file)
O2 - BHO: (no name) - {00041A26-7033-432C-94C7-6371DE343822} - (no file)
O2 - BHO: (no name) - {87766247-311C-43B4-8499-3D5FEC94A183} - (no file)
O3 - Toolbar: GuardBar - {7F4D8DE6-AC92-4A13-9DE9-F360736F2464} - C:\Program Files\GuardBar\GuardBar.dll
O4 - HKLM\..\Run: [TPTRAY] C:\PROGRA~1\ThinkPad\UTILIT~1\TP98TRAY.EXE
O4 - HKLM\..\Run: [BMMGAG] RunDll32 C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll,StartPwrMonitor
O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [HPHmon03] C:\WINDOWS\System32\hphmon03.exe
O4 - HKLM\..\Run: [PlatformAxisWaveBows] C:\Documents and Settings\All Users\Application Data\Bind Chin Platform Axis\clockinside.exe
O4 - HKLM\..\Run: [376T3Eg] loanec.exe
O4 - HKLM\..\Run: [AVG_CC] C:\Program Files\Grisoft\AVG6\avgcc32.exe /startup
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [WindowEnhancer] "C:\Program Files\winex\v2\winex.EXE" /U
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp3\winampa.exe"
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Tgcmd] "C:\Program Files\Support.com\bin\tgcmd.exe /server"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.5.0\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [IMWEBSTA.EXE] IMWEBSTA.EXE START
O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaEngineMain
O4 - HKCU\..\Run: [Uahe] C:\Documents and Settings\Bethany\Application Data\autp.exe
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Leash Ticket Manager.lnk = C:\Program Files\MIT\Kerberos\bin\leash32.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: ORiNOCO Client Manager.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: AdsGone - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\AdsGone\adsgone (file missing)
O9 - Extra 'Tools' menuitem: &AdsGone Settings - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Program Files\AdsGone\adsgone (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yaho.../yinst0401.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/...eInstaller.exe
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/07471445c5b9107...p/RdxIE601.cab
O16 - DPF: {5D9E4B6D-CD17-4D85-99D4-6A52B394EC3B} (WSDownloader Control) - http://www.webshots.com/samplers/WSDownloader.ocx
O16 - DPF: {65E7DB1D-0101-4100-BD66-C5C78C917F93} (WTDMMPVersion Class) - http://install.wildtangent.com/bgn/p...im/install.cab
O16 - DPF: {6BC013D0-77D9-11D5-AB95-0050DA664D35} (Yodlee Assistant) - https://myaccounts.nationalcity.com/.../Yodelizer.cab
O16 - DPF: {6F6DBC29-7A0C-4AC0-A42D-10EC70678526} (Word Cubes Control) - http://mirror.worldwinner.com/games/...e/wordcube.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {9FC5238F-12C4-454F-B1B5-74599A21DE47} (Webshots Photo Uploader) - http://community.webshots.com/html/WSPhotoUploader.CAB
O16 - DPF: {A031D222-B496-11D2-9CC8-00105A10AAF6} (WONWebLauncher Class) - http://www.flipside.com/cab/WONWebLauncherControl.cab
O16 - DPF: {B06CE1BC-5D9D-4676-BD28-1752DBF394E0} (Hangman Control) - http://mirror.worldwinner.com/games/...an/hangman.cab
O16 - DPF: {BA94245D-2AA0-4953-9D9F-B0EE4CC02C43} (Tilecity Control) - http://mirror.worldwinner.com/games/...y/tilecity.cab
O16 - DPF: {DDFFA75A-E81D-4454-89FC-B9FD0631E726} - http://www.bundleware.com/activeX/DS3/DS3.cab
O16 - DPF: {EDFCDAF5-95D9-40E9-BBE6-10C33190C3EF} (cGameControl Class) - http://www.zone.msn.com/bingame/rmcb...RumbleCube.cab
bethe24 is offline   Reply With Quote
Old October 15th, 2004, 04:36 PM     #2 (permalink)
Member
 
Join Date: Oct 2003
Location: IN the COMPUTER?
Posts: 150
Send a message via AIM to CNU182
just a thought
go to start-run-msconfig
click the startup tab and hit diable all
restart

disable system restore
rescan for viri (make sure you're up to date)
scan for spyware (adaware/spybot) make sure youre updated

if that doesnt work repeat steps in safe mode
Last edited by CNU182 : October 15th, 2004 at 04:41 PM.
CNU182 is offline   Reply With Quote
Reply
Thread Tools Search this Thread
Search this Thread:

Advanced Search

Similar Threads
Thread Thread Starter Forum Replies Last Post
99% CPU using, why? Naz General Tech Discussion 14 August 1st, 2004 08:41 AM
Trojan Horse Viruses Jeff_Gordon_24 Technical Support 3 June 13th, 2004 01:32 AM
problem in windows xp jwhairybob Applications and Operating Systems 12 March 28th, 2004 11:43 AM
think i have a virus... s2cmpugh General Tech Discussion 19 December 15th, 2003 11:57 AM
Trojan horse virus? ComputrMotorcycl Security and Privacy Issues 7 February 8th, 2003 11:30 PM


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Most Active Discussions
Is It Just Me? (2969)
The disrespect of Obama by Russian .. (42)
Making Health Care Worse (179)
Wireless Televisions. (12)
CPU fan stops spinning randomly (9)
Regular Build (11)
windows 7 problem (7)
Laptop with wireless problem. (5)
windows vista security holes (13)
Print spooler problem (16)
Is the PSU I received dead? (12)
radeon x850xt platinum & shader.. (6)
HIS HD5770 graphic card question (15)
Install XP pro and a Vista laptop ?.. (11)
Recent Discussions
Print spooler problem (16)
Nvidia GTX 260 problem (0)
windows vista security holes (13)
Kingston Bluetooth Dongle Driver (1)
Multiple Restarts Required at Boot (3)
Open With ..... Win7 (1)
webcam (0)
upgrade for hp a6101 (0)
Laptop with wireless problem. (5)
Modern Warfare 2: Who Bought It? (64)
tv not turn on-makes clicking sound (2)
CPU fan stops spinning randomly (9)
EVGA 9800 gtx help with finding a goo.. (11)
Regular Build (11)
Help with onclick and buttons (0)
Virus advise (8)
My monitor won't turn on after instal.. (1)
Internet Lost (3)
Dept. of HS: NSA 'Helped' Develop Vis.. (16)
Point and Shoot Camera Suggestions. (4)
Ideal cheap graph card for PC-Gaming? (18)
radeon x850xt platinum & shader 3 (6)
Graphics Card Upgrade Question (4)
For Sale BFG GTX285 OC2 with 10 year .. (3)
How to convert MP3's (4)


All times are GMT -4. The time now is 09:51 AM.
TechIMO Copyright 2009 All Enthusiast, Inc.

Contact Us - Tech Support Forums - TechIMO.com - Archive - Privacy Statement - Terms of Use -
Coupons and Deals and Dealighted - Store Ratings, Avoid Scam Businesses - Geek News - Tech News for the Geek In You- Web Business Blog - Top


1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28