Question:
Am I infected (includes Hijack This Log)?
?
2010-02-24 03:40:22 UTC
I use Eset Nod32 and Spybot S&D, none of them alerted me. I am currently scanning my system.
The problem i have is that my internet speed has gone down to a 3rd of it's normal, and that usually is a sign of keyloggers/something sending my info.

The only suspectible site that i have visited for a while is Runegen.info, but I did not accept any certificates or anything, and my av should have stopped any malware (?)

Here is my Hijack This log:
Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 12:36:53, on 2010-02-24
Platform: Unknown Windows (WinNT 6.01.3004)
MSIE: Internet Explorer v8.00 (8.00.7100.0000)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Gadwin Systems\PrintScreenPro\PrintScreenPro.exe
C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe
C:\Program Files (x86)\LG Soft India\forteManager\bin\Monitor.exe
C:\Program Files (x86)\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files (x86)\SteelSeries\World of Warcraft MMO Gaming Mouse\WoWMHID.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe
C:\Program Files (x86)\Voddler\service\VNetManager.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe
C:\Program Files (x86)\SteelSeries\World of Warcraft MMO Gaming Mouse\WoWMTray.exe
C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Skype\Toolbars\Shared\SkypeNames.exe
C:\Program Files (x86)\TrendMicro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: SHOUTcast Toolbar Search Class - {14f0d511-36a2-41ca-ae01-ba4f87282c97} - C:\Program Files (x86)\SHOUTcast Radio Toolbar\shoutcasttb.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: QFX Software KeyScrambler - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files (x86)\KeyScrambler\KeyScramblerIE.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~2\AVG\AVG8\AVGTOO~1.DLL (file missing)
O2 - BHO: SHOUTcast Loader - {ccec60fc-2608-4e58-9659-3ffc159e8ea9} - C:\Program Files (x86)\SHOUTcast Radio Toolbar\shoutcasttb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~2\AVG\AVG8\AVGTOO~1.DLL (file missing)
O3 - Toolbar: SHOUTcast Radio Toolbar - {0457331d-8ca6-4f97-9c26-6a9ef2b2dba8} - C:\Program Files (x86)\SHOUTcast Radio Toolbar\shoutcasttb.dll
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files (x86)\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\
Five answers:
Sly_Old_Mole
2010-02-24 05:52:36 UTC
what a mess - email me.

you use Eset Nod32 - good AV what the hell have you got AVG on there for ? you can only run one AV.

would like to see full log.

& why so many toolbars ?
?
2016-08-29 00:37:24 UTC
2
?
2016-05-31 08:54:14 UTC
You don't need a new computer just because you have a virus. Just back up any important data to a CD/DVD/Flash drive, or external hard drive. Insert your windows cd and reboot your computer. Follow the steps on the screen. If you are using vista, opt for formatting the C drive before restoring the OS. For xp just tell it to do a full restore and it will format. Just be aware that the computer will be in the condition it was new. Anything you have installed after factory will need to be reinstalled. Possibly including some driver software that controls your hardware. It's a good idea to back up your driver files before starting the restore in case you don't have a manufactures driver disc. The most important driver being the LAN. If you don't have that, you don't have internet and can't download updates or find other drivers that may have slipped by you. I agree with helpme32. Kaspersky Internet Security is the best I've used. Trend Micro Internet Suite is good too. Just don't use more than one virus program. It can cause conflicts and you end up with no protection. Either use an anti virus and a separate anti spyware program such as Trend Micro Anti Virus with Spysweeper, or Kaspersky Internet Security, which has both antivirus and anti spyware, plus a better firewall then what is built into windows.
2010-02-24 03:44:07 UTC
You bought the WoW gaming mouse? That thing is absolutely TERRIBLE.... if it's not too late, you should return it and get a real gaming mouse.



Anyway, I don't see anything that looks like a virus.
2010-02-24 03:46:45 UTC
use www.anitvir.com or just reboot your computer i mean reboot as in to wipe it clean and start over again...... .....oh and use www.threatfire.com. if non of these applications don't work wipe everything clean and start new...hope i helped...............................


This content was originally posted on Y! Answers, a Q&A website that shut down in 2021.
Loading...