Amor

Members
  • Content count

    10
  • Joined

  • Last visited

Community Reputation

0 Neutral

About Amor

  • Rank
    Newbie

Contact Methods

  • ICQ
    0
  1. The Hijack This log ------------------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:29:19 AM, on 12/28/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe D:\Program Files\BitDefender 2009\vsserv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\carpserv.exe D:\Program Files\BitDefender 2009\bdagent.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe D:\Program Files\Google Calendar Sync\GoogleCalendarSync.exe D:\Program Files\Hotspot Shield\bin\openvpnas.exe D:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe D:\Program Files\BitDefender 2009\seccenter.exe C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE C:\PROGRA~1\MICROS~2\Office12\OUTLOOK.EXE C:\PROGRA~1\MICROS~2\Office12\OUTLOOK.EXE C:\PROGRA~1\MICROS~2\Office12\OUTLOOK.EXE C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE C:\WINDOWS\system32\wuauclt.exe D:\Program Files\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.themoscowtimes.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - D:\Program Files\Hotspot Shield\hssie\HssIE.dll O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - D:\Program Files\BitDefender 2009\IEToolbar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [CARPService] carpserv.exe O4 - HKLM\..\Run: [bDAgent] "D:\Program Files\BitDefender 2009\bdagent.exe" O4 - HKLM\..\Run: [bitDefender Antiphishing Helper] "D:\Program Files\BitDefender 2009\IEShow.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: Launch Internet Explorer Browser.lnk = C:\Program Files\Internet Explorer\iexplore.exe O4 - Startup: Mozilla Firefox.lnk = D:\Program Files\firefox.exe O4 - Startup: STREAM.lnk = ? O4 - Global Startup: Google Calendar Sync.lnk = D:\Program Files\Google Calendar Sync\GoogleCalendarSync.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_5F1A57F0B9B89E2E.dll/cmsidewiki.html O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1260938856913 O16 - DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} (VodClient Control Class) - http://vexcast.com/download/vexcast.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{2029C8D4-C8B7-46FA-96BA-AB6D6105020F}: NameServer = 212.188.4.10,195.34.32.116 O17 - HKLM\System\CCS\Services\Tcpip\..\{2B07F3AE-0325-46DD-89ED-73200BA7D76F}: NameServer = 195.34.32.116 212.188.4.10 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O23 - Service: BitDefender Arrakis Server (Arrakis3) - Unknown owner - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - D:\Program Files\Hotspot Shield\bin\openvpnas.exe O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - D:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - D:\Program Files\Hotspot Shield\bin\HssTrayService.EXE O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - D:\Program Files\BitDefender 2009\vsserv.exe -- End of file - 7069 bytes
  2. Hi Guys, Please find below the active threats after the BD deep scan. I had turned on the show all hidden files, hidden files extension option on before the scan. Remaining issues: Object Name Threat Name Final Status [system]=]C:\Documents and Settings\Amor\Cookies\amor@msnportal.112.2o7[1].txt Cookie.2o7 Delete Failed (file was in an archive) [system]=]C:\Documents and Settings\Amor\Cookies\amor@clicks.adengage[2].txt Cookie.Engage Delete Failed (file was in an archive) [system]=]\\.\70.103.101.103\aekgoprn.dll [1048] (memory dump) Trojan.Generic.2898141 Delete Failed (file was in an archive) [system]=]\\.\70.103.101.103\aekgoprn.dll [1048] (full dump) Trojan.Generic.2898141 Delete Failed (file was in an archive) tried finding the above threats in the cookies folder( still not sure, if those two are a threat?), but can't locate them, the rest two - the Main threat - Trojan generic, have no clue where to find 'em , Plz help!! Many thanks in advance, look forward to your swift and kind help
  3. Hey Sypderman, I had the same prob some time ago. Just do the following Open My computer - Tools - Folder options - Check ( put the dot) the box - 1) Show Hidden Files and Folders 2) " Uncheck " the boxes - a) Hide Extension for know File types -- Hide protected system files the d*n virus in your comp has got into your hidden files aka operating system files, thaz y the BD scan can't scan it as its hidden. Now do a DEEP Scan with the bar set on high, set (tick) all options in custom settings box ( scan all archives, etc) especially don't forget to tick the Box -- Open archives - Do through scan ( Custom settings) After the scan , it should be fine. Even then if BD is not able to delete or disinfect the infected fies, just go the location of the file ( you can see the infected files log after the scan ) and manually delete it. I too learnt it the hard way and hope this helps you . Cheers, do let know if this worked it surely should
  4. Hi Alex and friends, The only thing that works is uninstalling BD '10 or to use it by turning off the Anti Virus mode ( which is too dangerous). I turned back to BD '09 , it works smooth like an AK - 47 lol. hope the BD '10 loopholes get covered soon. cheers.
  5. Hi Alex, Like i already posted, i tried doing the same, when i "TURN OFF " the Anti Virus Mode - Internet works fine as usual, as soon i start the Anti Virus Mode, It just stops , all browsers - IE , Firefox, Chrome. Is there any update to correct this, I am back on BD 2009, so far no similar problems with BD '09. Hope U guys find solutions to these errors, its really frustrating. Thanks
  6. Same problem here too , Internet gets blocked, then after i turn off the Anti virus protection, it immediately works again. Mods any solution on this? , highly frustrating and too risky to turn off the protection to surf. Look forward to fast help on this. Thanks
  7. Same problem here too , Internet gets blocked, then after i turn off the Anti virus protection, it immediately works again. Mods any solution on this? , highly frustrating and too risky to turn off the protection to surf. Look forward to fast help on this. Thanks
  8. Hi Alex, Many thanks ! Highly appreciate your prompt help. Everything is fine now. It was a bloody error from the Online Vendors - They sent me the 2010 Key instead of the 2009 ! Thanks also to your - EMEA Business Developer- Dragos Grecu for his swift assistance too ( He mailed me the '09 Key, just completed upgrading to '10. ) Hope BitDefender stays right at the top in the antivirus market. Good luck Guys !
  9. Hello BD Forum Friends, I ordered BitDefender Antivirus 2009 - Online on the 17th Oct and received it on the 29th Oct. It went well for the first couple of days. Came across the BD forum and decided to update it to the BD 2010 version, and there; all started going wrong. My Numerous attempts to validate my genuine license ( reinstalling and making new email validation accounts) have failed. The validation link never reached my 1st mail account, so made a new one on gmail, the validation link was delivered, which then took me to the BD site but states that it is invalid :( Can you guys please help, Many thanks in advance. P.S * I have sent the details of my online purchase to Alex Stanciu - Technical Support by PM.