2c0191e3 - Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:12:04, on 24.02.2012 Platform:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:12:04, on 24.02.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\VistaDrive\VistaDrive.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\AntiLogger\AntiLogger.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://find.localstrike.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.internetdownloadmanager.com/welcome.html?v=607
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Steganos Internet Anonym - {00000000-5736-4205-0008-f7ed0776fb27} - c:\program files\steganos internet anonym 2006\sia2006iep.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [VistaDrive] C:\WINDOWS\VistaDrive\VistaDrive.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [AntiLogger] "C:\Program Files\AntiLogger\AntiLogger.exe" /minimized
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE /auto
O4 - HKLM\..\RunOnce: [IERESETATTRIB] %SystemRoot%\system32\cmd.exe /d /q /c %SystemRoot%\system32\ieudinit.exe -ResetFileAttributes
O4 - HKLM\..\RunOnce: [Installing-ie8] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\IE8-WindowsXP-x86-TRK.exe /passive
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"  /MINIMIZED
O4 - HKCU\..\Run: [Advanced SystemCare 5] "C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart
O4 - HKCU\..\Run: [SIA2006] "C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe" -boot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [SIA2006] "C:\Program Files\Steganos Internet Anonym 2006\SIA2006.exe" -firstboot (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Global Startup: zzcs2076.lnk = C:\WINDOWS\systemcs2076.exe
O8 - Extra context menu item: Bütün linkleri IDM ile indir - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: IDM ile indir - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Microsoft Excel'e Gö&nder - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Araştır - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{50E4B6E7-D5CF-41F3-922C-0590D662F759}: NameServer = 208.67.222.222,208.67.220.220
O22 - SharedTaskScheduler: Browseui önceden yükleyicisi - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Bileşen Katergorileri önbellek daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

--
End of file - 6778 bytes


2012/02/24 16:12:38 - 
2012/02/24 16:12:38 - sXe Injected starting...
2012/02/24 16:12:38 - [C:\Program Files\sXe Injected]
2012/02/24 16:12:41 - Win XP (5.1.2600 Service Pack 3) [0]
2012/02/24 16:12:41 - version: 12.1
2012/02/24 16:12:41 - [ The end is near... ]
2012/02/24 16:12:41 - open [77C1F566]
2012/02/24 16:12:42 - Platform: x86 detected
2012/02/24 16:12:42 - Starting Device Driver
2012/02/24 16:12:42 - service [C:\Program Files\sXe Injected\ddsxei.sys]
2012/02/24 16:12:42 - Open manager OK
2012/02/24 16:12:42 - Create Service OK
2012/02/24 16:12:42 - Start Service OK
2012/02/24 16:12:42 - Service ready
2012/02/24 16:12:42 - Trying to open device[1]...
2012/02/24 16:12:42 - Service Handle OK
2012/02/24 16:12:42 -  [35][7C8FD190]
2012/02/24 16:12:42 -  [32][7C8FD160]
2012/02/24 16:12:42 -  [115][7C8FDF90]
2012/02/24 16:12:42 -  [74][7C8FD580]
2012/02/24 16:12:42 -  [AD][7C8FD910]
2012/02/24 16:12:42 -  [7A][7C8FD5E0]
2012/02/24 16:12:42 -  [D5][7C8FDB90]
2012/02/24 16:12:42 -  [89][7C8FD6D0]
2012/02/24 16:12:42 -  [FE][7C8FDE20]
2012/02/24 16:12:42 -  [BA][7C8FD9E0]
2012/02/24 16:12:44 - Waiting for game...
2012/02/24 16:12:53 -  * Sending shutdown
2012/02/24 16:12:53 -  * Termination
2012/02/24 16:12:55 -  * Cleaning
2012/02/24 16:12:55 -  * Stoping service
2012/02/24 16:12:55 -  * Service stopped
2012/02/24 16:12:55 -  * Service deleted
2012/02/24 16:12:55 - sXe Injected closed


2009/10/25 13:45:39 -  
2009/10/25 13:45:39 - ------------------
2009/10/25 13:45:39 - sXe-I dll starting
2009/10/25 13:45:39 - version: 8.0
2009/10/25 13:45:39 -    **** Driver Initialization
2009/10/25 13:45:39 -    **** Open success
2009/10/25 13:45:39 -    **** Link ready
2009/10/25 13:45:39 -    **** Image ready
2009/10/25 13:45:39 -    **** Gather ready
2009/10/25 13:45:39 -    **** Trying protocol 47
2009/10/25 13:45:39 -    **** Validations ready
2009/10/25 13:45:41 -    **** Half-Life protocol 47
2009/10/25 13:45:41 - hooking...
2009/10/25 13:45:41 - result...[0]
2009/10/25 13:45:41 -    **** Hooked
2009/10/25 13:45:41 -    **** Message [0]
2009/10/25 13:45:41 -    **** Message H [0]
2009/10/25 13:45:41 -    **** Message M [0]
2009/10/25 13:45:41 -    **** Message D [0]
2009/10/25 13:45:41 -    **** Alias Offline[1]
2009/10/25 13:45:41 -    **** Listen server Offline
2009/10/25 13:45:41 -    **** Gateway installed
2009/10/25 13:45:41 -    **** Backup ready
2009/10/25 13:45:41 -    **** ControlTime [19940608]
2009/10/25 13:45:41 -    **** GL Command Offline
2009/10/25 13:45:41 -    **** Finish [6184]
2009/10/25 13:45:54 - sXe-I dll closing