Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

another log


  • This topic is locked This topic is locked

#1
nachopo

nachopo

    New Member

  • Member
  • Pip
  • 7 posts
hi,
can someone help me with this log?

Logfile of HijackThis v1.99.0
Scan saved at 9:03:04, on 23/02/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Archivos de programa\Sygate\SPF\smc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\ARCHIV~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\ARCHIV~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\System32\dllhost.exe
C:\Archivos de programa\Archivos comunes\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\ARCHIV~1\Grisoft\AVGFRE~1\avgcc.exe
C:\ARCHIV~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Archivos de programa\Outlook Express\msimn.exe
C:\Archivos de programa\Microsoft Office\Office10\WINWORD.EXE
C:\Documents and Settings\eroad\Escritorio\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.bigwebportal.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cl/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
O2 - BHO: ohb - {E539DEA3-BA67-4F1F-A897-5F2F4F29A063} - (no file)
O4 - HKLM\..\Run: [SmcService] C:\ARCHIV~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AVG7_CC] C:\ARCHIV~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\ARCHIV~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft.../as5/asinst.cab
O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivi...n/ravonline.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C80FC828-FDF8-485B-BDCD-453C09CB5C9D}: NameServer = 200.28.4.129 200.28.4.130
O23 - Service: AVG7 Alert Manager Server - GRISOFT, s.r.o. - C:\ARCHIV~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service - GRISOFT, s.r.o. - C:\ARCHIV~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Servicio del administrador de discos lógicos - Unknown - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Registro de sucesos - Unknown - C:\WINDOWS\system32\services.exe
O23 - Service: Servicio COM de grabación de CD de IMAPI - Unknown - C:\WINDOWS\System32\imapi.exe
O23 - Service: Plug and Play - Unknown - C:\WINDOWS\system32\services.exe
O23 - Service: Sygate Personal Firewall - Sygate Technologies, Inc. - C:\Archivos de programa\Sygate\SPF\smc.exe
O23 - Service: Instantáneas de volumen - Unknown - C:\WINDOWS\System32\vssvc.exe

regards
  • 0

Advertisements


#2
Michlos

Michlos

    Member

  • Member
  • PipPip
  • 48 posts
Hi!

I am looking in to your log right now. I'll post an answer shortly, thank you for your patience :tazz:
  • 0

#3
Guest_thatman_*

Guest_thatman_*
  • Guest
sorry posted in wrong form
ken

Edited by thatman, 27 February 2005 - 12:11 PM.

  • 0

#4
Michlos

Michlos

    Member

  • Member
  • PipPip
  • 48 posts
Hi!

First of all I want to appologize for not answering sooner, I was hit by the flu and spent a couple of days being pampered by the mrs :tazz:

Now on to the fixing:

First of all I would recommend that you download the latest version of Hijack This (1.99.1) from here.

Please save Hijack This in a permanent folder (i.e. C:\HJT). This ensures backups are saved and accessible.

Please go offline, close all browsers and any open Windows, making sure that only HijackThis is open. Scan and when it finishes, put an X in the boxes, only next to these following items, then click fix checked.

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.bigwebportal.com/
O2 - BHO: ohb - {E539DEA3-BA67-4F1F-A897-5F2F4F29A063} - (no file)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

Once this is done, reboot your computer and scan it again with Hijack This and post your new log here.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP