Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

crack [resolved]


  • This topic is locked This topic is locked

#1
Spork Schivago

Spork Schivago

    New Member

  • Member
  • Pip
  • 5 posts
Hello. I downloaded a file called crack22a.exe from http://www.crackz-se...z.com/list/d/27. I ran it and now I can't delete it off my desktop. I found a way to delete the file (CTRL-ALT-DELETE, ending Explorer, running CMD and deleting it from the command prompt) but I think there still might be something on my system because if I create any files on the desktop that start with crack (ie, crack.exe, crack22a.exe, etc, etc) I cannot delete them. The computer says that it is being used by another application. I have ran Norton Antivirus 2003, McAfee AntiVirus, TDS-3, Ad-Aware, Spybot, ScanSpyware, AVG, Trend Micro, and a few other programs I found on the net and none of them detect anything. Can any one help? Here is a copy of my HiJackThis log:

Logfile of HijackThis v1.99.1
Scan saved at 3:36:26 AM, on 03/18/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\taskswitch.exe
C:\Program Files\HP DVD\Umbrella\DVDTray.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\dvd43\dvd43_tray.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\BOINC\boinc_gui.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Spork Schivago\Desktop\Ken's s***\Progz\HijackThis.exe

O1 - Hosts: 64.91.255.87 www.dcsresearch.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe
O4 - HKLM\..\Run: [DVDTray] "C:\Program Files\HP DVD\Umbrella\DVDTray.exe"
O4 - HKLM\..\Run: [DVDBitSet] "C:\Program Files\HP DVD\Umbrella\DVDBitSet.exe" /NOUI
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [dvd43] C:\Program Files\dvd43\dvd43_tray.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: BOINC.lnk = C:\Program Files\BOINC\boinc_gui.exe
O4 - Global Startup: KillRpc.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\googletoolbar.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\googletoolbar.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\googletoolbar.dll/cmcache.html
O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\googletoolbar.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\googletoolbar.dll/cmtrans.html
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall-bet...all/xscan60.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....467&clcid=0x409
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe


Any help would be greatly appreciated.
  • 0

Advertisements


#2
peterm

peterm

    Trusted Tech

  • Technician
  • 3,173 posts
I have not loaded XP so you will have to check for me
Does XP have a command prompt? If so we can fix
Peterm
  • 0

#3
Spork Schivago

Spork Schivago

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
Do you mean a command prompt before going into windows? It's an NTFS File system. But I have soem programs that will allow me to get to a DOS prompt. So I guess the answer is yes. :tazz:
  • 0

#4
peterm

peterm

    Trusted Tech

  • Technician
  • 3,173 posts
If you hit f8 when starting windows does it give you an option
to start in safe mode or start with command prompt
Peterm
  • 0

#5
Spork Schivago

Spork Schivago

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
When I hit F8 I have an option to go into safe mode but not a command prompt. I ended up formating and reinstalling my OS because I started finding all kind of trojans on my computer. I think maybe the crack22 file that i ran was downloading them. Thanks for the help.
  • 0

#6
peterm

peterm

    Trusted Tech

  • Technician
  • 3,173 posts
you should look at doing another hijack and print it out so you know what a fresh install looks like for future use
peterm
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP