Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

smitfraud (again) and maybe aurora [CLOSED]


  • This topic is locked This topic is locked

#1
Jack Doobie

Jack Doobie

    Member

  • Member
  • PipPip
  • 64 posts
Logfile of HijackThis v1.99.1
Scan saved at 12:36:54 AM, on 6/11/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\alg.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\TGTSoft\StyleXP\StyleXP.exe
C:\WINDOWS\System32\intmonp.exe
C:\WINDOWS\System32\msole32.exe
C:\WINDOWS\System32\intmon.exe
C:\WINDOWS\popuper.exe
C:\WINDOWS\System32\shnlog.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\AOL 9.0\waol.exe
C:\Program Files\AOL 9.0\shellmon.exe
C:\Program Files\Common Files\Aol\aoltpspd.exe
C:\WINDOWS\System32\nzrlnm.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
c:\program files\internet explorer\iexplore.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Documents and Settings\Corey\My Documents\Downloads\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.updatesea...earch.php?qq=%1
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.updatesearches.com/bar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.updatesea...earch.php?qq=%1
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.updatesea...earch.php?qq=%1
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.updatesea...earch.php?qq=%1
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.updatesea...earch.php?qq=%1
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.updatesearches.com/
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
O2 - BHO: (no name) - {FFFFFFFF-FFFF-FFFF-FFFF-FFFFFFFFFFFA} - C:\WINDOWS\System32\hpE03E.tmp
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\McAfee.com\Agent\mcupdate.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [KavSvc] C:\WINDOWS\System32\nzrlnm.exe reg_run
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - Global Startup: ActiveShield.lnk = C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - Global Startup: SpySubtract.lnk = C:\Program Files\InterMute\SpySubtract\SpySub.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zon...ro.cab32846.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsec...scan/axscan.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zon...wn.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{45423A1F-F904-4A48-BF13-F1D90810CEB0}: NameServer = 205.188.146.145
O17 - HKLM\System\CCS\Services\Tcpip\..\{F74D05BC-D96B-4E83-BDA7-23077C653BFC}: NameServer = 69.50.184.84,195.225.176.37
O17 - HKLM\System\CS1\Services\Tcpip\..\{45423A1F-F904-4A48-BF13-F1D90810CEB0}: NameServer = 205.188.146.145
O21 - SSODL: SystemCheck2 - {54645654-2225-4455-44A1-9F4543D34545} - C:\WINDOWS\System32\vbsys2.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINDOWS\svcproc.exe (file missing)
  • 0

Advertisements


#2
Michelle

Michelle

    Malware Removal Goddess

  • Retired Staff
  • 8,928 posts
Why do you start multiple topics instead of going back to the first? I offered to help, you never came back... Metallica was helping you and you never went back to the topic and started a new one (which I merged with the other topic).

You were told by me to get Service Pack 1. Your log is not showing Service Pack 1 and no one will help until your log is showing that you downloaded the service pack.

Click here: http://www.microsoft...p1/default.mspx
Apply the update, reboot, and post a fresh Hijack This log.
  • 0

#3
Jack Doobie

Jack Doobie

    Member

  • Topic Starter
  • Member
  • PipPip
  • 64 posts

Why do you start multiple topics instead of going back to the first?  I offered to help, you never came back...  Metallica was helping you and you never went back to the topic and started a new one (which I merged with the other topic).

You were told by me to get Service Pack 1.  Your log is not showing Service Pack 1 and no one will help until your log is showing that you downloaded the service pack.

Click here: http://www.microsoft...p1/default.mspx
Apply the update, reboot, and post a fresh Hijack This log.

View Post


i downlaoded it and ran it there was an icon near my clock that had windows update and a percentage, it got to 100%
i figured i had it
  • 0

#4
Michelle

Michelle

    Malware Removal Goddess

  • Retired Staff
  • 8,928 posts
Your log is not showing service pack 1 and we are not allowed to help until it does.
  • 0

#5
Jack Doobie

Jack Doobie

    Member

  • Topic Starter
  • Member
  • PipPip
  • 64 posts
how do i know when it`s installed?
what will it say?
  • 0

#6
Michelle

Michelle

    Malware Removal Goddess

  • Retired Staff
  • 8,928 posts
You should have been taken to the windows update site and it should have scanned your computer for available updates and presented you with the security updates available.

You should see it installing, I don't know that it says anything- might ask you to restart your computer.

What kind of problems are you having there, exactly?
  • 0

#7
Michelle

Michelle

    Malware Removal Goddess

  • Retired Staff
  • 8,928 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member with address of this thread. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP