Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Unremovable log entry:

Started by Bagpuss , Jan 18 2005 09:19 AM

  • Please log in to reply

#1
Bagpuss
Posted 18 January 2005 - 09:19 AM

Bagpuss

    New Member

  • Member
  • Pip
  • 6 posts
Logfile of HijackThis v1.99.0
Scan saved at 15:15:48, on 18/01/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\Xqsye.exe
C:\WINDOWS\System32\Xqsye.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\RegProt\rpadmin.exe
C:\RegProt\regprot.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Niall\Desktop\RegClean\hijackthis\hijackthis\HijackThis.exe

O4 - HKLM\..\Run: [2ZQLKP#2WLSCTL] C:\WINDOWS\System32\Qcm02Z2H.exe

Hijackthis acts like it removes O4 above; nonetheless, when I scan again, it returns bold as brass. I know it's something sinister. Please help!
  • 0

Advertisements

#2
-=jonnyrotten=-
Posted 18 January 2005 - 01:50 PM

-=jonnyrotten=-

    Member 2k

  • Retired Staff
  • 2,678 posts
Please post the entire log.

-=jonnyrotten=- :tazz:
  • 0

#3
Bagpuss
Posted 18 January 2005 - 03:59 PM

Bagpuss

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
That is the entire log--honest!
  • 0

#4
-=jonnyrotten=-
Posted 18 January 2005 - 07:19 PM

-=jonnyrotten=-

    Member 2k

  • Retired Staff
  • 2,678 posts
You have the Pepper Trojan.

Download this file, run, and let terminate (it'll just blink briefly on your screen and won't appeared to have done much--this is normal):
http://www.geekstogo...=download&id=18

Reboot and post a new log.

-=jonnyrotten=-:tazz:
  • 0

#5
Bagpuss
Posted 19 January 2005 - 05:43 AM

Bagpuss

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
All better now--bloody limewire. Thanks again!
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP