Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

spyware removal


  • Please log in to reply

#1
elvisthe2nd

elvisthe2nd

    New Member

  • Member
  • Pip
  • 4 posts
:mad: this is really starting to bug me, i need to get rid of the spyware on my computer. there are popups and my computer is running very slow.

how do i get a "HiJack" log and fix the problem...i have downloaded HiJack This
  • 0

Advertisements


#2
elvisthe2nd

elvisthe2nd

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
sorry i think this is my "log"


StartupList report, 2/1/2005, 8:02:04 PM
StartupList version: 1.52.2
Started from : C:\Documents and Settings\Brandon.OXUPSTAIRS\HijackThis.EXE
Detected: Windows XP (WinNT 5.01.2600)
Detected: Internet Explorer v6.00 (6.00.2600.0000)
* Using default options
==================================================

Running processes:

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\NavNT\defwatch.exe
C:\Program Files\NavNT\rtvscan.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\WinTools\WToolsS.exe
C:\WINDOWS\System32\MsgSys.EXE
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\NavNT\vptray.exe
C:\WINDOWS\mmups.exe
C:\Program Files\Internet Optimizer\optimize.exe
C:\Program Files\Xmrmjk\Lygy.exe
C:\windows\180ax.exe
C:\windows\system32\ukgmjr.exe
C:\WINDOWS\System32\wsxsvc\wsxsvc.exe
C:\WINDOWS\System32\vmss\vmss.exe
C:\windows\system32\calc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Optimizer\actalert.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Brandon.OXUPSTAIRS\HijackThis.exe

--------------------------------------------------

Listing of startup folders:

Shell folders Common Startup:
[C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup]
Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

--------------------------------------------------

Checking Windows NT UserInit:

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

vptray = C:\PROGRA~1\NavNT\vptray.exe
mediamotor.exe = C:\WINDOWS\mmups.exe
Internet Optimizer = "C:\Program Files\Internet Optimizer\optimize.exe"
Pzwfzpc = C:\Program Files\Xmrmjk\Lygy.exe
SurfSideKick 2 = C:\Program Files\SurfSideKick 2\Ssk.exe
180ax = c:\windows\180ax.exe
qhyv = C:\WINDOWS\qhyv.exe
ukgmjr = c:\windows\system32\ukgmjr.exe
WinTools = C:\PROGRA~1\COMMON~1\WinTools\WToolsA.exe
Dvx = C:\WINDOWS\System32\wsxsvc\wsxsvc.exe
vmss = C:\WINDOWS\System32\vmss\vmss.exe

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

SurfSideKick 2 = C:\Program Files\SurfSideKick 2\Ssk.exe

--------------------------------------------------

Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:

Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*

Shell & screensaver key from Registry:

Shell=Explorer.exe
SCRNSAVE.EXE=C:\WINDOWS\System32\logon.scr
drivers=*Registry value not found*

Policies Shell key:

HKCU\..\Policies: Shell=*Registry key not found*
HKLM\..\Policies: Shell=*Registry value not found*

--------------------------------------------------


Enumerating Browser Helper Objects:

(no name) - C:\WINDOWS\ceres.dll - {00000049-8F91-4D9C-9573-F016E7626484}
(no name) - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
(no name) - C:\PROGRA~1\COMMON~1\WinTools\WToolsB.dll - {87766247-311C-43B4-8499-3D5FEC94A183}
(no name) - C:\WINDOWS\wsem303.dll - {8F4E5661-F99E-4B3E-8D85-0EA71C0748E4}
(no name) - c:\program files\google\googletoolbar1.dll - {AA58ED58-01DD-4d91-8333-CF10577473F7}

--------------------------------------------------

Enumerating Download Program Files:

[Office Update Installation Engine]
InProcServer32 = C:\WINDOWS\opuc.dll
CODEBASE = http://office.micros...ontent/opuc.cab

[Symantec RuFSI Utility Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\rufsi.dll
CODEBASE = http://security.syma...n/bin/cabsa.cab

[MsnMessengerSetupDownloadControl Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\MsnMessengerSetupDownloader.ocx
CODEBASE = http://messenger.msn...pDownloader.cab

[Shockwave Flash Object]
InProcServer32 = C:\WINDOWS\System32\macromed\flash\Flash.ocx
CODEBASE = http://download.macr...ash/swflash.cab

[IObjSafety.DemoCtl]
CODEBASE = http://cabs.media-mo...abs/diamond.cab

[IWinAmpActiveX Class]
InProcServer32 = C:\Program Files\Common Files\Nullsoft\ActiveX\2.0\AmpX.dll
CODEBASE = http://cdn.digitalci...illama/ampx.cab

--------------------------------------------------

Enumerating Windows NT logon/logoff scripts:
*No scripts set to run*

Windows NT checkdisk command:
BootExecute = autocheck autochk *

Windows NT 'Wininit.ini':
PendingFileRenameOperations: C:\DOCUME~1\BRANDO~1.OXU\LOCALS~1\Temp\GLB1A2B.EXE||C:\Program Files\E2G\IeBHOs.dll||C:\Program Files\E2G\data19||C:\Program Files\E2G


--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
CDBurn: C:\WINDOWS\system32\SHELL32.dll
WebCheck: C:\WINDOWS\System32\webcheck.dll
SysTray: C:\WINDOWS\System32\stobject.dll

--------------------------------------------------
End of report, 6,369 bytes
Report generated in 0.375 seconds

Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only
  • 0

#3
Koretek

Koretek

    Member

  • Member
  • PipPipPip
  • 340 posts
Thats either a very old edition or :tazz: ......?? lol, please post a new one heres the link Elvis! HijackThis Latest Edition
  • 0

#4
elvisthe2nd

elvisthe2nd

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
hey sorry about that...i should have researched it a bit more. here it is, and no im not old enough to have seen elvis, im only 16, but I love his music

StartupList report, 2/1/2005, 9:31:15 PM
StartupList version: 1.52.2
Started from : C:\Documents and Settings\Brandon.OXUPSTAIRS\HijackThis.EXE
Detected: Windows XP (WinNT 5.01.2600)
Detected: Internet Explorer v6.00 (6.00.2600.0000)
* Using default options
==================================================

Running processes:

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\NavNT\defwatch.exe
C:\Program Files\NavNT\rtvscan.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\WinTools\WToolsS.exe
C:\WINDOWS\System32\MsgSys.EXE
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\NavNT\vptray.exe
C:\WINDOWS\mmups.exe
C:\Program Files\Internet Optimizer\optimize.exe
C:\Program Files\Xmrmjk\Lygy.exe
C:\windows\180ax.exe
C:\windows\system32\ukgmjr.exe
C:\WINDOWS\System32\wsxsvc\wsxsvc.exe
C:\WINDOWS\System32\vmss\vmss.exe
C:\windows\system32\calc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Optimizer\actalert.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Brandon.OXUPSTAIRS\HijackThis.exe

--------------------------------------------------

Listing of startup folders:

Shell folders Common Startup:
[C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup]
Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

--------------------------------------------------

Checking Windows NT UserInit:

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

vptray = C:\PROGRA~1\NavNT\vptray.exe
mediamotor.exe = C:\WINDOWS\mmups.exe
Internet Optimizer = "C:\Program Files\Internet Optimizer\optimize.exe"
Pzwfzpc = C:\Program Files\Xmrmjk\Lygy.exe
SurfSideKick 2 = C:\Program Files\SurfSideKick 2\Ssk.exe
180ax = c:\windows\180ax.exe
qhyv = C:\WINDOWS\qhyv.exe
ukgmjr = c:\windows\system32\ukgmjr.exe
WinTools = C:\PROGRA~1\COMMON~1\WinTools\WToolsA.exe
Dvx = C:\WINDOWS\System32\wsxsvc\wsxsvc.exe
vmss = C:\WINDOWS\System32\vmss\vmss.exe

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

SurfSideKick 2 = C:\Program Files\SurfSideKick 2\Ssk.exe

--------------------------------------------------

Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:

Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*

Shell & screensaver key from Registry:

Shell=Explorer.exe
SCRNSAVE.EXE=C:\WINDOWS\System32\logon.scr
drivers=*Registry value not found*

Policies Shell key:

HKCU\..\Policies: Shell=*Registry key not found*
HKLM\..\Policies: Shell=*Registry value not found*

--------------------------------------------------


Enumerating Browser Helper Objects:

(no name) - C:\WINDOWS\ceres.dll - {00000049-8F91-4D9C-9573-F016E7626484}
(no name) - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
(no name) - C:\PROGRA~1\COMMON~1\WinTools\WToolsB.dll - {87766247-311C-43B4-8499-3D5FEC94A183}
(no name) - C:\WINDOWS\wsem303.dll - {8F4E5661-F99E-4B3E-8D85-0EA71C0748E4}
(no name) - c:\program files\google\googletoolbar1.dll - {AA58ED58-01DD-4d91-8333-CF10577473F7}

--------------------------------------------------

Enumerating Download Program Files:

[Office Update Installation Engine]
InProcServer32 = C:\WINDOWS\opuc.dll
CODEBASE = http://office.micros...ontent/opuc.cab

[Symantec RuFSI Utility Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\rufsi.dll
CODEBASE = http://security.syma...n/bin/cabsa.cab

[MsnMessengerSetupDownloadControl Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\MsnMessengerSetupDownloader.ocx
CODEBASE = http://messenger.msn...pDownloader.cab

[Shockwave Flash Object]
InProcServer32 = C:\WINDOWS\System32\macromed\flash\Flash.ocx
CODEBASE = http://download.macr...ash/swflash.cab

[IObjSafety.DemoCtl]
CODEBASE = http://cabs.media-mo...abs/diamond.cab

[IWinAmpActiveX Class]
InProcServer32 = C:\Program Files\Common Files\Nullsoft\ActiveX\2.0\AmpX.dll
CODEBASE = http://cdn.digitalci...illama/ampx.cab

--------------------------------------------------

Enumerating Windows NT logon/logoff scripts:
*No scripts set to run*

Windows NT checkdisk command:
BootExecute = autocheck autochk *

Windows NT 'Wininit.ini':
PendingFileRenameOperations: C:\DOCUME~1\BRANDO~1.OXU\LOCALS~1\Temp\GLB1A2B.EXE||C:\Program Files\E2G\IeBHOs.dll||C:\Program Files\E2G\data19||C:\Program Files\E2G


--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
CDBurn: C:\WINDOWS\system32\SHELL32.dll
WebCheck: C:\WINDOWS\System32\webcheck.dll
SysTray: C:\WINDOWS\System32\stobject.dll

--------------------------------------------------
End of report, 6,369 bytes
Report generated in 0.375 seconds

Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only
  • 0

#5
elvisthe2nd

elvisthe2nd

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
hey well i finally figured out how to use this program! i was trying to find out how everyone was just "posting logs" i had no clue how to do it and no one on here asked any questions about it, so i had to find some tutorial on the internet. anyways i found out how to use it, and i realized how simple it was to save a log. but i also realized that my hijack this program must be messed up because it freezes towardst the end of the scan and doesnet let me finish the scan or save my log file...
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP