Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

my computer logg on and then loggs off

Started by thorxp , Mar 08 2006 03:53 PM

  • Please log in to reply

#1
thorxp
Posted 08 March 2006 - 03:53 PM

thorxp

    New Member

  • Member
  • Pip
  • 4 posts
it doesnt let me do anything on it. i go in in sfaemode and did everything u suggest on the malware removal but still same problem...
this is the hijack log ...thanks
Logfile of HijackThis v1.99.1
Scan saved at 1:29:03 PM, on 3/8/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\Explorer.EXE
c:\a1141778281.exe
C:\windows\PCHealth\HelpCtr\Binaries\HelpSvc.exe
C:\Program Files\TrojanHunter 4.2\THGuard.exe
C:\photos liz\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://cwshredder.ne...s.html#msconfig
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O1 - Hosts: <head>
O1 - Hosts: <style>
O1 - Hosts: a:link { font-family: arial, verdana; font-sizw: 11px; color: #000000; text-decoration: none; }
O1 - Hosts: a:visited { font-family: arial, verdana; font-sizw: 11px; color: #000000; text-decoration: none; }
O1 - Hosts: a:active { font-family: arial, verdana; font-sizw: 11px; color: #000000; text-decoration: none; }
O1 - Hosts: a:hover { font-family: arial, verdana; font-sizw: 11px; color: #000000; text-decoration: underline; }
O1 - Hosts: font { font-family: arial, verdana; font-sizw: 11px; color: #000000; text-decoration: none; }
O1 - Hosts: td{ font-family: arial, verdana; font-sizw: 10px; text-decoration: none; }
O1 - Hosts: table{ font-family: arial, verdana; font-sizw: 11px; text-decoration: none; }
O1 - Hosts: body { background-color: #F0F0F0; scrollbar-face-color: #6E788C; scrollbar-shadow-color: #696969; scrollbar-highlight-color: #cfcfcf; scrollbar-3dlight-color: #cccccc; scrollbar-darkshadow-color: #808080; scrollbar-track-color: #9B9FA7; scrollbar-arrow-color: #000000 }
O1 - Hosts: .title { font-family: arial, verdana; font-size: 9pt; font-weight: normal; }
O1 - Hosts: .distributers { font-family: arial, verdana; font-size: 11pt; font-weight: normal; }
O1 - Hosts: .info { font-family: arial, verdana; font-size: 8pt; font-weight: normal; }
O1 - Hosts: .design { font-family: arial, verdana; font-size: 8pt; font-weight: normal; }
O1 - Hosts: .menu { border-top: 1px #374646 solid; border-left: 1px #374646 solid; border-right: 1px #374646 solid; border-bottom: 1px #374646 solid; font-family: verdana, arial; font-size: 8pt; font-weight: normal; }
O1 - Hosts: .cellheader { border-top: 1px #374646 solid; border-left: 1px #374646 solid; border-right: 1px #374646 solid; border-bottom: 1px #374646 solid; font-family: verdana, arial; font-size: 20pt; font-weight: normal; color: #F1F1F1; }
O1 - Hosts: .scellheader { border-top: 1px #374646 solid; border-left: 1px #374646 solid; border-right: 1px #374646 solid; border-bottom: 1px #374646 solid; font-family: verdana, arial; font-size: 15pt; font-weight: normal; color: #F1F1F1; }
O1 - Hosts: .bigcellheader { border-top: 1px #374646 solid; border-left: 1px #374646 solid; border-right: 1px #374646 solid; border-bottom: 1px #374646 solid; font-family: verdana, arial; font-size: 30pt; font-weight: normal; color: #F1F1F1; link: #F1F1F1; vlink: #F1F1F1; }
O1 - Hosts: .tblheader { background-color: #AAAAAA; border-top: 1px #374646 solid; border-left: 1px #374646 solid; border-right: 1px #374646 solid; border-bottom: 1px #374646 solid; font-family: verdana, arial; font-size: 14pt; font-weight: normal; }
O1 - Hosts: .tdshade1 { background-color: #DDDDDD; border-top: 1px #374646 solid; border-left: 1px #374646 solid; border-right: 1px #374646 solid; border-bottom: 1px #374646 solid; font-family: verdana, arial; font-size: 10pt; font-weight: normal; }
O1 - Hosts: .tdshade2 { background-color: #EEEEEE; border-top: 1px #374646 solid; border-left: 1px #374646 solid; border-right: 1px #374646 solid; border-bottom: 1px #374646 solid; font-family: verdana, arial; font-size: 10pt; font-weight: normal; }
O1 - Hosts: </style>
O1 - Hosts: </head>
O1 - Hosts: <body bgcolor="#ffffff">
O1 - Hosts: <table bgcolor=#ffffff link=#0000ee vlink=#0000ee text=#000000 border=0 align="center" width="100%">
O1 - Hosts: <tr class=cellheader>
O1 - Hosts: <td bgcolor=#788298><center><b>This Account Has Been Suspended</b></center></td>
O1 - Hosts: </tr>
O1 - Hosts: </table>
O1 - Hosts: Please contact the billing/support department as soon as possible.
O1 - Hosts: </html>
O1 - Hosts: <head>
O1 - Hosts: <style>
O1 - Hosts: a:link { font-family: arial, verdana; font-sizw: 11px; color: #000000; text-decoration: none; }
O1 - Hosts: a:visited { font-family: arial, verdana; font-sizw: 11px; color: #000000; text-decoration: none; }
O1 - Hosts: a:active { font-family: arial, verdana; font-sizw: 11px; color: #000000; text-decoration: none; }
O1 - Hosts: a:hover { font-family: arial, verdana; font-sizw: 11px; color: #000000; text-decoration: underline; }
O1 - Hosts: font { font-family: arial, verdana; font-sizw: 11px; color: #000000; text-decoration: none; }
O1 - Hosts: td{ font-family: arial, verdana; font-sizw: 10px; text-decoration: none; }
O1 - Hosts: table{ font-family: arial, verdana; font-sizw: 11px; text-decoration: none; }
O1 - Hosts: body { background-color: #F0F0F0; scrollbar-face-color: #6E788C; scrollbar-shadow-color: #696969; scrollbar-highlight-color: #cfcfcf; scrollbar-3dlight-color: #cccccc; scrollbar-darkshadow-color: #808080; scrollbar-track-color: #9B9FA7; scrollbar-arrow-color: #000000 }
O1 - Hosts: .title { font-family: arial, verdana; font-size: 9pt; font-weight: normal; }
O1 - Hosts: .distributers { font-family: arial, verdana; font-size: 11pt; font-weight: normal; }
O1 - Hosts: .info { font-family: arial, verdana; font-size: 8pt; font-weight: normal; }
O1 - Hosts: .design { font-family: arial, verdana; font-size: 8pt; font-weight: normal; }
O1 - Hosts: .menu { border-top: 1px #374646 solid; border-left: 1px #374646 solid; border-right: 1px #374646 solid; border-bottom: 1px #374646 solid; font-family: verdana, arial; font-size: 8pt; font-weight: normal; }
O1 - Hosts: .cellheader { border-top: 1px #374646 solid; border-left: 1px #374646 solid; border-right: 1px #374646 solid; border-bottom: 1px #374646 solid; font-family: verdana, arial; font-size: 20pt; font-weight: normal; color: #F1F1F1; }
O1 - Hosts: .scellheader { border-top: 1px #374646 solid; border-left: 1px #374646 solid; border-right: 1px #374646 solid; border-bottom: 1px #374646 solid; font-family: verdana, arial; font-size: 15pt; font-weight: normal; color: #F1F1F1; }
O1 - Hosts: .bigcellheader { border-top: 1px #374646 solid; border-left: 1px #374646 solid; border-right: 1px #374646 solid; border-bottom: 1px #374646 solid; font-family: verdana, arial; font-size: 30pt; font-weight: normal; color: #F1F1F1; link: #F1F1F1; vlink: #F1F1F1; }
O1 - Hosts: .tblheader { background-color: #AAAAAA; border-top: 1px #374646 solid; border-left: 1px #374646 solid; border-right: 1px #374646 solid; border-bottom: 1px #374646 solid; font-family: verdana, arial; font-size: 14pt; font-weight: normal; }
O1 - Hosts: .tdshade1 { background-color: #DDDDDD; border-top: 1px #374646 solid; border-left: 1px #374646 solid; border-right: 1px #374646 solid; border-bottom: 1px #374646 solid; font-family: verdana, arial; font-size: 10pt; font-weight: normal; }
O1 - Hosts: .tdshade2 { background-color: #EEEEEE; border-top: 1px #374646 solid; border-left: 1px #374646 solid; border-right: 1px #374646 solid; border-bottom: 1px #374646 solid; font-family: verdana, arial; font-size: 10pt; font-weight: normal; }
O1 - Hosts: </style>
O1 - Hosts: </head>
O1 - Hosts: <body bgcolor="#ffffff">
O1 - Hosts: <table bgcolor=#ffffff link=#0000ee vlink=#0000ee text=#000000 border=0 align="center" width="100%">
O1 - Hosts: <tr class=cellheader>
O1 - Hosts: <td bgcolor=#788298><center><b>This Account Has Been Suspended</b></center></td>
O1 - Hosts: </tr>
O1 - Hosts: </table>
O1 - Hosts: Please contact the billing/support department as soon as possible.
O1 - Hosts: </html>
O1 - Hosts: <head>
O1 - Hosts: <style>
O1 - Hosts: a:link { font-family: arial, verdana; font-sizw: 11px; color: #000000; text-decoration: none; }
O1 - Hosts: a:visited { font-family: arial, verdana; font-sizw: 11px; color: #000000; text-decoration: none; }
O1 - Hosts: a:active { font-family: arial, verdana; font-sizw: 11px; color: #000000; text-decoration: none; }
O1 - Hosts: a:hover { font-family: arial, verdana; font-sizw: 11px; color: #000000; text-decoration: underline; }
O1 - Hosts: font { font-family: arial, verdana; font-sizw: 11px; color: #000000; text-decoration: none; }
O1 - Hosts: td{ font-family: arial, verdana; font-sizw: 10px; text-decoration: none; }
O1 - Hosts: table{ font-family: arial, verdana; font-sizw: 11px; text-decoration: none; }
O1 - Hosts: body { background-color: #F0F0F0; scrollbar-face-color: #6E788C; scrollbar-shadow-color: #696969; scrollbar-highlight-color: #cfcfcf; scrollbar-3dlight-color: #cccccc; scrollbar-darkshadow-color: #808080; scrollbar-track-color: #9B9FA7; scrollbar-arrow-color: #000000 }
O1 - Hosts: .title { font-family: arial, verdana; font-size: 9pt; font-weight: normal; }
O1 - Hosts: .distributers { font-family: arial, verdana; font-size: 11pt; font-weight: normal; }
O1 - Hosts: .info { font-family: arial, verdana; font-size: 8pt; font-weight: normal; }
O1 - Hosts: .design { font-family: arial, verdana; font-size: 8pt; font-weight: normal; }
O1 - Hosts: .menu { border-top: 1px #374646 solid; border-left: 1px #374646 solid; border-right: 1px #374646 solid; border-bottom: 1px #374646 solid; font-family: verdana, arial; font-size: 8pt; font-weight: normal; }
O1 - Hosts: .cellheader { border-top: 1px #374646 solid; border-left: 1px #374646 solid; border-right: 1px #374646 solid; border-bottom: 1px #374646 solid; font-family: verdana, arial; font-size: 20pt; font-weight: normal; color: #F1F1F1; }
O1 - Hosts: .scellheader { border-top: 1px #374646 solid; border-left: 1px #374646 solid; border-right: 1px #374646 solid; border-bottom: 1px #374646 solid; font-family: verdana, arial; font-size: 15pt; font-weight: normal; color: #F1F1F1; }
O1 - Hosts: .bigcellheader { border-top: 1px #374646 solid; border-left: 1px #374646 solid; border-right: 1px #374646 solid; border-bottom: 1px #374646 solid; font-family: verdana, arial; font-size: 30pt; font-weight: normal; color: #F1F1F1; link: #F1F1F1; vlink: #F1F1F1; }
O1 - Hosts: .tblheader { background-color: #AAAAAA; border-top: 1px #374646 solid; border-left: 1px #374646 solid; border-right: 1px #374646 solid; border-bottom: 1px #374646 solid; font-family: verdana, arial; font-size: 14pt; font-weight: normal; }
O1 - Hosts: .tdshade1 { background-color: #DDDDDD; border-top: 1px #374646 solid; border-left: 1px #374646 solid; border-right: 1px #374646 solid; border-bottom: 1px #374646 solid; font-family: verdana, arial; font-size: 10pt; font-weight: normal; }
O1 - Hosts: .tdshade2 { background-color: #EEEEEE; border-top: 1px #374646 solid; border-left: 1px #374646 solid; border-right: 1px #374646 solid; border-bottom: 1px #374646 solid; font-family: verdana, arial; font-size: 10pt; font-weight: normal; }
O1 - Hosts: </style>
O1 - Hosts: </head>
O1 - Hosts: <body bgcolor="#ffffff">
O1 - Hosts: <table bgcolor=#ffffff link=#0000ee vlink=#0000ee text=#000000 border=0 align="center" width="100%">
O1 - Hosts: <tr class=cellheader>
O1 - Hosts: <td bgcolor=#788298><center><b>This Account Has Been Suspended</b></center></td>
O1 - Hosts: </tr>
O1 - Hosts: </table>
O1 - Hosts: Please contact the billing/support department as soon as possible.
O1 - Hosts: </html>
O1 - Hosts: <head>
O1 - Hosts: <style>
O1 - Hosts: a:link { font-family: arial, verdana; font-sizw: 11px; color: #000000; text-decoration: none; }
O1 - Hosts: a:visited { font-family: arial, verdana; font-sizw: 11px; color: #000000; text-decoration: none; }
O1 - Hosts: a:active { font-family: arial, verdana; font-sizw: 11px; color: #000000; text-decoration: none; }
O1 - Hosts: a:hover { font-family: arial, verdana; font-sizw: 11px; color: #000000; text-decoration: underline; }
O1 - Hosts: font { font-family: arial, verdana; font-sizw: 11px; color: #000000; text-decoration: none; }
O1 - Hosts: td{ font-family: arial, verdana; font-sizw: 10px; text-decoration: none; }
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [userinit] C:\windows\smss.exe
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.2\THGuard.exe"
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=48835
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1117331803192
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O16 - DPF: {D7BF3304-138B-4DD5-86EE-491BB6A2286C} - http://www.azebar.co...l/azesearch.cab
O20 - Winlogon Notify: msctl32.dll - msctl32.dll (file missing)
O20 - Winlogon Notify: ur32artreg - C:\Documents and Settings\All Users\Documents\Settings\ur32art.dll (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
  • 0

Advertisements

#2
Flrman1
Posted 08 March 2006 - 05:18 PM

Flrman1

    Malware Assassin

  • Retired Staff
  • 6,596 posts
Hi thorxp

Welcome to G2G! :tazz:

Before we can provide you any assistance, you need to go here and install "Service Pack 1" This will patch numerous security holes in IE and Windows. Many baddies get on your machine by taking advantage of these vulnerabilities. As your machine stands now it is wide open to attack from all sorts of nasties. You need to get these updates before we proceed or we will be wasting our time.

DO NOT install Service pack 2 yet. If you install SP 2 on an infected machine it will cause serious problems. Just get Service Pack 1 installed then come back here and post a new Hijack This log.
  • 0

#3
thorxp
Posted 08 March 2006 - 09:35 PM

thorxp

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
after doing the step of removing malware it wont let me in on safemode, not able to install sp1
  • 0

#4
Flrman1
Posted 09 March 2006 - 05:24 PM

Flrman1

    Malware Assassin

  • Retired Staff
  • 6,596 posts
Go here and run the Windows validation and tell me what it says. Click the "Validate Now" button and tell me the results please.

http://www.microsoft...hyValidate.aspx
  • 0

#5
thorxp
Posted 09 March 2006 - 07:08 PM

thorxp

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
i cant it eont let me past the welcome screen
  • 0

#6
Flrman1
Posted 10 March 2006 - 05:34 PM

Flrman1

    Malware Assassin

  • Retired Staff
  • 6,596 posts
Do you have your XP installation disk?
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP