Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

here is my log! help


  • This topic is locked This topic is locked
1 reply to this topic

#1 jamjam

jamjam

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:12:41 PM

Posted 28 May 2005 - 10:16 AM

I have run ad-aware already.I got infected eith the COOLWEBSEARCH bleep! Thanks Phil

Logfile of HijackThis v1.99.1
Scan saved at 10:03:32 AM, on 5/28/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\BRMFRSMG.EXE
C:\WINDOWS\system32\netyh32.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\WINDOWS\sysag32.exe
C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\default\My Documents\hijack this\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\fpsxe.dll/sp.html#93256
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\fpsxe.dll/sp.html#93256
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system32\fpsxe.dll/sp.html#93256
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\fpsxe.dll/sp.html#93256
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\fpsxe.dll/sp.html#93256
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\fpsxe.dll/sp.html#93256
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.com/keyword/%s
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:83
R3 - Default URLSearchHook is missing
O2 - BHO: Class - {3684831A-207B-BAB0-A44E-D9FD2B7E9603} - C:\WINDOWS\system32\ntrg.dll

BC AdBot (Login to Remove)

 


#2 John_McKenna

John_McKenna

    World Class Hairy Chest


  • Members
  • 497 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Liverpool
  • Local time:05:41 PM

Posted 29 May 2005 - 05:59 AM

Hi Phil and welcome to Bleeping. :thumbsup:

Can you repost your COMPLETE log in this thread please. Half of it's missing.


Note: Due to a lack of activity, this thread will now be closed. If you need this topic reopened, please contact a member of the HJT Team and we will reopen it for you. Include the address of this thread in your request. If you should have a new issue, please start a new topic. This applies only to the original topic starter. Everyone else please begin a New Topic.

Edited by John_McKenna, 09 June 2005 - 02:20 PM.

Want to fight back? Click HERE and learn how to remove spyware.

If I've helped you, please consider donating to the Multiple Sclerosis Society (UK)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users