Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

help me!


  • This topic is locked This topic is locked
3 replies to this topic

#1 hedorass

hedorass

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:07:43 AM

Posted 06 September 2004 - 10:12 AM

I have need our help....
thank you very much!!


my logfile is:

Logfile of HijackThis v1.98.2
Scan saved at 16.56.57, on 06/09/2004
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
C:\WINNT\System32\svchost.exe
D:\Oracle\Ora81\BIN\TNSLSNR.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\system32\ZoneLabs\vsmon.exe
C:\WINNT\Explorer.EXE
C:\Programmi\Grisoft\AVG6\avgcc32.exe
C:\WINNT\system32\atiptaxx.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
C:\Programmi\Messenger Plus! 3\MsgPlus.exe
c:\progra~1\intern~1\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\Programmi\Babylon\Babylon.exe
C:\Programmi\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\Programmi\MSN Messenger\msnmsgr.exe
C:\WINNT\system32\svchost.exe
C:\TinMessenger\TinMessenger.exe
C:\WINNT\System32\svchost.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Hijack This\hijackthis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar2.dll
O2 - BHO: (no name) - {D34725FE-BD82-E449-7CD6-A59C56F2EBC8} - C:\PROGRA~1\amokacid\64 funk.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [AVG_CC] C:\Programmi\Grisoft\AVG6\avgcc32.exe /startup
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Programmi\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [COAL MAIL] C:\PROGRA~1\Poke roam nurb\MixPopFile.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Log grid view error] C:\Documents and Settings\All Users\Dati applicazioni\aboutdartloggrid\wipe extra.exe
O4 - HKCU\..\Run: [Babylon Translator] C:\Programmi\Babylon\Babylon.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Programmi\Messenger Plus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmi\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O17 - HKLM\System\CCS\Services\Tcpip\..\{AEE5477E-6E6F-44A5-A2A2-BDF3B00BBE3D}: NameServer = 212.151.136.246 130.244.127.169

BC AdBot (Login to Remove)

 


m

#2 therock247uk

therock247uk

    Malware Killer


  • Malware Response Team
  • 154 posts
  • OFFLINE
  •  
  • Location:Newark, Nottingham, UK
  • Local time:12:43 PM

Posted 06 September 2004 - 11:29 AM

Same log as posted on Spywareinfo http://forums.spywareinfo.com/index.php?showtopic=24860

#3 phawgg

phawgg

    Learning Daily


  • Members
  • 4,543 posts
  • OFFLINE
  •  
  • Location:Washington State, USA
  • Local time:04:43 AM

Posted 06 September 2004 - 12:44 PM

hmm, yes it is.
patiently patrolling, plenty of persisant pests n' problems ...

#4 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,395 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:07:43 AM

Posted 06 September 2004 - 07:21 PM

Please do not post logs at multiple sites as it can cause confusion in getting your computer repaired properly. If you do not get responses at one site, then that is fine to post at another.

I am closing this topic as the therock247uk is already helping you here:

http://forums.spywareinfo.com/index.php?showtopic=24860




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users