Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Jeus I am so new here:HijackThis Log: Please help Diagnose

  • Please log in to reply
1 reply to this topic

#1 beginning of me

beginning of me

  • Members
  • 6 posts
  • Local time:05:24 PM

Posted 11 December 2004 - 12:28 AM

Logfile of HijackThis v1.98.2
Scan saved at 12:14:40 AM, on 12/11/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
C:\Program Files\AVPersonal\AVWUPSRV.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Justin Smith\Application Data\lmne.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows ControlAd\WinCtlAd.exe
C:\Program Files\Windows ControlAd\WinCtlAdAlt.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\nkugy.dll/sp.html#37049
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\nkugy.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\nkugy.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\nkugy.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\nkugy.dll/sp.html#37049
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\nkugy.dll/sp.html#37049
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\nkugy.dll/sp.html#37049
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {1267B80D-1183-D8F5-834A-13C4038C9320} - C:\WINDOWS\ipai32.dll
O2 - BHO: (no name) - {CAB90C3B-89E7-10B2-D3AB-EAA171F175B7} - C:\WINDOWS\system32\sdkwi32.dll
O4 - HKLM\..\Run: [atlgz.exe] C:\WINDOWS\system32\atlgz.exe
O4 - HKLM\..\Run: [Windows ControlAd] C:\Program Files\Windows ControlAd\WinCtlAd.exe
O4 - HKCU\..\Run: [Tsa2] C:\PROGRA~1\COMMON~1\tsa\tsm2.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O15 - Trusted Zone: *.frame.crazywinnings.com
O15 - Trusted Zone: *.static.topconverting.com

Okay, I'm Kristen by the way, not to long ago I realized a problem with aim and the whole "about:blank: downward spiral taking its toll upon my computer *poor baby*. So for the past four and half hours (roughly) I have been going from forum to forum, support team to support team, and I have finally gotten myself a log, although it seems rather short compared to some. As you might know or have problems similar to mine, I am currently and active user of AIM and I am terribly desperate to get back online soon, horribly long story but I really am in a struggle. I'm not sure if I have all the needed programs, I know I've downloaded so many items in the past few hours that it makes my head spin! And I've come to recognize the programs that everyone has been saying, I'm still not sure, and if it's possible can we all please speak in lamens terms (I think they call it) for I am not such a computer expert...Thankyou all so much, any comment is so greatly appreciated!!!


Oh and I definitely made a very noticable typo with "Jesus"

Edited by beginning of me, 11 December 2004 - 12:29 AM.

BC AdBot (Login to Remove)


#2 raw


    Bleeping Hacker

  • Members
  • 2,577 posts
  • Gender:Male
  • Location:Texas
  • Local time:05:24 PM

Posted 11 December 2004 - 01:33 AM

Hi Kristen :thumbsup: to BC

First off how about we get you over to the proper forum:

After you scan with HJT and click save log the notepad window will appear.
Goto ->Edit->Select All
or just press Ctrl+a and post the entire contents over there.
You can also add what symptoms you are seeing (pop-ups and such) and most of all please be patient while we work on your log.You have a nasty infection which will take some time to get rid of.


 rawcreations.net          @raw_creations

Current systems: WHAT OS, BackTrack-raw, PCLinuxOS, Peppermint OS 6, Kali Linux

and a custom Linux From Scratch server hosting a bunch of top secret stuff.

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users