Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help!


  • Please log in to reply
1 reply to this topic

#1 quidnunc

quidnunc

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:12:52 PM

Posted 11 April 2007 - 09:38 PM

Logfile of HijackThis v1.99.1
Scan saved at 10:20:45 PM, on 4/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Video ActiveX Object\isamntr.exe
C:\Program Files\Video ActiveX Object\pmsnrr.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Digital Media Reader\readericon45G.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\zHotkey.exe
C:\Program Files\Video ActiveX Object\pmmnt.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Video ActiveX Object\isamini.exe
C:\Program Files\McAfee\MSK\MskAgent.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.8472\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
C:\Program Files\BigFix\bigfix.exe

I have isolated items 1 and 4 on this list as the problem, but when I fix the problems with HijackThis, the items reappear. I can't delete the files from my computer because it says they are in use and can't be deleted. Meanwhile I get this website asecurityview.com/ every time I start my browser, and I can't change it.

Thanks for helping me. I am perplexed. One wrong move and I ended up with this problem.

Patrick

Edit: killed active malware link--please do not post those. Papakid

BC AdBot (Login to Remove)

 


#2 Papakid

Papakid

    Guru at being a Newbie


  • Malware Response Team
  • 6,586 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:52 AM

Posted 11 April 2007 - 10:06 PM

It's good you can't delete the files you mention as you would kill your system. Please follow my instructions exactly and don't delete or add anything unless advised by me to do so.

You have posted only the running processes portion of the log. I need to see the entire thing in order to help you. After scanning wtih HijackThis, when Notepad opens, click anywhere in the text and then press Ctrl + A, then Ctrl + C. Now click the Add Reply button to this topic, click in the text field and press Ctr + V.

Once a complete log is posted we can get started on helping you.

The thing about people

is they change

when they walk away.--Mipso





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users