|
spyware infection
|
|
|
solive28
Suspended due to non-functional email address
|
1. January 2006 @ 10:35 |
Link to this message
|
|
i have a message that my computer has has a spyware infection as my background. Now i have tried to remove it and put my own background but i cant pliz help!
solive
|
|
Advertisement
|
|
|
|
Senior Member
|
1. January 2006 @ 10:47 |
Link to this message
|
|
|
spertti
Senior Member
|
1. January 2006 @ 10:49 |
Link to this message
|
You have SpyAxe/Spysheriff on your computer. We have to identify it first, to help you remove it. So we need your HijackThis log. Do the steps 3 and 4 from here > http://forums.afterdawn.com/thread_view.cfm/263784
Read the instructions and post the log here.
|
|
spertti
Senior Member
|
1. January 2006 @ 10:50 |
Link to this message
|
|
@rav009
If that is smitfraud as I suspect that doesnt help =)
But that was a good try.
|
Senior Member
|
1. January 2006 @ 10:52 |
Link to this message
|
|
lol, no i said do that for now as i thought theres a few spywares that change the background.
isnt there a few spywares that do that?
"that damm thing" refers to it....
incase it was not that particluar one i though try that fist.
i think thats a smart move anyway :)
This message has been edited since posting. Last time this message was edited on 1. January 2006 @ 10:55
|
|
spertti
Senior Member
|
1. January 2006 @ 10:54 |
Link to this message
|
|
If there is a text "spyware infection" or "your computer is infected" on background it´s most likely a variant of smitfraud, which needs it´s own fix. Ewido or any other anti-spyware programs won´t fix it.
|
Senior Member
|
1. January 2006 @ 10:58 |
Link to this message
|
|
yeh ino about the special fix i did that last week for a friend, but i didnt know that smitfraud was the only spyware that puts that on the background but i do know.
This message has been edited since posting. Last time this message was edited on 1. January 2006 @ 11:01
|
|
solive28
Suspended due to non-functional email address
|
1. January 2006 @ 11:01 |
Link to this message
|
|
jus going through house call at the mo will update u as to how i am getting on..isnt there a law against this sort of practice coz its spytrooper that are tring to prompt me to download thei software for a price to resolve this problem i have tried using ad aware 6 aswell but no luck
solive
|
|
spertti
Senior Member
|
1. January 2006 @ 11:03 |
Link to this message
|
|
@rav009
Sure there are other viruses/spyware that do the same thing. That´s why I asked the log in first place. That´s the fastest way to identify what it is. But I would bet a lot for smitfraud =) Let´s wait for the log and we´ll finally see what it is...
|
Senior Member
|
1. January 2006 @ 11:04 |
Link to this message
|
|
i agree with you there spertti.
|
|
solive28
Suspended due to non-functional email address
|
1. January 2006 @ 11:04 |
Link to this message
|
|
yeah thats the one! smitfraud
solive
|
|
spertti
Senior Member
|
1. January 2006 @ 11:05 |
Link to this message
|
|
@solive28
Just post the log and I´ll check it in hour and help you remove that bastard....
|
Senior Member
|
1. January 2006 @ 11:06 |
Link to this message
|
|
so you know you had it,shouldve said, anyway just send your log plz.
|
|
solive28
Suspended due to non-functional email address
|
1. January 2006 @ 11:08 |
Link to this message
|
|
and as my luck would have it my housecall was stopped! the windows just closed!
solive
|
Senior Member
|
1. January 2006 @ 11:09 |
Link to this message
|
|
windows just closed?, you were back on quick, is it 2gb of ram or somthing or do you mean the window for housecall closed.
well anyway just send the log in now.
|
|
solive28
Suspended due to non-functional email address
|
1. January 2006 @ 11:13 |
Link to this message
|
|
here is the report
COMETCURSOR
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
obj[0]=RegKey : CLSID\{062efa85-8bbb-11d3-80d0-00500487b1c5}
obj[1]=RegKey : CLSID\{0922ec1a-9ec7-11d3-80b9-00500487bdba}
obj[2]=RegKey : CLSID\{0e42926e-96d8-11d3-80d5-00500487b1c5}
obj[3]=RegKey : CLSID\{0e429272-96d8-11d3-80d5-00500487b1c5}
obj[4]=RegKey : CLSID\{15940F5D-D8BD-49BC-851D-29DCFB166950}
obj[5]=RegKey : CLSID\{1678F7E1-C422-11D0-AD7D-00400515CAAA}
obj[6]=RegKey : CLSID\{212b99a1-9cf6-11d3-80b7-00500487bdba}
obj[7]=RegKey : CLSID\{37D026C3-84D7-4AC5-A026-C08B7907CACF}
obj[8]=RegKey : CLSID\{39e01e09-2b45-11d4-810d-00500487b1c5}
obj[9]=RegKey : CLSID\{4320AEEB-2F2A-4F97-B573-232C6576AA3A}
obj[10]=RegKey : CLSID\{4AA5D526-44D5-4AF6-AC53-5CE1534CC40B}
obj[11]=RegKey : CLSID\{64726B8A-0CBE-4F80-90B7-1CA1BC69FCFB}
obj[12]=RegKey : CLSID\{6F2D6A5E-E3E7-4F18-887C-C777650DEF57}
obj[13]=RegKey : CLSID\{7BE4E188-DD04-47E4-8C1B-4AA330B18D9F}
obj[14]=RegKey : CLSID\{7F0F5DA7-84CB-11D4-8137-00500487B1C5}
obj[15]=RegKey : CLSID\{827A2ECE-D76F-4BCC-82ED-D6A287C11211}
obj[16]=RegKey : CLSID\{8AE68B04-D492-4474-A6E2-FD5FE884F4B1}
obj[17]=RegKey : CLSID\{90C61707-C8F8-43DB-A25C-C1F4B18EE41E}
obj[18]=RegKey : CLSID\{941228B3-3AD1-4633-A9F5-59154CB362D4}
obj[19]=RegKey : CLSID\{A335D52F-D489-472D-9EAA-D72A40AAF7CA}
obj[20]=RegKey : CLSID\{A5EA242A-442E-4ecb-9CAC-97037CCD6EC6}
obj[21]=RegKey : CLSID\{C38FC998-3B1B-4F59-A710-5A6C9CF8BD92}
obj[22]=RegKey : CLSID\{cbe7d5e7-90a2-11d3-80d1-00500487b1c5}
obj[23]=RegKey : CLSID\{cd74b159-a1d3-11d3-80bc-00500487bdba}
obj[24]=RegKey : CLSID\{d14d6793-9b65-11d3-80b6-00500487bdba}
obj[25]=RegKey : CLSID\{DFA771A5-2138-48EE-A58E-F782C879AF8E}
obj[26]=RegKey : CLSID\{e28fcb54-8c8e-11d3-80d1-00500487b1c5}
obj[27]=RegKey : CLSID\{E3A6E4B2-16B4-4F56-A98A-5F4DE04CA2BE}
obj[28]=RegKey : CLSID\{e5c39db9-9dcc-11d3-80d6-00500487b1c5}
obj[29]=RegKey : CLSID\{EA5BB125-A227-40A7-BCAA-652D497C2F65}
obj[30]=RegKey : CLSID\{EB07A6D4-8E36-11D4-8138-00500487B1C5}
obj[31]=RegKey : CLSID\{EDC4193F-34AD-4D07-AA87-E3FDB89E3E76}
obj[32]=RegKey : CLSID\{EDEE4CCB-0913-4CC9-8EA9-3DDD87AB8BDE}
obj[33]=RegKey : CLSID\{F147AE85-1855-4182-BE3A-174160995A40}
obj[34]=RegKey : CLSID\{FE6BC4EF-5676-484B-88AE-883323913256}
obj[35]=RegKey : CometAppUtil.CometUIEvents
obj[36]=RegKey : CometAppUtil.CometUIEvents.1
obj[37]=RegKey : CometIEToolbar.CometToolbar
obj[38]=RegKey : CometIEToolbar.CometToolbar.1
obj[39]=RegKey : ComUtil.FCParam
obj[40]=RegKey : ComUtil.FCParam.1
obj[41]=RegKey : ComUtil.FctCall
obj[42]=RegKey : ComUtil.FctCall.1
obj[43]=RegKey : ContextParser.ContextProxy
obj[44]=RegKey : ContextParser.ContextProxy.1
obj[45]=RegKey : ContextParser.ContextProxyMgr
obj[46]=RegKey : ContextParser.ContextProxyMgr.1
obj[47]=RegKey : ContextParser.CSRegExp
obj[48]=RegKey : ContextParser.CSRegExp.1
obj[49]=RegKey : ContextParser.URLContextParser
obj[50]=RegKey : ContextParser.URLContextParser.1
obj[51]=RegKey : CORE.BHO1
obj[52]=RegKey : CORE.BHO1.1
obj[53]=RegKey : CORE.BrowserAppProxy
obj[54]=RegKey : CORE.BrowserAppProxy.1
obj[55]=RegKey : CORE.CometCursor
obj[56]=RegKey : CORE.CometCursor.1
obj[57]=RegKey : CORE.CometFrame
obj[58]=RegKey : CORE.CometFrame.1
obj[59]=RegKey : CORE.CometWindow
obj[60]=RegKey : CORE.CometWindow.1
obj[61]=RegKey : CORE.CS15Cursor
obj[62]=RegKey : CORE.CS15Cursor.1
obj[63]=RegKey : CORE.FileINfo
obj[64]=RegKey : CORE.FileINfo.1
obj[65]=RegKey : CORE.HttpComm
obj[66]=RegKey : CORE.HttpComm.1
obj[67]=RegKey : CORE.MyBrowser1
obj[68]=RegKey : CORE.MyBrowser1.1
obj[69]=RegKey : Core.SelfUpdater
obj[70]=RegKey : Core.SelfUpdater.1
obj[71]=RegKey : CORE.System
obj[72]=RegKey : CORE.System.1
obj[73]=RegKey : CORE.WIndowProxy
obj[74]=RegKey : CORE.WIndowProxy.1
obj[75]=RegKey : CSBand.HorizontalIEBand
obj[76]=RegKey : CSBand.HorizontalIEBand.1
obj[77]=RegKey : CSBand.VerticalIEBand
obj[78]=RegKey : CSBand.VerticalIEBand.1
obj[79]=RegKey : CSBRange.ByteRange
obj[80]=RegKey : CSBRange.ByteRange.1
obj[81]=RegKey : CSEng.CSEngine
obj[82]=RegKey : CSEng.CSEngine.1
obj[83]=RegKey : CSEng.CSHost
obj[84]=RegKey : CSEng.CSHost.1
obj[85]=RegKey : CSEng.EvHandler
obj[86]=RegKey : CSEng.EvHandler.1
obj[87]=RegKey : CSIP.CSCollection
obj[88]=RegKey : CSIP.CSCollection.1
obj[89]=RegKey : CSIP.CSIPDispatch
obj[90]=RegKey : CSIP.CSIPDispatch.1
obj[91]=RegKey : CSIP.CSIPPacket
obj[92]=RegKey : CSIP.CSIPPacket.1
obj[93]=RegKey : Interface\{012b0571-2cd6-11d4-810d-00500487b1c5}
obj[94]=RegKey : Interface\{062efa84-8bbb-11d3-80d0-00500487b1c5}
obj[95]=RegKey : Interface\{0922ec19-9ec7-11d3-80b9-00500487bdba}
obj[96]=RegKey : Interface\{0e42926f-96d8-11d3-80d5-00500487b1c5}
obj[97]=RegKey : Interface\{0e429271-96d8-11d3-80d5-00500487b1c5}
obj[98]=RegKey : Interface\{1348E05A-21C7-4134-B4A4-3C12234FCA3F}
obj[99]=RegKey : Interface\{1E587528-41AA-4F19-97E8-BB75ACC3035C}
obj[100]=RegKey : Interface\{212b99a0-9cf6-11d3-80b7-00500487bdba}
obj[101]=RegKey : Interface\{29089B98-AF05-4769-B627-86A745D4B672}
obj[102]=RegKey : Interface\{2da93e50-9d08-11d3-80d5-00500487b1c5}
obj[103]=RegKey : Interface\{2FCFB3FD-7184-4C42-AED3-30FFF0119964}
obj[104]=RegKey : Interface\{34FDD882-5530-4A90-89CD-416612C8855E}
obj[105]=RegKey : Interface\{43F1B4AD-92EF-4DB3-BDA9-12335B012DD0}
obj[106]=RegKey : Interface\{50d7c4ab-3c82-11d4-8111-00500487b1c5}
obj[107]=RegKey : Interface\{58C59F56-CA66-4B5D-9132-ECEA5193BE5A}
obj[108]=RegKey : Interface\{788E0D0E-CAF7-473B-9183-76BE6D30DC9A}
obj[109]=RegKey : Interface\{7AA7D1C3-F0F8-460C-936D-B5886D0928EB}
obj[110]=RegKey : Interface\{7F0F5DA6-84CB-11D4-8137-00500487B1C5}
obj[111]=RegKey : Interface\{832786EC-9632-4919-8972-59F79D621C87}
obj[112]=RegKey : Interface\{899BE974-D575-48BB-A9C7-1D24E8042BE4}
obj[113]=RegKey : Interface\{8BEE173B-C006-4F0E-ACD2-84A882BEBCFF}
obj[114]=RegKey : Interface\{910E67A6-BD53-46DF-8434-41498B7D22F7}
obj[115]=RegKey : Interface\{9464C98E-B5F1-4C6A-BD3F-9696E3BD081E}
obj[116]=RegKey : Interface\{97284959-A553-4576-859C-B3B3FF283DE0}
obj[117]=RegKey : Interface\{a0ca55a0-a112-11d3-80d6-00500487b1c5}
obj[118]=RegKey : Interface\{a0ca55a1-a112-11d3-80d6-00500487b1c5}
obj[119]=RegKey : Interface\{A4B977F5-1EFC-4DA0-B9C2-67C53CBA140F}
obj[120]=RegKey : Interface\{A9E67CBE-7A42-47BE-962A-C07E73C34FBA}
obj[121]=RegKey : Interface\{AEB17FC4-2A52-4945-9866-81CC343A59E3}
obj[122]=RegKey : Interface\{B0DB6360-8D7F-11D4-8137-00500487B1C5}
obj[123]=RegKey : Interface\{B0E9399E-FE6F-43B0-98D3-2F47080DDE4A}
obj[124]=RegKey : Interface\{BFCBF73B-6EB2-49C1-ADCA-CF0CD589B140}
obj[125]=RegKey : Interface\{C0CAD17E-00A3-4F40-9015-D569C3114BA3}
obj[126]=RegKey : Interface\{C4D86DC8-B73B-4470-9914-3DAC14EE6F95}
obj[127]=RegKey : Interface\{c7291310-3c8c-11d4-8111-00500487b1c5}
obj[128]=RegKey : Interface\{C81B4B57-B06B-409D-AED0-028051683796}
obj[129]=RegKey : Interface\{cbe7d5e6-90a2-11d3-80d1-00500487b1c5}
obj[130]=RegKey : Interface\{cbe7d5e8-90a2-11d3-80d1-00500487b1c5}
obj[131]=RegKey : Interface\{cd74b15b-a1d3-11d3-80bc-00500487bdba}
obj[132]=RegKey : Interface\{CE2EAB19-E31D-43CA-A860-F95A2CA50040}
obj[133]=RegKey : Interface\{d14d6792-9b65-11d3-80b6-00500487bdba}
obj[134]=RegKey : Interface\{DC86768F-5ADF-4D84-9DE8-FD047B1FE8F5}
obj[135]=RegKey : Interface\{DDD1E8CA-678D-4C9A-A472-CE9578B14DC5}
obj[136]=RegKey : Interface\{e28fcb53-8c8e-11d3-80d1-00500487b1c5}
obj[137]=RegKey : Interface\{ea3b6c62-70a6-11d1-b69e-444553540000}
obj[138]=RegKey : Interface\{EB07A6D3-8E36-11D4-8138-00500487B1C5}
obj[139]=RegKey : Interface\{FFE56921-248B-4C75-9EEE-01706310E371}
obj[140]=RegKey : SkinUI.ActiveWindow
obj[141]=RegKey : SkinUI.ActiveWindow.1
obj[142]=RegKey : SkinUI.CSkinUI
obj[143]=RegKey : SkinUI.CSkinUI.1
obj[144]=RegKey : SkinUI.WebBrowserSink
obj[145]=RegKey : SkinUI.WebBrowserSink.1
obj[146]=RegKey : SkinUI.WindowsHelper
obj[147]=RegKey : SkinUI.WindowsHelper.1
obj[148]=RegKey : Software\Comet Systems
obj[149]=RegKey : Software\Microsoft\Windows\CurrentVersion\Uninstall\CC2k
obj[150]=RegKey : Typelib\{062efa78-8bbb-11d3-80d0-00500487b1c5}
obj[151]=RegKey : TypeLib\{07FA131E-2EB2-446F-93D2-9F877320010B}
obj[152]=RegKey : TypeLib\{3F4386E5-2FBE-44A8-81CF-4B792490605F}
obj[153]=RegKey : TypeLib\{74232635-A013-49F2-B869-1B1AB932D944}
obj[154]=RegKey : TypeLib\{7F0F5D9A-84CB-11D4-8137-00500487B1C5}
obj[155]=RegKey : TypeLib\{878ACE1B-8DB0-4D75-9034-504756AD4215}
obj[156]=RegKey : TypeLib\{BF986691-7F7B-4F94-85E0-20E75350701F}
obj[157]=RegKey : TypeLib\{BFA2C963-FC24-4770-8C19-0D5A1CD58DF9}
obj[158]=RegKey : TypeLib\{C09FB84D-B9ED-43EB-AFED-F145C26CB839}
obj[159]=RegKey : Typelib\{d14d6786-9b65-11d3-80b6-00500487bdba}
obj[160]=RegValue : SOFTWARE\Microsoft\Internet Explorer\Toolbar
TRACKING COOKIE
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
obj[161]=File : c:\documents and settings\sol & petty\cookies\sol & petty@advertising[1].txt
obj[162]=File : c:\documents and settings\sol & petty\cookies\sol & petty@atdmt[2].txt
obj[163]=File : c:\documents and settings\sol & petty\cookies\sol & petty@doubleclick[1].txt
solive
|
|
spertti
Senior Member
|
1. January 2006 @ 11:15 |
Link to this message
|
|
Just look at my first post and do what I said. That doesn´t help me at all....
|
Senior Member
|
1. January 2006 @ 11:16 |
Link to this message
|
|
i was talking about a HJT log.
|
|
solive28
Suspended due to non-functional email address
|
1. January 2006 @ 11:17 |
Link to this message
|
|
windows for housecall
solive
|
Senior Member
|
1. January 2006 @ 11:19 |
Link to this message
|
|
ok as spertti said HJT log please.
|
|
solive28
Suspended due to non-functional email address
|
1. January 2006 @ 11:33 |
Link to this message
|
here it is
Lavasoft Ad-Aware Personal Build 6.181
Logfile created on :01 January 2006 21:28:03
Created with Ad-Aware Personal, free for private use.
Using reference-file :1R200 12.07.2003
______________________________________________________
Ad-aware Settings
=========================
Set : Activate in-depth scan (Recommended)
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep scan registry
01-01-2006 21:28:03 - Scan started. (Smart mode)
Listing running processes
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ThreadCreationTime : 01-01-2006 17:59:30
BasePriority : Normal
#:2 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ThreadCreationTime : 01-01-2006 17:59:32
BasePriority : High
#:3 [services.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 01-01-2006 17:59:33
BasePriority : Normal
FileSize : 105 KB
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
OriginalFilename : services.exe
ProductName : Microsoft
Created on : 23/08/2001 12:00:00
Last accessed : 01/01/2006 21:28:03
Last modified : 03/08/2004 23:56:56
#:4 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 01-01-2006 17:59:33
BasePriority : Normal
FileSize : 13 KB
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
OriginalFilename : lsass.exe
ProductName : Microsoft
Created on : 23/08/2001 12:00:00
Last accessed : 01/01/2006 21:28:03
Last modified : 03/08/2004 23:56:52
#:5 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 01-01-2006 17:59:33
BasePriority : Normal
FileSize : 14 KB
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 23/08/2001 12:00:00
Last accessed : 01/01/2006 21:28:03
Last modified : 03/08/2004 23:56:58
#:6 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 01-01-2006 17:59:33
BasePriority : Normal
FileSize : 14 KB
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 23/08/2001 12:00:00
Last accessed : 01/01/2006 21:28:03
Last modified : 03/08/2004 23:56:58
#:7 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 01-01-2006 17:59:36
BasePriority : Normal
FileSize : 56 KB
FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
ProductVersion : 5.1.2600.2696
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
OriginalFilename : spoolsv.exe
ProductName : Microsoft
Created on : 23/08/2001 12:00:00
Last accessed : 01/01/2006 21:28:03
Last modified : 10/06/2005 23:53:32
#:8 [avgamsvr.exe]
FilePath : C:\PROGRA~1\Grisoft\AVGFRE~1\
ThreadCreationTime : 01-01-2006 17:59:36
BasePriority : Normal
FileSize : 311 KB
FileVersion : 7,1,0,285
ProductVersion : 7.1.0.285
Copyright : Copyright
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Alert Manager
InternalName : avgamsvr
OriginalFilename : avgamsvr.EXE
ProductName : AVG Anti-Virus System
Created on : 01/01/2006 12:47:52
Last accessed : 01/01/2006 21:28:03
Last modified : 01/01/2006 12:47:53
#:9 [avgupsvc.exe]
FilePath : C:\PROGRA~1\Grisoft\AVGFRE~1\
ThreadCreationTime : 01-01-2006 17:59:36
BasePriority : Normal
FileSize : 68 KB
FileVersion : 7,1,0,285
ProductVersion : 7.1.0.285
Copyright : Copyright
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Update Service
InternalName : avgupsvc
OriginalFilename : avgupdsvc.EXE
ProductName : AVG 7.0 Anti-Virus System
Created on : 01/01/2006 12:47:55
Last accessed : 01/01/2006 21:28:03
Last modified : 01/01/2006 12:47:55
#:10 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 01-01-2006 17:59:36
BasePriority : Normal
FileSize : 14 KB
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 23/08/2001 12:00:00
Last accessed : 01/01/2006 21:28:03
Last modified : 03/08/2004 23:56:58
#:11 [explorer.exe]
FilePath : C:\WINDOWS\
ThreadCreationTime : 01-01-2006 17:59:43
BasePriority : Normal
FileSize : 1008 KB
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
OriginalFilename : EXPLORER.EXE
ProductName : Microsoft
Created on : 17/09/2004 20:24:16
Last accessed : 01/01/2006 21:02:36
Last modified : 03/08/2004 23:56:50
#:12 [mssearchnet.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 01-01-2006 17:59:46
BasePriority : Normal
FileSize : 9 KB
Created on : 31/12/2005 23:17:03
Last accessed : 01/01/2006 20:42:19
Last modified : 31/12/2005 23:17:03
#:13 [nvctrl.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 01-01-2006 17:59:46
BasePriority : Normal
FileSize : 15 KB
Created on : 31/12/2005 23:17:02
Last accessed : 01/01/2006 21:28:03
Last modified : 31/12/2005 23:17:02
#:14 [soundman.exe]
FilePath : C:\WINDOWS\
ThreadCreationTime : 01-01-2006 17:59:46
BasePriority : Normal
FileSize : 45 KB
FileVersion : 5.0.02
ProductVersion : 5.0.02
Copyright : Copyright (c) 2001-2002 Avance Logic, Inc.
CompanyName : Avance Logic, Inc.
FileDescription : Avance Sound Manager
InternalName : ALSMTray
OriginalFilename : ALSMTray.exe
ProductName : Avance Sound Manager
Created on : 19/09/2004 18:08:24
Last accessed : 01/01/2006 21:28:03
Last modified : 18/06/2002 10:44:20
#:15 [capfax.exe]
FilePath : C:\Program Files\Classic PhoneTools\
ThreadCreationTime : 01-01-2006 17:59:46
BasePriority : Normal
FileSize : 20 KB
FileVersion : 1.01
ProductVersion : 5.00
Copyright : Copyright
CompanyName : BVRP Software
FileDescription : Surveillance Capture Fax
InternalName : CapFax
OriginalFilename : CapFax.exe
ProductName : Winfax - WinPhone
Created on : 04/06/2005 21:41:39
Last accessed : 01/01/2006 21:28:03
Last modified : 10/12/2001 16:34:06
#:16 [mmtask.exe]
FilePath : C:\Program Files\Musicmatch\Musicmatch Jukebox\
ThreadCreationTime : 01-01-2006 17:59:46
BasePriority : Normal
FileSize : 52 KB
FileVersion : 9.0.0.1
ProductVersion : 9.0.0.1
Copyright : (c) Musicmatch Inc.. All rights reserved.
CompanyName : Musicmatch Inc.
FileDescription : <Musicmatch System Tray Application>
InternalName : mmtask.exe
OriginalFilename : mmtask.exe
ProductName : Musicmatch Jukebox
Created on : 25/12/2004 18:38:00
Last accessed : 01/01/2006 21:28:03
Last modified : 15/03/2005 07:58:08
#:17 [ituneshelper.exe]
FilePath : C:\Program Files\iTunes\
ThreadCreationTime : 01-01-2006 17:59:46
BasePriority : Normal
FileSize : 272 KB
FileVersion : 6.0.1.3
ProductVersion : 6.0.1.3
CompanyName : Apple Computer, Inc.
FileDescription : iTunesHelper Module
InternalName : iTunesHelper
OriginalFilename : iTunesHelper.exe
ProductName : iTunes
Created on : 18/10/2005 11:58:54
Last accessed : 01/01/2006 21:28:03
Last modified : 18/10/2005 11:58:54
#:18 [asusprob.exe]
FilePath : C:\Program Files\ASUS\Probe\
ThreadCreationTime : 01-01-2006 17:59:46
BasePriority : Normal
FileSize : 603 KB
Created on : 31/12/2005 12:46:01
Last accessed : 01/01/2006 21:28:03
Last modified : 17/12/2001 21:22:00
#:19 [ipodservice.exe]
FilePath : C:\Program Files\iPod\bin\
ThreadCreationTime : 01-01-2006 17:59:47
BasePriority : Normal
FileSize : 316 KB
FileVersion : 6.0.1.3
ProductVersion : 6.0.1.3
CompanyName : Apple Computer, Inc.
FileDescription : iPodService Module
InternalName : iPodService
OriginalFilename : iPodService.exe
ProductName : iTunes
Created on : 18/10/2005 11:58:40
Last accessed : 01/01/2006 21:28:04
Last modified : 18/10/2005 11:58:40
#:20 [atiptaxx.exe]
FilePath : C:\Program Files\ATI Technologies\ATI Control Panel\
ThreadCreationTime : 01-01-2006 17:59:47
BasePriority : Normal
FileSize : 280 KB
FileVersion : 6.13.10.3010
ProductVersion : 6.13.10.3010
Copyright : Copyright (C) 1998-2001 ATI Technologies Inc.
CompanyName : ATI Technologies, Inc.
FileDescription : ATI Desktop Control Panel
InternalName : Atiptaxx.exe
OriginalFilename : Atiptaxx.exe
ProductName : ATI Desktop Component
Created on : 31/12/2005 12:54:08
Last accessed : 01/01/2006 21:28:04
Last modified : 17/05/2002 15:48:52
#:21 [avgcc.exe]
FilePath : C:\PROGRA~1\Grisoft\AVGFRE~1\
ThreadCreationTime : 01-01-2006 17:59:48
BasePriority : Normal
FileSize : 330 KB
FileVersion : 7,1,0,287
ProductVersion : 7.1.0.287
Copyright : Copyright
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Control Center
InternalName : AvgCC
OriginalFilename : AvgCC.EXE
ProductName : AVG Anti-Virus System
Created on : 01/01/2006 12:47:54
Last accessed : 01/01/2006 21:02:47
Last modified : 01/01/2006 12:47:54
#:22 [avgemc.exe]
FilePath : C:\PROGRA~1\Grisoft\AVGFRE~1\
ThreadCreationTime : 01-01-2006 17:59:49
BasePriority : Normal
FileSize : 257 KB
FileVersion : 7,1,0,286
ProductVersion : 7.1.0.286
Copyright : Copyright
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG E-Mail Scanner
InternalName : avgemc
OriginalFilename : avgemc.exe
ProductName : AVG Anti-Virus System
Created on : 01/01/2006 12:47:54
Last accessed : 01/01/2006 21:28:04
Last modified : 01/01/2006 12:47:54
#:23 [paytime.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 01-01-2006 17:59:50
BasePriority : Normal
FileSize : 6 KB
FileVersion : 2,5,1,1600
ProductVersion : 2,5,1,1600
Copyright : Copyright Microsoft Corporation
CompanyName : Microsoft Corporation
FileDescription : explorer
InternalName : explorer
OriginalFilename : explorer.exe
ProductName : explorer helper
Created on : 01/01/2006 14:35:47
Last accessed : 01/01/2006 21:28:04
Last modified : 01/01/2006 14:35:47
#:24 [createcd.exe]
FilePath : C:\PROGRA~1\Adaptec\EASYCD~1\CreateCD\
ThreadCreationTime : 01-01-2006 17:59:50
BasePriority : Normal
FileSize : 256 KB
FileVersion : 4.02e (310)
ProductVersion : 4.02e (310)
Copyright : Copyright (c) 1996-2000 Adaptec, Inc.
CompanyName : Adaptec
FileDescription : Adaptec Create CD
InternalName : createcd.exe
OriginalFilename : createcd.exe
ProductName : Easy CD Creator
Created on : 19/09/2004 19:06:07
Last accessed : 01/01/2006 21:28:04
Last modified : 11/09/2000 15:09:50
#:25 [ctfmon.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 01-01-2006 17:59:50
BasePriority : Normal
FileSize : 15 KB
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
OriginalFilename : CTFMON.EXE
ProductName : Microsoft
Created on : 17/09/2004 20:24:01
Last accessed : 01/01/2006 21:28:04
Last modified : 03/08/2004 23:56:50
#:26 [msnmsgr.exe]
FilePath : C:\Program Files\MSN Messenger\
ThreadCreationTime : 01-01-2006 17:59:50
BasePriority : Normal
FileSize : 6656 KB
FileVersion : 7.0.0777
ProductVersion : 7.0.0777
Copyright : Copyright (c) Microsoft Corporation 1997-2004
CompanyName : Microsoft Corporation
FileDescription : MSN Messenger
InternalName : msnmsgr
OriginalFilename : msnmsgr.exe
ProductName : MSN Messenger
Created on : 29/03/2005 17:28:00
Last accessed : 01/01/2006 20:47:43
Last modified : 29/03/2005 17:28:00
#:27 [msmsgs.exe]
FilePath : C:\Program Files\Messenger\
ThreadCreationTime : 01-01-2006 17:59:50
BasePriority : Normal
FileSize : 1654 KB
FileVersion : 4.7.3001
ProductVersion : Version 4.7.3001
Copyright : Copyright (c) Microsoft Corporation 2004
CompanyName : Microsoft Corporation
FileDescription : Windows Messenger
InternalName : msmsgs
OriginalFilename : msmsgs.exe
ProductName : Messenger
Created on : 29/08/2002 02:41:26
Last accessed : 01/01/2006 20:47:05
Last modified : 13/10/2004 16:24:37
#:28 [wcescomm.exe]
FilePath : C:\Program Files\Microsoft ActiveSync\
ThreadCreationTime : 01-01-2006 17:59:50
BasePriority : Normal
FileSize : 440 KB
FileVersion : 3.1.0.9439
ProductVersion : 3.1.9439
Copyright : Copyright
CompanyName : Microsoft Corporation
FileDescription : Connection Manager
InternalName : wcescomm
OriginalFilename : WCESCOMM.EXE
ProductName : Microsoft ActiveSync
Created on : 05/11/2005 20:59:01
Last accessed : 01/01/2006 21:28:04
Last modified : 15/03/2000 09:02:26
#:29 [launchpd.exe]
FilePath : C:\Program Files\ATI Multimedia\main\
ThreadCreationTime : 01-01-2006 17:59:53
BasePriority : Normal
FileSize : 96 KB
FileVersion : 7.6.003
ProductVersion : 7.6
Copyright : Copyright
CompanyName : ATI Technologies Inc.
FileDescription : ATI Multimedia Center Launchpad
InternalName : LAUNCHPD
OriginalFilename : LAUNCHPD.EXE
ProductName : ATI Multimedia Center
Created on : 31/12/2005 12:55:20
Last accessed : 01/01/2006 21:28:04
Last modified : 02/05/2002 09:57:22
#:30 [winstall.exe]
FilePath : C:\
ThreadCreationTime : 01-01-2006 17:59:54
BasePriority : Normal
FileSize : 31 KB
Created on : 01/01/2006 14:35:46
Last accessed : 01/01/2006 21:28:04
Last modified : 01/01/2006 14:35:45
#:31 [paytime.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 01-01-2006 17:59:54
BasePriority : Normal
FileSize : 6 KB
FileVersion : 2,5,1,1600
ProductVersion : 2,5,1,1600
Copyright : Copyright Microsoft Corporation
CompanyName : Microsoft Corporation
FileDescription : explorer
InternalName : explorer
OriginalFilename : explorer.exe
ProductName : explorer helper
Created on : 01/01/2006 14:35:47
Last accessed : 01/01/2006 21:28:04
Last modified : 01/01/2006 14:35:47
#:32 [hpohmr08.exe]
FilePath : C:\Program Files\Hewlett-Packard\Digital Imaging\bin\
ThreadCreationTime : 01-01-2006 18:00:01
BasePriority : Normal
FileSize : 144 KB
FileVersion : 4.2.0.020
ProductVersion : 2.4.1.020
Copyright : Copyright (C) Hewlett-Packard Co. 1995-2001
CompanyName : Hewlett-Packard Co.
FileDescription : HP OfficeJet COM Device Objects
InternalName : HPOHMR08
OriginalFilename : HPOHMR08.EXE
ProductName : hp digital imaging - hp all-in-one series
Created on : 06/04/2003 00:17:18
Last accessed : 01/01/2006 21:28:04
Last modified : 06/04/2003 00:17:18
#:33 [hpotdd01.exe]
FilePath : C:\Program Files\Hewlett-Packard\Digital Imaging\bin\
ThreadCreationTime : 01-01-2006 18:00:02
BasePriority : Normal
FileSize : 28 KB
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
Copyright : Copyright
CompanyName : Hewlett-Packard
FileDescription : hpotdd01
InternalName : hpotdd01
OriginalFilename : hpotdd01.exe
ProductName : Hewlett-Packard hpotdd01
Created on : 06/04/2003 00:06:58
Last accessed : 01/01/2006 21:28:04
Last modified : 06/04/2003 00:06:58
#:34 [hpoevm08.exe]
FilePath : C:\Program Files\Hewlett-Packard\Digital Imaging\bin\
ThreadCreationTime : 01-01-2006 18:00:04
BasePriority : Normal
FileSize : 280 KB
FileVersion : 4.2.0.020
ProductVersion : 2.4.1.020
Copyright : Copyright (C) Hewlett-Packard Co. 1995-2001
CompanyName : Hewlett-Packard Co.
FileDescription : HP OfficeJet COM Event Manager
InternalName : HPOEVM08
OriginalFilename : HPOEVM08.EXE
ProductName : hp digital imaging - hp all-in-one series
Created on : 05/04/2003 23:45:10
Last accessed : 01/01/2006 21:28:04
Last modified : 05/04/2003 23:45:10
#:35 [hposts08.exe]
FilePath : C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\
ThreadCreationTime : 01-01-2006 18:00:05
BasePriority : Normal
FileSize : 304 KB
FileVersion : 4.2.0.020
ProductVersion : 2.4.1.020
Copyright : Copyright (C) Hewlett-Packard Co. 1995-2001
CompanyName : Hewlett-Packard Co.
FileDescription : HP OfficeJet Status
InternalName : HPOSTS08
OriginalFilename : HPOSTS08.EXE
ProductName : hp digital imaging - hp all-in-one series
Created on : 05/04/2003 23:55:04
Last accessed : 01/01/2006 21:28:04
Last modified : 05/04/2003 23:55:04
#:36 [atdialler1.exe]
FilePath : C:\Wanadoo\WanadooConnectionKit\
ThreadCreationTime : 01-01-2006 18:00:06
BasePriority : Normal
FileSize : 188 KB
FileVersion : 1,5,0,0
ProductVersion : 1.5
Copyright : Copyright
CompanyName : Wanadoo
FileDescription : Micro Dialler for Wanadoo
OriginalFilename : RasApp.exe
ProductName : Micro Dialler
Created on : 24/03/2004 12:32:22
Last accessed : 01/01/2006 21:28:04
Last modified : 24/03/2004 12:32:22
#:37 [wscntfy.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 01-01-2006 18:10:40
BasePriority : Normal
FileSize : 13 KB
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
CompanyName : Microsoft Corporation
FileDescription : Windows Security Center Notification App
InternalName : wscntfy.exe
OriginalFilename : wscntfy.exe
ProductName : Microsoft
Created on : 17/09/2004 20:52:21
Last accessed : 01/01/2006 21:28:04
Last modified : 03/08/2004 23:56:58
#:38 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 01-01-2006 18:11:02
BasePriority : Normal
FileSize : 14 KB
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 23/08/2001 12:00:00
Last accessed : 01/01/2006 21:28:03
Last modified : 03/08/2004 23:56:58
#:39 [tmntsrv.exe]
FilePath : C:\Program Files\Trend Micro\PC-cillin 2002\
ThreadCreationTime : 01-01-2006 19:22:08
BasePriority : Normal
#:40 [pccpfw.exe]
FilePath : C:\Program Files\Trend Micro\PC-cillin 2002\
ThreadCreationTime : 01-01-2006 19:22:13
BasePriority : Normal
#:41 [ntvdm.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 01-01-2006 20:48:02
BasePriority : Normal
FileSize : 410 KB
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
CompanyName : Microsoft Corporation
FileDescription : NTVDM.EXE
InternalName : NTVDM.EXE
OriginalFilename : NTVDM.EXE
ProductName : Microsoft
Created on : 23/08/2001 12:00:00
Last accessed : 01/01/2006 20:48:07
Last modified : 03/08/2004 23:56:56
#:42 [iexplore.exe]
FilePath : C:\Program Files\Internet Explorer\
ThreadCreationTime : 01-01-2006 21:02:36
BasePriority : Normal
FileSize : 91 KB
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
OriginalFilename : IEXPLORE.EXE
ProductName : Microsoft
Created on : 17/09/2004 20:24:56
Last accessed : 01/01/2006 21:01:34
Last modified : 03/08/2004 23:56:52
#:43 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-aware 6\
ThreadCreationTime : 01-01-2006 21:09:25
BasePriority : Normal
FileSize : 668 KB
FileVersion : 6.0.1.181
ProductVersion : 6.0.0.0
Copyright : Copyright
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware 6 core application
InternalName : Ad-Aware.exe
OriginalFilename : Ad-Aware.exe
ProductName : Lavasoft Ad-Aware Plus
Created on : 01/01/2006 19:41:41
Last accessed : 01/01/2006 21:09:25
Last modified : 12/07/2003 22:00:20
Memory scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 0
Started registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 0
Started deep registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Deep registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 0
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Tracking Cookie Object recognized!
Type : File
Data : sol & petty@advertising[2].txt
Object : C:\Documents and Settings\Sol & Petty\Cookies\
Created on : 01/01/2006 20:25:44
Last accessed : 01/01/2006 21:28:45
Last modified : 01/01/2006 20:25:44
Tracking Cookie Object recognized!
Type : File
Data : sol & petty@as1.falkag[1].txt
Object : C:\Documents and Settings\Sol & Petty\Cookies\
Created on : 01/01/2006 20:58:39
Last accessed : 01/01/2006 20:58:40
Last modified : 01/01/2006 20:58:40
Tracking Cookie Object recognized!
Type : File
Data : sol & petty@doubleclick[1].txt
Object : C:\Documents and Settings\Sol & Petty\Cookies\
Created on : 01/01/2006 20:50:58
Last accessed : 01/01/2006 20:51:04
Last modified : 01/01/2006 20:51:04
Tracking Cookie Object recognized!
Type : File
Data : sol & petty@fastclick[2].txt
Object : C:\Documents and Settings\Sol & Petty\Cookies\
Created on : 01/01/2006 20:12:37
Last accessed : 01/01/2006 21:28:45
Last modified : 01/01/2006 20:20:56
Tracking Cookie Object recognized!
Type : File
Data : sol & petty@media.fastclick[2].txt
Object : C:\Documents and Settings\Sol & Petty\Cookies\
Created on : 01/01/2006 20:25:44
Last accessed : 01/01/2006 21:28:45
Last modified : 01/01/2006 20:25:44
Tracking Cookie Object recognized!
Type : File
Data : sol & petty@mediaplex[1].txt
Object : C:\Documents and Settings\Sol & Petty\Cookies\
Created on : 01/01/2006 20:50:59
Last accessed : 01/01/2006 20:50:59
Last modified : 01/01/2006 20:50:59
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Deep scanning and examining files (C:)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Performing conditional scans..
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Conditional scan result:
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 6
21:29:10 Scan complete
Summary of this scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Total scanning time :00:01:07:188
Objects scanned :35317
Objects identified :6
Objects ignored :0
New objects :6
solive
|
|
spertti
Senior Member
|
1. January 2006 @ 11:36 |
Link to this message
|
Damn.......
Send HijackThis log..... Here are the instructions from this link http://forums.afterdawn.com/thread_view.cfm/263784 which I gave you earlier....
Step 3: Download Hijackthis!
What is Hijackthis?
HijackThis examines certain key areas of the Registry and Hard Drive and lists their contents.
Hjt download -> http://koti.mbnet.fi/pattaya1/lataus/hijackthis_self.exe
-> download -> Unzip to C:\HJT-> Press Ok and Close window
Make sure that you actually extract HijackThis to its own folder: C:\HJT.
DO NOT run it from within a zip manager (Winzip), or Desktop as no backups will be saved.
----------------------------------------------------------------------
Step 4: Scan your computer
Now Open Hijackthis -> Click "Do a system scan and save log file"
Hjt will scan your computer for about 15 sec. -> Log file will pop up.
Most items are perfectly fine. You should not remove them.
Never remove everything by yourself.
This forum will now help you work with the Experts to clean up your system.
-> Copy and paste the contents of the HijackThis log into your post.
Make new thread for your own log
Post full log, begins with: Logfile of HijackThis v1.99.1... etc
|
Senior Member
|
1. January 2006 @ 11:39 |
Link to this message
|
|
if you dont get it this time i give up and wish spertti good luck with it, lol.
dont worry, welcome to the site,youll have to get used to HTJ log, youll post them alot....
|
|
solive28
Suspended due to non-functional email address
|
1. January 2006 @ 11:42 |
Link to this message
|
|
i dont have win zip
solive
|
|
Advertisement
|
|
|
|
spertti
Senior Member
|
1. January 2006 @ 11:43 |
Link to this message
|
|
Where do you need it? That´s a self-extracting .exe file as far as I know....
|
