Announcement

Collapse
No announcement yet.

take a look at this plz

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • take a look at this plz

    So, here's my Hijackthis log...My computer is filled with crap.
    Tell me, please, tell me how to FUCKING REMOVE THE CRAP FOREVER AND EVER!!!!!!!!!

    Logfile of HijackThis v1.99.0
    Scan saved at 15:05:28, on 30/12/2004
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\AVPersonal\AVGUARD.EXE
    C:\Program Files\AVPersonal\AVWUPSRV.EXE
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
    C:\WINDOWS\System32\Botnet.exe
    C:\Program Files\AVPersonal\AVGNT.EXE
    C:\WINDOWS\System32\ctfmon.exe
    C:\WINDOWS\System32\wuauclt.exe
    C:\Program Files\Hitman Pro\uninstall\engine.exe
    C:\WINDOWS\System32\msiexec.exe
    C:\WINDOWS\System32\wuauclt.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\WINDOWS\System32\rundll32.exe
    C:\WINDOWS\System32\rundll32.exe
    C:\WINDOWS\smss.exe
    C:\WINDOWS\System32\rundll32.exe
    C:\WINDOWS\System32\rundll32.exe
    C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
    C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\587a00ab61e8da8efd71b30d6a3b165f\update\update. exe
    C:\Program Files\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.findwhatevernow.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    F2 - REG:system.ini: Shell=Explorer.exe C:\logon.exe
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: CHungryBHO Object - {BCF96FB4-5F1B-497B-AECC-910304A55011} - C:\WINDOWS\neti.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
    O4 - HKLM\..\Run: [Microsoft Updates] Botnet.exe
    O4 - HKLM\..\Run: [Sygate Personal Firewall] mcafeeupdate.exe
    O4 - HKLM\..\Run: [AVGCtrl] "C:\Program Files\AVPersonal\AVGNT.EXE" /min
    O4 - HKLM\..\Run: [Shell Logon] C:\logon.exe
    O4 - HKLM\..\Run: [WebSpecials] rundll32 "C:\Program Files\WebSpecials\webspec.dll",run
    O4 - HKLM\..\Run: [SurfBuddy] rundll32 "C:\Program Files\SurfBuddy\sbuddy.dll",run
    O4 - HKLM\..\Run: [Bargains] C:\Program Files\Bargain Buddy\bin\bargains.exe
    O4 - HKLM\..\RunServices: [Microsoft Updates] Botnet.exe
    O4 - HKLM\..\RunServices: [Sygate Personal Firewall] mcafeeupdate.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [Sygate Personal Firewall] mcafeeupdate.exe
    O4 - HKCU\..\Run: [WebSpecials] rundll32 "C:\Program Files\WebSpecials\webspec.dll",run
    O4 - HKCU\..\Run: [Clock] C:\WINDOWS\dsndup.exe
    O4 - HKCU\..\Run: [SurfBuddy] rundll32 "C:\Program Files\SurfBuddy\sbuddy.dll",run
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1104411702296
    O17 - HKLM\System\CCS\Services\Tcpip\..\{71C65A39-F6D4-4348-BDD9-8262CBEC0BFF}: NameServer = 62.58.94.130 62.58.62.132
    O17 - HKLM\System\CS1\Services\Tcpip\..\{71C65A39-F6D4-4348-BDD9-8262CBEC0BFF}: NameServer = 62.58.94.130 62.58.62.132
    O23 - Service: AntiVir Service - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE
    O23 - Service: AntiVir Update - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE
    I don't know how to put this but I'm kind of a big deal...

  • #2
    http://computercops.biz/forum67.html is an excellent forum for this sort of thing.

    If I were you, I'd first update Ad-aware (www.lavasoftusa.com) and Spybot (search on google for Spybot S&D) and run full scans, removing everything they find.

    Then post your HijackThis log on that forum, make sure you make your title as informative as possible and try to use good grammar, capitalisation and politeness as this will make it more likely to get a good response.

    I find the reponse time can be anything from 5 mins to a few days.

    You'll need to register but it's free and doesn't take long.
    USS Banana after years of superior jav play has amassed 17999 kills, he is 1 kill away from 18k, Type ?go Javs FOR A GAME OF HUNT (no scorereset) -Kim
    ---A few minutes later---
    9:cool koen> you scorereseted
    9:Kim> UM
    9:Kim> i didn't
    9:cool koen> hahahahahahaha
    9:ph <ZH>> LOOOOL
    9:Stargazer <ER>> WHO FUCKING SCORERESET
    9:pascone> lol?

    Comment


    • #3
      Then, once you get rid of it all, you stop browsing all the gay porn sites that gave you the crap in the first place.
      5: Da1andonly> !ban epinephrine
      5: RoboHelp> Are you nuts? You can't ban a staff member!
      5: Da1andonly> =((
      5: Epinephrine> !ban da1andonly
      5: RoboHelp> Staffer "da1andonly" has been banned for abuse.
      5: Epinephrine> oh shit

      Comment


      • #4
        I get that after a complete format :/
        I don't know how to put this but I'm kind of a big deal...

        Comment


        • #5
          Do you have a router or a firewall?
          sage

          Comment


          • #6
            No...I tried ZoneAlarm though, but that didn't stop anything
            I don't know how to put this but I'm kind of a big deal...

            Comment


            • #7
              Cundor, I think a majority of that stuff is required to be running...
              sdg

              Comment


              • #8
                Ok, i have got brother and everytime i came back home from uni i experineced similar "problems"
                so here is the "solution"
                get
                1/ Spybot - it has got resident agent which asks u if u really want download weird stuff from your ( i guess your favoite hard core etc...) pages + removes lot of spyware + blocks some really NASTY pages - not based on content of course (u can ?ifnore INTERNET) but those which uses dialers, trojans etc...)


                2/ CWShredder - REALLY USEFULL. really. try him. its the best to wipe things if they ALREADY got to your computer
                Plutarch: "To find a fault is easy; to do better may be difficult."

                Comment


                • #9
                  hmm

                  :bye1: :bye1: A good way to check out for crap is to type the shit to google. You can find out about the shit from the links. Good site is http://www.neuber.com/taskmanager/process/ There is information about any shit practically.
                  revolt> my girl
                  Golden_Aim> nice lips, i bet she gives u awesome blowjobs
                  Metal Headz> she looks good for bjs
                  Golden_Aim> LOL MHZ
                  Metal Headz> ROFL


                  1:kesser> MENTION ME
                  1:kesser> MOST KILLS

                  kess is homo

                  Comment


                  • #10
                    First check this link, and follow the instructions
                    http://es.trendmicro-europe.com/smb/...=WORM_RBOT.AFL

                    Then, resart the computer, close all windows and run Hijackthis again and show me the log.
                    Last edited by Ewan; 01-10-2005, 03:13 PM.
                    USS Banana after years of superior jav play has amassed 17999 kills, he is 1 kill away from 18k, Type ?go Javs FOR A GAME OF HUNT (no scorereset) -Kim
                    ---A few minutes later---
                    9:cool koen> you scorereseted
                    9:Kim> UM
                    9:Kim> i didn't
                    9:cool koen> hahahahahahaha
                    9:ph <ZH>> LOOOOL
                    9:Stargazer <ER>> WHO FUCKING SCORERESET
                    9:pascone> lol?

                    Comment


                    • #11
                      Problem alread solved on the 31st of December
                      Thx though!!!
                      wuv woo
                      I don't know how to put this but I'm kind of a big deal...

                      Comment

                      Working...
                      X