GeekPolice
Welcome to GeekPolice.net!

From "wow" to "whoa" - we're teaching practical technology and helping others with tech support. Join our family here!

You are viewing the forum as a "Guest" which doesn't give you member privileges to ask questions or post comments.

Take 30 seconds to register or log in below and unlock the limitations of this website to discover new computer knowledge!

My Hijack This Log

View previous topic View next topic Go down

My Hijack This Log

Post by csbeautyful1 on Sun Nov 08, 2009 11:55 pm

PLEASE HELP ME! THERE ARE SOOOO MANY POP UPS AND NOW THEY ARE POPPING UP NUDE PICTURES! I HAVE A CHILD IN THE HOUSE. TRYING TO REMOVE WITH MALWARE BYTES DIDN'T WORK. THE POP UPS ARE BLOCKING IT!


TrendSecure
Trend Micro
Your current Web browser may not display this site properly.
TrendSecure performs best when opened with the latest version of either Microsoft Internet Explorer or Mozilla Firefox.

Comparison of your HijackThis log file items to others
The table below compares the items HijackThis found on your computer with those on other people's computers. The column "% of PCs with item" indicates what percent of other people's HijackThis log files contain the item in that row of the table. Additional information will be provided as more HijackThis log files are added to the AnalyzeThis database.

Each entry is coded to indicate the type of item it is on your computer. An explanation of these codes may be found at the bottom of this page.


Index % of PCs with item Code Data
1 0.0% O1 ::1 localhost
2 0.0% O1 91.212.127.227 winsecure2009.microsoft.com
3 0.0% O1 91.212.127.227 winsecure2009.com
4 0.0% O1 91.212.127.227 [You must be registered and logged in to see this link.]
5 0.0% O14 START_PAGE_URL=http://www.aol.com
101 0.0% P01 C:\WINDOWS\Explorer.EXE
102 0.0% P01 C:\WINDOWS\system32\svchost.exe
103 0.0% P01 C:\WINDOWS\system32\lsass.exe
104 0.0% P01 C:\WINDOWS\system32\winlogon.exe
105 0.0% P01 C:\WINDOWS\system32\services.exe
106 0.0% P01 C:\WINDOWS\System32\smss.exe
107 0.0% P01 C:\WINDOWS\system32\spoolsv.exe
108 0.0% P01 C:\WINDOWS\system32\ctfmon.exe
109 0.0% P01 C:\Program Files\Internet Explorer\iexplore.exe
110 0.0% P01 C:\WINDOWS\system32\wuauclt.exe
111 0.0% P01 C:\WINDOWS\system32\Ati2evxx.exe
112 0.0% P01 C:\Program Files\QuickTime\qttask.exe
113 0.0% P01 C:\Program Files\Messenger\msmsgs.exe
114 0.0% P01 C:\Program Files\iPod\bin\iPodService.exe
115 0.0% P01 C:\Program Files\iTunes\iTunesHelper.exe
116 0.0% P01 C:\WINDOWS\system32\csrss.exe
117 0.0% P01 C:\WINDOWS\System32\alg.exe
118 0.0% P01 C:\WINDOWS\System32\dllhost.exe
119 0.0% P01 C:\WINDOWS\system32\wbem\wmiprvse.exe
120 0.0% P01 C:\WINDOWS\eHome\ehSched.exe
121 0.0% P01 C:\WINDOWS\eHome\ehRecvr.exe
122 0.0% P01 C:\WINDOWS\system32\taskmgr.exe
123 0.0% P01 C:\Windows\ehome\ehtray.exe
124 0.0% P01 C:\Windows\ehome\ehmsas.exe
125 0.0% P01 C:\WINDOWS\RTHDCPL.EXE
126 0.0% P01 c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
127 0.0% P01 c:\program files\mcafee.com\agent\mcdetect.exe
128 0.0% P01 c:\PROGRA~1\mcafee.com\vso\mcshield.exe
129 0.0% P01 c:\progra~1\mcafee.com\vso\mcvsescn.exe
130 0.0% P01 C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
131 0.0% P01 C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
132 0.0% P01 C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
133 0.0% P01 C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
134 0.0% P01 C:\Program Files\McAfee.com\VSO\oasclnt.exe
135 0.0% P01 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
136 0.0% P01 C:\WINDOWS\ehome\mcrdsvc.exe
137 0.0% P01 c:\progra~1\mcafee.com\vso\mcvsftsn.exe
138 0.0% P01 C:\Program Files\BigFix\BigFix.exe
139 0.0% P01 C:\WINDOWS\zHotkey.exe
140 0.0% P01 C:\PROGRA~1\McAfee\SPAMKI~1\MSKAgent.exe
141 0.0% P01 C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
142 0.0% P01 C:\Program Files\Digital Media Reader\readericon45G.exe
143 0.0% P01 C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
144 0.0% P01 C:\Program Files\TrueAssistant\TrueAssistant.exe
145 0.0% P01 C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe
146 0.0% P01 C:\Documents and Settings\Owner\Local Settings\Application Data\lqsebw\vymrsysguard.exe
147 0.0% P01 C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\27UQZRBR\winlogon[1].scr
148 0.0% P01 C:\Program Files\Java\jre6\bin\jqs.exe
149 0.0% R0 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
150 0.0% R0 HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
151 0.0% R0 HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
152 0.0% R0 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
153 0.0% R1 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
154 0.0% R1 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
155 0.0% R1 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
156 0.0% R1 HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
157 0.0% R1 HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = [You must be registered and logged in to see this link.]

Explanation of the codes

R - Registry, StartPage/SearchPage changes


R0 - Changed registry value
R1 - Created registry value
R2 - Created registry key
R3 - Created extra registry value where only one should be

F - IniFiles, autoloading entries


F0 - Changed inifile value
F1 - Created inifile value
F2 - Changed inifile value, mapped to Registry
F3 - Created inifile value, mapped to Registry

N - Netscape/Mozilla StartPage/SearchPage changes


N1 - Change in prefs.js of Netscape 4.x
N2 - Change in prefs.js of Netscape 6
N3 - Change in prefs.js of Netscape 7
N4 - Change in prefs.js of Mozilla

O - Other, several sections which represent:


O1 - Hijack of auto.search.msn.com with Hosts file
O2 - Enumeration of existing MSIE BHO's
O3 - Enumeration of existing MSIE toolbars
O4 - Enumeration of suspicious autoloading Registry entries
O5 - Blocking of loading Internet Options in Control Panel
O6 - Disabling of 'Internet Options' Main tab with Policies
O7 - Disabling of Regedit with Policies
O8 - Extra MSIE context menu items
O9 - Extra 'Tools' menuitems and buttons
O10 - Breaking of Internet access by New.Net or WebHancer
O11 - Extra options in MSIE 'Advanced' settings tab
O12 - MSIE plugins for file extensions or MIME types
O13 - Hijack of default URL prefixes
O14 - Changing of IERESET.INF
O15 - Trusted Zone Autoadd
O16 - Download Program Files item
O17 - Domain hijack
O18 - Enumeration of existing protocols and filters
O19 - User stylesheet hijack
O20 - AppInit_DLLs autorun Registry value, Winlogon Notify Registry keys
O21 - ShellServiceObjectDelayLoad (SSODL) autorun Registry key
O22 - SharedTaskScheduler autorun Registry key
O23 - Enumeration of NT Services
O24 - Enumeration of ActiveX Desktop Components

csbeautyful1
Beginner
Beginner

Status :
Online
Offline

Posts : 1
Joined : 2009-11-08
OS : xp
Points : 25813
# Likes : 0

View user profile

Back to top Go down

Re: My Hijack This Log

Post by Belahzur on Mon Nov 09, 2009 3:52 pm

Hello.
I don't think that worked right.


  • Please download DDS by sUBs to your Desktop (Important!!) from one of these locations:
    [You must be registered and logged in to see this link.]
    [You must be registered and logged in to see this link.]
  • Double click DDS.scr to run.
  • When complete, two logs will open. Save both of the report to your Desktop.
  • Copy and paste BOTH LOGS back here, use more than one post if needed.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre
Points : 245039
# Likes : 1

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum