Jump to content


Photo

i got highjacked this morning help


  • Please log in to reply
4 replies to this topic

#1 dcmaster

dcmaster

    Member

  • Full Member
  • Pip
  • 5 posts

Posted 14 June 2004 - 09:21 PM

it wont go away, tried sbs&d, panda, agv wont install. hijackthis will find it but it wont delete. sorry im new at this stuff and its messed me up so bad. thanks alot


Logfile of HijackThis v1.97.7
Scan saved at 9:12:30 PM, on 6/16/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\GWMDMMSG.exe
C:\WINDOWS\System32\devldr32.exe
C:\Program Files\Evidence Eliminator\ee.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
C:\Program Files\iolo\System Mechanic 4 Professional\PopupStopper.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\WINDOWS\system32\appia.exe
C:\Program Files\Executive Software\DiskeeperServer\DKService.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\WINDOWS\mslt32.exe
C:\Documents and Settings\DCmaster\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\omcun.dll/sp.html#96676
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = res://omcun.dll/index.html#96676
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = res://omcun.dll/index.html#96676
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\omcun.dll/sp.html#96676
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = res://omcun.dll/index.html#96676
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\omcun.dll/sp.html#96676
O2 - BHO: (no name) - {61C65389-9A99-E0F0-7E64-C35B49DA6455} - C:\WINDOWS\d3py32.dll
O4 - HKLM\..\Run: [GWMDMMSG] GWMDMMSG.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Evidence Eliminator] C:\Program Files\Evidence Eliminator\ee.exe /m
O4 - HKLM\..\Run: [Zone Labs Client] C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
O4 - HKLM\..\Run: [appia.exe] C:\WINDOWS\system32\appia.exe
O4 - HKCU\..\Run: [System Mechanic Popup Stopper] "C:\Program Files\iolo\System Mechanic 4 Professional\PopupStopper.exe"
O4 - Startup: PowerReg Scheduler.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com...ex/qtplugin.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {75D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin.SecureControl) - http://secure2.comne...iveSecurity.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft.../as5/asinst.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupd...8044.8077083333
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macr...ash/swflash.cab


now i cant run any virus scanners oline or install apps ,browser crashes

Edited by dcmaster, 14 June 2004 - 11:45 PM.


#2 dcmaster

dcmaster

    Member

  • Full Member
  • Pip
  • 5 posts

Posted 14 June 2004 - 11:50 PM

bump

Edited by dcmaster, 15 June 2004 - 02:30 AM.


#3 dcmaster

dcmaster

    Member

  • Full Member
  • Pip
  • 5 posts

Posted 15 June 2004 - 04:27 AM

bump

#4 dcmaster

dcmaster

    Member

  • Full Member
  • Pip
  • 5 posts

Posted 15 June 2004 - 05:58 PM

bump. ok ive been waiting since yesterday for a reply can anyone just say hello
please if you cant help me here just say so i will move on to other help.

#5 dcmaster

dcmaster

    Member

  • Full Member
  • Pip
  • 5 posts

Posted 16 June 2004 - 01:42 AM

bump. oh nevermind . lame ass fuckin forum.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button