Jump to content


Photo

New here need help


  • Please log in to reply
6 replies to this topic

#1 ladyolds

ladyolds

    Member

  • Full Member
  • Pip
  • 17 posts

Posted 20 June 2004 - 10:11 PM

Hi. forgive my ignorance, but I am new here I think I have a bug but I am not sure. Please help with the process of sending logs or whatever you need to help me. Thanks in advance.
Ladyolds

#2 nerdy_chick

nerdy_chick

    Nerdy Chick

  • Full Member
  • Pip
  • 14 posts

Posted 21 June 2004 - 02:46 AM

To get your log file, go to http://www.spywarein.../HijackThis.exe .

Select SCAN. In a few seconds after your scan (which should take less than a minute) the SCAN button will turn into SAVE LOGFILE. Click, and short after your save a notepad file will pop up. Copy all of the content, and paste it into your spywareinfo forum post.
i still have evil pop ups from no-beba-el-agua.com and belgiandip.com someone help!

#3 ladyolds

ladyolds

    Member

  • Full Member
  • Pip
  • 17 posts

Posted 21 June 2004 - 12:31 PM

Thanks nerdy chick but I am still lost all i get after I scan when I go to save is save logfile to my documents and the I get an error message. Illegal operations message. How do I get notepad?

#4 nerdy_chick

nerdy_chick

    Nerdy Chick

  • Full Member
  • Pip
  • 14 posts

Posted 21 June 2004 - 01:58 PM

Notepad should come with your computer.. it's just a default text proccessor. Try going into Start, All Programs, Accesories, and then Notepad should be there. Then find your saved .log in My Documents and open it up. Otherwise, your computer must be very out of date or very infected and I recomend getting a new harddrive.
i still have evil pop ups from no-beba-el-agua.com and belgiandip.com someone help!

#5 ladyolds

ladyolds

    Member

  • Full Member
  • Pip
  • 17 posts

Posted 21 June 2004 - 07:48 PM

No can do. I tried to open notepad and I get an illegal operations message. Invalid page fault. Any other suggestions? :wtf:

#6 chagan

chagan

    Member

  • New Member
  • Pip
  • 2 posts

Posted 22 June 2004 - 11:07 AM

Hey lady, try going to start, run, and type in wordpad and click on ok and see if it opens. It is another text editor with a few more whistles, but it will work just as well. If not, i would recommend trying it or notepad by starting up in safe mode. Start up in safe mode by hitting the F8 key a few times when booting up (this may produce a couple of beeps- not to worry) You will eventually come to a menu screen- pick the top option "safe mode". Your screen will appear different because it loads generic drivers, but it will return to normal after your next regular startup. Try opening notepad or wordpad here and see if it works.

#7 ladyolds

ladyolds

    Member

  • Full Member
  • Pip
  • 17 posts

Posted 22 June 2004 - 10:45 PM

Logfile of HijackThis v1.97.7
Scan saved at 11:35:29 PM, on 6/22/04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\MDM.EXE
C:\PROGRAM FILES\COMMON FILES\AOL\ACS\ACSD.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\AMERICA ONLINE 9.0A\AOLTRAY.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\DRWATSON.EXE
C:\PROGRAM FILES\AMERICA ONLINE 9.0A\WAOL.EXE
C:\PROGRAM FILES\AMERICA ONLINE 9.0A\SHELLMON.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\PROGRAM FILES\AMERICA ONLINE 9.0A\AOLWBSPD.EXE
C:\MY DOCUMENTS\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by America Online
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSSHL.DLL (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\MCAFEE.COM\VSO\MCMNHDLR.EXE" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "C:\PROGRA~1\MCAFEE.COM\VSO\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] C:\PROGRA~1\MCAFEE.COM\AGENT\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\MCAFEE.COM\AGENT\MCUPDATE.EXE
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [Machine Debug Manager] C:\WINDOWS\SYSTEM\MDM.EXE
O4 - HKLM\..\RunServices: [McVsRte] C:\PROGRA~1\MCAFEE.COM\VSO\mcvsrte.exe /embedding
O4 - HKLM\..\RunServices: [AolAcsDaemon1] "C:\PROGRAM FILES\COMMON FILES\AOL\ACS\ACSD.EXE"
O4 - HKCU\..\Run: [Washer] C:\Program Files\CCWasher\washer.exe /0
O4 - Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0a\aoltray.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.aol.com
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.av.a...77/mcinsctl.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.av.a...,18/mcgdmgr.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupd...38035.311400463
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://support.gatew...r/PCPitStop.CAB
O16 - DPF: {93CEA8A4-6059-4E0B-ADDD-73848153DD5E} (CWebLaunchCtl Object) - http://gateway.cf1li...h/weblaunch.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com...kup/qdiagcc.cab
O16 - DPF: Tri-Peaks by pogo - http://peaks.pogo.co...s-ob-assets.cab
O16 - DPF: World Class Solitaire by pogo - http://klondike.pogo...s-ob-assets.cab
O16 - DPF: Greenback Bayou by pogo - http://greenback.pog...k-ob-assets.cab
O16 - DPF: Mah Jong Garden by pogo - http://mahjong.pogo....g-ob-assets.cab
O16 - DPF: Squelchies by pogo - http://squelchies.po...s-ob-assets.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macr...director/sw.cab
O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = aoldsl.net
O19 - User stylesheet: C:\WINDOWS\system\d3ic22g3.37a (file missing)

Here;s my log please help!!!! :weep:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button