Tech Support banner

Status
Not open for further replies.
1 - 2 of 2 Posts

·
Registered
Joined
·
13 Posts
Discussion Starter #1
Ok I had another thread open so I appologize if this new one shouldn't have been made. I just freaked out cause i have a major problem that i think isn't related to the other one. (At least i think it isnt) I logged on to my computer and noticed this program force-fuc*ed me into downloading it. It was called Create A Monster.....Im pretty sure u've seen someone else with this problem before. Anyways, ever since then, my computer has gone EXTREMELY slow...At least when i log on to my User account. And i do mean EXTREMELY slow. I dont know if this has anything to do with createamonster.exe.....but im really wanting to finally get rid of all this crap on my computer. Im getting fed up with it and im about to just throw my hands up in the air and format...and i dont wanna do that...Thanx people for ur time....Here's my HIJ log.


Logfile of HijackThis v1.98.2
Scan saved at 9:28:13 PM, on 10/27/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\M-Audio Ozone\Install\Ozinst.exe
C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbload.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\AutoUpdate\AutoUpdate.exe
C:\WINDOWS\System32\scnetbs.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\AIM\aim.exe
C:\progra~1\valve\steam\steam.exe
C:\WINDOWS\System32\safmps.exe
C:\Program Files\M-Audio Ozone\OZTask.exe
C:\Laurence\Downloads\HijackThis.exe
C:\Laurence\Downloads\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {CA0E28FA-1AFD-4C21-A8DC-70EB5BE2F076} - C:\Program Files\SurfSideKick 2\SskBho.dll
O1 - Hosts: 69.20.16.183 auto.search.msn.com
O1 - Hosts: 69.20.16.183 search.netscape.com
O1 - Hosts: 69.20.16.183 ieautosearch
O2 - BHO: (no name) - {01C5BF6C-E699-4CD7-BEA1-786FA05C83AB} - C:\Program Files\CxtPls\CxtPls.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [SurfSideKick 2] C:\Program Files\SurfSideKick 2\Ssk.exe
O4 - HKLM\..\Run: [WebRebates0] "C:\Program Files\Web_Rebates\WebRebates0.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AutoUpdater] "C:\Program Files\AutoUpdate\AutoUpdate.exe"
O4 - HKLM\..\Run: [x33j3El] scnetbs.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Steam] "c:\progra~1\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [WinBrush] C:\Program Files\WinBrush 2002\winbrush.exe /S
O4 - HKCU\..\Run: [SurfSideKick 2] C:\Program Files\SurfSideKick 2\Ssk.exe
O4 - HKCU\..\Run: [g0stROJ7j] safmps.exe
O4 - Global Startup: M-Audio Ozone Control Panel Launcher.lnk = C:\Program Files\M-Audio Ozone\OZTask.exe
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\lspak.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lspak.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lspak.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\lspak.dll
O16 - DPF: {DDFFA75A-E81D-4454-89FC-B9FD0631E726} - http://www.zestyfind.com/app/DS4/DS4.cab
 

·
Security Team (ret.)
Joined
·
7,403 Posts
Hi
Make sure you have already run Adaware, Spybot S & D(check for updates) as these will do a preliminary clean first.Some files below may not be present after running the above programs.

Then....
Turn off your System Restore.(if using xp) SEE HERE Reinstate it when your log is cleaned.Close your browser window and run hjt in safe mode... HOW TO RUN SAFE MODE and have "Hijack This" fix the following by placing a check in the appropriate boxes and selecting "fix checked".
Folders that have been highlighted in RED will need to be uninstalled.Check first as some folders maybe uninstalled via the Add/Remove program. Files highlighted in BLACK will need to be removed from your hard drive. Make sure to have your system set to show hidden files and folders.. HOW TO SHOW FILES ..Please post a new log when finished...

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {CA0E28FA-1AFD-4C21-A8DC-70EB5BE2F076} - C:\Program Files\SurfSideKick 2\SskBho.dll
O1 - Hosts: 69.20.16.183 auto.search.msn.com
O1 - Hosts: 69.20.16.183 search.netscape.com
O1 - Hosts: 69.20.16.183 ieautosearch
O2 - BHO: (no name) - {01C5BF6C-E699-4CD7-BEA1-786FA05C83AB} - C:\Program Files\CxtPls\CxtPls.dll
O4 - HKLM\..\Run: [SurfSideKick 2] C:\Program Files\SurfSideKick 2\Ssk.exe
O4 - HKLM\..\Run: [WebRebates0] "C:\Program Files\Web_Rebates\WebRebates0.exe"
O4 - HKLM\..\Run: [AutoUpdater] "C:\Program Files\AutoUpdate\AutoUpdate.exe"
O4 - HKLM\..\Run: [x33j3El] scnetbs.exe
O4 - HKCU\..\Run: [SurfSideKick 2] C:\Program Files\SurfSideKick 2\Ssk.exe
O4 - HKCU\..\Run: [g0stROJ7j] safmps.exe
O16 - DPF: {DDFFA75A-E81D-4454-89FC-B9FD0631E726} - http://www.zestyfind.com/app/DS4/DS4.cab
C:\WINDOWS\System32\scnetbs.exe
C:\WINDOWS\System32\safmps.exe
 
1 - 2 of 2 Posts
Status
Not open for further replies.
Top