pwnage clan and hacks media tickets

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by Smokey_ganja, Jul 16, 2004.

  1. Smokey_ganja

    Smokey_ganja Private E-2

    this spyware is giving me trouble, what is the simplest way to get rid of it? ive seen tonnes of people post their HJT logs is their an easier way? thnx in advance
     
    Smokey_ganja, Jul 16, 2004
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    chaslang, Jul 16, 2004
    #2
  3. Smokey_ganja

    Smokey_ganja Private E-2

    Thanks, i ran all the links i had tried most of them before, but with no luck so heres my hijack this log thanks a tonne for looking at it

    Scan saved at 2:16:45 PM, on 08/07/2004
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\msnmsgr.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\D-Tools\daemon.exe
    C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
    C:\PROGRA~1\mcafee.com\agent\mcagent.exe
    D:\Program Files\Tweak-XP Pro 3\AdBlocker.exe
    C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
    C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\WinRAR\WinRAR.exe
    C:\DOCUME~1\SHANE\LOCALS~1\Temp\Rar$EX00.110\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
    O4 - HKLM\..\Run: [msn] msnmsgr.exe
    O4 - HKLM\..\Run: [AtiPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [NvMixerTray] C:\Program Files\NVIDIA Corporation\NvMixer\NvMixerTray.exe
    O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
    O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
    O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
    O4 - HKLM\..\RunServices: [msn] msnmsgr.exe
    O4 - HKCU\..\Run: [msn] msnmsgr.exe
    O4 - HKCU\..\Run: [BlockAds] "D:\Program Files\Tweak-XP Pro 3\AdBlocker.exe"
    O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - (no file)
    O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - (no file)
     
    Smokey_ganja, Jul 16, 2004
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    First run this from Microsoft:

    http://www.microsoft.com/downloads/details.aspx?;displaylang=en&familyid=e70a0d8b-fe98-493f-ad76-bf673a38b4cf&displaylang=en

    Next are you up to date with all Microsoft Critical updates?
    Make sure you check. Don't guess. Go to Windows Update: http://v4.windowsupdate.microsoft.com/en/default.asp
    Then click scan for updates.
    Download ALL of the critical updates.

    Please post complete HijackThis log (you cut off top line showing HijackThis version info).
    Then shutdown IE and have HijackThis fix these two lines:
    O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - (no file)
    O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - (no file)

    Let me know how things look now!
     
    chaslang, Jul 16, 2004
    #4
  5. NeoNemesis

    NeoNemesis Moutharrhea

    anti-spyware man strikes again. and all is well in the town of MG
     
    NeoNemesis, Jul 16, 2004
    #5
  6. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    I prefer to say, "Anti-Spyware Man to the rescue" otherwise it sounds like I'm a bad guy. I'd rather be a super-hero not a super-villian. :D
     
    chaslang, Jul 16, 2004
    #6

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds