apropos/peper maybe? HT log

Computing.Net > Forums > Security and Virus > apropos/peper maybe? HT log

Computer Problems? Computing.Net has over 1,000,000 posts about all things technology related! Over 90% answered within 24 hours! Click here to start participating now! Also, be sure to check out the New User Guide.

apropos/peper maybe? HT log

Name: int13mikeymike
Date: February 11, 2004 at 05:45:32 Pacific
OS: Windows XP Professional
CPU/Ram: AMD 2500+ 512 ddr

Comment:

Ok i downloaded bittorrent and got this CRAP somehow... well im pretty sure it came from bittorent or suprnova.org anyway im gonna post my HT log... help me out anyone whose an expert at reading these things..
Logfile of HijackThis v1.97.7
Scan saved at 7:23:18 AM, on 2/11/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.exe
C:\WINDOWS\System32\CTHELPER.exe
C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe
C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe
C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\allSnap\allSnap.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Trend Micro\PC-cillin 2002\WebTrap.exe
C:\WINDOWS\System32\cisvc.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\FileZilla Server\FileZilla Server.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Trend Micro\PC-cillin 2002\Tmntsrv.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Trend Micro\PC-cillin 2002\PCCPFW.exe
C:\Program Files\Lavasoft\Ad-aware 6\Ad-aware.exe
C:\Program Files\AutoUpdate\AutoUpdate.exe
C:\Program Files\AproposClient\Apropos.exe
C:\Program Files\Internet Explorer\IEXPLORE.exe
C:\WINDOWS\System32\cidaemon.exe
C:\Documents and Settings\MikeyMike\Desktop\HijackThis.exe
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {01C5BF6C-E699-4CD7-BEA1-786FA05C83AB} - C:\Program Files\AproposClient\AproposPlugin.dll
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
O4 - HKLM\..\Run: [CTDVDDet] C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.exe
O4 - HKLM\..\Run: [AsioReg] REGSVR32.exe /S CTASIO.DLL
O4 - HKLM\..\Run: [SBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [CTRegRun] C:\WINDOWS\CTRegRun.exe
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe"
O4 - HKLM\..\Run: [PCCClient.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe"
O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.exe C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.exe
O4 - HKLM\..\Run: [RoxioEngineUtility] #rem "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [AutoLoaderAproposClient] "C:\DOCUME~1\MIKEYM~1\APPLIC~1\apropos.exe" C:\DOCUME~1\MIKEYM~1\APPLIC~1\apropos.exe /HideUninstIcon /HideDir /UninstallName="Software Apropos" /PC=PLUS
O4 - HKLM\..\Run: [AutoUpdater] C:\PROGRA~1\AUTOUP~1\AUTOUP~1.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - Startup: allSnap.lnk = C:\Program Files\allSnap\allSnap.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
O9 - Extra button: AIM (HKLM)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://download.yahoo.com/dl/installs/yinst0401.cab
O16 - DPF: {65E7DB1D-0101-4100-BD66-C5C78C917F93} (WTDMMPVersion Class) - http://install.wildtangent.com/bgn/partners/aolim/install.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2003120501/housecall.antivirus.com/housecall/xscan53.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
thanks for ur help anyone who replies..

Sponsored Link

Ads by Google

Response Number 1

Name: Wombat
Date: February 11, 2004 at 13:02:07 Pacific

Reply:

Become an expert yourself, go here...
www.spywareinfo.com/~merijn/htlogtutorial.html#r
Iligitimi non carborundum est

Response Number 2

Name: int13mikeymike
Date: February 11, 2004 at 13:35:29 Pacific

Reply:

that link didn't work :(

Response Number 3

Name: Wombat
Date: February 11, 2004 at 13:55:56 Pacific

Reply:

So it seems... it was working before. Try it again later.
Iligitimi non carborundum est

Response Number 4

Name: Abnormal
Date: February 11, 2004 at 16:15:22 Pacific

Reply:

From Add/Remove programs in Control Panel, uninstall Apropos client.

Response Number 5

Name: Abnormal
Date: February 12, 2004 at 19:50:38 Pacific

Reply:

http://www.doxdesk.com/parasite/AproposMedia.html

creative sb audiopci s3iscfg.log openssh logging rhel4 filezilla tvdebug.log software.log cisvc.exe regsvr32.exe download wbemcore.log ht-940pci	filezilla server vista XCOPY LOG read log HT LINK K8 NB HT SPEED nvcpl log_fs.log apropos media spooler logs cidaemon.exe
See More

Sponsored Link

Ads by Google

Apparent hijack?

NAV is closing down on me...

Post Locked

This post is quite old and has been locked from receiving new replies. Please create a new posting instead.

Go to Security and Virus Forum Home

Sponsored links

Ads by Google

Results for: apropos/peper maybe? HT log

Can sum1 help me w\ HT Log?

Summary

www.computing.net/answers/security/can-sum1-help-me-w-ht-log/13210.html

HT log from h/page hack thread

Summary

www.computing.net/answers/security/ht-log-from-hpage-hack-thread/14162.html

Gaobot cleanup, please check HT log

Summary

www.computing.net/answers/security/gaobot-cleanup-please-check-ht-log/7708.html

From the Geek Dictionary
m - Microsoft Corporation (or any of its products)

Ask a Question!

Weekly Poll
Do you think Comcast should have bought NBC?

Poll Finishes In 6 Days.
Discuss in The Lounge
Poll History

Recent Posts
what video card

Clear system search list in win7?

unexpected shutdown

Will this graphics card work with my pc?

I need apollo printer driver for winxp

All Awaiting Reply

Tom's News
Nintendo DS Flash Cards are Legal Says Judge

Go Retro: Dragon's Lair Confirmed for iPhone

Sony's PSPgo May Get External UMD Reader

Report: Teen Internet Addicts Likely to Self-Harm

Violent Games Still Marketed to Kids, Says FTC

More Tom's Guide News

Data Recovery

Manufacturer List | About Us | Advertising Info | Contact Us
The information on Computing.Net is the opinions of its users. Such opinions may not be accurate and they are to be used at your own risk. Computing.Net cannot verify the validity of the statements made on this site. Computing.Net and Computing.Net LLC hereby disclaim all responsibility and liability for the content of Computing.Net and its accuracy.
PLEASE READ THE FULL DISCLAIMER AND LEGAL TERMS BY CLICKING HERE