Scan your PC for Errors

Member Panel

Remember me ?

Forgot password?   

Join the PC Help Forum Team

Join PC Help Forum on Facebook

Join the PCHF Distributed Computing Teams

Try the NEW PC Help Forum Dark style

Link to PCHF from other parts of the Internet
PC Forum PC Help Forum » Security & Safety » [Fixed] Hijackthis! Logs » [Fixed] Another HJT log

[Fixed] Hijackthis! Logs - [Fixed] Another HJT log posted in the Security & Safety forums; Hey everyone. About a few hours ago, after updating Zone Alarm, some weird stuff started to happen. This sysmgr.exe file kept trying to access the Internet. Here is my log:...

JOIN US NOW to remove these Ads

Post New Thread  Reply
  #1  
Old 11-28-2005
Silver Member
  
Join Date: Oct 2005
Location: Where the President never stays...
Posts: 177
Gray - See this Members User comments on their Profile page
Send a message via Yahoo to Gray
Default [Fixed] Another HJT log
Hey everyone.

About a few hours ago, after updating Zone Alarm, some weird stuff started to happen. This sysmgr.exe file kept trying to access the Internet.

Here is my log:
Attached Files
File Type: log hijackthis.log (8.1 KB, 2 views)


  #2  
Old 11-28-2005
joe5's Avatar
Elite Member
My PC
 
Join Date: Jun 2005
Location: Netherlands
Posts: 9,036
joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page
Default
Nothing to bad , just one of them. It's a variant of W32/Sdbot-OO and it is an IRC backdoor.



Boot in safemode and then click Start>Run and type in: services.msc

Click OK

In the Services window find: sysmgr64

Select/highlight and right click the entry, and choose: Properties
On the General tab, under Service Status click the Stop button
Beside: Startup Type, in the drop menu, select: Disabled
Click Apply, then OK
Open HJT and click config > misc tools > “delete an NT service”
Copy and past: sysmgr64

Click OK.

Then fix this line with hjt:

O23 - Service: sysmgr64 - Unknown owner - C:\WINDOWS\sysmgr64.exe
Then delete the file in bold and youre done. O0


__________________
- PCHF Team. - (NL) - Mal-ware Eradicator! -
  #3  
Old 11-29-2005
Silver Member
  
Join Date: Oct 2005
Location: Where the President never stays...
Posts: 177
Gray - See this Members User comments on their Profile page
Send a message via Yahoo to Gray
Default
Well, that fixed it. Thanks, Joe! O0
  #4  
Old 11-29-2005
joe5's Avatar
Elite Member
My PC
 
Join Date: Jun 2005
Location: Netherlands
Posts: 9,036
joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page
Default
Youre welcome.


And marked as Fixed.


__________________
- PCHF Team. - (NL) - Mal-ware Eradicator! -

Reply
Satellite TV on your PC - over 3000 Channels! Click Here!

Bookmarks

« [Resolved] Please Help Computer having Major Problems | [Resolved] A friend's log »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are On

Contact Us - PC Help Forum - Site Map - Privacy Statement - Top
All times are GMT +1. The time now is 06:02 AM.
Powered by vBulletin
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
SEO by vBSEO 3.2.0 RC7
All Graphics & Content Copyright © 2004-2008 - PC Help Forum.com


Back to Top