Free PC Performance Scan

Member Panel

Remember me ?

Forgot password?   

Join the PC Help Forum Team

Join PC Help Forum on Facebook

Join the PCHF Distributed Computing Teams

Try the NEW PC Help Forum Dark style

Link to PCHF from other parts of the Internet
PC Forum PC Help Forum » Security & Safety » [Fixed] Hijackthis! Logs » [Resolved] Results for Upgrader 764...from previous post "help with this secret"

[Fixed] Hijackthis! Logs - [Resolved] Results for Upgrader 764...from previous post "help with this secret" posted in the Security & Safety forums; This is the results of my prework test. hijackthis.log January 23, 2007.txt...

JOIN US NOW to remove these Ads

Post New Thread  Reply
Page 1 of 3 1 2 3 >
  #1  
Old 01-24-2007
Gold Member
  
Join Date: Mar 2006
Posts: 344
marioc89 - See this Members User comments on their Profile page
Default [Resolved] Results for Upgrader 764...from previous post "help with this secret"
This is the results of my prework test.hijackthis.log

January 23, 2007.txt
  #2  
Old 01-24-2007
ladygreenwitch's Avatar
HR Director
My PC
 
Join Date: Jul 2005
Location: Bay Area California
Posts: 5,778
PC Experience: PC Illiterate
ladygreenwitch - See this Members User comments on their Profile page ladygreenwitch - See this Members User comments on their Profile page ladygreenwitch - See this Members User comments on their Profile page ladygreenwitch - See this Members User comments on their Profile page ladygreenwitch - See this Members User comments on their Profile page ladygreenwitch - See this Members User comments on their Profile page ladygreenwitch - See this Members User comments on their Profile page ladygreenwitch - See this Members User comments on their Profile page ladygreenwitch - See this Members User comments on their Profile page ladygreenwitch - See this Members User comments on their Profile page ladygreenwitch - See this Members User comments on their Profile page
Default
Hi Marioc,

Upgrader isn't one of our Security Team, but I am sure he will be flattered, LOL. Please post the AVG log that came from the PreWork as well please. Then one of us will be in a better position to help you find your keylogger.

Looking foward to your reply,

TTFN

LGW
  #3  
Old 01-24-2007
ladygreenwitch's Avatar
HR Director
My PC
 
Join Date: Jul 2005
Location: Bay Area California
Posts: 5,778
PC Experience: PC Illiterate
ladygreenwitch - See this Members User comments on their Profile page ladygreenwitch - See this Members User comments on their Profile page ladygreenwitch - See this Members User comments on their Profile page ladygreenwitch - See this Members User comments on their Profile page ladygreenwitch - See this Members User comments on their Profile page ladygreenwitch - See this Members User comments on their Profile page ladygreenwitch - See this Members User comments on their Profile page ladygreenwitch - See this Members User comments on their Profile page ladygreenwitch - See this Members User comments on their Profile page ladygreenwitch - See this Members User comments on their Profile page ladygreenwitch - See this Members User comments on their Profile page
Default
Hey Mario,

I have a couple of questions for you, first of which is whether you knowingly have Internet Information Server running on your PC, I see no indication of Personal Web running under processes.

Also, did you at one time install and uninstall Starware onto this PC?

Do you recognize this IP address? 127.0.0.1

Also, if you have not installed Morpheus (which leaves you quite vulnerable to attacks, virus', spyware, etc.), it is possible that your girlfriend has and is somehow gaining access through that vulnerability. We highly reccomend uninstalling p2p software, especially those with known spyware links such as Morpheus.

OK here may be the potential payload,
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
I need to do a bit more research on this, but I will have directions for you in the morning.

Looking forward to your reply,

TTFN

LGW
  #4  
Old 01-24-2007
Gold Member
  
Join Date: Mar 2006
Posts: 344
marioc89 - See this Members User comments on their Profile page
Default
The first question...I don't know. The second...yes, I have starware on there now. What p2p software are you referring to? Where and what is Morpheus? What IP address is: 127.0.0.1? I thought I posted the AVG log?
  #5  
Old 01-24-2007
Wolfeymole's Avatar
Resident WereWolf
  
Join Date: Nov 2006
Posts: 1,583
PC Experience: Enough to choke a Mule
Wolfeymole - See this Members User comments on their Profile page Wolfeymole - See this Members User comments on their Profile page Wolfeymole - See this Members User comments on their Profile page
Default
Hi Mario

Morpheous along with Limewire and Kazaa etc is a P2P (peer to peer) file sharing program which is wide open to malicious exploits.
I am moving this to the HJT Logs forum as the attachment you provided is an HJT Log.
A HJT log expert will assist you as soon as possible. Please bear with us, Thanks.


__________________
Last edited by Wolfeymole; 01-24-2007 at 12:57 PM.
  #6  
Old 01-24-2007
Gold Member
  
Join Date: Mar 2006
Posts: 344
marioc89 - See this Members User comments on their Profile page
Default
Ok. I'll be waiting.
  #7  
Old 01-24-2007
ladygreenwitch's Avatar
HR Director
My PC
 
Join Date: Jul 2005
Location: Bay Area California
Posts: 5,778
PC Experience: PC Illiterate
ladygreenwitch - See this Members User comments on their Profile page ladygreenwitch - See this Members User comments on their Profile page ladygreenwitch - See this Members User comments on their Profile page ladygreenwitch - See this Members User comments on their Profile page ladygreenwitch - See this Members User comments on their Profile page ladygreenwitch - See this Members User comments on their Profile page ladygreenwitch - See this Members User comments on their Profile page ladygreenwitch - See this Members User comments on their Profile page ladygreenwitch - See this Members User comments on their Profile page ladygreenwitch - See this Members User comments on their Profile page ladygreenwitch - See this Members User comments on their Profile page
Default
Hey Mario,

I'm not seeing the AVG log, can you please post it again? As far as the Morpheus, it's possible that your friend installed it on your PC, or it is equally possible that she infected you in order to gain access to your passwords. Regardless of where it came from, Morpheus is probably good to remove, so uninstall that from Add/Remove Programs, and then once I take a look at your AVG log, we can start determining if the Satiloler Trojan is the culprit.

Looking forward to your reply,

TTFN

LGW

Reply
Satellite TV on your PC - over 3000 Channels! Click Here!
Page 1 of 3 1 2 3 >

Bookmarks

« [Resolved] I Could Use Some Help :( :( | [Resolved] rundll erroe »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are On

Contact Us - PC Help Forum - Site Map - Privacy Statement - Top
All times are GMT +1. The time now is 08:54 AM.
Powered by vBulletin
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
SEO by vBSEO 3.2.0 RC7
All Graphics & Content Copyright © 2004-2008 - PC Help Forum.com


Back to Top