Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HJT scan log


  • Please log in to reply
1 reply to this topic

#1 fostersabine

fostersabine

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:11:42 PM

Posted 20 April 2005 - 04:51 PM

This is my scan log and I need help in selecting which entries to fix. Since I have little experience in these matters but am excellent at following directoions I am asking for assistance. Thank you very kindly


Logfile of HijackThis v1.99.1
Scan saved at 2:01:53 PM, on 4/20/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\System32\s32mngr(2)(2).exe
C:\Program Files\Messenger\msmsgs.exe
C:\windows\lccyljy.exe
C:\wp.exe
C:\WINDOWS\System32\rtuc32gt.exe
C:\Documents and Settings\Owner\Desktop\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://w-find.com/sp.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://w-find.com/index.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://w-find.com/index.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://w-find.com/sp.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://w-find.com/index.htm
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: BHOmodObj Class - {7F6828CA-9E42-462C-BC60-418C8144012C} - c:\windows\system\BHOmod.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: UCmore XP - The Search Accelerator - {44BE0690-5429-47f0-85BB-3FFD8020233E} - C:\Program Files\TheSearchAccelerator\UCMTSAIE.dll (file missing)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [iND9CXa] C:\WINDOWS\qpkfshcg.exe
O4 - HKLM\..\Run: [336h34R] s32mngr(2)(2).exe
O4 - HKLM\..\RunOnce: [Srv32 spool service] C:\WINDOWS\System32\spoolsrv32.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [gtkldxo] c:\windows\lccyljy.exe
O4 - HKCU\..\Run: [WindowsFY] c:\wp.exe
O4 - HKCU\..\Run: [I0pnRQd8Q] rtuc32gt.exe
O4 - HKCU\..\Run: [xkvftht] c:\windows\gynqmbf.exe
O4 - HKCU\..\Run: [jciisax] c:\windows\gynqmbf.exe
O4 - HKCU\..\Run: [iqqiyqj] c:\windows\gynqmbf.exe
O4 - HKCU\..\Run: [fdrfbug] c:\windows\gynqmbf.exe
O4 - HKCU\..\Run: [tlaaafj] c:\windows\rqnbkvf.exe
O4 - HKCU\..\Run: [jjndebe] c:\windows\rqnbkvf.exe
O4 - HKCU\..\Run: [xenelsy] c:\windows\rqnbkvf.exe
O4 - HKCU\..\Run: [bnnjkpr] c:\windows\rqnbkvf.exe
O4 - HKCU\..\Run: [vewhpmh] c:\windows\rqnbkvf.exe
O4 - HKCU\..\Run: [qcdyshe] c:\windows\rqnbkvf.exe
O4 - HKCU\..\Run: [dovkoxs] c:\windows\rqnbkvf.exe
O4 - HKCU\..\Run: [kqvbrqd] c:\windows\rqnbkvf.exe
O4 - HKCU\..\Run: [qtjpawd] c:\windows\rqnbkvf.exe
O4 - HKCU\..\Run: [irxrwwp] c:\windows\rqnbkvf.exe
O4 - HKCU\..\Run: [bkacnsm] c:\windows\rqnbkvf.exe
O4 - HKCU\..\Run: [oxbioye] c:\windows\rqnbkvf.exe
O4 - HKCU\..\Run: [orqkabg] c:\windows\rqnbkvf.exe
O4 - HKCU\..\Run: [fbadrin] c:\windows\rqnbkvf.exe
O4 - HKCU\..\Run: [jjqmqus] c:\windows\rqnbkvf.exe
O4 - HKCU\..\Run: [mnkkbir] c:\windows\rqnbkvf.exe
O4 - HKCU\..\Run: [yifwwga] c:\windows\rqnbkvf.exe
O4 - HKCU\..\Run: [aksexsl] c:\windows\rqnbkvf.exe
O4 - HKCU\..\Run: [yncgfhv] c:\windows\rqnbkvf.exe
O4 - HKCU\..\Run: [qcoryne] c:\windows\rqnbkvf.exe
O4 - HKCU\..\Run: [jupjqil] c:\windows\rqnbkvf.exe
O4 - HKCU\..\Run: [mlnbint] c:\windows\rqnbkvf.exe
O4 - HKCU\..\Run: [vcyyavu] c:\windows\rqnbkvf.exe
O4 - HKCU\..\Run: [fpybfek] c:\windows\rqnbkvf.exe
O4 - HKCU\..\Run: [qbbufnc] c:\windows\rqnbkvf.exe
O4 - HKCU\..\Run: [sfpsqlr] c:\windows\rqnbkvf.exe
O4 - HKCU\..\Run: [npcmdrs] c:\windows\rqnbkvf.exe
O4 - HKCU\..\Run: [ekumrqh] c:\windows\rqnbkvf.exe
O4 - HKCU\..\Run: [fqfbnpk] c:\windows\rqnbkvf.exe
O4 - HKCU\..\Run: [ecsouor] c:\windows\rqnbkvf.exe
O4 - HKCU\..\Run: [crvllhs] c:\windows\rqnbkvf.exe
O4 - HKCU\..\Run: [nckksfj] c:\windows\rqnbkvf.exe
O4 - HKCU\..\Run: [etvnvqt] c:\windows\rqnbkvf.exe
O4 - HKCU\..\Run: [aopmifh] c:\windows\rqnbkvf.exe
O4 - HKCU\..\Run: [ldgpqmm] c:\windows\rqnbkvf.exe
O4 - HKCU\..\Run: [qjfgfqq] c:\windows\rqnbkvf.exe
O4 - HKCU\..\Run: [oflmxxv] c:\windows\rqnbkvf.exe
O4 - HKCU\..\Run: [glwogrw] c:\windows\rqnbkvf.exe
O4 - HKCU\..\Run: [qqiinjx] c:\windows\rqnbkvf.exe
O4 - HKCU\..\Run: [gggqsle] c:\windows\rqnbkvf.exe
O4 - HKCU\..\Run: [ofaoccp] c:\windows\rqnbkvf.exe
O4 - HKCU\..\Run: [wntmmpe] c:\windows\rqnbkvf.exe
O4 - HKCU\..\Run: [syvbchd] c:\windows\rqnbkvf.exe
O4 - HKCU\..\Run: [qrwcspu] c:\windows\rqnbkvf.exe
O4 - HKCU\..\Run: [pkqcnvr] c:\windows\rqnbkvf.exe
O4 - HKCU\..\Run: [crowxka] c:\windows\rqnbkvf.exe
O4 - HKCU\..\Run: [grgqspp] c:\windows\rqnbkvf.exe
O4 - HKCU\..\Run: [yqrgwrw] c:\windows\rqnbkvf.exe
O4 - HKCU\..\Run: [oxkplcj] c:\windows\rqnbkvf.exe
O4 - HKCU\..\Run: [otnwpqc] c:\windows\rqnbkvf.exe
O4 - HKCU\..\Run: [gjbamwl] c:\windows\rqnbkvf.exe
O4 - HKCU\..\Run: [jcsmaou] c:\windows\rqnbkvf.exe
O4 - HKCU\..\Run: [ybskhqb] c:\windows\rqnbkvf.exe
O4 - HKCU\..\Run: [koklcrp] c:\windows\rqnbkvf.exe
O4 - HKCU\..\Run: [qdpifpp] c:\windows\rqnbkvf.exe
O4 - HKCU\..\Run: [naklops] c:\windows\hyfyjqu.exe
O4 - HKCU\..\Run: [cqbfwfi] c:\windows\hyfyjqu.exe
O4 - HKCU\..\Run: [htbgcns] c:\windows\hyfyjqu.exe
O4 - HKCU\..\Run: [frgbsrk] c:\windows\hyfyjqu.exe
O4 - HKCU\..\Run: [glxrlwb] c:\windows\hyfyjqu.exe
O4 - HKCU\..\Run: [khdllwh] c:\windows\hyfyjqu.exe
O4 - HKCU\..\Run: [klwjjjj] c:\windows\hyfyjqu.exe
O4 - HKCU\..\Run: [fmduhnm] c:\windows\hyfyjqu.exe
O4 - HKCU\..\Run: [lxyhkod] c:\windows\hyfyjqu.exe
O4 - HKCU\..\Run: [jrftwui] c:\windows\hyfyjqu.exe
O4 - HKCU\..\Run: [vrmyrsi] c:\windows\hyfyjqu.exe
O4 - HKCU\..\Run: [osplafp] c:\windows\hyfyjqu.exe
O4 - HKCU\..\Run: [xejgtrl] c:\windows\hyfyjqu.exe
O4 - HKCU\..\Run: [wditosa] c:\windows\hyfyjqu.exe
O4 - HKCU\..\Run: [fssfome] c:\windows\eindury.exe
O4 - HKCU\..\Run: [ixshtvd] c:\windows\eindury.exe
O4 - HKCU\..\Run: [kcabuvn] c:\windows\eindury.exe
O4 - HKCU\..\Run: [uuwotgc] c:\windows\eindury.exe
O4 - HKCU\..\Run: [rjmwpox] c:\windows\eindury.exe
O4 - HKCU\..\Run: [txysnik] c:\windows\eindury.exe
O4 - HKCU\..\Run: [mpsjocc] c:\windows\sfpdbus.exe
O4 - HKCU\..\Run: [hklsvtv] c:\windows\sfpdbus.exe
O4 - HKCU\..\Run: [dyoioeb] c:\windows\sfpdbus.exe
O4 - HKCU\..\Run: [stvqpwc] c:\windows\sfpdbus.exe
O4 - HKCU\..\Run: [ogmkjmy] c:\windows\sfpdbus.exe
O4 - HKCU\..\Run: [ktbsshl] c:\windows\sfpdbus.exe
O4 - HKCU\..\Run: [upucasq] c:\windows\sfpdbus.exe
O4 - HKCU\..\Run: [jxtfbhx] c:\windows\hmrjexo.exe
O4 - HKCU\..\Run: [bhvmymi] c:\windows\hmrjexo.exe
O4 - HKCU\..\Run: [welqjco] c:\windows\hmrjexo.exe
O4 - HKCU\..\Run: [ftwwdcu] c:\windows\hmrjexo.exe
O4 - HKCU\..\Run: [pxrhfal] c:\windows\rxxdosf.exe
O4 - HKCU\..\Run: [axysosr] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [koasxju] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [fwhwurj] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [kumdcir] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [vmdedsp] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [spssntg] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [agndoxt] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [mqfvqbh] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [raeamas] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [svkghta] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [iisotyu] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [hmfjwqm] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [ahvvnxu] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [gfwvrcd] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [wpnpdoy] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [nnomvll] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [vyiqdnb] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [xsiptng] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [tywxnip] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [sxaepkw] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [ivgmprc] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [sqgckim] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [qciemuc] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [bjfavkc] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [yxofakv] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [htgxsci] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [mlnomrm] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [mykyjkp] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [fsncqwo] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [jkekqeu] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [uonpnaq] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [kpleirn] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [tjroovr] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [gryjftc] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [fhnunlb] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [xasmsxa] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [fupvwpu] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [gwnrccu] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [tsvhsfw] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [jcghblq] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [gcdrhhp] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [dhtbbqo] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [luwpdpv] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [taickkb] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [fjycmys] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [nsmrhjh] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [qbciyyb] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [gkredba] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [pgxvrax] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [jkhaxsw] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [letsewf] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [loikitj] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [kxrkucq] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [impglch] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [hwgnskg] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [xpoxaiv] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [liulhnk] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [iynfdtj] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [gjnoejm] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [tturudf] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [cippcih] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [vywbofv] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [kimlyhl] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [tkqhhiy] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [mbedplf] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [lyxrxjk] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [ofphbuw] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [cjrnjbm] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [aveqqyr] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [gxqtmoh] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [kjbhevo] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [pbohvmv] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [uqxsfiv] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [fnhgdap] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [ainqjqk] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [iqvbuht] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [cajrslj] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [thqcrry] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [lwiyjbi] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [vjxoxop] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [rltgqxh] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [btuvlwq] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [xgdfcrc] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [vmasecg] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [mqyesge] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [owcnnck] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [mkxdbgk] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [ksccxpa] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [sjyaoav] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [lybgifl] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [ifeftns] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [piuptxs] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [rygryyl] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [xwlsbxi] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [hmmcgoj] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [sekiobl] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [ukkjmlg] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [vkbfaux] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [disnkdd] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [aescfoq] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [kmgatht] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [ciqcdjm] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [hiwwmpq] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [sgbeupy] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [aaqbbfo] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [vncmklh] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [xpywogx] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [yrecife] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [rbodnwg] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [hkbbihw] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [sdbgwno] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [vdebwjf] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [rawvwhi] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [vuarhst] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [cvdojcp] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [aalygha] c:\windows\cpvovfv.exe
O4 - HKCU\..\Run: [twmgqqg] c:\windows\cpvovfv.exe
O4 - HKCU\..\RunOnce: [Srv32 spool service] C:\WINDOWS\System32\spoolsrv32.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O10 - Unknown file in Winsock LSP: c:\windows\system32\flsmngr.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\flsmngr.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\flsmngr.dll
O16 - DPF: {18026089-8A77-6BA2-6BEF-6DDD15E892AD} -
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab
O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} (Installer Class) - http://www.ysbweb.com/ist/softwares/v4.0/ysb_regular.cab
O16 - DPF: {46B3102F-7AEE-78D7-F42C-0B23413F43F6} -
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab
O16 - DPF: {795399EA-2187-77A3-37D0-6A8D1636FB97} -
O16 - DPF: {99410CDE-6F16-42ce-9D49-3807F78F0287} (ClientInstaller Class) - http://www.180searchassistant.com/180saax.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/SymAData.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Trace network connections (ACCRA) - - (no file)
O23 - Service: ZESOFT - Unknown owner - C:\WINDOWS\zeta.exe

BC AdBot (Login to Remove)

 


#2 ~Kat~

~Kat~

    Princess Kitty


  • Members
  • 476 posts
  • OFFLINE
  •  
  • Local time:10:42 PM

Posted 20 April 2005 - 05:52 PM

Hi there, and welcome! My name is Kat, and I'll be helping you to get your computer fixed up and on the run again! You may want to print these instructions or save them to a NotePad file on your desktop to make it easier for you to follow each step in order!

1. Please download the latest version of Ad-aware(Ad-aware SE 1.05) If you're using an older version (or donít have AdAware yet), download Ad-aware SE Personal 1.05 and install it.

Before scanning with Ad-aware SE Free:
Run a FULL adaware scan using the following configuration below
  • Update
    • Select Check for updates.
    • Then Connect and download SE1R28 16.02.2005 .
  • Click Start
  • Select Perform Full System Scan and hit Next to let Ad-Aware scan your drives.
  • It will list malware files and registry keys. Click Next.
  • Under the Critical Objects tab, rightclick in the list, choose Select All, then Next.
  • It will ask for verification of checked items-. Choose OK.
  • Close Ad-Aware, Shut down and reboot your system.
2. Download and Install Spybot S&D, accepting the Default Settings
(Please ensure you have version 1.3 final.)
Home - The home of Spybot-S&D!: http://www.safer-networking.org/
Here is a nice Tutorial http://www.safer-networking.org/index.php?page=tutorial
  • Go to Start > Programs >Spybot Search & Destroy and choose 'Spybot S&D'
  • Close ALL windows except Spybot S&D
  • Click the button 'Search for Updates' and download and install the Updates.
  • Next click the button 'Check for Problems'
  • When Spybot is complete, it will be showing 'RED' entries BLACK entries and GREEN entries in the window
  • Make sure there is a check mark beside the RED entries ONLY.
  • Choose Fix Selected Problems and allow Spybot to fix the RED entries.
  • REBOOT
3. You have several viruses and/or Trojans on your system.
Please run at least 2 of these online virus scans:

Housecall<<<Put on 'Autoclean' and delete what it can't clean.
Panda ActiveScan<<<Accept default settings, save and post the log
RAV online scan<<<Add a check by 'Autoclean', leave everything else as is.
eTrust Antivirus Web Scan<<<'Cure' whatever is found, then delete if unsuccessful
Bitdefender ScanOnline<<<Place a check by everything under 'Scan Options'.
Command on Demand

Also run an online trojan scan here: http://www.trojanscan.com/
Reboot when finished

4. After you have finished all of the above, please post a fresh HJT log here in a reply, along with anything that Spybot or AdAware or the Virus/Trojan scans could NOT delete. We will continue the fix from there!



~LAUGH like no one can hear, DANCE like no one is watching and LOVE like you've never been hurt

Come and meet ~ME~

If you are happy with the service I provided, please consider making a donation to help me continue the fight against Malware Posted Image





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users