Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Hijackthis Log: Please Help Diagnose


  • Please log in to reply
3 replies to this topic

#1 rurman

rurman

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:06:04 PM

Posted 17 November 2005 - 07:36 PM

I've tried CWShredder, Spybot, Ad-aware, and Trend Micro, but still continue to have my browser hijacked- please help!

Thanks.

Logfile of HijackThis v1.99.1
Scan saved at 4:32:40 PM, on 11/17/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
D:\apps\NavNT\defwatch.exe
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\system32\rundll32.exe
d:\apps\Intel\Intel NetStructure VPN Client\icsrv.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
d:\apps\No-IP\DUC20.exe
D:\apps\NavNT\rtvscan.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\TiVo Shared\Beacon\TiVoBeacon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
D:\apps\NavNT\vptray.exe
D:\apps\D-Link\Air Utility\AirCFG.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
D:\apps\Logitech\iTouch\iTouch.exe
C:\WINDOWS\Logi_MwX.Exe
C:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe
D:\apps\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
D:\apps\iTunes\iTunesHelper.exe
D:\apps\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\Common Files\TiVo Shared\Transfer\TivoTransfer.exe
C:\WINDOWS\system32\MsgSys.EXE
D:\apps\iPod\bin\iPodService.exe
D:\apps\Trend Micro\Tmas\tmas.exe
D:\apps\Monzilla Firefox\firefox.exe
D:\Documents and Settings\Ron\My Documents\tmp\AntiVirus\HijackThis.exe

N3 - Netscape 7: user_pref("browser.startup.homepage", "http://home.netscape.com/"); (C:\Documents and Settings\Ron\Application Data\Mozilla\Profiles\default\zrsh3hit.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "http://www.google.com/"); (C:\Documents and Settings\Ron\Application Data\Mozilla\Profiles\default\zrsh3hit.slt\prefs.js)
O1 - Hosts: re.com
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [vptray] D:\apps\NavNT\vptray.exe
O4 - HKLM\..\Run: [D-Link Air Utility] D:\apps\D-Link\Air Utility\AirCFG.exe
O4 - HKLM\..\Run: [EPSON Stylus CX3200] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P19 "EPSON Stylus CX3200" /O6 "USB001" /M "Stylus CX3200"
O4 - HKLM\..\Run: [zBrowser Launcher] d:\apps\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [ANIWZCSService] C:\Program Files\Alpha Networks\ANIWZCS Service\WZCSLDR.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "D:\apps\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [iTunesHelper] "D:\apps\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Creative Detector] d:\apps\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [TivoTransfer] "C:\Program Files\Common Files\TiVo Shared\Transfer\TivoTransfer.exe" /auto:TivoTransfer /registry /service
O4 - HKCU\..\Run: [TivoServer] "D:\apps\TiVo\Desktop\TiVoServer.exe" /registry /service
O4 - HKCU\..\Run: [LDM] \Program\
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\apps\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = D:\apps\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Trend Micro Anti-Spyware.lnk = D:\apps\Trend Micro\Tmas\Tmas.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\apps\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\apps\MICROS~3\OFFICE11\REFIEBAR.DLL
O18 - Protocol: bw+0 - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - d:\apps\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: offline-8876480 - {9E1101C2-C3CD-4D73-BC31-5FF350518A68} - d:\apps\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: Shell Extensions - C:\WINDOWS\system32\p4r40e9qeh.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: pcAnywhere Host Service (awhost32) - Symantec Corporation - D:\apps\Symantec\pcAnywhere\awhost32.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: DefWatch - Symantec Corporation - D:\apps\NavNT\defwatch.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: Intel® NetStructure™ VPN Client (ICService) - Unknown owner - d:\apps\Intel\Intel NetStructure VPN Client\icsrv.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - D:\apps\iPod\bin\iPodService.exe
O23 - Service: NoIPDUCService - Vitalwerks LLC - d:\apps\No-IP\DUC20.exe
O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - D:\apps\NavNT\rtvscan.exe
O23 - Service: TiVo Beacon (TivoBeacon2) - TiVo Inc. - C:\Program Files\Common Files\TiVo Shared\Beacon\TiVoBeacon.exe

BC AdBot (Login to Remove)

 


m

#2 -David-

-David-

  • Members
  • 10,603 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London
  • Local time:03:04 AM

Posted 21 November 2005 - 02:51 AM

Please download WebRoot SpySweeper from HERE (It's a 2 week trial):
  • Click the Free Trial link under to "SpySweeper" to download the program.
  • Install it.
  • Once the program is installed, it will open.
  • It will prompt you to update to the latest definitions, click Yes.
  • Once the definitions are installed, click Sweep Now on the left side.
  • Click the Start button.
  • When it's done scanning, click the Next button.
  • Make sure everything has a check next to it, then click the Next button.
  • It will remove all of the items found.
  • Click Session Log in the upper right corner, copy everything in that window.
  • Click the Summary tab and click Finish.
  • Paste the contents of the session log you copied into your next reply.
Then reboot your computer - IMPORTANT
Then post a new HJT log

David

#3 rurman

rurman
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:06:04 PM

Posted 22 November 2005 - 12:12 PM

Thanks for the help :thumbsup: I was able to get rid of the hijacker!!!

#4 -David-

-David-

  • Members
  • 10,603 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London
  • Local time:03:04 AM

Posted 22 November 2005 - 12:19 PM

Ok! Glad i was able to help you! :thumbsup:

The log is clean! :flowers:

If i have helped you please consider making a donation using the "make a donation" button in my signature. My help is free, but please consider it to keep me fighting spyware for you and others! :trumpet: :inlove:

Now turn off System Restore:

On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Check Turn off System Restore.
Click Apply, and then click OK.

Restart your computer, turn System Restore back on and create a restore point.

To create a restore point:

Single-click Start and point to All Programs.
Mouse over Accessories, then System Tools, and select System Restore.In the System Restore wizard, select the box next the text labeled "Create a restore point" and click the Next button.
Type a description for your new restore point. Something like "After trojan/spyware cleanup". Click Create and you're done.

David




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users