Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Getting rid of offeroptimizer!


  • Please log in to reply
1 reply to this topic

#1 slickpimpn

slickpimpn

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:11:07 AM

Posted 01 December 2004 - 07:16 PM

Every time I look at my screen I see a pop up from this same site, how do i get rid of it and will it stay off my computer once I have gotten rid of it. I have been having a problem with spy ware so im guessing thats what it steamed from. i downloaded Hijack and ran it to see what was going on but i was unable to get rid of anything here are the results and if anyone is out there could you please help me out here !!!!!! Im running XP professional on my system and here are the results.

ogfile of HijackThis v1.98.2
Scan saved at 7:05:53 PM, on 12/1/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSNhksrv.exe
C:Program FilesDellOpenManageClientActionAgent.exe
C:PROGRA~1SYMANT~1SYMANT~1DefWatch.exe
C:DMIWIN32inDellDmi.exe
C:Program FilesDellOpenManageClientEventAgt.exe
C:Program FilesDellOpenManageClientDLT.exe
C:WINDOWSSYSTEM32GEARSEC.EXE
C:Program FilesExpertcityGoToMyPCg2svc.exe
C:WINDOWSExplorer.EXE
C:Program FilesDellOpenManageClientIap.exe
C:PROGRA~1SYMANT~1SYMANT~1Rtvscan.exe
C:Program FilesExpertcityGoToMyPCg2comm.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSwanmpsvc.exe
C:dmiwin32inWin32sl.exe
C:WINDOWSsystem32MsPMSPSv.exe
C:Program FilesExpertcityGoToMyPCg2tray.exe
C:WINDOWSDELLMMKB.EXE
C:Program FilesRealRealPlayerRealPlay.exe
C:PROGRA~1SYMANT~1SYMANT~1vptray.exe
C:WINDOWSSystem32iziaxn.exe
C:Program FilesRoxioEasy CD Creator 6DragToDiscDrgToDsc.exe
C:Program FilesRoxioEasy CD Creator 6AudioCentralRxMon.exe
C:Program FilesNetropaOSD.exe
C:Program FilesAmerica Online 7.0aoltray.exe
C:Program FilesRoxioEasy CD Creator 6AudioCentralPlaylist.exe
C:Program FilesEMS Free Surfer Companion s30.exe
C:Program FilesMSN Messengermsnmsgr.exe
C:Program FilesYahoo!Messengerymsgr_tray.exe
C:DOCUME~1RODRIC~1LOCALS~1TempTemporary Directory 1 for HijackThis.zipHijackThis.exe
C:Program FilesInternet Exploreriexplore.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://government.dellnet.com/
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://government.dellnet.com/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKCUSoftwareMicrosoftInternet ExplorerSearchURL,(Default) = websearch.drsnsrch.com/q.cgi?q=
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = sas.se1.attbb.net:8000
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.se1.attbb.net;<local>
R3 - Default URLSearchHook is missing
O1 - Hosts: indows.
O1 - Hosts: 217.116.231.7 aimtoday.aol.com
O2 - BHO: MxTargetObj Class - {0000607D-D204-42C7-8E46-216055BF9918} - C:WINDOWSmxTarget.dll
O2 - BHO: Band Class - {01F44A8A-8C97-4325-A378-76E68DC4AB2E} - C:WINDOWSsystb.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:PROGRA~1SPYBOT~1SDHelper.dll
O3 - Toolbar: (no name) - {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - (no file)
O4 - HKLM..Run: [DellTouch] C:WINDOWSDELLMMKB.EXE
O4 - HKLM..Run: [RealTray] C:Program FilesRealRealPlayerRealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM..Run: [vptray] C:PROGRA~1SYMANT~1SYMANT~1vptray.exe
O4 - HKLM..Run: [qmvrxesmyftyl] C:WINDOWSSystem32iziaxn.exe
O4 - HKLM..Run: [IMJPMIG8.1] C:WINDOWSIMEimjp8_1IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM..Run: [IMEKRMIG6.1] C:WINDOWSimeimkr6_1IMEKRMIG.EXE
O4 - HKLM..Run: [MSPY2002] C:WINDOWSSystem32IMEPINTLGNTImScInst.exe /SYNC
O4 - HKLM..Run: [PHIME2002ASync] C:WINDOWSSystem32IMETINTLGNTTINTSETP.EXE /SYNC
O4 - HKLM..Run: [PHIME2002A] C:WINDOWSSystem32IMETINTLGNTTINTSETP.EXE /IMEName
O4 - HKLM..Run: [GoToMyPC] C:Program FilesExpertcityGoToMyPCg2svc.exe -logon
O4 - HKLM..Run: [RoxioEngineUtility] "C:Program FilesCommon FilesRoxio SharedSystemEngUtil.exe"
O4 - HKLM..Run: [RoxioDragToDisc] "C:Program FilesRoxioEasy CD Creator 6DragToDiscDrgToDsc.exe"
O4 - HKLM..Run: [RoxioAudioCentral] "C:Program FilesRoxioEasy CD Creator 6AudioCentralRxMon.exe"
O4 - HKLM..Run: [satmat] C:WINDOWSsatmat.exe
O4 - HKLM..Run: [Win Server Updt] C:WINDOWSwupdt.exe
O4 - HKCU..Run: [Yahoo! Pager] C:Program FilesYahoo!Messengerypager.exe -quiet
O4 - Global Startup: America Online 7.0 Tray Icon.lnk = C:Program FilesAmerica Online 7.0aoltray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O8 - Extra context menu item: Get siteinfo data (fsc) - C:Program FilesEMS Free Surfer Companion slauncher.htm
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:Program FilesYahoo!Messengeryhexbmes0522.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:Program FilesYahoo!Messengeryhexbmes0522.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 - Extra button: Free Surfer - {AFC3FA82-AD07-45cd-8B57-983435B9899E} - C:Program FilesEMS Free Surfer CompanionFS30.exe
O9 - Extra 'Tools' menuitem: Free Surfer - {AFC3FA82-AD07-45cd-8B57-983435B9899E} - C:Program FilesEMS Free Surfer CompanionFS30.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:WINDOWSSystem32Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O16 - DPF: DigiChat Applet - http://host8.digichat.com/DigiChat/DigiClasses/Client_IE.cab
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/cha...v45/yacscom.cab
O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} (Yahoo! Webcam Upload Wrapper) - http://chat.yahoo.com/cab/yuplapp.cab
O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab
O20 - AppInit_DLLs: 



Thanks in Advance

BC AdBot (Login to Remove)

 


#2 Bear

Bear

  • Members
  • 342 posts
  • OFFLINE
  •  
  • Location:South East Texas
  • Local time:11:07 AM

Posted 01 December 2004 - 09:24 PM

HijackThis Logs and Analysis board
Posted Image


My System Specs


Comptia A+, Network + & MCP certified.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users