Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Please Help..HijackThis Log Inside.


  • This topic is locked This topic is locked
2 replies to this topic

#1 vtec78

vtec78

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:03:06 AM

Posted 30 June 2004 - 03:15 AM

Norton Found IEfeats but couldnt Delete. I followed Instruction on there site to remove but the registry locations they suggest do not contain the entries suggested.

I was unable to update hijackthis..It said it couldnt connect to the server..and either i have no connection or the server is down.

Here is the log..

Logfile of HijackThis v1.98.0
Scan saved at 2:34:33 AM, on 6/30/2004
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\EXPLORER.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCEVTMGR.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCSETMGR.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SNDSRVC.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCPROXY.EXE
C:\WINDOWS\SYSTEM\WBEM\WINMGMT.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCAPP.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCPD-LC\SYMLCSVC.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\PROGRAM FILES\OPERA7\OPERA.EXE
C:\WINDOWS\DESKTOP\HIJACKDEEZ\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system\iigde.dll/sp.html#96676
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = res://iigde.dll/index.html#96676
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = res://iigde.dll/index.html#96676
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system\iigde.dll/sp.html#96676
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system\iigde.dll/sp.html#96676
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = res://iigde.dll/index.html#96676
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {0096CC0A-623C-4829-AD9C-19AF0DC9D8FE} - (no file)
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll (file missing)
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: ICOO Loader BHO - {B9D90B27-AD4A-413a-88CB-3E6DDC10DC2D} - C:\WINDOWS\MSOPT.DLL (file missing)
O2 - BHO: Class - {E7E124F6-B309-8528-B4EA-26F462B941D5} - C:\WINDOWS\SYSTEM\JAVAEJ32.DLL (file missing)
O2 - BHO: Class - {9094044E-D64B-52BF-2293-CE35E7D82337} - C:\WINDOWS\SYSTEM\ADDSC.DLL (file missing)
O2 - BHO: Class - {18DF71F2-32D5-BEE7-153F-A4757D907148} - C:\WINDOWS\SYSTEM\NETAR32.DLL (file missing)
O2 - BHO: Class - {A3D99131-68E9-236B-D255-C50CDCDB0928} - C:\WINDOWS\SYSTEM\MSIC.DLL (file missing)
O2 - BHO: Class - {D5459708-5146-5B78-2C15-69BF794D6B12} - C:\WINDOWS\SYSTEM\MSSB32.DLL (file missing)
O2 - BHO: Class - {EE3BE29F-801F-7595-1735-75B9A69CA88D} - C:\WINDOWS\SYSTEM\ATLSP32.DLL (file missing)
O2 - BHO: Class - {2FA6B0AE-AAE8-9CDC-8004-516B1C672B52} - C:\WINDOWS\APPPA32.DLL (file missing)
O2 - BHO: Class - {7B852FD1-75E7-FC74-B7E9-ADEF49ABB2B2} - C:\WINDOWS\NETVQ.DLL (file missing)
O2 - BHO: Class - {82EF11BA-AF0F-7E93-124D-291F18B9DCDC} - C:\WINDOWS\SYSTEM\NTRI.DLL (file missing)
O2 - BHO: Class - {36A2F80C-005C-56CB-3C74-0564534D0215} - C:\WINDOWS\SYSTEM\NTWH.DLL (file missing)
O2 - BHO: Class - {A2CB8242-65E2-A803-8CBD-9D81A18D7D99} - C:\WINDOWS\APIDS32.DLL (file missing)
O2 - BHO: Class - {741FAA78-FB1F-CB3C-44BD-E14600CFF87A} - C:\WINDOWS\JAVAYQ.DLL (file missing)
O2 - BHO: Class - {7E7E368F-52C9-80E2-619A-AFF0E8DF2D31} - C:\WINDOWS\D3JJ.DLL (file missing)
O2 - BHO: Class - {C5F1D2AE-ADBF-9926-B1E9-C3D4E10E2CBB} - C:\WINDOWS\SDKCM.DLL__SpybotSDDisabled (file missing)
O2 - BHO: Class - {06204314-8710-7E66-8DEF-72A50FE93229} - C:\WINDOWS\SYSTEM\WINHB.DLL (file missing)
O2 - BHO: Class - {CF532F04-8C95-1B6E-C3C3-AE92B411CA46} - C:\WINDOWS\IECH.DLL (file missing)
O2 - BHO: Class - {53AC44D3-7DD4-0E64-44FF-00630DA3929F} - C:\WINDOWS\SYSTEM\APPLC32.DLL (file missing)
O2 - BHO: Class - {E15DE160-7915-1819-2868-8A99CB9D83E5} - C:\WINDOWS\NTRV32.DLL (file missing)
O2 - BHO: Class - {A20458A2-7655-7F96-C902-3F31980DA43F} - C:\WINDOWS\MSZK.DLL (file missing)
O2 - BHO: Class - {B2B4335D-B3F0-23F0-F786-D4D92E20AD29} - C:\WINDOWS\APICH32.DLL (file missing)
O2 - BHO: Class - {7C5F07FA-EE61-E2CA-7AC9-845516B1F196} - C:\WINDOWS\NETKP.DLL (file missing)
O2 - BHO: Class - {6BCBA5F1-60FE-2C08-77CB-F80DB152B4EF} - C:\WINDOWS\ATLRH.DLL (file missing)
O2 - BHO: Class - {1CA0B7AD-8C69-8293-369B-46E22D85FF51} - C:\WINDOWS\SYSTEM\D3QL32.DLL (file missing)
O2 - BHO: Class - {A5AD29F2-C417-ADBE-550D-61E932069FF5} - C:\WINDOWS\SYSTEM\CRQN32.DLL (file missing)
O2 - BHO: Class - {086EC45A-7F1E-8853-E711-291F764C1CD3} - C:\WINDOWS\SYSTEM\CRHR32.DLL (file missing)
O2 - BHO: Class - {C8994F9D-64C1-8785-E2A8-6309090595B7} - C:\WINDOWS\SYSTEM\APPNI.DLL (file missing)
O2 - BHO: Class - {09D55E10-2E07-7D53-29FE-5C3AF9DB4D7A} - C:\WINDOWS\ADDSB32.DLL (file missing)
O2 - BHO: Class - {65344CD2-2A9B-B346-1ECD-D08CAF49E420} - C:\WINDOWS\SYSTEM\D3CW32.DLL (file missing)
O2 - BHO: Class - {A8F17FED-B2E3-2815-E912-143F0CC418D2} - C:\WINDOWS\CRCB32.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRAM FILES\FLASHGET\FGIEBAR.DLL
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec Core LC] C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe start
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMANTEC\LIVEUP~1\SNDMON.EXE
O4 - HKLM\..\Run: [Ad-aware] "C:\PROGRAM FILES\LAVASOFT\AD-AWARE 6\AD-AWARE.EXE" +c
O4 - HKLM\..\Run: [MSConfigReminder] C:\WINDOWS\SYSTEM\msconfig.exe /reminder
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\RunServices: [ccEvtMgr] "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"
O4 - HKLM\..\RunServices: [ccSetMgr] "C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"
O4 - HKLM\..\RunServices: [SndSrvc] C:\PROGRA~1\COMMON~1\SYMANT~1\SNDSRVC.EXE
O4 - HKLM\..\RunServices: [ccProxy] C:\PROGRA~1\COMMON~1\SYMANT~1\CCPROXY.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Web Rebates - file://C:\Program Files\WebRebates\System\Temp\topr1150_script0.htm
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - (no file)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - (no file)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! WebCam Viewer Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab
O16 - DPF: {89122070-4199-11D4-8BAF-0050045B552C} - http://download.rocketpipe.com/bundles/2564.cab
O16 - DPF: ConferenceRoom Java Client - http://chat.privatefeeds.com:8000/java/cr.cab
O16 - DPF: ChatSpace Java Client 2.1.0.91 - http://65.106.39.244:8001/Java/cs4ms091.cab
O16 - DPF: {6C6FE41A-0DA6-42A1-9AD8-792026B2B2A7} (FreeCell Control) - http://mirror.worldwinner.com/games/v40/fr...ll/freecell.cab
O16 - DPF: {6BB594E2-6E4D-4CC9-98B0-931C323F9165} (DepHlp Control) - http://www.worldwinner.com/games/shared/dephlp.cab
O16 - DPF: ChatSpace Java Client 2.1.0.93 - http://65.106.39.244:8001/Java/cs4ms093.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...238/mcfscan.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab
O16 - DPF: {89D75D39-5531-47BA-9E4F-B346BA9C362C} (CWDL_DownLoadControl Class) - http://www.callwave.com/include/cab/CWDL_DownLoad.CAB
O16 - DPF: {75D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin.SecureControl) - http://secure2.comned.com/signuptemplates/ActiveSecurity.cab
O16 - DPF: {9CCE3B43-4DE0-4236-A84E-108CA848EE6A} (WebCam Control) - http://www.webcamnow.com/broadcast/ActiveXWebCam.cab
O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = adams.net
O17 - HKLM\System\CCS\Services\VxD\MSTCP: SearchList = adams.net
O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 216.138.0.4,216.138.0.11
O18 - Protocol: icoo - {4A8DADD4-5A25-4D41-8599-CB7458766220} - C:\WINDOWS\MSOPT.DLL



Help in correcting this would be greatly appreciated

If there is any info needed to assist please lemme know

BC AdBot (Login to Remove)

 


#2 vtec78

vtec78
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:03:06 AM

Posted 30 June 2004 - 04:16 AM

NEW LOG...After running spybot 1.3

Logfile of HijackThis v1.98.0
Scan saved at 4:27:11 AM, on 6/30/2004
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCEVTMGR.EXE
C:\WINDOWS\EXPLORER.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCSETMGR.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SNDSRVC.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCPROXY.EXE
C:\WINDOWS\SYSTEM\WBEM\WINMGMT.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCAPP.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCPD-LC\SYMLCSVC.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\TEATIMER.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\OPERA7\OPERA.EXE
C:\HJT\HIJACKTHIS\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system\iigde.dll/sp.html#96676
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = res://iigde.dll/index.html#96676
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system\iigde.dll/sp.html#96676
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system\iigde.dll/sp.html#96676
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = res://iigde.dll/index.html#96676
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {0096CC0A-623C-4829-AD9C-19AF0DC9D8FE} - (no file)
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll (file missing)
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: ICOO Loader BHO - {B9D90B27-AD4A-413a-88CB-3E6DDC10DC2D} - C:\WINDOWS\MSOPT.DLL (file missing)
O2 - BHO: Class - {E7E124F6-B309-8528-B4EA-26F462B941D5} - C:\WINDOWS\SYSTEM\JAVAEJ32.DLL (file missing)
O2 - BHO: Class - {9094044E-D64B-52BF-2293-CE35E7D82337} - C:\WINDOWS\SYSTEM\ADDSC.DLL (file missing)
O2 - BHO: Class - {18DF71F2-32D5-BEE7-153F-A4757D907148} - C:\WINDOWS\SYSTEM\NETAR32.DLL (file missing)
O2 - BHO: Class - {A3D99131-68E9-236B-D255-C50CDCDB0928} - C:\WINDOWS\SYSTEM\MSIC.DLL (file missing)
O2 - BHO: Class - {D5459708-5146-5B78-2C15-69BF794D6B12} - C:\WINDOWS\SYSTEM\MSSB32.DLL (file missing)
O2 - BHO: Class - {EE3BE29F-801F-7595-1735-75B9A69CA88D} - C:\WINDOWS\SYSTEM\ATLSP32.DLL (file missing)
O2 - BHO: Class - {2FA6B0AE-AAE8-9CDC-8004-516B1C672B52} - C:\WINDOWS\APPPA32.DLL (file missing)
O2 - BHO: Class - {7B852FD1-75E7-FC74-B7E9-ADEF49ABB2B2} - C:\WINDOWS\NETVQ.DLL (file missing)
O2 - BHO: Class - {82EF11BA-AF0F-7E93-124D-291F18B9DCDC} - C:\WINDOWS\SYSTEM\NTRI.DLL (file missing)
O2 - BHO: Class - {36A2F80C-005C-56CB-3C74-0564534D0215} - C:\WINDOWS\SYSTEM\NTWH.DLL (file missing)
O2 - BHO: Class - {A2CB8242-65E2-A803-8CBD-9D81A18D7D99} - C:\WINDOWS\APIDS32.DLL (file missing)
O2 - BHO: Class - {741FAA78-FB1F-CB3C-44BD-E14600CFF87A} - C:\WINDOWS\JAVAYQ.DLL (file missing)
O2 - BHO: Class - {7E7E368F-52C9-80E2-619A-AFF0E8DF2D31} - C:\WINDOWS\D3JJ.DLL (file missing)
O2 - BHO: Class - {C5F1D2AE-ADBF-9926-B1E9-C3D4E10E2CBB} - C:\WINDOWS\SDKCM.DLL__SpybotSDDisabled (file missing)
O2 - BHO: Class - {06204314-8710-7E66-8DEF-72A50FE93229} - C:\WINDOWS\SYSTEM\WINHB.DLL (file missing)
O2 - BHO: Class - {CF532F04-8C95-1B6E-C3C3-AE92B411CA46} - C:\WINDOWS\IECH.DLL (file missing)
O2 - BHO: Class - {53AC44D3-7DD4-0E64-44FF-00630DA3929F} - C:\WINDOWS\SYSTEM\APPLC32.DLL (file missing)
O2 - BHO: Class - {E15DE160-7915-1819-2868-8A99CB9D83E5} - C:\WINDOWS\NTRV32.DLL (file missing)
O2 - BHO: Class - {A20458A2-7655-7F96-C902-3F31980DA43F} - C:\WINDOWS\MSZK.DLL (file missing)
O2 - BHO: Class - {B2B4335D-B3F0-23F0-F786-D4D92E20AD29} - C:\WINDOWS\APICH32.DLL (file missing)
O2 - BHO: Class - {7C5F07FA-EE61-E2CA-7AC9-845516B1F196} - C:\WINDOWS\NETKP.DLL (file missing)
O2 - BHO: Class - {6BCBA5F1-60FE-2C08-77CB-F80DB152B4EF} - C:\WINDOWS\ATLRH.DLL (file missing)
O2 - BHO: Class - {1CA0B7AD-8C69-8293-369B-46E22D85FF51} - C:\WINDOWS\SYSTEM\D3QL32.DLL (file missing)
O2 - BHO: Class - {A5AD29F2-C417-ADBE-550D-61E932069FF5} - C:\WINDOWS\SYSTEM\CRQN32.DLL (file missing)
O2 - BHO: Class - {086EC45A-7F1E-8853-E711-291F764C1CD3} - C:\WINDOWS\SYSTEM\CRHR32.DLL (file missing)
O2 - BHO: Class - {C8994F9D-64C1-8785-E2A8-6309090595B7} - C:\WINDOWS\SYSTEM\APPNI.DLL (file missing)
O2 - BHO: Class - {09D55E10-2E07-7D53-29FE-5C3AF9DB4D7A} - C:\WINDOWS\ADDSB32.DLL (file missing)
O2 - BHO: Class - {65344CD2-2A9B-B346-1ECD-D08CAF49E420} - C:\WINDOWS\SYSTEM\D3CW32.DLL (file missing)
O2 - BHO: Class - {A8F17FED-B2E3-2815-E912-143F0CC418D2} - C:\WINDOWS\CRCB32.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRAM FILES\FLASHGET\FGIEBAR.DLL
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec Core LC] C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe start
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMANTEC\LIVEUP~1\SNDMON.EXE
O4 - HKLM\..\Run: [Ad-aware] "C:\PROGRAM FILES\LAVASOFT\AD-AWARE 6\AD-AWARE.EXE" +c
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\RunServices: [ccEvtMgr] "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"
O4 - HKLM\..\RunServices: [ccSetMgr] "C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"
O4 - HKLM\..\RunServices: [SndSrvc] C:\PROGRA~1\COMMON~1\SYMANT~1\SNDSRVC.EXE
O4 - HKLM\..\RunServices: [ccProxy] C:\PROGRA~1\COMMON~1\SYMANT~1\CCPROXY.EXE
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Web Rebates - file://C:\Program Files\WebRebates\System\Temp\topr1150_script0.htm
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - (no file)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - (no file)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! WebCam Viewer Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab
O16 - DPF: {89122070-4199-11D4-8BAF-0050045B552C} - http://download.rocketpipe.com/bundles/2564.cab
O16 - DPF: ConferenceRoom Java Client - http://chat.privatefeeds.com:8000/java/cr.cab
O16 - DPF: ChatSpace Java Client 2.1.0.91 - http://65.106.39.244:8001/Java/cs4ms091.cab
O16 - DPF: {6C6FE41A-0DA6-42A1-9AD8-792026B2B2A7} (FreeCell Control) - http://mirror.worldwinner.com/games/v40/fr...ll/freecell.cab
O16 - DPF: {6BB594E2-6E4D-4CC9-98B0-931C323F9165} (DepHlp Control) - http://www.worldwinner.com/games/shared/dephlp.cab
O16 - DPF: ChatSpace Java Client 2.1.0.93 - http://65.106.39.244:8001/Java/cs4ms093.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...238/mcfscan.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab
O16 - DPF: {89D75D39-5531-47BA-9E4F-B346BA9C362C} (CWDL_DownLoadControl Class) - http://www.callwave.com/include/cab/CWDL_DownLoad.CAB
O16 - DPF: {75D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin.SecureControl) - http://secure2.comned.com/signuptemplates/ActiveSecurity.cab
O16 - DPF: {9CCE3B43-4DE0-4236-A84E-108CA848EE6A} (WebCam Control) - http://www.webcamnow.com/broadcast/ActiveXWebCam.cab
O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = adams.net
O17 - HKLM\System\CCS\Services\VxD\MSTCP: SearchList = adams.net
O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 216.138.0.4,216.138.0.11
O18 - Protocol: icoo - {4A8DADD4-5A25-4D41-8599-CB7458766220} - C:\WINDOWS\MSOPT.DLL

#3 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,542 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:04:06 AM

Posted 30 June 2004 - 11:19 AM

Please fix these with hijackthis:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system\iigde.dll/sp.html#96676
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = res://iigde.dll/index.html#96676
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system\iigde.dll/sp.html#96676
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system\iigde.dll/sp.html#96676
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = res://iigde.dll/index.html#96676
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: ICOO Loader BHO - {B9D90B27-AD4A-413a-88CB-3E6DDC10DC2D} - C:\WINDOWS\MSOPT.DLL (file missing)
O2 - BHO: Class - {E7E124F6-B309-8528-B4EA-26F462B941D5} - C:\WINDOWS\SYSTEM\JAVAEJ32.DLL (file missing)
O2 - BHO: Class - {9094044E-D64B-52BF-2293-CE35E7D82337} - C:\WINDOWS\SYSTEM\ADDSC.DLL (file missing)
O2 - BHO: Class - {18DF71F2-32D5-BEE7-153F-A4757D907148} - C:\WINDOWS\SYSTEM\NETAR32.DLL (file missing)
O2 - BHO: Class - {A3D99131-68E9-236B-D255-C50CDCDB0928} - C:\WINDOWS\SYSTEM\MSIC.DLL (file missing)
O2 - BHO: Class - {D5459708-5146-5B78-2C15-69BF794D6B12} - C:\WINDOWS\SYSTEM\MSSB32.DLL (file missing)
O2 - BHO: Class - {EE3BE29F-801F-7595-1735-75B9A69CA88D} - C:\WINDOWS\SYSTEM\ATLSP32.DLL (file missing)
O2 - BHO: Class - {2FA6B0AE-AAE8-9CDC-8004-516B1C672B52} - C:\WINDOWS\APPPA32.DLL (file missing)
O2 - BHO: Class - {7B852FD1-75E7-FC74-B7E9-ADEF49ABB2B2} - C:\WINDOWS\NETVQ.DLL (file missing)
O2 - BHO: Class - {82EF11BA-AF0F-7E93-124D-291F18B9DCDC} - C:\WINDOWS\SYSTEM\NTRI.DLL (file missing)
O2 - BHO: Class - {36A2F80C-005C-56CB-3C74-0564534D0215} - C:\WINDOWS\SYSTEM\NTWH.DLL (file missing)
O2 - BHO: Class - {A2CB8242-65E2-A803-8CBD-9D81A18D7D99} - C:\WINDOWS\APIDS32.DLL (file missing)
O2 - BHO: Class - {741FAA78-FB1F-CB3C-44BD-E14600CFF87A} - C:\WINDOWS\JAVAYQ.DLL (file missing)
O2 - BHO: Class - {7E7E368F-52C9-80E2-619A-AFF0E8DF2D31} - C:\WINDOWS\D3JJ.DLL (file missing)
O2 - BHO: Class - {C5F1D2AE-ADBF-9926-B1E9-C3D4E10E2CBB} - C:\WINDOWS\SDKCM.DLL__SpybotSDDisabled (file missing)
O2 - BHO: Class - {06204314-8710-7E66-8DEF-72A50FE93229} - C:\WINDOWS\SYSTEM\WINHB.DLL (file missing)
O2 - BHO: Class - {CF532F04-8C95-1B6E-C3C3-AE92B411CA46} - C:\WINDOWS\IECH.DLL (file missing)
O2 - BHO: Class - {53AC44D3-7DD4-0E64-44FF-00630DA3929F} - C:\WINDOWS\SYSTEM\APPLC32.DLL (file missing)
O2 - BHO: Class - {E15DE160-7915-1819-2868-8A99CB9D83E5} - C:\WINDOWS\NTRV32.DLL (file missing)
O2 - BHO: Class - {A20458A2-7655-7F96-C902-3F31980DA43F} - C:\WINDOWS\MSZK.DLL (file missing)
O2 - BHO: Class - {B2B4335D-B3F0-23F0-F786-D4D92E20AD29} - C:\WINDOWS\APICH32.DLL (file missing)
O2 - BHO: Class - {7C5F07FA-EE61-E2CA-7AC9-845516B1F196} - C:\WINDOWS\NETKP.DLL (file missing)
O2 - BHO: Class - {6BCBA5F1-60FE-2C08-77CB-F80DB152B4EF} - C:\WINDOWS\ATLRH.DLL (file missing)
O2 - BHO: Class - {1CA0B7AD-8C69-8293-369B-46E22D85FF51} - C:\WINDOWS\SYSTEM\D3QL32.DLL (file missing)
O2 - BHO: Class - {A5AD29F2-C417-ADBE-550D-61E932069FF5} - C:\WINDOWS\SYSTEM\CRQN32.DLL (file missing)
O2 - BHO: Class - {086EC45A-7F1E-8853-E711-291F764C1CD3} - C:\WINDOWS\SYSTEM\CRHR32.DLL (file missing)
O2 - BHO: Class - {C8994F9D-64C1-8785-E2A8-6309090595B7} - C:\WINDOWS\SYSTEM\APPNI.DLL (file missing)
O2 - BHO: Class - {09D55E10-2E07-7D53-29FE-5C3AF9DB4D7A} - C:\WINDOWS\ADDSB32.DLL (file missing)
O2 - BHO: Class - {65344CD2-2A9B-B346-1ECD-D08CAF49E420} - C:\WINDOWS\SYSTEM\D3CW32.DLL (file missing)
O2 - BHO: Class - {A8F17FED-B2E3-2815-E912-143F0CC418D2} - C:\WINDOWS\CRCB32.DLL
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O18 - Protocol: icoo - {4A8DADD4-5A25-4D41-8599-CB7458766220} - C:\WINDOWS\MSOPT.DLL

Reboot into safe mode and delete the following:

C:\WINDOWS\MSOPT.DLL
C:\WINDOWS\system\iigde.dll

Reboot and post a new log




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users