Dustinwmew Posted July 26, 2004 Share Posted July 26, 2004 I have ran AVG, and Ad-aware but it has not been fixed. Here is my hijackthis log.Logfile of HijackThis v1.97.7Scan saved at 4:11:07 AM, on 7/26/2004Platform: Windows XP SP1 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\System32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\PROGRA~1\Grisoft\AVGTCP~1\avgtcpsv.exeP:\Program Files\Executive Software\Diskeeper\DkService.exeC:\WINDOWS\System32\svchost.exeP:\Program Files\VMware\VMware Workstation\vmware-authd.exeC:\WINDOWS\System32\vmnat.exeC:\WINDOWS\system32\ZoneLabs\vsmon.exeC:\WINDOWS\System32\vmnetdhcp.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\System32\CTHELPER.EXEC:\WINDOWS\System32\devldr32.exeC:\WINDOWS\System32\rmctrl.exeC:\Program Files\Java\j2re1.4.2_05\bin\jusched.exeC:\WINDOWS\System32\wuamgd.exeC:\Program Files\Zone Labs\ZoneAlarm\zlclient.exeP:\Program Files\Hewlett-Packard\AiO\hp officejet k series\Bin\hpoorn07.exeP:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exeC:\WINDOWS\System32\hpoipm07.exeP:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOSTS07.exeP:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOFXM07.exeC:\Program Files\NetLimiter\NetLimiter.exeC:\Program Files\Internet Explorer\iexplore.exep:\Program Files\WinRAR\WinRAR.exet:\temp\Rar$EX00.223\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchcentral.cc/search.php?v=4&aff=2116R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchcentral.cc/index.php?v=4&aff=2116R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://searchcentral.cc/index.php?v=4&aff=2116O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dllO3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocxO3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.1629.0\en-us\msntb.dllO4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXEO4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXEO4 - HKLM\..\Run: [Jet Detection] "P:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exeO4 - HKLM\..\Run: [RemoteControl] C:\WINDOWS\System32\rmctrl.exeO4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exeO4 - HKLM\..\Run: [LiveMonitor] C:\Program Files\MSI\Live Update 3\LMonitor.exeO4 - HKLM\..\Run: [Win32 USB2 Driver] svchosting.exeO4 - HKLM\..\Run: [Cryptographic Service] C:\WINDOWS\System32\chpvuyxx.exeO4 - HKLM\..\Run: [System Update] C:\WINDOWS\System32\afwbtntc.exeO4 - HKLM\..\Run: [Microsoft Update Machine] wuamgd.exeO4 - HKLM\..\Run: [Zone Labs Client] "c:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"O4 - HKLM\..\Run: [Ad-watch] "P:\Program Files\Lavasoft\Ad-aware 6\Ad-watch.exe"O4 - HKLM\..\Run: [NetLimiter] C:\Program Files\NetLimiter\NetLimiter.exe /sO4 - HKLM\..\RunServices: [Win32 USB2 Driver] svchosting.exeO4 - HKLM\..\RunServices: [Microsoft Update Machine] wuamgd.exeO4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -HideO4 - HKCU\..\Run: [AIM] P:\Program Files\AIM\aim.exe -cnetwait.odlO4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /backgroundO4 - HKCU\..\Run: [Win32 USB2 Driver] svchosting.exeO4 - HKCU\..\Run: [Microsoft Update Machine] wuamgd.exeO4 - HKLM\..\RunOnce: [Win32 USB2 Driver] svchosting.exeO4 - HKCU\..\RunOnce: [Win32 USB2 Driver] svchosting.exeO4 - Global Startup: Gomez PEER.lnk = P:\Program Files\Gomez\GomezPEER\bin\GomezPEER.exeO4 - Global Startup: HPAiODevice(hp officejet k series) - 1.lnk = P:\Program Files\Hewlett-Packard\AiO\hp officejet k series\Bin\hpoorn07.exeO6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions presentO6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel presentO9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)O9 - Extra button: AIM (HKLM)O9 - Extra button: Messenger (HKLM)O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)O16 - DPF: cpcScanner - http://www.crucial.com/controls/cpcScanner.cabO16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://support.gateway.com/support/profiler/PCPitStop.CABO16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cabO16 - DPF: {86A88967-7A20-11D2-8EDA-00600818EDB1} (ParallelGraphics Cortona Control) - http://www.parallelgraphics.com/bin/cortvrml.cabO16 - DPF: {9059F30F-4EB1-4BD2-9FDC-36F43A218F4A} (Microsoft RDP Client Control (redist)) - http://remote.chrishemple.co.uk/msrdp.cabO16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38153.8903587963O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cabO16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/aio/en/check/qdiagh.cab?321O17 - HKLM\System\CCS\Services\Tcpip\..\{6E0F0D2B-CF86-49FB-A618-6C4F7B387B39}: NameServer = 151.196.0.39 151.196.0.38 Link to comment Share on other sites More sharing options...
MCT Posted July 26, 2004 Share Posted July 26, 2004 since u didnt explain what your problem was..remove these: R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchcentral.cc/search.php?v=4&aff=2116R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchcentral.cc/index.php?v=4&aff=2116R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://searchcentral.cc/index.php?v=4&aff=2116Consider downloading Spyware Blaster 3.2 it will prevent further spyware infections & it doesnt have 2 be running search http://google.com for itEDIT: also download spybot S & D and MAKE sure ALL programs are updated b4 u scan with themhope this helps Link to comment Share on other sites More sharing options...
greentop Posted July 27, 2004 Share Posted July 27, 2004 Ad-Aware may also do the trick. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now