|
Donation/Premium |
|
 |
|
|
|
|
|
|
|
|
|
| View previous topic :: View next topic |
| Author |
Message |
sublime1591
Trooper
Joined: Jul 07, 2004
Posts: 11
Location: USA
|
 Posted: Thu Jul 08, 2004 12:03 am Post subject: I need Help! |
|
|
ok i have somethng on my pc and i have no idea what it is. When i turn on my pc on my windows toolbar there is this search asistant thing. Then in my internet exploroer toolbar there is a main links bar that links to music help and some auoto thing wich i have no idea how it got there. Does anyone know what i have and have anything to get rid of it? Also i have a pop up blocker but whenever i open my internet explorer there always is pop ups and my homepage is yahoo and there isnt supose to be a pop up i know theres something fishy about that...
|
|
| Back to top |
|
 |
xcrunner
1st Responder
Joined: Mar 04, 2004
Posts: 919
|
| Posted: Thu Jul 08, 2004 12:05 am Post subject: |
|
|
Hi sublime1591, welcome to Computer Cops
In order to help you we need a HiJack log so....
Download : HiJackThis from :  /downloads-cat-14.html
Create and Unzip to a folder, not your Desktop or the Temp folder,
Update it, use the "CONFIG" button, then press "MISC TOOLS" followed by " Check for update online
after the update press the "Back" button
Then doubleclick HijackThis.exe, and hit "Scan".
When the scan is finished, use "Save Log" button, save the log in a text file,
best to save your text file in the same folder as where you put HiJack,
then post your log here : /f67-Trend_Micro_HijackThis_Logs.html by simply Copy/Past the info from your text file
DO NOT FIX ANYTHING YOURSELF NOW, JUST WAIT FOR AN EXPERT TO HAVE A LOOK AT YOUR LOG AS THE.
BIGGEST PART OF THE ENTRIES ARE NEEDED , REMOVING THEM CAN CAUSE SERIOUS DAMAGE.
|
|
| Back to top |
|
|
sublime1591
Trooper
Joined: Jul 07, 2004
Posts: 11
Location: USA
|
| Posted: Thu Jul 08, 2004 12:09 am Post subject: d |
|
|
heres my log
Logfile of HijackThis v1.98.0
Scan saved at 8:12:38 PM, on 7/7/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\System32\rmctrl.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\ndw\ndw.exe
C:\Program Files\ndw\ndw.exe
C:\WINDOWS\System32\qwdwzqqq.exe
C:\Program Files\WindowsSA\omniscient.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Linksys\WMP11 Config Utility\WMP11CFG.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Boog\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
F2 - REG:system.ini: UserInit=C:\Windows\System32\wsaupdater.exe,
O2 - BHO: (no name) - SOFTWARE - (no file)
O2 - BHO: CSIECore Class - {00000000-0000-0000-0000-000000000221} - C:\Program Files\ClearSearch\CSIE.DLL (file missing)
O2 - BHO: MxTargetObj Class - {0000607D-D204-42C7-8E46-216055BF9918} - C:\WINDOWS\mxTarget.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {83DE62E0-5805-11D8-9B25-00E04C60FAF2} - C:\WINDOWS\2_0_1browserhelper2.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.1601.0\en-us\msntb.dll
O4 - HKLM\..\Run: [iTunesHelper] F:\Program Files\itunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] C:\WINDOWS\System32\rmctrl.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [ndw] C:\Program Files\ndw\ndw.exe
O4 - HKLM\..\Run: [rwsdiv] C:\WINDOWS\System32\qwdwzqqq.exe
O4 - HKLM\..\Run: [Windows SA] C:\Program Files\WindowsSA\omniscient.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [SuperCleaner] "C:\Documents and Settings\Boog\Desktop\SuperCleaner.exe" /h/b
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Wireless PCI Card Configuration Utility.lnk = C:\Program Files\Linksys\WMP11 Config Utility\WMP11CFG.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/31d125c852e3e7f71b02/netzip/RdxIE601.cab
|
|
| Back to top |
|
|
xcrunner
1st Responder
Joined: Mar 04, 2004
Posts: 919
|
| Posted: Fri Jul 09, 2004 11:30 am Post subject: |
|
|
First put HJT into it's own folder (Not on the desktop or in the temp folder) so the files you fix will be backed up.
Then close all browser and explorer windows and other applications.
Fix the following files:
O2 - BHO: (no name) - SOFTWARE - (no file)
O2 - BHO: CSIECore Class - {00000000-0000-0000-0000-000000000221} - C:\Program Files\ClearSearch\CSIE.DLL (file missing)
O2 - BHO: MxTargetObj Class - {0000607D-D204-42C7-8E46-216055BF9918} - C:\WINDOWS\mxTarget.dll
O2 - BHO: (no name) - {83DE62E0-5805-11D8-9B25-00E04C60FAF2} - C:\WINDOWS\2_0_1browserhelper2.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
Then go to http://grc.com/stm/shootthemessenger.htm and download Shoot the Messenger
Then run Spybot and Ad-Aware
Then post another log
|
|
| Back to top |
|
|
|
|
|
You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You cannot download files in this forum
|
Powered by phpBB © 2001 phpBB Group
|
Forum FAQ
Search
Usergroups
Profile
Login to check your private messages
Login
