Jump to content


Photo

Can't Get Rid Of Pop-Ups (HiJack This log included


  • This topic is locked This topic is locked
4 replies to this topic

#1 BelowMe281

BelowMe281

    Member

  • New Member
  • Pip
  • 2 posts

Posted 27 July 2004 - 10:07 AM

I get numerous pop-ups that can't be stopped by a pop-up blocker, i've used Ad-Aware 6.0 and Norton AntiVirus.

Here's the HiJack This log:

Logfile of HijackThis v1.98.0
Scan saved at 11:00:14 AM, on 7/27/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\apirt.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\BCMSMMSG.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Dell\EUSW\Support.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\System32\opdhrjh.exe
C:\WINDOWS\system32\apiwn32.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HiJack This\HijackThis\HijackThis.exe
C:\Program Files\Messenger\msmsgs.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drs...esearch.cgi?id=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\flamj.dll/sp.html#37049
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = res://flamj.dll/index.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = res://flamj.dll/index.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system32\flamj.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drs...esearch.cgi?id=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\flamj.dll/sp.html#37049
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = res://flamj.dll/index.html#37049
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://websearch.drs...esearch.cgi?id=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://websearch.drs...esearch.cgi?id=
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,(Default) = http://homepage.com...nder.cc/search/ (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = websearch.drsnsrch.com/q.cgi?q=
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://homepage.com...nder.cc/search/ (obfuscated)
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {426F7571-0EFF-31B0-5A55-AB0647B91F4F} - C:\WINDOWS\d3hd.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [DwlClient] C:\Program Files\Common Files\Dell\EUSW\Support.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [hfcagpa] C:\WINDOWS\System32\opdhrjh.exe
O4 - HKLM\..\Run: [sdkso.exe] C:\WINDOWS\system32\sdkso.exe
O4 - HKLM\..\Run: [ipwf.exe] C:\WINDOWS\system32\ipwf.exe
O4 - HKLM\..\Run: [d3kb.exe] C:\WINDOWS\system32\d3kb.exe
O4 - HKLM\..\Run: [iprs32.exe] C:\WINDOWS\system32\iprs32.exe
O4 - HKLM\..\Run: [WebRebates0] "C:\Program Files\Web_Rebates\WebRebates0.exe"
O4 - HKLM\..\Run: [apiwn32.exe] C:\WINDOWS\system32\apiwn32.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\RunOnce: [winmy32.exe] C:\WINDOWS\system32\winmy32.exe
O4 - HKLM\..\RunOnce: [msia.exe] C:\WINDOWS\system32\msia.exe
O4 - HKLM\..\RunOnce: [sdkix.exe] C:\WINDOWS\system32\sdkix.exe
O4 - HKLM\..\RunOnce: [appxs.exe] C:\WINDOWS\system32\appxs.exe
O4 - HKLM\..\RunOnce: [netum32.exe] C:\WINDOWS\netum32.exe
O4 - HKLM\..\RunOnce: [ntjj.exe] C:\WINDOWS\system32\ntjj.exe
O4 - HKLM\..\RunOnce: [netkk.exe] C:\WINDOWS\netkk.exe
O4 - HKLM\..\RunOnce: [sysxp32.exe] C:\WINDOWS\system32\sysxp32.exe
O4 - HKLM\..\RunOnce: [iete.exe] C:\WINDOWS\iete.exe
O4 - HKLM\..\RunOnce: [netkt.exe] C:\WINDOWS\netkt.exe
O4 - HKLM\..\RunOnce: [ieht32.exe] C:\WINDOWS\ieht32.exe
O4 - HKLM\..\RunOnce: [mskn32.exe] C:\WINDOWS\system32\mskn32.exe
O4 - HKLM\..\RunOnce: [netyh.exe] C:\WINDOWS\netyh.exe
O4 - HKLM\..\RunOnce: [apizp.exe] C:\WINDOWS\apizp.exe
O4 - HKLM\..\RunOnce: [javase32.exe] C:\WINDOWS\javase32.exe
O4 - HKLM\..\RunOnce: [atldr32.exe] C:\WINDOWS\atldr32.exe
O4 - HKLM\..\RunOnce: [addht.exe] C:\WINDOWS\system32\addht.exe
O4 - HKLM\..\RunOnce: [apixc.exe] C:\WINDOWS\system32\apixc.exe
O4 - HKLM\..\RunOnce: [windu.exe] C:\WINDOWS\windu.exe
O4 - HKLM\..\RunOnce: [sysrj.exe] C:\WINDOWS\sysrj.exe
O4 - HKLM\..\RunOnce: [javauc32.exe] C:\WINDOWS\javauc32.exe
O4 - HKLM\..\RunOnce: [atlmk.exe] C:\WINDOWS\atlmk.exe
O4 - HKLM\..\RunOnce: [iesp32.exe] C:\WINDOWS\system32\iesp32.exe
O4 - HKLM\..\RunOnce: [ipvs.exe] C:\WINDOWS\ipvs.exe
O4 - HKLM\..\RunOnce: [apibh32.exe] C:\WINDOWS\system32\apibh32.exe
O4 - HKLM\..\RunOnce: [ipec.exe] C:\WINDOWS\ipec.exe
O4 - HKLM\..\RunOnce: [sdkaj32.exe] C:\WINDOWS\system32\sdkaj32.exe
O4 - HKLM\..\RunOnce: [mfceu.exe] C:\WINDOWS\mfceu.exe
O4 - HKLM\..\RunOnce: [d3ct32.exe] C:\WINDOWS\d3ct32.exe
O4 - HKLM\..\RunOnce: [sdkyb.exe] C:\WINDOWS\system32\sdkyb.exe
O4 - HKLM\..\RunOnce: [apibc.exe] C:\WINDOWS\apibc.exe
O4 - HKLM\..\RunOnce: [atlvc.exe] C:\WINDOWS\atlvc.exe
O4 - HKLM\..\RunOnce: [appkx32.exe] C:\WINDOWS\system32\appkx32.exe
O4 - HKLM\..\RunOnce: [apiiz32.exe] C:\WINDOWS\system32\apiiz32.exe
O4 - HKLM\..\RunOnce: [winna32.exe] C:\WINDOWS\system32\winna32.exe
O4 - HKLM\..\RunOnce: [apppp.exe] C:\WINDOWS\system32\apppp.exe
O4 - HKLM\..\RunOnce: [iegm32.exe] C:\WINDOWS\system32\iegm32.exe
O4 - HKLM\..\RunOnce: [mfccx.exe] C:\WINDOWS\system32\mfccx.exe
O4 - HKLM\..\RunOnce: [sysal32.exe] C:\WINDOWS\system32\sysal32.exe
O4 - HKLM\..\RunOnce: [cryl32.exe] C:\WINDOWS\cryl32.exe
O4 - HKLM\..\RunOnce: [javazo.exe] C:\WINDOWS\system32\javazo.exe
O4 - HKLM\..\RunOnce: [msfv.exe] C:\WINDOWS\system32\msfv.exe
O4 - HKLM\..\RunOnce: [ieoz.exe] C:\WINDOWS\ieoz.exe
O4 - HKLM\..\RunOnce: [addfo.exe] C:\WINDOWS\addfo.exe
O4 - HKLM\..\RunOnce: [netpp32.exe] C:\WINDOWS\system32\netpp32.exe
O4 - HKLM\..\RunOnce: [crxc.exe] C:\WINDOWS\system32\crxc.exe
O4 - HKLM\..\RunOnce: [atlrx32.exe] C:\WINDOWS\atlrx32.exe
O4 - HKLM\..\RunOnce: [d3ze.exe] C:\WINDOWS\system32\d3ze.exe
O4 - HKLM\..\RunOnce: [addkf.exe] C:\WINDOWS\addkf.exe
O4 - HKLM\..\RunOnce: [mfcci32.exe] C:\WINDOWS\mfcci32.exe
O4 - HKLM\..\RunOnce: [appdu.exe] C:\WINDOWS\appdu.exe
O4 - HKLM\..\RunOnce: [iekg.exe] C:\WINDOWS\system32\iekg.exe
O4 - HKLM\..\RunOnce: [sysop.exe] C:\WINDOWS\sysop.exe
O4 - HKLM\..\RunOnce: [mfchg.exe] C:\WINDOWS\system32\mfchg.exe
O4 - HKLM\..\RunOnce: [ipuk32.exe] C:\WINDOWS\ipuk32.exe
O4 - HKLM\..\RunOnce: [ieci32.exe] C:\WINDOWS\system32\ieci32.exe
O4 - HKLM\..\RunOnce: [d3je32.exe] C:\WINDOWS\d3je32.exe
O4 - HKLM\..\RunOnce: [javaek32.exe] C:\WINDOWS\system32\javaek32.exe
O4 - HKLM\..\RunOnce: [winsb.exe] C:\WINDOWS\winsb.exe
O4 - HKLM\..\RunOnce: [iews.exe] C:\WINDOWS\iews.exe
O4 - HKLM\..\RunOnce: [iezu.exe] C:\WINDOWS\iezu.exe
O4 - HKLM\..\RunOnce: [iety.exe] C:\WINDOWS\iety.exe
O4 - HKLM\..\RunOnce: [msdc.exe] C:\WINDOWS\system32\msdc.exe
O4 - HKLM\..\RunOnce: [sdkqk32.exe] C:\WINDOWS\sdkqk32.exe
O4 - HKLM\..\RunOnce: [javadj32.exe] C:\WINDOWS\system32\javadj32.exe
O4 - HKLM\..\RunOnce: [netws.exe] C:\WINDOWS\netws.exe
O4 - HKLM\..\RunOnce: [crzz.exe] C:\WINDOWS\system32\crzz.exe
O4 - HKLM\..\RunOnce: [sdkwm32.exe] C:\WINDOWS\system32\sdkwm32.exe
O4 - HKLM\..\RunOnce: [addug32.exe] C:\WINDOWS\addug32.exe
O4 - HKLM\..\RunOnce: [crgf.exe] C:\WINDOWS\crgf.exe
O4 - HKLM\..\RunOnce: [appkx.exe] C:\WINDOWS\system32\appkx.exe
O4 - HKLM\..\RunOnce: [sysrv32.exe] C:\WINDOWS\sysrv32.exe
O4 - HKLM\..\RunOnce: [d3jz32.exe] C:\WINDOWS\system32\d3jz32.exe
O4 - HKLM\..\RunOnce: [ntmv.exe] C:\WINDOWS\system32\ntmv.exe
O4 - HKLM\..\RunOnce: [appak32.exe] C:\WINDOWS\appak32.exe
O4 - HKLM\..\RunOnce: [crdb32.exe] C:\WINDOWS\crdb32.exe
O4 - HKLM\..\RunOnce: [netpl.exe] C:\WINDOWS\system32\netpl.exe
O4 - HKLM\..\RunOnce: [winhc32.exe] C:\WINDOWS\system32\winhc32.exe
O4 - HKLM\..\RunOnce: [crah32.exe] C:\WINDOWS\crah32.exe
O4 - HKLM\..\RunOnce: [netgx.exe] C:\WINDOWS\system32\netgx.exe
O4 - HKLM\..\RunOnce: [appjd32.exe] C:\WINDOWS\appjd32.exe
O4 - HKLM\..\RunOnce: [atlef.exe] C:\WINDOWS\system32\atlef.exe
O4 - HKLM\..\RunOnce: [sysqz32.exe] C:\WINDOWS\system32\sysqz32.exe
O4 - HKLM\..\RunOnce: [netch.exe] C:\WINDOWS\system32\netch.exe
O4 - HKLM\..\RunOnce: [addsz32.exe] C:\WINDOWS\addsz32.exe
O4 - HKLM\..\RunOnce: [apirt.exe] C:\WINDOWS\apirt.exe
O4 - HKLM\..\RunOnce: [javafo32.exe] C:\WINDOWS\javafo32.exe
O4 - HKLM\..\RunOnce: [javaxa.exe] C:\WINDOWS\system32\javaxa.exe
O4 - HKLM\..\RunOnce: [javaym32.exe] C:\WINDOWS\system32\javaym32.exe
O4 - HKLM\..\RunOnce: [netot.exe] C:\WINDOWS\netot.exe
O4 - HKLM\..\RunOnce: [mfcyx32.exe] C:\WINDOWS\system32\mfcyx32.exe
O4 - HKLM\..\RunOnce: [crkf.exe] C:\WINDOWS\system32\crkf.exe
O4 - HKLM\..\RunOnce: [nthe.exe] C:\WINDOWS\nthe.exe
O4 - HKLM\..\RunOnce: [mfcrq32.exe] C:\WINDOWS\mfcrq32.exe
O4 - HKLM\..\RunOnce: [d3gt.exe] C:\WINDOWS\d3gt.exe
O4 - HKLM\..\RunOnce: [addrx.exe] C:\WINDOWS\addrx.exe
O4 - HKLM\..\RunOnce: [syswv.exe] C:\WINDOWS\system32\syswv.exe
O4 - HKLM\..\RunOnce: [javadb.exe] C:\WINDOWS\system32\javadb.exe
O4 - HKLM\..\RunOnce: [mfclu32.exe] C:\WINDOWS\system32\mfclu32.exe
O4 - HKLM\..\RunOnce: [sysmj.exe] C:\WINDOWS\system32\sysmj.exe
O4 - HKLM\..\RunOnce: [netzx.exe] C:\WINDOWS\system32\netzx.exe
O4 - HKLM\..\RunOnce: [sysyj32.exe] C:\WINDOWS\sysyj32.exe
O4 - HKLM\..\RunOnce: [msva.exe] C:\WINDOWS\msva.exe
O4 - HKLM\..\RunOnce: [sysrt.exe] C:\WINDOWS\system32\sysrt.exe
O4 - HKLM\..\RunOnce: [netae32.exe] C:\WINDOWS\system32\netae32.exe
O4 - HKLM\..\RunOnce: [msck.exe] C:\WINDOWS\system32\msck.exe
O4 - HKLM\..\RunOnce: [atleq32.exe] C:\WINDOWS\atleq32.exe
O4 - HKLM\..\RunOnce: [ipen32.exe] C:\WINDOWS\ipen32.exe
O4 - HKLM\..\RunOnce: [atlbs.exe] C:\WINDOWS\system32\atlbs.exe
O4 - HKLM\..\RunOnce: [atlet.exe] C:\WINDOWS\atlet.exe
O4 - HKLM\..\RunOnce: [ntpk.exe] C:\WINDOWS\system32\ntpk.exe
O4 - HKLM\..\RunOnce: [mfccq32.exe] C:\WINDOWS\mfccq32.exe
O4 - HKLM\..\RunOnce: [iebp.exe] C:\WINDOWS\iebp.exe
O4 - HKLM\..\RunOnce: [winbd32.exe] C:\WINDOWS\system32\winbd32.exe
O4 - HKLM\..\RunOnce: [addif.exe] C:\WINDOWS\addif.exe
O4 - HKLM\..\RunOnce: [winvw.exe] C:\WINDOWS\winvw.exe
O4 - HKLM\..\RunOnce: [sdktw.exe] C:\WINDOWS\system32\sdktw.exe
O4 - HKLM\..\RunOnce: [crvl.exe] C:\WINDOWS\crvl.exe
O4 - HKLM\..\RunOnce: [ieul.exe] C:\WINDOWS\ieul.exe
O4 - HKLM\..\RunOnce: [sdkpi.exe] C:\WINDOWS\system32\sdkpi.exe
O4 - HKLM\..\RunOnce: [apiqv32.exe] C:\WINDOWS\system32\apiqv32.exe
O4 - HKLM\..\RunOnce: [d3mp.exe] C:\WINDOWS\system32\d3mp.exe
O4 - HKLM\..\RunOnce: [apibp32.exe] C:\WINDOWS\apibp32.exe
O4 - HKLM\..\RunOnce: [apiem32.exe] C:\WINDOWS\system32\apiem32.exe
O4 - HKLM\..\RunOnce: [ieey.exe] C:\WINDOWS\system32\ieey.exe
O4 - HKLM\..\RunOnce: [atlph.exe] C:\WINDOWS\atlph.exe
O4 - HKLM\..\RunOnce: [apinl.exe] C:\WINDOWS\apinl.exe
O4 - HKLM\..\RunOnce: [sdkrh32.exe] C:\WINDOWS\sdkrh32.exe
O4 - HKLM\..\RunOnce: [sdksv32.exe] C:\WINDOWS\system32\sdksv32.exe
O4 - HKLM\..\RunOnce: [winan.exe] C:\WINDOWS\winan.exe
O4 - HKLM\..\RunOnce: [mfctu.exe] C:\WINDOWS\system32\mfctu.exe
O4 - HKLM\..\RunOnce: [javajk32.exe] C:\WINDOWS\javajk32.exe
O4 - HKLM\..\RunOnce: [atlfz32.exe] C:\WINDOWS\atlfz32.exe
O4 - HKLM\..\RunOnce: [iphr32.exe] C:\WINDOWS\iphr32.exe
O4 - HKLM\..\RunOnce: [apiis32.exe] C:\WINDOWS\system32\apiis32.exe
O4 - HKLM\..\RunOnce: [ntpf.exe] C:\WINDOWS\ntpf.exe
O4 - HKLM\..\RunOnce: [d3yx.exe] C:\WINDOWS\d3yx.exe
O4 - HKLM\..\RunOnce: [ntjg.exe] C:\WINDOWS\ntjg.exe
O4 - HKLM\..\RunOnce: [d3ib32.exe] C:\WINDOWS\d3ib32.exe
O4 - HKLM\..\RunOnce: [atljg.exe] C:\WINDOWS\atljg.exe
O4 - HKLM\..\RunOnce: [winbl32.exe] C:\WINDOWS\system32\winbl32.exe
O4 - HKLM\..\RunOnce: [sdkah.exe] C:\WINDOWS\system32\sdkah.exe
O4 - HKLM\..\RunOnce: [netgv.exe] C:\WINDOWS\netgv.exe
O4 - HKLM\..\RunOnce: [javaos32.exe] C:\WINDOWS\javaos32.exe
O4 - HKLM\..\RunOnce: [iewb.exe] C:\WINDOWS\system32\iewb.exe
O4 - HKLM\..\RunOnce: [atlad.exe] C:\WINDOWS\system32\atlad.exe
O4 - HKLM\..\RunOnce: [sdksb32.exe] C:\WINDOWS\system32\sdksb32.exe
O4 - HKLM\..\RunOnce: [netlc.exe] C:\WINDOWS\system32\netlc.exe
O4 - HKLM\..\RunOnce: [addna.exe] C:\WINDOWS\system32\addna.exe
O4 - HKLM\..\RunOnce: [ntct.exe] C:\WINDOWS\system32\ntct.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O13 - DefaultPrefix: http://%65%68%74%74%70%2E%63%63/?
O13 - WWW Prefix: http://%65%68%74%74%70%2E%63%63/?
O13 - WWW. Prefix: http://ehttp.cc/?
O16 - DPF: {00000EF1-0786-4633-87C6-1AA7A44296DA} - http://www.addictive...ab/1w2fcksh.cab
O16 - DPF: {10000000-1000-0000-1000-000000000000} - file://C:\Program Files\Internet Explorer\a.exe
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.co...etup1.0.0.8.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.c...nst20040510.cab
O16 - DPF: {79B96C72-C0D0-4DC8-BC7E-9F314A918228} - http://ak.imgfarm.co...etup1.0.0.7.cab
O16 - DPF: {E13F1132-4CA0-4005-84D3-51406E27D269} (BTDownloadCtrl Control) - http://www.shockwave...ownloadCtrl.cab


Thank You for any help!

#2 808chick

808chick

    SWI Junkie

  • Retired Staff - Helper
  • PipPipPipPip
  • 262 posts

Posted 29 July 2004 - 05:18 PM

Hey BelowMe,
Download CWShredder and save it to your Desktop. Double click it, and hit 'Fix'.

After running CWShredder, run HijackThis and post a new log here.

#3 BelowMe281

BelowMe281

    Member

  • New Member
  • Pip
  • 2 posts

Posted 29 July 2004 - 10:15 PM

Hey, thanks a lot but i posted on another forum and everything has been solved. Thank you for taking the time to help me with my problem :D

#4 808chick

808chick

    SWI Junkie

  • Retired Staff - Helper
  • PipPipPipPip
  • 262 posts

Posted 30 July 2004 - 01:54 PM

No problem, thanks for letting me know! :D

#5 PGPhantom

PGPhantom

    Superman of SWI

  • Emeritus
  • PipPipPipPipPip
  • 3,494 posts

Posted 30 July 2004 - 02:35 PM

Thread closed as per users request.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button