Go Back   Cyber Tech Help Support Forums > Software > Malware Removal
Reload this Page Can connect,Can't view webpages
Register FAQ Calendar Today's Active Topics Search

Notices

Malware Removal Discussion about Trojans, viruses, hoaxes, firewalls, spyware, and general Security issues. If you suspect your PC is infected with a virus, trojan or spyware app please include any supporting documentation or logs

Reply
Page 1 of 2 1 2
 
Topic Tools
  #1  
Old August 23rd, 2004, 10:44 PM
amygirl431 amygirl431 is offline
Member
  
Join Date: Aug 2004
Posts: 31
Question Can connect,Can't view webpages
I can get connected to the internet, but cannot view any webpages. "the page cannot be displayed" page comes up. It happens for all pages. Any ways I "pinged" my isp and it came back fine "4 came back". I tried to restore however it as disabled(my parents owned my computer before me). I have scanned for virus' none found (Avg). Could it be my browser? I tried to repair IE 6 but it said it couldn't be repaired and to run setup again, I did. It said that it couldn't "setup" and I needed to go online and get some componants I needed. I can't view the website, So................ Help?
Reply With Quote
  #2  
Old August 24th, 2004, 04:15 AM
Pancake Pancake is offline
CTH Subscriber
  
Join Date: Jan 2004
Location: Australia
Posts: 11,317
Could be a virus.Get HijackThis and do a scan and post the log here please.
Reply With Quote
  #3  
Old August 24th, 2004, 04:28 PM
amygirl431 amygirl431 is offline
Member
  
Join Date: Aug 2004
Posts: 31
Not to be a moron, but how do I save Hijack (off another computer since I can't on mine) to a disk?
Reply With Quote
  #4  
Old August 24th, 2004, 04:38 PM
amygirl431 amygirl431 is offline
Member
  
Join Date: Aug 2004
Posts: 31
Forget my last post. Duh! Ok I saved it on a floppy. When I get home Can i run it off the disk or do I save it on my computer? Thanks.
Reply With Quote
  #5  
Old August 26th, 2004, 01:05 AM
amygirl431 amygirl431 is offline
Member
  
Join Date: Aug 2004
Posts: 31
HiJack log
Here is my HiJack log. Thanks!





Logfile of HijackThis v1.98.2
Scan saved at 9:46:00 PM, on 8/24/2004

Platform: Windows ME (Win9x 4.90.3000)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:

C:\WINDOWS\SYSTEM\KERNEL32.DLL

C:\WINDOWS\SYSTEM\MSGSRV32.EXE

C:\WINDOWS\SYSTEM\mmtask.tsk

C:\WINDOWS\SYSTEM\MPREXE.EXE

C:\WINDOWS\ADDHX32.EXE

C:\WINDOWS\WINEF32.EXE

C:\WINDOWS\SYSTEM\MSTASK.EXE

C:\WINDOWS\D3SP32.EXE

C:\WINDOWS\SYSTEM\NETSH.EXE

C:\WINDOWS\MFCKC.EXE

C:\WINDOWS\SYSTEM\SSDPSRV.EXE

C:\WINDOWS\SYSTEM\CRQR32.EXE

C:\WINDOWS\EXPLORER.EXE

C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\MMKEYBD.EXE

C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON UTILITIES\NPROTECT.EXE

C:\WINDOWS\SYSTEM\STIMON.EXE

C:\WINDOWS\SYSTEM\MSNQ.EXE

C:\WINDOWS\ADDAB.EXE

C:\WINDOWS\NTOT32.EXE

C:\WINDOWS\SYSTEM\JAVANB.EXE

C:\WINDOWS\WINNC.EXE

C:\WINDOWS\ATLER.EXE

C:\PROGRAM FILES\GRISOFT\AVG6\AVGSERV9.EXE

C:\WINDOWS\MFCSC.EXE

C:\WINDOWS\MSZS.EXE

C:\WINDOWS\SYSTEM\ATLBV32.EXE

C:\WINDOWS\ATLMD32.EXE

C:\WINDOWS\JAVAAX32.EXE

C:\WINDOWS\SYSTEM\NETKH.EXE

C:\WINDOWS\JAVABA.EXE

C:\WINDOWS\SYSTEM\NTIL32.EXE

C:\WINDOWS\D3YH32.EXE

C:\WINDOWS\D3BL32.EXE

C:\WINDOWS\SYSTEM\JAVALO32.EXE

C:\WINDOWS\NETNY32.EXE

C:\WINDOWS\SYSTEM\JAVATT32.EXE

C:\WINDOWS\NETYQ32.EXE

C:\WINDOWS\SYSTEM\CRBC.EXE

C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\KEYBDMGR.EXE

C:\WINDOWS\MSWI32.EXE

C:\WINDOWS\MSDP.EXE

C:\WINDOWS\SYSTEM\MSEH.EXE

C:\WINDOWS\IEGA.EXE

C:\WINDOWS\JAVAAD32.EXE

C:\WINDOWS\IEZR.EXE

C:\WINDOWS\SDKRP.EXE

C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE

C:\WINDOWS\JAVABJ32.EXE

C:\WINDOWS\SYSTEM\IEQH32.EXE

C:\PROGRAM FILES\NETROPA\ONSCREEN DISPLAY\OSD.EXE

C:\WINDOWS\SYSTEM\D3PC.EXE

C:\WINDOWS\NETEP.EXE

C:\WINDOWS\SYSTEM\SYSGS.EXE

C:\WINDOWS\SYSTEM\MFCCV.EXE

C:\WINDOWS\SYSTEM\WINHX32.EXE

C:\WINDOWS\NTII.EXE

C:\WINDOWS\SYSTEM\SDKVQ32.EXE

C:\WINDOWS\SYSTEM\ATLUM.EXE

C:\WINDOWS\APPIF32.EXE

C:\WINDOWS\SDKPV.EXE

C:\WINDOWS\SYSTEM\CRDH32.EXE

C:\WINDOWS\SYSTEM\IPBN32.EXE

C:\WINDOWS\SYSTEM\MFCVW.EXE

C:\WINDOWS\SYSTEM\MSLW.EXE

C:\WINDOWS\ATLQL32.EXE

C:\WINDOWS\SYSTEM\IPUL32.EXE

C:\WINDOWS\MSBL.EXE

C:\WINDOWS\ATLEF32.EXE

C:\WINDOWS\SYSTEM\ATLDI.EXE

C:\WINDOWS\APIBE.EXE

C:\WINDOWS\IPHP.EXE

C:\WINDOWS\SYSTEM\IPRK32.EXE

C:\WINDOWS\SYSTEM\WINOG32.EXE

C:\WINDOWS\SYSTEM\NETEU32.EXE

C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\MMUSBKB2.EXE

C:\WINDOWS\SYSTEM\D3DE32.EXE

C:\PROGRAM FILES\GRISOFT\AVG6\AVGCC32.EXE

C:\WINDOWS\WT\WCMDMGR.EXE

C:\WINDOWS\SYSTEM32\DRIVERS\KODAKCCS.EXE

C:\WINDOWS\SYSTEM\SYSTRAY.EXE

C:\WINDOWS\SYSTEM\HPSYSDRV.EXE

C:\PROGRAM FILES\MOTIVE\MOTMON.EXE

C:\PROGRAM FILES\ADAPTEC\DIRECTCD\DIRECTCD.EXE

E:\COREL\OFFICE7\SHARED\QFINDER7\QFSCHED.EXE

E:\PROGRAM FILES\REAL\REALPLAYER\REALPLAY.EXE

C:\PROGRAM FILES\TIMESINK\ADGATEWAY\TSADBOT.EXE

C:\WINDOWS\SYSTEM\WMIEXE.EXE

C:\WINDOWS\SYSTEM\HPZTSB04.EXE

C:\WINDOWS\SYSTEM\QTTASK.EXE

C:\WINDOWS\SYSTEM\SPOOL32.EXE

C:\WINDOWS\RunDLL.exe

E:\TRANSP~4.EXE

C:\PROGRAM FILES\KODAK\KODAK SOFTWARE UPDATER\7288971\PROGRAM\BACKWEB-7288971.EXE

C:\PROGRAM FILES\KODAK\KODAK EASYSHARE SOFTWARE\BIN\EASYSHARE.EXE

E:\COREL\OFFICE7\SHARED\PFIT7\PFPPOP70.EXE

C:\PROGRAM FILES\VENTURI182\VENTURI.EXE

C:\WINDOWS\SYSTEM\DDHELP.EXE

C:\PROGRAM FILES\VENTURI182\JRE\BIN\JREW.EXE

C:\WINDOWS\ALL USERS\APPLICATION DATA\KODAK\EASYSHARESETUP\$SETUP_3D001C_44027\SETU P.EXE

C:\WINDOWS\TEMP\TD_0001.DIR\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-us2.hpwis.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir...ie&ar=iesearch

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.juno.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://hp.my.yahoo.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir...ie&ar=iesearch

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-us2.hpwis.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir...ie&ar=iesearch

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = res://ridgb.dll/index.html#37049

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = localhost

R3 - Default URLSearchHook is missing

O2 - BHO: Class - {50F30C47-91B9-9915-BFCC-9D166CDCA206} - C:\WINDOWS\JAVABC.DLL

O2 - BHO: Class - {7369E702-7B86-0B57-D101-8BCC1671DEFE} - C:\WINDOWS\MFCGE.DLL

O2 - BHO: Class - {A9C49FE1-AF03-C711-032D-4C625DD01015} - C:\WINDOWS\SYSTEM\MFCTD32.DLL

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX

O4 - HKLM\..\Run: [D3DE32.EXE] C:\WINDOWS\SYSTEM\D3DE32.EXE

O4 - HKLM\..\Run: [AVG_CC] C:\PROGRAM FILES\GRISOFT\AVG6\avgcc32.exe /startup

O4 - HKLM\..\Run: [wcmdmgr] C:\WINDOWS\wt\wcmdmgrl.exe -launch

O4 - HKLM\..\Run: [SDKUG.EXE] C:\WINDOWS\SYSTEM\SDKUG.EXE

O4 - HKLM\..\Run: [APPON32.EXE] C:\WINDOWS\SYSTEM\APPON32.EXE

O4 - HKLM\..\Run: [D3DR32.EXE] C:\WINDOWS\SYSTEM\D3DR32.EXE

O4 - HKLM\..\Run: [KodakCCS] C:\WINDOWS\System32\Drivers\KodakCCS.exe

O4 - HKLM\..\Run: [SystemTray] SysTray.Exe

O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme

O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe

O4 - HKLM\..\Run: [MotiveMonitor] C:\Program Files\Motive\motmon.exe

O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe

O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers

O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe

O4 - HKLM\..\Run: [Adaptec DirectCD] C:\Program Files\ADAPTEC\DIRECTCD\DIRECTCD.EXE

O4 - HKLM\..\Run: [QuickFinder Scheduler] E:\COREL\OFFICE7\SHARED\QFINDER7\QFSCHED.EXE

O4 - HKLM\..\Run: [RealTray] E:\Program Files\Real\RealPlayer\realplay.exe SYSTEMBOOTHIDEPLAYER

O4 - HKLM\..\Run: [TimeSink Ad Client] "C:\Program Files\TimeSink\AdGateway\TSADBOT.EXE"

O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\SYSTEM\hpztsb04.exe

O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s

O4 - HKLM\..\Run: [NPROTECT] C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE

O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime

O4 - HKLM\..\Run: [MSJZ32.EXE] C:\WINDOWS\SYSTEM\MSJZ32.EXE

O4 - HKLM\..\Run: [ICSMGR] ICSMGR.EXE

O4 - HKLM\..\RunServices: [NETSH.EXE] C:\WINDOWS\SYSTEM\NETSH.EXE

O4 - HKLM\..\RunServices: [WINEF32.EXE] C:\WINDOWS\WINEF32.EXE

O4 - HKLM\..\RunServices: [ADDHX32.EXE] C:\WINDOWS\ADDHX32.EXE

O4 - HKLM\..\RunServices: [MFCKC.EXE] C:\WINDOWS\MFCKC.EXE

O4 - HKLM\..\RunServices: [D3SP32.EXE] C:\WINDOWS\D3SP32.EXE

O4 - HKLM\..\RunServices: [CRQR32.EXE] C:\WINDOWS\SYSTEM\CRQR32.EXE

O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme

O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe

O4 - HKLM\..\RunServices: [SSDPSRV] C:\WINDOWS\SYSTEM\ssdpsrv.exe

O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe

O4 - HKLM\..\RunServices: [Keyboard Manager] c:\Program Files\Netropa\One-touch Multimedia Keyboard\MMKeybd.exe

O4 - HKLM\..\RunServices: [NPROTECT] C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE

O4 - HKLM\..\RunServices: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE

O4 - HKLM\..\RunServices: [MSNQ.EXE] C:\WINDOWS\SYSTEM\MSNQ.EXE

O4 - HKLM\..\RunServices: [ADDAB.EXE] C:\WINDOWS\ADDAB.EXE

O4 - HKLM\..\RunServices: [NTOT32.EXE] C:\WINDOWS\NTOT32.EXE

O4 - HKLM\..\RunServices: [ATLER.EXE] C:\WINDOWS\ATLER.EXE

O4 - HKLM\..\RunServices: [MFCSC.EXE] C:\WINDOWS\MFCSC.EXE

O4 - HKLM\..\RunServices: [JAVANB.EXE] C:\WINDOWS\SYSTEM\JAVANB.EXE

O4 - HKLM\..\RunServices: [WINNC.EXE] C:\WINDOWS\WINNC.EXE

O4 - HKLM\..\RunServices: [MSZS.EXE] C:\WINDOWS\MSZS.EXE

O4 - HKLM\..\RunServices: [Avgserv9.exe] C:\PROGRA~1\GRISOFT\AVG6\Avgserv9.exe

O4 - HKLM\..\RunServices: [ATLBV32.EXE] C:\WINDOWS\SYSTEM\ATLBV32.EXE

O4 - HKLM\..\RunServices: [D3YH32.EXE] C:\WINDOWS\D3YH32.EXE

O4 - HKLM\..\RunServices: [JAVABA.EXE] C:\WINDOWS\JAVABA.EXE

O4 - HKLM\..\RunServices: [ATLMD32.EXE] C:\WINDOWS\ATLMD32.EXE

O4 - HKLM\..\RunServices: [NETKH.EXE] C:\WINDOWS\SYSTEM\NETKH.EXE

O4 - HKLM\..\RunServices: [NTIL32.EXE] C:\WINDOWS\SYSTEM\NTIL32.EXE

O4 - HKLM\..\RunServices: [JAVAAX32.EXE] C:\WINDOWS\JAVAAX32.EXE

O4 - HKLM\..\RunServices: [D3BL32.EXE] C:\WINDOWS\D3BL32.EXE

O4 - HKLM\..\RunServices: [JAVALO32.EXE] C:\WINDOWS\SYSTEM\JAVALO32.EXE

O4 - HKLM\..\RunServices: [NETYQ32.EXE] C:\WINDOWS\NETYQ32.EXE

O4 - HKLM\..\RunServices: [NETNY32.EXE] C:\WINDOWS\NETNY32.EXE

O4 - HKLM\..\RunServices: [JAVATT32.EXE] C:\WINDOWS\SYSTEM\JAVATT32.EXE

O4 - HKLM\..\RunServices: [CRBC.EXE] C:\WINDOWS\SYSTEM\CRBC.EXE

O4 - HKLM\..\RunServices: [MSWI32.EXE] C:\WINDOWS\MSWI32.EXE

O4 - HKLM\..\RunServices: [IEGA.EXE] C:\WINDOWS\IEGA.EXE

O4 - HKLM\..\RunServices: [MSDP.EXE] C:\WINDOWS\MSDP.EXE

O4 - HKLM\..\RunServices: [MSEH.EXE] C:\WINDOWS\SYSTEM\MSEH.EXE

O4 - HKLM\..\RunServices: [JAVAAD32.EXE] C:\WINDOWS\JAVAAD32.EXE

O4 - HKLM\..\RunServices: [JAVABJ32.EXE] C:\WINDOWS\JAVABJ32.EXE

O4 - HKLM\..\RunServices: [SDKRP.EXE] C:\WINDOWS\SDKRP.EXE

O4 - HKLM\..\RunServices: [IEZR.EXE] C:\WINDOWS\IEZR.EXE

O4 - HKLM\..\RunServices: [IEQH32.EXE] C:\WINDOWS\SYSTEM\IEQH32.EXE

O4 - HKLM\..\RunServices: [D3PC.EXE] C:\WINDOWS\SYSTEM\D3PC.EXE

O4 - HKLM\..\RunServices: [NETEP.EXE] C:\WINDOWS\NETEP.EXE

O4 - HKLM\..\RunServices: [SYSGS.EXE] C:\WINDOWS\SYSTEM\SYSGS.EXE

O4 - HKLM\..\RunServices: [MFCCV.EXE] C:\WINDOWS\SYSTEM\MFCCV.EXE

O4 - HKLM\..\RunServices: [WINHX32.EXE] C:\WINDOWS\SYSTEM\WINHX32.EXE

O4 - HKLM\..\RunServices: [SDKVQ32.EXE] C:\WINDOWS\SYSTEM\SDKVQ32.EXE

O4 - HKLM\..\RunServices: [NTII.EXE] C:\WINDOWS\NTII.EXE

O4 - HKLM\..\RunServices: [SDKPV.EXE] C:\WINDOWS\SDKPV.EXE

O4 - HKLM\..\RunServices: [ATLUM.EXE] C:\WINDOWS\SYSTEM\ATLUM.EXE

O4 - HKLM\..\RunServices: [APPIF32.EXE] C:\WINDOWS\APPIF32.EXE

O4 - HKLM\..\RunServices: [CRDH32.EXE] C:\WINDOWS\SYSTEM\CRDH32.EXE

O4 - HKLM\..\RunServices: [IPBN32.EXE] C:\WINDOWS\SYSTEM\IPBN32.EXE

O4 - HKLM\..\RunServices: [MFCVW.EXE] C:\WINDOWS\SYSTEM\MFCVW.EXE

O4 - HKLM\..\RunServices: [MSLW.EXE] C:\WINDOWS\SYSTEM\MSLW.EXE

O4 - HKLM\..\RunServices: [IPUL32.EXE] C:\WINDOWS\SYSTEM\IPUL32.EXE

O4 - HKLM\..\RunServices: [ATLQL32.EXE] C:\WINDOWS\ATLQL32.EXE

O4 - HKLM\..\RunServices: [APIBE.EXE] C:\WINDOWS\APIBE.EXE

O4 - HKLM\..\RunServices: [ATLEF32.EXE] C:\WINDOWS\ATLEF32.EXE

O4 - HKLM\..\RunServices: [ATLDI.EXE] C:\WINDOWS\SYSTEM\ATLDI.EXE

O4 - HKLM\..\RunServices: [MSBL.EXE] C:\WINDOWS\MSBL.EXE

O4 - HKLM\..\RunServices: [IPHP.EXE] C:\WINDOWS\IPHP.EXE

O4 - HKLM\..\RunServices: [IPRK32.EXE] C:\WINDOWS\SYSTEM\IPRK32.EXE

O4 - HKLM\..\RunServices: [NETEU32.EXE] C:\WINDOWS\SYSTEM\NETEU32.EXE

O4 - HKLM\..\RunServices: [WINOG32.EXE] C:\WINDOWS\SYSTEM\WINOG32.EXE

O4 - HKCU\..\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY

O4 - Startup: TRANSP~4.lnk = E:\TRANSP~4.EXE

O4 - Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe

O4 - Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe

O4 - Startup: PerfectPrint.LNK = E:\Corel\Office7\Shared\PFit7\PFPPOP70.EXE

O4 - Startup: Venturi.lnk = C:\Program Files\Venturi182\venturi.exe

O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE

O9 - Extra 'Tools' menuitem: MSN Messenger Service - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM\Shdocvw.dll

O14 - IERESET.INF: START_PAGE_URL=http://hp.my.yahoo.com

O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/acti..._v1-0-3-12.cab

O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} - http://download.mcafee.com/molbin/is...64/mcfscan.cab

O16 - DPF: {E93A6FCA-C052-45DF-AC9B-B729066092F8} (Util Class) - https://isupport4.hp.com/motivedocs/...er/MotUtil.cab

O16 - DPF: {435583D3-F647-4943-BB40-B0D64CB02718} (Snapfish File Upload ActiveX Control) - http://www.yorkphoto.com/YorkUpload.cab

O16 - DPF: {26CBF141-7D0F-46E1-AA06-718958B6E4D2} - http://download.ebay.com/turbo_lister/US/install.cab

O18 - Protocol: icoo - {4A8DADD4-5A25-4D41-8599-CB7458766220} - (no file)
Reply With Quote
  #6  
Old August 26th, 2004, 01:33 AM
Pancake Pancake is offline
CTH Subscriber
  
Join Date: Jan 2004
Location: Australia
Posts: 11,317
Hi..
There is a bit of cleaning to do so first run "SpyBot S&D" and fix what it finds.Do the same with "Adaware" (check for updated definition files).Boot into safe mode and then run "CWshreader". When this is all done please post a new hjt log.
Reply With Quote
  #7  
Old September 2nd, 2004, 01:44 AM
amygirl431 amygirl431 is offline
Member
  
Join Date: Aug 2004
Posts: 31
updated hijack log
Logfile of HijackThis v1.98.2
Scan saved at 7:27:49 PM, on 8/31/2004
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\SSDPSRV.EXE
C:\WINDOWS\D3SP32.EXE
C:\WINDOWS\SYSTEM\NETSH.EXE
C:\WINDOWS\WINEF32.EXE
C:\WINDOWS\MFCKC.EXE
C:\WINDOWS\SYSTEM\CRQR32.EXE
C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\MMKEYBD.EXE
C:\WINDOWS\ADDHX32.EXE
C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON UTILITIES\NPROTECT.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\ADDAB.EXE
C:\WINDOWS\SYSTEM\MSNQ.EXE
C:\WINDOWS\ATLER.EXE
C:\WINDOWS\SYSTEM\JAVANB.EXE
C:\WINDOWS\MFCSC.EXE
C:\PROGRAM FILES\GRISOFT\AVG6\AVGSERV9.EXE
C:\WINDOWS\NTOT32.EXE
C:\WINDOWS\SYSTEM\ATLBV32.EXE
C:\WINDOWS\MSZS.EXE
C:\WINDOWS\WINNC.EXE
C:\WINDOWS\JAVABA.EXE
C:\WINDOWS\SYSTEM\NETKH.EXE
C:\WINDOWS\D3YH32.EXE
C:\WINDOWS\D3BL32.EXE
C:\WINDOWS\JAVAAX32.EXE
C:\WINDOWS\ATLMD32.EXE
C:\WINDOWS\SYSTEM\NTIL32.EXE
C:\WINDOWS\SYSTEM\JAVALO32.EXE
C:\WINDOWS\NETYQ32.EXE
C:\WINDOWS\SYSTEM\JAVATT32.EXE
C:\WINDOWS\NETNY32.EXE
C:\WINDOWS\SYSTEM\CRBC.EXE
C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\KEYBDMGR.EXE
C:\WINDOWS\MSWI32.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\IEGA.EXE
C:\WINDOWS\MSDP.EXE
C:\WINDOWS\SYSTEM\MSEH.EXE
C:\PROGRAM FILES\NETROPA\ONSCREEN DISPLAY\OSD.EXE
C:\WINDOWS\JAVAAD32.EXE
C:\WINDOWS\JAVABJ32.EXE
C:\WINDOWS\SDKRP.EXE
C:\WINDOWS\SYSTEM\IEQH32.EXE
C:\WINDOWS\IEZR.EXE
C:\WINDOWS\NETEP.EXE
C:\WINDOWS\SYSTEM\SYSGS.EXE
C:\WINDOWS\SYSTEM\D3PC.EXE
C:\WINDOWS\SYSTEM\MFCCV.EXE
C:\WINDOWS\SYSTEM\WINHX32.EXE
C:\WINDOWS\NTII.EXE
C:\WINDOWS\SDKPV.EXE
C:\WINDOWS\SYSTEM\ATLUM.EXE
C:\WINDOWS\SYSTEM\SDKVQ32.EXE
C:\WINDOWS\APPIF32.EXE
C:\WINDOWS\SYSTEM\IPBN32.EXE
C:\WINDOWS\SYSTEM\CRDH32.EXE
C:\WINDOWS\SYSTEM\MSLW.EXE
C:\WINDOWS\SYSTEM\IPUL32.EXE
C:\WINDOWS\SYSTEM\MFCVW.EXE
C:\WINDOWS\ATLQL32.EXE
C:\WINDOWS\APIBE.EXE
C:\WINDOWS\ATLEF32.EXE
C:\WINDOWS\SYSTEM\ATLDI.EXE
C:\WINDOWS\MSBL.EXE
C:\WINDOWS\SYSTEM\IPRK32.EXE
C:\WINDOWS\IPHP.EXE
C:\WINDOWS\SYSTEM\NETEU32.EXE
C:\WINDOWS\SYSTEM\WINOG32.EXE
C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\MMUSBKB2.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\EXPLORER.EXE
C:\PROGRAM FILES\GRISOFT\AVG6\AVGCC32.EXE
C:\WINDOWS\SYSTEM32\DRIVERS\KODAKCCS.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\HPSYSDRV.EXE
C:\PROGRAM FILES\MOTIVE\MOTMON.EXE
C:\PROGRAM FILES\ADAPTEC\DIRECTCD\DIRECTCD.EXE
E:\PROGRAM FILES\REAL\REALPLAYER\REALPLAY.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\WINDOWS\RunDLL.exe
E:\TRANSP~4.EXE
C:\PROGRAM FILES\KODAK\KODAK SOFTWARE UPDATER\7288971\PROGRAM\BACKWEB-7288971.EXE
C:\PROGRAM FILES\KODAK\KODAK EASYSHARE SOFTWARE\BIN\EASYSHARE.EXE
E:\COREL\OFFICE7\SHARED\PFIT7\PFPPOP70.EXE
C:\PROGRAM FILES\VENTURI182\VENTURI.EXE
C:\PROGRAM FILES\VENTURI182\JRE\BIN\JREW.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\SYSTEM\WBEM\WINMGMT.EXE
C:\WINDOWS\SYSTEM\NETSH.EXE
C:\WINDOWS\SYSTEM\NETSH.EXE
C:\WINDOWS\TEMP\TD_0001.DIR\HIJACKTHIS.EXE

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-us2.hpwis.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = localhost
R3 - Default URLSearchHook is missing
O2 - BHO: Class - {A9C49FE1-AF03-C711-032D-4C625DD01015} - C:\WINDOWS\SYSTEM\MFCTD32.DLL
O2 - BHO: Class - {9AD557DC-60E2-6D19-8F5D-9B004A2149D9} - C:\WINDOWS\SDKTM.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [AVG_CC] C:\PROGRAM FILES\GRISOFT\AVG6\avgcc32.exe /startup
O4 - HKLM\..\Run: [KodakCCS] C:\WINDOWS\System32\Drivers\KodakCCS.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [MotiveMonitor] C:\Program Files\Motive\motmon.exe
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [Adaptec DirectCD] C:\Program Files\ADAPTEC\DIRECTCD\DIRECTCD.EXE
O4 - HKLM\..\Run: [QuickFinder Scheduler] E:\COREL\OFFICE7\SHARED\QFINDER7\QFSCHED.EXE
O4 - HKLM\..\Run: [RealTray] E:\Program Files\Real\RealPlayer\realplay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [NPROTECT] C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [ICSMGR] ICSMGR.EXE
O4 - HKLM\..\Run: [MFCNH32.EXE] C:\WINDOWS\SYSTEM\MFCNH32.EXE
O4 - HKLM\..\RunServices: [NETSH.EXE] C:\WINDOWS\SYSTEM\NETSH.EXE
O4 - HKLM\..\RunServices: [WINEF32.EXE] C:\WINDOWS\WINEF32.EXE
O4 - HKLM\..\RunServices: [ADDHX32.EXE] C:\WINDOWS\ADDHX32.EXE
O4 - HKLM\..\RunServices: [MFCKC.EXE] C:\WINDOWS\MFCKC.EXE
O4 - HKLM\..\RunServices: [D3SP32.EXE] C:\WINDOWS\D3SP32.EXE
O4 - HKLM\..\RunServices: [CRQR32.EXE] C:\WINDOWS\SYSTEM\CRQR32.EXE
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [SSDPSRV] C:\WINDOWS\SYSTEM\ssdpsrv.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [Keyboard Manager] c:\Program Files\Netropa\One-touch Multimedia Keyboard\MMKeybd.exe
O4 - HKLM\..\RunServices: [NPROTECT] C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O4 - HKLM\..\RunServices: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\RunServices: [MSNQ.EXE] C:\WINDOWS\SYSTEM\MSNQ.EXE
O4 - HKLM\..\RunServices: [ADDAB.EXE] C:\WINDOWS\ADDAB.EXE
O4 - HKLM\..\RunServices: [NTOT32.EXE] C:\WINDOWS\NTOT32.EXE
O4 - HKLM\..\RunServices: [ATLER.EXE] C:\WINDOWS\ATLER.EXE
O4 - HKLM\..\RunServices: [MFCSC.EXE] C:\WINDOWS\MFCSC.EXE
O4 - HKLM\..\RunServices: [JAVANB.EXE] C:\WINDOWS\SYSTEM\JAVANB.EXE
O4 - HKLM\..\RunServices: [WINNC.EXE] C:\WINDOWS\WINNC.EXE
O4 - HKLM\..\RunServices: [MSZS.EXE] C:\WINDOWS\MSZS.EXE
O4 - HKLM\..\RunServices: [Avgserv9.exe] C:\PROGRA~1\GRISOFT\AVG6\Avgserv9.exe
O4 - HKLM\..\RunServices: [ATLBV32.EXE] C:\WINDOWS\SYSTEM\ATLBV32.EXE
O4 - HKLM\..\RunServices: [D3YH32.EXE] C:\WINDOWS\D3YH32.EXE
O4 - HKLM\..\RunServices: [JAVABA.EXE] C:\WINDOWS\JAVABA.EXE
O4 - HKLM\..\RunServices: [ATLMD32.EXE] C:\WINDOWS\ATLMD32.EXE
O4 - HKLM\..\RunServices: [NETKH.EXE] C:\WINDOWS\SYSTEM\NETKH.EXE
O4 - HKLM\..\RunServices: [NTIL32.EXE] C:\WINDOWS\SYSTEM\NTIL32.EXE
O4 - HKLM\..\RunServices: [JAVAAX32.EXE] C:\WINDOWS\JAVAAX32.EXE
O4 - HKLM\..\RunServices: [D3BL32.EXE] C:\WINDOWS\D3BL32.EXE
O4 - HKLM\..\RunServices: [JAVALO32.EXE] C:\WINDOWS\SYSTEM\JAVALO32.EXE
O4 - HKLM\..\RunServices: [NETYQ32.EXE] C:\WINDOWS\NETYQ32.EXE
O4 - HKLM\..\RunServices: [NETNY32.EXE] C:\WINDOWS\NETNY32.EXE
O4 - HKLM\..\RunServices: [JAVATT32.EXE] C:\WINDOWS\SYSTEM\JAVATT32.EXE
O4 - HKLM\..\RunServices: [CRBC.EXE] C:\WINDOWS\SYSTEM\CRBC.EXE
O4 - HKLM\..\RunServices: [MSWI32.EXE] C:\WINDOWS\MSWI32.EXE
O4 - HKLM\..\RunServices: [IEGA.EXE] C:\WINDOWS\IEGA.EXE
O4 - HKLM\..\RunServices: [MSDP.EXE] C:\WINDOWS\MSDP.EXE
O4 - HKLM\..\RunServices: [MSEH.EXE] C:\WINDOWS\SYSTEM\MSEH.EXE
O4 - HKLM\..\RunServices: [JAVAAD32.EXE] C:\WINDOWS\JAVAAD32.EXE
O4 - HKLM\..\RunServices: [JAVABJ32.EXE] C:\WINDOWS\JAVABJ32.EXE
O4 - HKLM\..\RunServices: [SDKRP.EXE] C:\WINDOWS\SDKRP.EXE
O4 - HKLM\..\RunServices: [IEZR.EXE] C:\WINDOWS\IEZR.EXE
O4 - HKLM\..\RunServices: [IEQH32.EXE] C:\WINDOWS\SYSTEM\IEQH32.EXE
O4 - HKLM\..\RunServices: [D3PC.EXE] C:\WINDOWS\SYSTEM\D3PC.EXE
O4 - HKLM\..\RunServices: [NETEP.EXE] C:\WINDOWS\NETEP.EXE
O4 - HKLM\..\RunServices: [SYSGS.EXE] C:\WINDOWS\SYSTEM\SYSGS.EXE
O4 - HKLM\..\RunServices: [MFCCV.EXE] C:\WINDOWS\SYSTEM\MFCCV.EXE
O4 - HKLM\..\RunServices: [WINHX32.EXE] C:\WINDOWS\SYSTEM\WINHX32.EXE
O4 - HKLM\..\RunServices: [SDKVQ32.EXE] C:\WINDOWS\SYSTEM\SDKVQ32.EXE
O4 - HKLM\..\RunServices: [NTII.EXE] C:\WINDOWS\NTII.EXE
O4 - HKLM\..\RunServices: [SDKPV.EXE] C:\WINDOWS\SDKPV.EXE
O4 - HKLM\..\RunServices: [ATLUM.EXE] C:\WINDOWS\SYSTEM\ATLUM.EXE
O4 - HKLM\..\RunServices: [APPIF32.EXE] C:\WINDOWS\APPIF32.EXE
O4 - HKLM\..\RunServices: [CRDH32.EXE] C:\WINDOWS\SYSTEM\CRDH32.EXE
O4 - HKLM\..\RunServices: [IPBN32.EXE] C:\WINDOWS\SYSTEM\IPBN32.EXE
O4 - HKLM\..\RunServices: [MFCVW.EXE] C:\WINDOWS\SYSTEM\MFCVW.EXE
O4 - HKLM\..\RunServices: [MSLW.EXE] C:\WINDOWS\SYSTEM\MSLW.EXE
O4 - HKLM\..\RunServices: [IPUL32.EXE] C:\WINDOWS\SYSTEM\IPUL32.EXE
O4 - HKLM\..\RunServices: [ATLQL32.EXE] C:\WINDOWS\ATLQL32.EXE
O4 - HKLM\..\RunServices: [APIBE.EXE] C:\WINDOWS\APIBE.EXE
O4 - HKLM\..\RunServices: [ATLEF32.EXE] C:\WINDOWS\ATLEF32.EXE
O4 - HKLM\..\RunServices: [ATLDI.EXE] C:\WINDOWS\SYSTEM\ATLDI.EXE
O4 - HKLM\..\RunServices: [MSBL.EXE] C:\WINDOWS\MSBL.EXE
O4 - HKLM\..\RunServices: [IPHP.EXE] C:\WINDOWS\IPHP.EXE
O4 - HKLM\..\RunServices: [IPRK32.EXE] C:\WINDOWS\SYSTEM\IPRK32.EXE
O4 - HKLM\..\RunServices: [NETEU32.EXE] C:\WINDOWS\SYSTEM\NETEU32.EXE
O4 - HKLM\..\RunServices: [WINOG32.EXE] C:\WINDOWS\SYSTEM\WINOG32.EXE
O4 - HKCU\..\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY
O4 - Startup: TRANSP~4.lnk = E:\TRANSP~4.EXE
O4 - Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe
O4 - Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Startup: PerfectPrint.LNK = E:\Corel\Office7\Shared\PFit7\PFPPOP70.EXE
O4 - Startup: Venturi.lnk = C:\Program Files\Venturi182\venturi.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: MSN Messenger Service - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM\Shdocvw.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/acti..._v1-0-3-12.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} - http://download.mcafee.com/molbin/is...64/mcfscan.cab
O16 - DPF: {E93A6FCA-C052-45DF-AC9B-B729066092F8} (Util Class) - https://isupport4.hp.com/motivedocs/...er/MotUtil.cab
O16 - DPF: {435583D3-F647-4943-BB40-B0D64CB02718} (Snapfish File Upload ActiveX Control) - http://www.yorkphoto.com/YorkUpload.cab
O16 - DPF: {26CBF141-7D0F-46E1-AA06-718958B6E4D2} - http://download.ebay.com/turbo_lister/US/install.cab
O18 - Protocol: icoo - {4A8DADD4-5A25-4D41-8599-CB7458766220} - (no file)
Reply With Quote
  #8  
Old September 2nd, 2004, 02:35 AM
Pancake Pancake is offline
CTH Subscriber
  
Join Date: Jan 2004
Location: Australia
Posts: 11,317
Hi amygirl431
In safe mode remove all these highlighted files from your directory. Make sure to have your system set to show hidden files and folders.. www.xtra.co.nz/help/0,,4155-1916458,00.html

C:\WINDOWS\D3SP32.EXE
C:\WINDOWS\SYSTEM\NETSH.EXE
C:\WINDOWS\WINEF32.EXE
C:\WINDOWS\MFCKC.EXE
C:\WINDOWS\SYSTEM\CRQR32.EXE
C:\WINDOWS\ADDHX32.EXE
C:\WINDOWS\ADDAB.EXE
C:\WINDOWS\SYSTEM\MSNQ.EXE
C:\WINDOWS\ATLER.EXE
C:\WINDOWS\SYSTEM\JAVANB.EXE
C:\WINDOWS\MFCSC.EXE
C:\WINDOWS\NTOT32.EXE
C:\WINDOWS\SYSTEM\ATLBV32.EXE
C:\WINDOWS\MSZS.EXE
C:\WINDOWS\WINNC.EXE
C:\WINDOWS\JAVABA.EXE
C:\WINDOWS\SYSTEM\NETKH.EXE
C:\WINDOWS\D3YH32.EXE
C:\WINDOWS\D3BL32.EXE
C:\WINDOWS\JAVAAX32.EXE
C:\WINDOWS\ATLMD32.EXE
C:\WINDOWS\SYSTEM\NTIL32.EXE
C:\WINDOWS\SYSTEM\JAVALO32.EXE
C:\WINDOWS\NETYQ32.EXE
C:\WINDOWS\SYSTEM\JAVATT32.EXE
C:\WINDOWS\NETNY32.EXE
C:\WINDOWS\SYSTEM\CRBC.EXE
C:\WINDOWS\MSWI32.EXE
C:\WINDOWS\IEGA.EXE
C:\WINDOWS\MSDP.EXE
C:\WINDOWS\SYSTEM\MSEH.EXE
C:\WINDOWS\JAVAAD32.EXE
C:\WINDOWS\JAVABJ32.EXE
C:\WINDOWS\SDKRP.EXE
C:\WINDOWS\SYSTEM\IEQH32.EXE
C:\WINDOWS\IEZR.EXE
C:\WINDOWS\NETEP.EXE
C:\WINDOWS\SYSTEM\SYSGS.EXE
C:\WINDOWS\SYSTEM\D3PC.EXE
C:\WINDOWS\SYSTEM\MFCCV.EXE
C:\WINDOWS\SYSTEM\WINHX32.EXE
C:\WINDOWS\NTII.EXE
C:\WINDOWS\SDKPV.EXE
C:\WINDOWS\SYSTEM\ATLUM.EXE
C:\WINDOWS\SYSTEM\SDKVQ32.EXE
C:\WINDOWS\APPIF32.EXE
C:\WINDOWS\SYSTEM\IPBN32.EXE
C:\WINDOWS\SYSTEM\CRDH32.EXE
C:\WINDOWS\SYSTEM\MSLW.EXE
C:\WINDOWS\SYSTEM\IPUL32.EXE
C:\WINDOWS\SYSTEM\MFCVW.EXE
C:\WINDOWS\ATLQL32.EXE
C:\WINDOWS\APIBE.EXE
C:\WINDOWS\ATLEF32.EXE
C:\WINDOWS\SYSTEM\ATLDI.EXE
C:\WINDOWS\MSBL.EXE
C:\WINDOWS\SYSTEM\IPRK32.EXE
C:\WINDOWS\IPHP.EXE
C:\WINDOWS\SYSTEM\NETEU32.EXE
C:\WINDOWS\SYSTEM\WINOG32.EXE

When that is done,run hjt and remove any of these entries below that are still present in the log. Repost a fresh log when finished.

R3 - Default URLSearchHook is missing
O2 - BHO: Class - {A9C49FE1-AF03-C711-032D-4C625DD01015} - C:\WINDOWS\SYSTEM\MFCTD32.DLL
O2 - BHO: Class - {9AD557DC-60E2-6D19-8F5D-9B004A2149D9} - C:\WINDOWS\SDKTM.DLL
O4 - HKLM\..\Run: [MFCNH32.EXE] C:\WINDOWS\SYSTEM\MFCNH32.EXE
O4 - HKLM\..\RunServices: [NETSH.EXE] C:\WINDOWS\SYSTEM\NETSH.EXE
O4 - HKLM\..\RunServices: [WINEF32.EXE] C:\WINDOWS\WINEF32.EXE
O4 - HKLM\..\RunServices: [ADDHX32.EXE] C:\WINDOWS\ADDHX32.EXE
O4 - HKLM\..\RunServices: [MFCKC.EXE] C:\WINDOWS\MFCKC.EXE
O4 - HKLM\..\RunServices: [D3SP32.EXE] C:\WINDOWS\D3SP32.EXE
O4 - HKLM\..\RunServices: [CRQR32.EXE] C:\WINDOWS\SYSTEM\CRQR32.EXE
O4 - HKLM\..\RunServices: [MSNQ.EXE] C:\WINDOWS\SYSTEM\MSNQ.EXE
O4 - HKLM\..\RunServices: [ADDAB.EXE] C:\WINDOWS\ADDAB.EXE
O4 - HKLM\..\RunServices: [NTOT32.EXE] C:\WINDOWS\NTOT32.EXE
O4 - HKLM\..\RunServices: [ATLER.EXE] C:\WINDOWS\ATLER.EXE
O4 - HKLM\..\RunServices: [MFCSC.EXE] C:\WINDOWS\MFCSC.EXE
O4 - HKLM\..\RunServices: [JAVANB.EXE] C:\WINDOWS\SYSTEM\JAVANB.EXE
O4 - HKLM\..\RunServices: [WINNC.EXE] C:\WINDOWS\WINNC.EXE
O4 - HKLM\..\RunServices: [MSZS.EXE] C:\WINDOWS\MSZS.EXE
O4 - HKLM\..\RunServices: [Avgserv9.exe] C:\PROGRA~1\GRISOFT\AVG6\Avgserv9.exe
O4 - HKLM\..\RunServices: [ATLBV32.EXE] C:\WINDOWS\SYSTEM\ATLBV32.EXE
O4 - HKLM\..\RunServices: [D3YH32.EXE] C:\WINDOWS\D3YH32.EXE
O4 - HKLM\..\RunServices: [JAVABA.EXE] C:\WINDOWS\JAVABA.EXE
O4 - HKLM\..\RunServices: [ATLMD32.EXE] C:\WINDOWS\ATLMD32.EXE
O4 - HKLM\..\RunServices: [NETKH.EXE] C:\WINDOWS\SYSTEM\NETKH.EXE
O4 - HKLM\..\RunServices: [NTIL32.EXE] C:\WINDOWS\SYSTEM\NTIL32.EXE
O4 - HKLM\..\RunServices: [JAVAAX32.EXE] C:\WINDOWS\JAVAAX32.EXE
O4 - HKLM\..\RunServices: [D3BL32.EXE] C:\WINDOWS\D3BL32.EXE
O4 - HKLM\..\RunServices: [JAVALO32.EXE] C:\WINDOWS\SYSTEM\JAVALO32.EXE
O4 - HKLM\..\RunServices: [NETYQ32.EXE] C:\WINDOWS\NETYQ32.EXE
O4 - HKLM\..\RunServices: [NETNY32.EXE] C:\WINDOWS\NETNY32.EXE
O4 - HKLM\..\RunServices: [JAVATT32.EXE] C:\WINDOWS\SYSTEM\JAVATT32.EXE
O4 - HKLM\..\RunServices: [CRBC.EXE] C:\WINDOWS\SYSTEM\CRBC.EXE
O4 - HKLM\..\RunServices: [MSWI32.EXE] C:\WINDOWS\MSWI32.EXE
O4 - HKLM\..\RunServices: [IEGA.EXE] C:\WINDOWS\IEGA.EXE
O4 - HKLM\..\RunServices: [MSDP.EXE] C:\WINDOWS\MSDP.EXE
O4 - HKLM\..\RunServices: [MSEH.EXE] C:\WINDOWS\SYSTEM\MSEH.EXE
O4 - HKLM\..\RunServices: [JAVAAD32.EXE] C:\WINDOWS\JAVAAD32.EXE
O4 - HKLM\..\RunServices: [JAVABJ32.EXE] C:\WINDOWS\JAVABJ32.EXE
O4 - HKLM\..\RunServices: [SDKRP.EXE] C:\WINDOWS\SDKRP.EXE
O4 - HKLM\..\RunServices: [IEZR.EXE] C:\WINDOWS\IEZR.EXE
O4 - HKLM\..\RunServices: [IEQH32.EXE] C:\WINDOWS\SYSTEM\IEQH32.EXE
O4 - HKLM\..\RunServices: [D3PC.EXE] C:\WINDOWS\SYSTEM\D3PC.EXE
O4 - HKLM\..\RunServices: [NETEP.EXE] C:\WINDOWS\NETEP.EXE
O4 - HKLM\..\RunServices: [SYSGS.EXE] C:\WINDOWS\SYSTEM\SYSGS.EXE
O4 - HKLM\..\RunServices: [MFCCV.EXE] C:\WINDOWS\SYSTEM\MFCCV.EXE
O4 - HKLM\..\RunServices: [WINHX32.EXE] C:\WINDOWS\SYSTEM\WINHX32.EXE
O4 - HKLM\..\RunServices: [SDKVQ32.EXE] C:\WINDOWS\SYSTEM\SDKVQ32.EXE
O4 - HKLM\..\RunServices: [NTII.EXE] C:\WINDOWS\NTII.EXE
O4 - HKLM\..\RunServices: [SDKPV.EXE] C:\WINDOWS\SDKPV.EXE
O4 - HKLM\..\RunServices: [ATLUM.EXE] C:\WINDOWS\SYSTEM\ATLUM.EXE
O4 - HKLM\..\RunServices: [APPIF32.EXE] C:\WINDOWS\APPIF32.EXE
O4 - HKLM\..\RunServices: [CRDH32.EXE] C:\WINDOWS\SYSTEM\CRDH32.EXE
O4 - HKLM\..\RunServices: [IPBN32.EXE] C:\WINDOWS\SYSTEM\IPBN32.EXE
O4 - HKLM\..\RunServices: [MFCVW.EXE] C:\WINDOWS\SYSTEM\MFCVW.EXE
O4 - HKLM\..\RunServices: [MSLW.EXE] C:\WINDOWS\SYSTEM\MSLW.EXE
O4 - HKLM\..\RunServices: [IPUL32.EXE] C:\WINDOWS\SYSTEM\IPUL32.EXE
O4 - HKLM\..\RunServices: [ATLQL32.EXE] C:\WINDOWS\ATLQL32.EXE
O4 - HKLM\..\RunServices: [APIBE.EXE] C:\WINDOWS\APIBE.EXE
O4 - HKLM\..\RunServices: [ATLEF32.EXE] C:\WINDOWS\ATLEF32.EXE
O4 - HKLM\..\RunServices: [ATLDI.EXE] C:\WINDOWS\SYSTEM\ATLDI.EXE
O4 - HKLM\..\RunServices: [MSBL.EXE] C:\WINDOWS\MSBL.EXE
O4 - HKLM\..\RunServices: [IPHP.EXE] C:\WINDOWS\IPHP.EXE
O4 - HKLM\..\RunServices: [IPRK32.EXE] C:\WINDOWS\SYSTEM\IPRK32.EXE
O4 - HKLM\..\RunServices: [NETEU32.EXE] C:\WINDOWS\SYSTEM\NETEU32.EXE
O4 - HKLM\..\RunServices: [WINOG32.EXE] C:\WINDOWS\SYSTEM\WINOG32.EXE
Last edited by Pancake; September 2nd, 2004 at 02:37 AM.
Reply With Quote
  #9  
Old September 3rd, 2004, 02:35 AM
amygirl431 amygirl431 is offline
Member
  
Join Date: Aug 2004
Posts: 31
Updated Hijack log
Updated HiJack. Thanks so much.




Logfile of HijackThis v1.98.2
Scan saved at 9:32:31 AM, on 9/2/2004
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\ADDHX32.EXE
C:\WINDOWS\SYSTEM\NETSH.EXE
C:\WINDOWS\MFCKC.EXE
C:\WINDOWS\SYSTEM\SSDPSRV.EXE
C:\WINDOWS\D3SP32.EXE
C:\WINDOWS\WINEF32.EXE
C:\WINDOWS\SYSTEM\CRQR32.EXE
C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\MMKEYBD.EXE
C:\WINDOWS\EXPLORER.EXE
C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON UTILITIES\NPROTECT.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAM FILES\GRISOFT\AVG6\AVGSERV9.EXE
C:\WINDOWS\JAVABA.EXE
C:\WINDOWS\D3YH32.EXE
C:\WINDOWS\ATLMD32.EXE
C:\WINDOWS\SYSTEM\NETKH.EXE
C:\WINDOWS\SYSTEM\JAVANB.EXE
C:\WINDOWS\SYSTEM\ATLBV32.EXE
C:\WINDOWS\SYSTEM\NTIL32.EXE
C:\WINDOWS\NETYQ32.EXE
C:\WINDOWS\JAVAAX32.EXE
C:\WINDOWS\SYSTEM\JAVALO32.EXE
C:\WINDOWS\D3BL32.EXE
C:\WINDOWS\NETNY32.EXE
C:\WINDOWS\SYSTEM\JAVATT32.EXE
C:\WINDOWS\IEGA.EXE
C:\WINDOWS\SYSTEM\CRBC.EXE
C:\WINDOWS\MSWI32.EXE
C:\WINDOWS\MSDP.EXE
C:\WINDOWS\SYSTEM\MSEH.EXE
C:\WINDOWS\JAVAAD32.EXE
C:\WINDOWS\JAVABJ32.EXE
C:\WINDOWS\SDKRP.EXE
C:\WINDOWS\IEZR.EXE
C:\WINDOWS\SYSTEM\D3PC.EXE
C:\WINDOWS\SYSTEM\IEQH32.EXE
C:\WINDOWS\NETEP.EXE
C:\WINDOWS\SYSTEM\SYSGS.EXE
C:\WINDOWS\SYSTEM\MFCCV.EXE
C:\WINDOWS\SYSTEM\WINHX32.EXE
C:\WINDOWS\SYSTEM\SDKVQ32.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\NTII.EXE
C:\WINDOWS\SDKPV.EXE
C:\WINDOWS\SYSTEM\ATLUM.EXE
C:\WINDOWS\APPIF32.EXE
C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\KEYBDMGR.EXE
C:\WINDOWS\SYSTEM\IPBN32.EXE
C:\WINDOWS\SYSTEM\MFCVW.EXE
C:\WINDOWS\SYSTEM\CRDH32.EXE
C:\WINDOWS\SYSTEM\IPUL32.EXE
C:\WINDOWS\SYSTEM\MSLW.EXE
C:\WINDOWS\ATLQL32.EXE
C:\WINDOWS\APIBE.EXE
C:\WINDOWS\ATLEF32.EXE
C:\WINDOWS\SYSTEM\ATLDI.EXE
C:\WINDOWS\MSBL.EXE
C:\PROGRAM FILES\NETROPA\ONSCREEN DISPLAY\OSD.EXE
C:\WINDOWS\IPHP.EXE
C:\WINDOWS\SYSTEM\NETEU32.EXE
C:\WINDOWS\SYSTEM\IPRK32.EXE
C:\WINDOWS\SYSTEM\WINOG32.EXE
C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\MMUSBKB2.EXE
C:\PROGRAM FILES\GRISOFT\AVG6\AVGCC32.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\HPSYSDRV.EXE
C:\PROGRAM FILES\MOTIVE\MOTMON.EXE
C:\PROGRAM FILES\ADAPTEC\DIRECTCD\DIRECTCD.EXE
E:\COREL\OFFICE7\SHARED\QFINDER7\QFSCHED.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
E:\PROGRAM FILES\REAL\REALPLAYER\REALPLAY.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\WINDOWS\RunDLL.exe
E:\TRANSP~4.EXE
E:\COREL\OFFICE7\SHARED\PFIT7\PFPPOP70.EXE
C:\PROGRAM FILES\VENTURI182\VENTURI.EXE
C:\PROGRAM FILES\VENTURI182\JRE\BIN\JREW.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\TEMP\TD_0001.DIR\HIJACKTHIS.EXE

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-us2.hpwis.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = localhost
O2 - BHO: Class - {204BF802-AFE9-16D2-16CF-D252D78A5DB2} - C:\WINDOWS\SYSTEM\APPJD.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [AVG_CC] C:\PROGRAM FILES\GRISOFT\AVG6\avgcc32.exe /startup
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [MotiveMonitor] C:\Program Files\Motive\motmon.exe
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [Adaptec DirectCD] C:\Program Files\ADAPTEC\DIRECTCD\DIRECTCD.EXE
O4 - HKLM\..\Run: [QuickFinder Scheduler] E:\COREL\OFFICE7\SHARED\QFINDER7\QFSCHED.EXE
O4 - HKLM\..\Run: [RealTray] E:\Program Files\Real\RealPlayer\realplay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [NPROTECT] C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [ICSMGR] ICSMGR.EXE
O4 - HKLM\..\Run: [MFCNH32.EXE] C:\WINDOWS\SYSTEM\MFCNH32.EXE
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [SSDPSRV] C:\WINDOWS\SYSTEM\ssdpsrv.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [Keyboard Manager] c:\Program Files\Netropa\One-touch Multimedia Keyboard\MMKeybd.exe
O4 - HKLM\..\RunServices: [NPROTECT] C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O4 - HKLM\..\RunServices: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKCU\..\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY
O4 - Startup: TRANSP~4.lnk = E:\TRANSP~4.EXE
O4 - Startup: PerfectPrint.LNK = E:\Corel\Office7\Shared\PFit7\PFPPOP70.EXE
O4 - Startup: Venturi.lnk = C:\Program Files\Venturi182\venturi.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: MSN Messenger Service - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM\Shdocvw.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/acti..._v1-0-3-12.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} - http://download.mcafee.com/molbin/is...64/mcfscan.cab
O16 - DPF: {E93A6FCA-C052-45DF-AC9B-B729066092F8} (Util Class) - https://isupport4.hp.com/motivedocs/...er/MotUtil.cab
O16 - DPF: {435583D3-F647-4943-BB40-B0D64CB02718} (Snapfish File Upload ActiveX Control) - http://www.yorkphoto.com/YorkUpload.cab
O16 - DPF: {26CBF141-7D0F-46E1-AA06-718958B6E4D2} - http://download.ebay.com/turbo_lister/US/install.cab
O18 - Protocol: icoo - {4A8DADD4-5A25-4D41-8599-CB7458766220} - (no file)
Reply With Quote
  #10  
Old September 3rd, 2004, 03:26 AM
Pancake Pancake is offline
CTH Subscriber
  
Join Date: Jan 2004
Location: Australia
Posts: 11,317
You will need to find these and delete them from your drive..

C:\WINDOWS\ADDHX32.EXE
C:\WINDOWS\SYSTEM\NETSH.EXE
C:\WINDOWS\MFCKC.EXE
C:\WINDOWS\D3SP32.EXE
C:\WINDOWS\WINEF32.EXE
C:\WINDOWS\SYSTEM\CRQR32.EXE
C:\WINDOWS\JAVABA.EXE
C:\WINDOWS\D3YH32.EXE
C:\WINDOWS\ATLMD32.EXE
C:\WINDOWS\SYSTEM\NETKH.EXE
C:\WINDOWS\SYSTEM\JAVANB.EXE
C:\WINDOWS\SYSTEM\ATLBV32.EXE
C:\WINDOWS\SYSTEM\NTIL32.EXE
C:\WINDOWS\NETYQ32.EXE
C:\WINDOWS\JAVAAX32.EXE
C:\WINDOWS\SYSTEM\JAVALO32.EXE
C:\WINDOWS\D3BL32.EXE
C:\WINDOWS\NETNY32.EXE
C:\WINDOWS\SYSTEM\JAVATT32.EXE
C:\WINDOWS\IEGA.EXE
C:\WINDOWS\SYSTEM\CRBC.EXE
C:\WINDOWS\MSWI32.EXE
C:\WINDOWS\MSDP.EXE
C:\WINDOWS\SYSTEM\MSEH.EXE
C:\WINDOWS\JAVAAD32.EXE
C:\WINDOWS\JAVABJ32.EXE
C:\WINDOWS\SDKRP.EXE
C:\WINDOWS\IEZR.EXE
C:\WINDOWS\SYSTEM\D3PC.EXE
C:\WINDOWS\SYSTEM\IEQH32.EXE
C:\WINDOWS\NETEP.EXE
C:\WINDOWS\SYSTEM\SYSGS.EXE
C:\WINDOWS\SYSTEM\MFCCV.EXE
C:\WINDOWS\SYSTEM\WINHX32.EXE
C:\WINDOWS\SYSTEM\SDKVQ32.EXE
C:\WINDOWS\NTII.EXE
C:\WINDOWS\SDKPV.EXE
C:\WINDOWS\SYSTEM\ATLUM.EXE
C:\WINDOWS\APPIF32.EXE
C:\WINDOWS\SYSTEM\IPBN32.EXE
C:\WINDOWS\SYSTEM\MFCVW.EXE
C:\WINDOWS\SYSTEM\CRDH32.EXE
C:\WINDOWS\SYSTEM\IPUL32.EXE
C:\WINDOWS\SYSTEM\MSLW.EXE
C:\WINDOWS\ATLQL32.EXE
C:\WINDOWS\APIBE.EXE
C:\WINDOWS\ATLEF32.EXE
C:\WINDOWS\SYSTEM\ATLDI.EXE
C:\WINDOWS\MSBL.EXE
C:\WINDOWS\IPHP.EXE
C:\WINDOWS\SYSTEM\NETEU32.EXE
C:\WINDOWS\SYSTEM\IPRK32.EXE
C:\WINDOWS\SYSTEM\WINOG32.EXE
C:\WINDOWS\SYSTEM\MFCNH32.EXE
Last edited by Pancake; September 3rd, 2004 at 03:29 AM.
Reply With Quote
  #11  
Old September 5th, 2004, 10:48 PM
amygirl431 amygirl431 is offline
Member
  
Join Date: Aug 2004
Posts: 31
deleted files
Hi,

Why i it that when I delete a file it says it deletes it but then it is there again?

Also when I "fix" the entry on HIJack " Default URL searchhook is missing" It may go away but then when I run Hijack scan again it reappears.

Thanks.

Amy
Reply With Quote
  #12  
Old September 6th, 2004, 02:00 AM
Pancake Pancake is offline
CTH Subscriber
  
Join Date: Jan 2004
Location: Australia
Posts: 11,317
Default URL is ok.Its no problem..Do you want to post a new log
Reply With Quote
  #13  
Old September 6th, 2004, 08:23 AM
mike mike is offline
CTH Subscriber
  
Join Date: Sep 2000
Posts: 3,302
Hi amygirl431,

Download AboutBuster from here:
AboutBuster
http://www.malwarebytes.biz/AboutBuster.zip

Unzip AboutBuster to its own folder.
Open, and then update AboutBuster,
Dont run it yet, ....

2.
Download and unzip "get_active_services_179_161" to its own folder.
http://d21c.com/Tom41/get_active_services_179_161.zip

If any anti-script programs notify you of a strange script running,....ignore warning, .......allow this file to run.

Please post back the results of the "Active.txt" with your next post.
The "Active.txt" log will be in the folder you ran "get_active_services" from.

3.
Reboot into Safe Mode.....( tap F8 key during reboot, until the boot menu appears...use the arrow keys to choose "Safe Mode" from the menu......,then press the "Enter" key)

Run Aboutbuster twice.

Then copy and paste the results from the "Buster report" window, after each scan.
Copy both scan reports back to this thread, please.
Along with the "Active.txt" log and a new HijackThis log, please.


Cheers
Reply With Quote
  #14  
Old September 7th, 2004, 06:29 AM
amygirl431 amygirl431 is offline
Member
  
Join Date: Aug 2004
Posts: 31
get_active_services
Am I not understanding how to do this one? I downloaded and unzip (this is extract?) the only thing it said on the screen was" These are the current active services: " Nothing else. Did I do something wrong? There is no log?
Reply With Quote
  #15  
Old September 7th, 2004, 06:30 AM
Aparna Aparna is offline
New Member
  
Join Date: Sep 2004
Posts: 1
hi amygirl431,
i m the new member.r u still getting the "page cannot be displayed" msg when trying to open a website? wat kinda internet connection r u using?
Reply With Quote
Reply
Page 1 of 2 1 2

Bookmarks

« Previous Topic | Next Topic »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Topics
Topic Topic Starter Forum Replies Last Post
Cannot view certain webpages... leighm88 Internet / Browsers 3 April 17th, 2009 11:56 PM
Cannot view webpages with IE and Firefox kapitalk Internet / Browsers 0 October 12th, 2007 04:58 PM
Can't view all webpages encounter779 Internet / Browsers 3 April 5th, 2007 12:28 PM
dnserror wont connect to webpages hjt log tweenage Malware Removal 5 September 30th, 2006 09:43 AM
Can not view certain webpages... bren87 Internet / Browsers 0 January 2nd, 2006 07:32 PM


All times are GMT +1. The time now is 03:59 PM.