|
|||||||||
|
|||||||||
| |||||||||
|
|||||||||
|
|||||||||
| |||||||||
|
|
|
| |||||||||
 |
|
|
«
Previous Thread
|
Next Thread
»
|
Thread Tools | Search this Thread | Rate Thread | Display Modes |
Dev Shed Forums Sponsor:
|
|
You don't need a fax machine to get faxes. Get a fax-to-email fax number from CallWave. Try it free.
|
|
#1
August 8th, 2004, 09:12 AM
|
|||
|
|||
|
Help!
Hi,
I can't change my homepage or go into google and yahoo. Please help! Logfile of HijackThis v1.97.7 Scan saved at 21:44:08, on 08/08/2004 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\McAfee\McAfee VirusScan\Avsynmgr.exe C:\WINDOWS\system32\ntgm32.exe C:\Program Files\McAfee\McAfee VirusScan\VsStat.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\McAfee\McAfee VirusScan\Vshwin32.exe C:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe C:\Program Files\McAfee\McAfee VirusScan\Avconsol.exe C:\Program Files\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe F:\programs for win xp\qttask.exe F:\PROGRA~2\WINPAT~1\WinPatrol.exe F:\Programs for Win XP\RFA\rfagent.exe C:\WINDOWS\system32\wineo.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe F:\Programs for Win XP\acrobat 5\Distillr\AcroTray.exe F:\Programs for Win XP\NkVwMon.exe C:\WINDOWS\system.exe C:\WINDOWS\toolbar.exe C:\PROGRA~1\ICQ\ICQ.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Windows Media Player\wmplayer.exe F:\Temp\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\jjpzi.dll/sp.html#96676 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\jjpzi.dll/sp.html#96676 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://213.159.117.134/index.php R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://213.159.117.134/index.php R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\jjpzi.dll/sp.html#96676 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://213.159.117.134/index.php R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\jjpzi.dll/sp.html#96676 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\jjpzi.dll/sp.html#96676 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://213.159.117.134/index.php R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\jjpzi.dll/sp.html#96676 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\jjpzi.dll/sp.html#96676 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = http://213.159.117.134/index.php R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = http://213.159.117.134/index.php O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - f:\programs for win xp\acrobat 5\Acrobat\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {979130FE-70C0-35E6-DFA3-4D4D55876849} - C:\WINDOWS\atlqw.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: McAfee VirusScan - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - C:\Program Files\McAfee\McAfee VirusScan\VSCShellExtension.dll O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.1601.0\msgr.en-us.ms\msntb.dll O4 - HKLM\..\Run: [McAfee Guardian] "C:\Program Files\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe" /SU O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [QuickTime Task] "F:\programs for win xp\qttask.exe" -atboottime O4 - HKLM\..\Run: [SpyHunter] F:\Programs for Win XP\spyhunter\SpyHunter.exe O4 - HKLM\..\Run: [Mirabilis ICQ] C:\PROGRA~1\ICQ\ICQNet.exe O4 - HKLM\..\Run: [WinPatrol] "f:\PROGRA~2\WINPAT~1\WinPatrol.exe" O4 - HKLM\..\Run: [RFAgent] F:\Programs for Win XP\RFA\rfagent.exe O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKLM\..\Run: [wineo.exe] C:\WINDOWS\system32\wineo.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKLM\..\RunOnce: [iplc32.exe] C:\WINDOWS\iplc32.exe O4 - HKLM\..\RunOnce: [d3jg32.exe] C:\WINDOWS\system32\d3jg32.exe O4 - HKLM\..\RunOnce: [appjt.exe] C:\WINDOWS\system32\appjt.exe O4 - HKLM\..\RunOnce: [d3ze32.exe] C:\WINDOWS\d3ze32.exe O4 - HKLM\..\RunOnce: [addux32.exe] C:\WINDOWS\addux32.exe O4 - HKLM\..\RunOnce: [ntbl32.exe] C:\WINDOWS\ntbl32.exe O4 - HKLM\..\RunOnce: [mfcwe32.exe] C:\WINDOWS\system32\mfcwe32.exe O4 - HKLM\..\RunOnce: [crby32.exe] C:\WINDOWS\crby32.exe O4 - HKLM\..\RunOnce: [ntmx32.exe] C:\WINDOWS\system32\ntmx32.exe O4 - HKLM\..\RunOnce: [d3pm32.exe] C:\WINDOWS\d3pm32.exe O4 - HKLM\..\RunOnce: [addse.exe] C:\WINDOWS\addse.exe O4 - HKLM\..\RunOnce: [atloi32.exe] C:\WINDOWS\atloi32.exe O4 - HKLM\..\RunOnce: [sdkoo32.exe] C:\WINDOWS\system32\sdkoo32.exe O4 - HKLM\..\RunOnce: [sdkjo32.exe] C:\WINDOWS\sdkjo32.exe O4 - HKLM\..\RunOnce: [addyt.exe] C:\WINDOWS\addyt.exe O4 - HKLM\..\RunOnce: [d3uj32.exe] C:\WINDOWS\d3uj32.exe O4 - HKLM\..\RunOnce: [sdkjl32.exe] C:\WINDOWS\sdkjl32.exe O4 - HKLM\..\RunOnce: [sdkgi32.exe] C:\WINDOWS\sdkgi32.exe O4 - HKLM\..\RunOnce: [ippx32.exe] C:\WINDOWS\system32\ippx32.exe O4 - HKLM\..\RunOnce: [atlrs.exe] C:\WINDOWS\atlrs.exe O4 - HKLM\..\RunOnce: [addkv32.exe] C:\WINDOWS\system32\addkv32.exe O4 - HKLM\..\RunOnce: [winoj32.exe] C:\WINDOWS\system32\winoj32.exe O4 - HKLM\..\RunOnce: [sdkhb.exe] C:\WINDOWS\system32\sdkhb.exe O4 - HKLM\..\RunOnce: [crsb.exe] C:\WINDOWS\system32\crsb.exe O4 - HKLM\..\RunOnce: [d3mf.exe] C:\WINDOWS\system32\d3mf.exe O4 - HKLM\..\RunOnce: [appwg32.exe] C:\WINDOWS\appwg32.exe O4 - HKLM\..\RunOnce: [iexc.exe] C:\WINDOWS\iexc.exe O4 - HKLM\..\RunOnce: [apphb32.exe] C:\WINDOWS\system32\apphb32.exe O4 - HKLM\..\RunOnce: [d3xf32.exe] C:\WINDOWS\system32\d3xf32.exe O4 - HKLM\..\RunOnce: [nthe.exe] C:\WINDOWS\system32\nthe.exe O4 - HKLM\..\RunOnce: [netft32.exe] C:\WINDOWS\system32\netft32.exe O4 - HKLM\..\RunOnce: [d3yp32.exe] C:\WINDOWS\d3yp32.exe O4 - HKLM\..\RunOnce: [winow32.exe] C:\WINDOWS\system32\winow32.exe O4 - HKLM\..\RunOnce: [appwa32.exe] C:\WINDOWS\system32\appwa32.exe O4 - HKLM\..\RunOnce: [addax32.exe] C:\WINDOWS\addax32.exe O4 - HKLM\..\RunOnce: [winep32.exe] C:\WINDOWS\system32\winep32.exe O4 - HKLM\..\RunOnce: [mfccp.exe] C:\WINDOWS\system32\mfccp.exe O4 - HKLM\..\RunOnce: [iehn.exe] C:\WINDOWS\iehn.exe O4 - HKLM\..\RunOnce: [ntmu32.exe] C:\WINDOWS\ntmu32.exe O4 - HKLM\..\RunOnce: [crid.exe] C:\WINDOWS\system32\crid.exe O4 - HKLM\..\RunOnce: [wintj.exe] C:\WINDOWS\system32\wintj.exe O4 - HKLM\..\RunOnce: [mfctu.exe] C:\WINDOWS\system32\mfctu.exe O4 - HKLM\..\RunOnce: [sdkpw32.exe] C:\WINDOWS\sdkpw32.exe O4 - HKLM\..\RunOnce: [wintv.exe] C:\WINDOWS\wintv.exe O4 - HKLM\..\RunOnce: [winas.exe] C:\WINDOWS\winas.exe O4 - HKLM\..\RunOnce: [msvn.exe] C:\WINDOWS\system32\msvn.exe O4 - HKLM\..\RunOnce: [ntfw.exe] C:\WINDOWS\ntfw.exe O4 - HKLM\..\RunOnce: [winqi.exe] C:\WINDOWS\system32\winqi.exe O4 - HKLM\..\RunOnce: [atldi.exe] C:\WINDOWS\atldi.exe O4 - HKLM\..\RunOnce: [d3tg32.exe] C:\WINDOWS\system32\d3tg32.exe O4 - HKLM\..\RunOnce: [sysfc.exe] C:\WINDOWS\sysfc.exe O4 - HKLM\..\RunOnce: [ntiz.exe] C:\WINDOWS\system32\ntiz.exe O4 - HKLM\..\RunOnce: [sdkmu32.exe] C:\WINDOWS\system32\sdkmu32.exe O4 - HKLM\..\RunOnce: [mslf32.exe] C:\WINDOWS\system32\mslf32.exe O4 - HKLM\..\RunOnce: [ntcl32.exe] C:\WINDOWS\system32\ntcl32.exe O4 - HKLM\..\RunOnce: [sdkom32.exe] C:\WINDOWS\sdkom32.exe O4 - HKLM\..\RunOnce: [applp32.exe] C:\WINDOWS\system32\applp32.exe O4 - HKLM\..\RunOnce: [crqh32.exe] C:\WINDOWS\crqh32.exe O4 - HKLM\..\RunOnce: [d3fz32.exe] C:\WINDOWS\d3fz32.exe O4 - HKLM\..\RunOnce: [apite32.exe] C:\WINDOWS\system32\apite32.exe O4 - HKLM\..\RunOnce: [sysqc.exe] C:\WINDOWS\sysqc.exe O4 - HKLM\..\RunOnce: [crbt.exe] C:\WINDOWS\crbt.exe O4 - HKLM\..\RunOnce: [windi.exe] C:\WINDOWS\windi.exe O4 - HKLM\..\RunOnce: [ipct32.exe] C:\WINDOWS\system32\ipct32.exe O4 - HKLM\..\RunOnce: [apiev.exe] C:\WINDOWS\system32\apiev.exe O4 - HKLM\..\RunOnce: [atlbg.exe] C:\WINDOWS\system32\atlbg.exe O4 - HKLM\..\RunOnce: [applk32.exe] C:\WINDOWS\system32\applk32.exe O4 - HKLM\..\RunOnce: [iekv.exe] C:\WINDOWS\system32\iekv.exe O4 - HKLM\..\RunOnce: [netlz.exe] C:\WINDOWS\netlz.exe O4 - HKLM\..\RunOnce: [winwg32.exe] C:\WINDOWS\system32\winwg32.exe O4 - HKLM\..\RunOnce: [crlw32.exe] C:\WINDOWS\system32\crlw32.exe O4 - HKLM\..\RunOnce: [ntdq.exe] C:\WINDOWS\ntdq.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Acrobat Assistant.lnk = F:\Programs for Win XP\acrobat 5\Distillr\AcroTray.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: NkVwMon.exe.lnk = F:\Programs for Win XP\NkVwMon.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O9 - Extra button: ICQ Pro (HKLM) O9 - Extra 'Tools' menuitem: ICQ (HKLM)
|
|
| Viewing: Dev Shed Forums > System Administration > Antivirus Protection > Help! |
| Thread Tools | Search this Thread |
| Display Modes | Rate This Thread |
|
|
|
 |
|
|
Del.icio.us
Digg
Google
Spurl
Blink
Furl
Simpy
Y! MyWeb
Linear Mode
