|
|||||||||
|
|||||||||
| |||||||||
|
|||||||||
|
|||||||||
| |||||||||
|
|
|
| |||||||||
 |
|
|
«
Previous Thread
|
Next Thread
»
|
Thread Tools | Search this Thread | Rate Thread | Display Modes |
Dev Shed Forums Sponsor:
|
|
Stay one step ahead of the competition. Evaluate and give feedback
on some of the hottest web development tools on the market today.
Make your opinion heard! Click
Here
|
|
#1
September 4th, 2004, 08:52 AM
|
|||
|
|||
|
I Help need with this Hijack log. !!!!! Please
Hi And first thanks for your time and help.....
First: I tried to remove the "SEARCH for..." start web page but nothing.I thing is a CoolwebSearch variant. First i did the Spybot scan then Adware scan then Pestpatrol scan, then norton 2004 scan and the CWShreeder, all the programs updated, but nothing. I continue with the startweb. Second i did the same thing but rebooting the computer in Safe mode first , but nothing too. Then i executed the Hijachthis and i get this log.... Anyone can help me, what i have to fix.? Thanks again. Cristian. LOG: Logfile of HijackThis v1.97.7 Scan saved at 14:25:53, on 04/09/2004 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\LAVASOFT\AD-AWA~1\Ad-Watch.exe C:\Documents and Settings\cristian\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = file://C:\DOCUME~1\cristian\LOCALS~1\Temp\sp.html R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = file://C:\DOCUME~1\cristian\LOCALS~1\Temp\sp.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = file://C:\DOCUME~1\cristian\LOCALS~1\Temp\sp.html R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = file://C:\DOCUME~1\cristian\LOCALS~1\Temp\sp.html O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {9C856645-1D12-4F75-8AB5-7C582C3EB034} - (no file) O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FLASHGET\jccatch.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\fgiebar.dll O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\SBAudigy\Program\CTEaxSpl.EXE /run O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [anvshell] anvshell.exe O4 - HKLM\..\Run: [LiveNote] livenote.exe O4 - HKLM\..\Run: [Game Device] C:\PROGRA~1\Genius\G-08GA~1\JoyUpDrv.EXE O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [PestPatrol Control Center] D:\PestPatrol\PPControl.exe O4 - HKLM\..\Run: [PPMemCheck] D:\PestPatrol\PPMemCheck.exe O4 - HKLM\..\Run: [CookiePatrol] D:\PestPatrol\CookiePatrol.exe O4 - HKLM\..\Run: [CreativeMouse] C:\Program Files\Creative\Mouse Optical\mouse_2k.exe O4 - HKLM\..\Run: [mxzcrvurlvi] C:\WINDOWS\System32\jgguwpt.exe O4 - HKLM\..\Run: [vczcdcr] C:\WINDOWS\vczcdcr.exe O4 - HKLM\..\Run: [Winsock driver] ZRJHGZWUS.EXE O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [Steam] C:\Valve\Steam\Steam.exe -silent O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: BTTray.lnk = ? O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm O9 - Extra button: Referencia (HKLM) O9 - Extra button: FlashGet (HKLM) O9 - Extra 'Tools' menuitem: &FlashGet (HKLM) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - O16 - DPF: {CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA} - O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{5D94CB09-F15E-46DC-B955-8878FDC40B2F}: NameServer = 194.224.52.4,194.224.52.6
|
|
| Viewing: Dev Shed Forums > System Administration > Antivirus Protection > I Help need with this Hijack log. !!!!! Please |
| Thread Tools | Search this Thread |
| Display Modes | Rate This Thread |
|
|
|
 |
|
|
Del.icio.us
Digg
Google
Spurl
Blink
Furl
Simpy
Y! MyWeb
Linear Mode
