|
|||||||||
|
|||||||||
| |||||||||
|
|||||||||
|
|||||||||
| |||||||||
|
|
|
| |||||||||
 |
|
|
«
Previous Thread
|
Next Thread
»
|
Thread Tools | Search this Thread | Rate Thread | Display Modes |
Dev Shed Forums Sponsor:
|
|
Get inside! Sample the range of functionality easily built with JMSL Library for Time Series Data Analysis, Heat Maps, Portfolio Optimization, Monte Carlo Simulation, Stock Price Charting and more. Download Now! |
|
#1
June 11th, 2004, 06:47 AM
|
|||
|
|||
res://mshp.dll/index.html#37049 Victim !
I've fallen foul of this res://mshp.dll/index.html#37049
I've tried to follow threads about removal but as another thread starts within that thread all gets very complicated ... especially to an idiot like me. Can anyone explain to this idiot how to rid my PC of this res://mshp.dll/index.html#37049 many thanks
|
|
#2
June 11th, 2004, 08:37 AM
|
||||
|
||||
|
http://forums.techguy.org/t228502.html
Step by step guide. HijackThis, Spybot Search & Destroy, Ad-aware, and CWShredder are your friends.
__________________
--Dave-- U2kgSG9jIExlZ2VyZSBTY2lzLCBOaW1pdW0gRXJ1ZGl0aW9uaXMgSGFiZXM=
|
|
#3
June 11th, 2004, 12:29 PM
|
||||
|
||||
|
moved...
|
|
#4
June 14th, 2004, 08:14 AM
|
|||
|
|||
|
Highjack This! log file
Many thanks for the quick reply.
Here's the logfile from Highjack This! Can anyone help with the next stage of removal. Thanks in advance. Logfile of HijackThis v1.97.7 Scan saved at 14:11:16, on 14/06/04 Platform: Windows 98 Gold (Win9x 4.10.1998) MSIE: Unable to get Internet Explorer version! Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32.EXE C:\WINDOWS\SYSTEM\SPOOL32.EXE C:\WINDOWS\SYSTEM\MPREXE.EXE C:\PROGRAM FILES\COMMON FILES\AOL\ACS\AOLACSD.EXE C:\WINDOWS\SYSTEM\mmtask.tsk C:\WINDOWS\EXPLORER.EXE C:\WINDOWS\TASKMON.EXE C:\WINDOWS\SYSTEM\SYSTRAY.EXE C:\WINDOWS\SYSTEM\P2P NETWORKING\P2P NETWORKING.EXE C:\WINDOWS\STARTER.EXE C:\PROGRAM FILES\GRISOFT\AVG6\AVGCC32.EXE C:\PROGRAM FILES\ONSPEED\ONSPEED\3.52.1209.28\IACLIM.EXE C:\PROGRAM FILES\REAL\REALPLAYER\REALPLAY.EXE C:\PROGRAM FILES\COMMON FILES\AOL\ACS\AOLDIAL.EXE C:\WINDOWS\SYSTEM\QTTASK.EXE C:\PROGRAM FILES\AOL 9.0\AOLTRAY.EXE C:\PROGRAM FILES\AOL 9.0\WAOL.EXE C:\PROGRAM FILES\AOL 9.0\SHELLMON.EXE C:\PROGRAM FILES\COMMON FILES\AOL\AOLTPSPD.EXE C:\WINDOWS\SYSTEM\RNAAPP.EXE C:\WINDOWS\SYSTEM\TAPISRV.EXE C:\PROGRAM FILES\OUTLOOK EXPRESS\MSIMN.EXE C:\WINDOWS\SYSTEM\PSTORES.EXE D:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE C:\PROGRAM FILES\MACROMEDIA\DREAMWEAVER 4\DREAMWEAVER.EXE C:\PROGRAM FILES\GLOBALSCAPE\CUTEFTP\CUTFTP32.EXE C:\PROGRAM FILES\WINZIP\WINZIP32.EXE C:\WINDOWS\TEMP\HIJACKTHIS.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.co.uk/0SEENGB/SAOS01 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://mshp.dll/sp.html#37049 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = res://mshp.dll/index.html#37049 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = res://mshp.dll/index.html#37049 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://mshp.dll/sp.html#37049 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = res://mshp.dll/index.html#37049 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://mshp.dll/sp.html#37049 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by AOL F1 - win.ini: run=C:\WINDOWS\SYSTEM\SERVICES\WMPLAYER.EXE O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YCOMP5_3_16_0.DLL (file missing) O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\windows\downloaded program files\googletoolbar_en_2.0.95-deleon.dll O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX O2 - BHO: (no name) - {02336F51-24CA-4422-AB63-18841ADF35E6} - C:\PROGRAM FILES\ONSPEED\ONSPEED\3.52.1209.28\ECATBHO.DLL (file missing) O2 - BHO: (no name) - {5321E378-FFAD-4999-8C62-03CA8155F0B3} - (no file) O2 - BHO: ShowSearch module - {E2DDF680-9905-4dee-8C64-0A5DE7FE133C} - C:\WINDOWS\APPLICATION DATA\IEMS\APIAU.DLL O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL (file missing) O2 - BHO: . - {D34F08C5-4F18-477c-86CB-1A9BEECFE37B} - C:\WINDOWS\APPLICATION DATA\IEGD\IEGD32.DLL O2 - BHO: (no name) - {FD9BC004-8331-4457-B830-4759FF704C22} - C:\WINDOWS\APPLICATION DATA\IEGD\ADVWM32.DLL O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\windows\downloaded program files\googletoolbar_en_2.0.95-deleon.dll O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YCOMP5_3_16_0.DLL (file missing) O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe O4 - HKLM\..\Run: [SystemTray] SysTray.Exe O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\Run: [P2P NETWORKING] C:\WINDOWS\SYSTEM\P2P NETWORKING\P2P NETWORKING.EXE /AUTOSTART O4 - HKLM\..\Run: [EnsoniqMixer] starter.exe O4 - HKLM\..\Run: [AVG_CC] C:\PROGRAM FILES\GRISOFT\AVG6\avgcc32.exe /startup O4 - HKLM\..\Run: [IAClient] C:\Program Files\ONSPEED\ONSPEED\3.52.1209.28\IACLiM.exe O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime O4 - HKLM\..\Run: [Image] rundll32 C:\WINDOWS\SDKNS32.DLL,Install O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\RunServices: [AolAcsDaemon1] "C:\PROGRAM FILES\COMMON FILES\AOL\ACS\AOLACSD.EXE" O4 - HKCU\..\RunServices: [Image] rundll32 C:\WINDOWS\SDKNS32.DLL,Install O4 - Startup: AOL 9.0 Tray Icon.lnk = C:\Program Files\AOL 9.0\aoltray.exe O8 - Extra context menu item: &Google Search - res://C:\WINDOWS\DOWNLOADED PROGRAM FILES\GOOGLETOOLBAR_EN_2.0.95-DELEON.DLL/cmsearch.html O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\WINDOWS\DOWNLOADED PROGRAM FILES\GOOGLETOOLBAR_EN_2.0.95-DELEON.DLL/cmcache.html O8 - Extra context menu item: Si&milar Pages - res://C:\WINDOWS\DOWNLOADED PROGRAM FILES\GOOGLETOOLBAR_EN_2.0.95-DELEON.DLL/cmsimilar.html O8 - Extra context menu item: Backward &Links - res://C:\WINDOWS\DOWNLOADED PROGRAM FILES\GOOGLETOOLBAR_EN_2.0.95-DELEON.DLL/cmbacklinks.html O8 - Extra context menu item: Translate Page - res://C:\WINDOWS\DOWNLOADED PROGRAM FILES\GOOGLETOOLBAR_EN_2.0.95-DELEON.DLL/cmtrans.html O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll O14 - IERESET.INF: START_PAGE_URL=http://www.aol.co.uk O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/...ash/swflash.cab O16 - DPF: {AE9DCB17-F804-11D2-A44A-0020182C1446} (IntraLaunch.MainControl) - file://F:\SuperCD\IntraLaunch.CAB O16 - DPF: Win32 Classes - file://C:\WINDOWS\Java\classes\win32ie4.cab O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - http://tools.ebayimg.com/eps/active...ol_v1-0-3-0.cab O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yah...s/yinst0401.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = aoldsl.net
|
|
| Viewing: Dev Shed Forums > System Administration > Antivirus Protection > res://mshp.dll/index.html#37049 Victim ! |
| Thread Tools | Search this Thread |
| Display Modes | Rate This Thread |
|
|
 |
|
|
 |
Del.icio.us
Digg
Google
Spurl
Blink
Furl
Simpy
Y! MyWeb
Linear Mode
