HiJackThis Log file help

#1
jimsharpe10

Posted 25 July 2006 - 07:19 PM

Member

Member
47 posts

I accidentally installed Zango Toolbar on my computer and when I try to uninstall it it wont. I was told to post this hear. I finished all the steps I could in the do this before posting your log thread. So hear is my log:
Logfile of HijackThis v1.99.1
Scan saved at 9:16:31 PM, on 7/25/06
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCEVTMGR.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\SYMANTEC\LIVEUPDATE\ALUSCHEDULERSVC.EXE
C:\WINDOWS\SYSTEM\KB918547\KB918547.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM32\DRIVERS\KODAKCCS.EXE
C:\WINDOWS\SYSTEM\ATIPTAXX.EXE
C:\PROGRAM FILES\LEXMARK 1200 SERIES\LXCZBMGR.EXE
C:\PROGRAM FILES\LEXMARK 1200 SERIES\LXCZBMON.EXE
C:\WINDOWS\SYSTEM\LEXBCES.EXE
C:\WINDOWS\ptsnoop.exe
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCAPP.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\SYSTEM\DESK98.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\NETZERO\EXEC.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\PROGRAM FILES\NETZERO\EXEC.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\LEXPPS.EXE
C:\MY DOCUMENTS\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://my.netzero.ne...ch?r=minisearch
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://my.netzero.ne...ch?r=minisearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://my.netzero.ne...ch?r=minisearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://my.netzero.ne...ch?r=minisearch
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://my.netzero.ne...ch?r=minisearch
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://my.netzero.ne...ch?r=minisearch
R3 - URLSearchHook: URLSearchHook Class - {37D2CDBF-2AF4-44AA-8113-BD0D2DA3C2B8} - C:\PROGRAM FILES\NZSEARCH\SEARCHENH1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: ZeroBar - {F0F8ECBE-D460-4B34-B007-56A92E8F84A7} - C:\PROGRAM FILES\NETZERO\TOOLBAR.DLL
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [KodakCCS] C:\WINDOWS\System32\Drivers\KodakCCS.exe
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [Lexmark 1200 Series] "C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe"
O4 - HKLM\..\Run: [LexStart] lexstart.exe
O4 - HKLM\..\Run: [CountrySelection] pctptt.exe
O4 - HKLM\..\Run: [PTSNOOP] ptsnoop.exe
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\SYSTEM\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMON.EXE /Consumer
O4 - HKLM\..\Run: [HydraVisionDesktopManager] desk98.exe
O4 - HKLM\..\RunServices: [ccEvtMgr] "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"
O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [ALU Scheduler Service] C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O4 - HKLM\..\RunServices: [KB918547] C:\WINDOWS\SYSTEM\KB918547\KB918547.EXE
O4 - HKCU\..\Run: [ATI Launchpad] "C:\PROGRAM FILES\ATI MULTIMEDIA\MAIN\LAUNCHPD.EXE"
O4 - HKCU\..\Run: [spc_w] "C:\Program Files\NZSearch\nzspc.exe" -w
O4 - HKCU\..\Run: [NetZero_uoltray] C:\PROGRAM FILES\NETZERO\EXEC.EXE regrun
O4 - Startup: PowerReg Scheduler V3.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRAM FILES\JAVA\JRE1.5.0_06\BIN\SSV.DLL
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRAM FILES\JAVA\JRE1.5.0_06\BIN\SSV.DLL
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by102fd.bay10...ex/HMAtchmt.ocx

Edited by jimsharpe10, 26 July 2006 - 06:35 PM.

#2
ScHwErV

Posted 31 July 2006 - 10:26 AM

Member 5k

Retired Staff
21,285 posts

Your log is clean of malware. Lets see if we can get an uninstall list.

Open HijackThis, click Config, click Misc Tools
Click "Open Uninstall Manager"
Click "Save List" (generates uninstall_list.txt)
Click Save, copy and paste the results in your next post.

Post back with that and well see what we can do.

ScHwErV :whistling:

#3
jimsharpe10

Posted 31 July 2006 - 04:04 PM

Member

Topic Starter
Member
47 posts

Heroes of Might and Magic™ III Armageddon's Blade
Ability Office 2000
Ad-Aware SE Personal
Adobe Acrobat 4.0
Adobe Shockwave Player
Adobe Type Manager
After Dark Games
Alien Blast
Ares 1.8.1
ASUS Display Drivers
AT&T WorldNet Setup 1.2
Atari: The 80 Classic Games
ATI Display Driver
ATI Multimedia Center
Babe Arcade
Backyard Basketball 2004
Barbie® Super Sports™
Battleship SURFACE THUNDER
Beavis and Butt-head Do U.
Boggle
Browser Hijack Blaster v1.0
Casino Master
Clue
Dirt Track Racing
Dirt Track Racing - Sprint Cars
Disney's 102 Dalmatians Puppies to the Rescue
DivX Player
EasyPhoto Software
Error Search Assistant Reset
GT Interactive - Driver
GTAIII
Harry Potter
Harry Potter II
Heroes of Might and Magic® III The Shadow of Death™
HijackThis 1.99.1
Hootenanny
HSP56 MR Drivers
HydraVision
Internet Explorer Q916281
J2SE Runtime Environment 5.0 Update 3
J2SE Runtime Environment 5.0 Update 6
Jeopardy! 2003
Jungle Games
Kodak EasyShare software
Lexmark 1200 Series
LimeWire 4.12.3
LiveReg (Symantec Corporation)
LiveUpdate 3.0 (Symantec Corporation)
Microsoft .NET Framework 1.1
Microsoft ActiveSync 3.5
Microsoft Data Access Components KB870669
Microsoft Encarta 98 Encyclopedia
Microsoft Internet Explorer 6 SP1 and Internet Tools
Microsoft Outlook Express 6
Microsoft VGX Q833989
Microsoft Windows Critical Update Notification
Microsoft XML Parser and SDK
Milton Bradley Classic Board Games
mIRC
Monopoly Junior
Monopoly Tycoon
Mozilla Firefox (0.8.)
Mozilla Firefox (1.0.7)
Netscape Browser (remove only)
Network Play System (Patching)
NetZero Internet
Norton AntiVirus 2003
NVIDIA Windows 95/98*Guest Display Drivers
Ocean Discovery™
Operation
Outlook Express Q823353
Parker Brothers Classic Card Games
Petz II
Pinup Strip Poker Free Trial 1.29
PokerStars.net
Quick View Plus (Server-based setup)
QuickTime
QuickTime for Windows (32-bit)
Remove DivX Codec
Rocky Mountain Trophy Hunter
Rocky Mountain Trophy Hunter Alaskan Expedition
RollerCoaster Tycoon
RollerCoaster Tycoon 2
Sid Meier's SimGolf
Sierra Utilities
SiS 900 PCI Fast Ethernet Adapter Driver
SiS Audio Driver
Skateboard Park Tycoon
Slice 'N Hook
Sorry
SpongeBob SquarePants® Operation Krabby Patty
Spy Sweeper
Spybot - Search & Destroy 1.3
Texas Hunting
The Game Of Life
The Sims File Cop
The Sims Makin' Magic
Tiger Woods PGA TOUR 2001
Titanic
Triple Play 99
Trivial Pursuit Unhinged
uninstall Fast Food Tycoon
Universal Media Player
Warrior Kings
Web Contextual Reset
Wheel of Fortune 2003
Who Wants To Be A Millionaire
Windows 98 KB891711 Update
Windows 98 KB908519 Update
Windows 98 KB918547 Update
Windows 98 Q823559 Update
Windows 98 Q840315 Update
Windows 98 Q888113 Update
Windows 98 Q890175 Update
Windows Media Player system update (9 Series)
WingMan Software
WinZip
WWE RAW
Yahtzee
Zango Toolbar
Zoo Tycoon Expanded

#4
ScHwErV

Posted 02 August 2006 - 06:22 AM

Member 5k

Retired Staff
21,285 posts

Download and unzip BFUzip from http://www.merijn.org/files/bfu.zip
Run the program and click the Web button as shown here:
Posted Image

Use this URL to copy into the address bar of the Download script window:
http://metallica.geekstogo.com/MediaGateway.BFU

Make sure all IE windows are closed.

Execute the script by clicking the Execute button.

If you have any questions about the use of BFU please read here:
http://metallica.gee...structions.html

After that, reboot and post back with a fresh uninstall list.

ScHwErV :whistling:

#5
jimsharpe10

Posted 02 August 2006 - 05:36 PM

Member

Topic Starter
Member
47 posts

#6
ScHwErV

Posted 03 August 2006 - 08:13 AM

Member 5k

Retired Staff
21,285 posts

Appears to be gone. Any other issues?

#1
jimsharpe10

Posted 25 July 2006 - 07:19 PM

Advertisements

#2
ScHwErV

Posted 31 July 2006 - 10:26 AM

#3
jimsharpe10

Posted 31 July 2006 - 04:04 PM

#4
ScHwErV

Posted 02 August 2006 - 06:22 AM

#5
jimsharpe10

Posted 02 August 2006 - 05:36 PM

#6
ScHwErV

Posted 03 August 2006 - 08:13 AM

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us

HiJackThis Log file help

#1 jimsharpe10 Posted 25 July 2006 - 07:19 PM

Advertisements

#2 ScHwErV Posted 31 July 2006 - 10:26 AM

#3 jimsharpe10 Posted 31 July 2006 - 04:04 PM

#4 ScHwErV Posted 02 August 2006 - 06:22 AM

#5 jimsharpe10 Posted 02 August 2006 - 05:36 PM

#6 ScHwErV Posted 03 August 2006 - 08:13 AM

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us

Sign In

#1
jimsharpe10

Posted 25 July 2006 - 07:19 PM

#2
ScHwErV

Posted 31 July 2006 - 10:26 AM

#3
jimsharpe10

Posted 31 July 2006 - 04:04 PM

#4
ScHwErV

Posted 02 August 2006 - 06:22 AM

#5
jimsharpe10

Posted 02 August 2006 - 05:36 PM

#6
ScHwErV

Posted 03 August 2006 - 08:13 AM