Welcome Guest ( Log In | Join )

Discover the best free computer help!
Learn more about Geeks to Go by taking the tour. Want to ask a question, reply to a topic, or remove all advertising? It's easy, fast and free. Join today!
Spyware, virus, trojan, fake security or privacy alerts? Please start with our malware cleaning guide.
     
 
 Closed TopicStart new topic
about blank has hijacked my browser, my internet home page keeps redirecting
cverna
post May 3 2006, 08:50 PM
Post #1


New Member
*
Posts: 3
OS: xp
Hello geek squad- after follinh your directions,i think spyfalcone was removed as well as other infected files
but my internet home page keeps changing back to about blank and the website http://www.theguardservices.com/ comes up. here is a log i did with hyjack.Logfile of HijackThis v1.99.1
Scan saved at 10:45:52 PM, on 5/3/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\csrss.exe
E:\WINDOWS\System32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\Program Files\Panda Software\Panda Titanium Antivirus 2005\PavProt.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\system32\spoolsv.exe
E:\WINDOWS\System32\dcomcfg.exe
E:\WINDOWS\System32\PDesk\PDesk.exe
E:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
E:\Program Files\Messenger\msmsgs.exe
E:\Program Files\Initio\HID Button Manager\inihid_xp.exe
E:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
E:\WINDOWS\System32\Ati2evxx.exe
E:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
E:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
E:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
E:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
E:\Program Files\ewido anti-malware\ewidoctrl.exe
E:\WINDOWS\System32\mgabg.exe
E:\Program Files\Panda Software\Panda Titanium Antivirus 2005\Firewall\PavFires.exe
E:\Program Files\Panda Software\Panda Titanium Antivirus 2005\PavFnSvr.exe
E:\Program Files\Panda Software\Panda Titanium Antivirus 2005\Pavkre.exe
E:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
E:\Program Files\Panda Software\Panda Titanium Antivirus 2005\pavsrv51.exe
E:\Program Files\Panda Software\Panda Titanium Antivirus 2005\AVENGINE.EXE
E:\Program Files\Panda Software\Panda Titanium Antivirus 2005\prevsrv.exe
E:\Program Files\Panda Software\Panda Titanium Antivirus 2005\PsImSvc.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\System32\Tablet.exe
E:\Program Files\Panda Software\Panda Titanium Antivirus 2005\Apvxdwin.exe
E:\Program Files\Panda Software\Panda Titanium Antivirus 2005\WebProxy.exe
E:\Program Files\Internet Explorer\iexplore.exe
E:\Documents and Settings\Chris\Desktop\New Folder\HijackThis.exe

O2 - BHO: Nothing - {b0398eca-0bcd-4645-8261-5e9dc70248d0} - E:\WINDOWS\System32\hpE329.tmp
O4 - HKLM\..\Run: [Matrox Powerdesk] E:\WINDOWS\System32\PDesk\PDesk.exe /Autolaunch
O4 - HKLM\..\Run: [NeroCheck] E:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Ink Monitor] E:\Program Files\EPSON\Ink Monitor\InkMonitor.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] E:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [APVXDWIN] "E:\Program Files\Panda Software\Panda Titanium Antivirus 2005\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [AVG7_CC] E:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [MSMSGS] "E:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: HID Button Manager.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = E:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = E:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = E:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE
O8 - Extra context menu item: &Google Search - res://E:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Search - http://kl.bar.need2find.com/KL/menusearch.html?p=KL
O8 - Extra context menu item: &Translate English Word - res://E:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://E:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://E:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://E:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://E:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O23 - Service: Adobe LM Service - Unknown owner - E:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown owner - E:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - E:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - E:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - E:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - E:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: ewido security suite control - ewido networks - E:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - E:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: MGABGEXE - Matrox Graphics Inc. - E:\WINDOWS\System32\mgabg.exe
O23 - Service: Panda Firewall Service (PAVFIRES) - Panda Software - E:\Program Files\Panda Software\Panda Titanium Antivirus 2005\Firewall\PavFires.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software - E:\Program Files\Panda Software\Panda Titanium Antivirus 2005\PavFnSvr.exe
O23 - Service: Panda Pavkre (Pavkre) - Panda Software - E:\Program Files\Panda Software\Panda Titanium Antivirus 2005\Pavkre.exe
O23 - Service: Panda PavProt (PavProt) - Panda Software - E:\Program Files\Panda Software\Panda Titanium Antivirus 2005\PavProt.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - E:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software - E:\Program Files\Panda Software\Panda Titanium Antivirus 2005\pavsrv51.exe
O23 - Service: Panda Preventium+ Service (PREVSRV) - Panda Software - E:\Program Files\Panda Software\Panda Titanium Antivirus 2005\prevsrv.exe
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software Internacional - E:\Program Files\Panda Software\Panda Titanium Antivirus 2005\PsImSvc.exe
O23 - Service: TabletService - Wacom Technology, Corp. - E:\WINDOWS\System32\Tablet.exe

this i hope i gave you all the info you need. any help is appreciated im already singing the praises of your web site-cv
Go to the top of the page
 
+Quote Post
coachwife6
post May 3 2006, 09:04 PM
Post #2


SuperMod
Group Icon
Posts: 11,414
From: In the gym
OS: xp home, xp pro
We can definitely help you, but first you need to help us. The first step in this process is to apply Service Pack 1a for Windows XP. Without this update, you're wide open to re-infection, and we're both just wasting our time.
Click here: http://www.microsoft.com/windowsxp/downloa...p1/default.mspx
Apply the update, reboot, and post a fresh Hijack This log.
Go to the top of the page
 
+Quote Post
cverna
post May 3 2006, 09:26 PM
Post #3


New Member
*
Posts: 3
OS: xp
you guys are fast. thanks. when i had this computer built a crack version of xp was used i'm afaid that if i update windows like you suggested ,my system will shut down, like you said "with out waising our time" am i out of options? thanks again-cv
Go to the top of the page
 
+Quote Post
cverna
post May 4 2006, 12:59 PM
Post #4


New Member
*
Posts: 3
OS: xp
hi coachwife6-
i am at work and have access to a printer so i thought i would drop this note in case you had a long instruction list that i needed to be printed out. i know you said that i need to run a windows update. but i fear my system will crash because its being run on a crack version of xp. is there any other options? should i risk running the updates. am i asking to many questions? thanks again for your quick resonse last night. all the help is appreciated-cv
Go to the top of the page
 
+Quote Post
coachwife6
post May 4 2006, 03:38 PM
Post #5


SuperMod
Group Icon
Posts: 11,414
From: In the gym
OS: xp home, xp pro
It is against our site policy to help anyone running an illegal version of windows. This topic is closed.
Go to the top of the page
 
+Quote Post
 

Closed TopicStart new topic
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:

 
RSS Time is now: 7th January 2009 - 11:23 PM
Advertisements do not imply our endorsement of that product or service. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk.
Powered By IP.Board © 2009  IPS, Inc.