Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Home Browser Search Page


  • Please log in to reply

#1
waynf

waynf

    Member 1K

  • Member
  • PipPipPipPip
  • 1,031 posts
I have been having a problem changing my browser home page from www.yahoo.com to www.google.ca and I have done the following:

Today I uninstalled Yahoo Messenger 8.0(BETA) as it was giving me some problems and I though a new clean install might solve the problems.

Then I installed Yahoo Merssenger 750647 and ran in to no problems

However I cannot remove Yahoo.ca from my default home page.

I then went and did a Add/Remove operation and removed Yahoo Messenger again.

That did not solve the problem, and as I was expecting some important communication on messenging system, I re installed Yahoo Messsenger 75.064.7 .

Now I have been trying all sorts of operations to have my home page browser reflect www.google.ca but to no avail.

I even did the following: Control Panel>Internet Options>|Typed in new address as being www.google.ca but when I clik on Internet Mozilla Firefox, the same old www.yahoo.com keeps coming up.

Has Yahoo taken over my system.?

Wayne
  • 0

Advertisements


#2
GrantG

GrantG

    banned

  • Banned
  • PipPipPip
  • 122 posts
Run a spyware test. I bet you'll find some. Delete the spyware then try again:)
  • 0

#3
waynf

waynf

    Member 1K

  • Topic Starter
  • Member
  • PipPipPipPip
  • 1,031 posts
I ran Ad-Aware found nothing, but Spybot S& D found several cookies and one item in black remains: Please advise my next move it is the following:

Microsoft Security Center_Disabled

Wayne
  • 0

#4
exparisstevie

exparisstevie

    Member

  • Member
  • PipPipPip
  • 113 posts
Hi there,

Please dowload and install hijackthis and then post on the malware page of this site. You will find all instructions for this at the home page here.

It is very very important to read and understand the instructions PRIOR to starting out on this project, it's one which will give you back your PC and your life!!!


Stevie

:whistling:
  • 0

#5
waynf

waynf

    Member 1K

  • Topic Starter
  • Member
  • PipPipPipPip
  • 1,031 posts
Have started process under Malware Removal. I am currently aaaaat Section Dealing with AVG-Anti-Spyware. Progress so far in this section: Have downloaded and installed Ewido.
Have attempted to open up using Safe Mode.

Upon opening up in Safe Mode I have box with three choices.

WDC AC28400R
HL-DF-GCE-8527B
1ST Floppy Drive

Be advised my floppy drive is inoperable.

What do I do now.? What do I select?

Wayne
  • 0

#6
exparisstevie

exparisstevie

    Member

  • Member
  • PipPipPip
  • 113 posts
Hi,

Seems to be asking you for your main hard drive. However, you don't need to be doing any of this as yet. I'd be more comfortable for you at this point to be running a HJT log and posting it on the malware removal forum here.

I know it sounds silly, but to be honest, setting up these malware/spware detecion software's correctly in the first instance is paramount to regaining control of your system.

I would strongly advise posting a log before any further action.

Stevie
:whistling:

PS if you are really determined to set up ewido prior to posting a log, here is a link to a tutorial for the initial set up of the application;

http://www.help2go.c...structions.html
  • 0

#7
waynf

waynf

    Member 1K

  • Topic Starter
  • Member
  • PipPipPipPip
  • 1,031 posts
Here comes the Hijackthis log.:

Logfile of HijackThis v1.99.1
Scan saved at 1:32:11 PM, on 10/20/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Aliant Dial-up Accelerator\slipcore.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\LVComS.exe
C:\Program Files\Logitech\Video\LowLight.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Aliant Dial-up Accelerator\slipgui.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\sistray.exe
C:\Program Files\Internet Call Manager\ICM.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\PROGRA~1\Logitech\Video\AlbumDB2.exe
C:\PROGRA~1\Logitech\Video\FxSvr2.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Documents and Settings\Wayne\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.c...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.siteadvis...stall/?aff_id=0
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5401
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\4144\SiteAdv.dll
O2 - BHO: PBlockHelper Class - {4115122B-85FF-4DD3-9515-F075BEDE5EB5} - C:\Program Files\Aliant Dial-up Accelerator\PBHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: NOW!Imaging - {9AA2F14F-E956-44B8-8694-A5B615CDF341} - C:\Program Files\Aliant Dial-up Accelerator\components\NOWImaging.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\4144\SiteAdv.dll
O3 - Toolbar: Aliant Dial-up Accelerator - {8B79EE88-E62D-4AA8-B530-CC357BA112B7} - C:\Program Files\Aliant Dial-up Accelerator\Toolband.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [SlipStream] "C:\Program Files\Aliant Dial-up Accelerator\slipcore.exe"
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - Startup: Internet Call Manager.LNK = C:\Program Files\Internet Call Manager\ICM.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Aliant Dial-up Accelerator.lnk = C:\Program Files\Aliant Dial-up Accelerator\slipgui.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Show All Original Images - res://C:\Program Files\Aliant Dial-up Accelerator\gui_resource.dll/327
O8 - Extra context menu item: Show Original Image - res://C:\Program Files\Aliant Dial-up Accelerator\gui_resource.dll/328
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{BF0F0033-2E26-4B88-B93E-0F9413B9F849}: NameServer = 198.164.30.2 198.164.4.2
O18 - Protocol: bw+0 - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {132A8A23-C952-485D-AD8A-A25A06246C65} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\4144\SiteAdv.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
  • 0

#8
waynf

waynf

    Member 1K

  • Topic Starter
  • Member
  • PipPipPipPip
  • 1,031 posts
The following is Pandasoftware/activescan report:


Incident Status Location

Adware:adware/oemji Not disinfected Windows Registry
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Mssenger\Application Data\Mozilla\Firefox\Profiles\js9lm161.default\cookies.txt[statse.webtrendslive.com/]
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Mssenger\Application Data\Mozilla\Firefox\Profiles\js9lm161.default\cookies.txt[statse.webtrendslive.com/S005-01-8-15-233860-97119]
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Mssenger\Application Data\Mozilla\Firefox\Profiles\js9lm161.default\cookies.txt[statse.webtrendslive.com/S113288]
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Mssenger\Application Data\Mozilla\Firefox\Profiles\js9lm161.default\cookies.txt[.advertising.com/]
Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\Mssenger\Application Data\Mozilla\Firefox\Profiles\js9lm161.default\cookies.txt[searchportal.information.com/]
Potentially unwanted tool:Application/Restart Not disinfected C:\WINDOWS\system32\Tools\Restart.exe
  • 0

#9
exparisstevie

exparisstevie

    Member

  • Member
  • PipPipPip
  • 113 posts
Hi there waynf

You need to repost this into the malware removal section of the forum....


Stevie

:whistling:
  • 0

#10
waynf

waynf

    Member 1K

  • Topic Starter
  • Member
  • PipPipPipPip
  • 1,031 posts
OK
  • 0

Advertisements


#11
waynf

waynf

    Member 1K

  • Topic Starter
  • Member
  • PipPipPipPip
  • 1,031 posts
I sincerely hope that I posted my logs in the right area.

Another point that I noticed. When I use Mozilla Firefox as internet home page, I cannot select Use Blank as search engine(Control Panel>Internet Options>Use Blank>Apply) but when I open up internet using Internet Explorer and do the same operation, Internet Explorer will initiate "About:Blank)

I don't know if this means anything, but I'd just thought I'd mention it.

Wayne
  • 0

#12
exparisstevie

exparisstevie

    Member

  • Member
  • PipPipPip
  • 113 posts
Hey there waynf,

The problem you are having here is that 'internet options' does not control firefox, only IE

To configure firefox, open up the browser and go to tools then options. the about blank refered to in firefox is for advanced config and I don't think you need that just yet.

Setting up your home page in firefox is as easy as tools>options - click on the general tab at the top and then type in your home page and click ok. Thats it!

Hope that helps


Stevie
:whistling:
  • 0

#13
exparisstevie

exparisstevie

    Member

  • Member
  • PipPipPip
  • 113 posts
Hey again,

Just had a quick look at your log (don't wanna get too involved as I don't deal with malware on THIS forum) but since you've posted and I can see that the 018 entries are repeated i'll ask a couple of questions re this anyway.

The entry is pointing to a logitech desktop manager - do you have this?

Second thing I notice is that your java software is outdated (by a long way) and this leaves your system vulnerable - you should uninstall your version of java and then download and install java update 9 (you're currently running 6!

You have hijack this on the desktop - it should be in it's own directory in c - so you should create a folder directly under c drive called hijack this and download a fresh copy into it (uninst the other one first) - I'm sure the guys in the malware forum will tell you this anyway

You seem to have a dial up acceleration software showing in your log. Are you using dial up?

Sorry that I don't have time to look into your log further but sure the malware guys will be on the case soon enough for you.....


Stevie
:whistling:
  • 0

#14
exparisstevie

exparisstevie

    Member

  • Member
  • PipPipPip
  • 113 posts
Hey,

Was just checking that you'd posted your log in the malware removal section - can't find it. Can you tell me where you posted it? - If you find it just go to the page and then copy everything in your browser URL window (where you type you web addresses) - don't mean to sound patronising everyone on here is at a different level

then copy it and paste the link here.


Cheers



Stevie :whistling:
  • 0

#15
waynf

waynf

    Member 1K

  • Topic Starter
  • Member
  • PipPipPipPip
  • 1,031 posts
Well here goes:

Yes! I have logitech desktop manager-it came with installation of my Logitech WebCam.

I'm hoping to just google and find a place whre I can download newsest version of Java

I will put Hijack this in its own directory on "C"

Yes I am using Dial-up acceleerator from internet service provider(phone company) coulld this be a problem?

Wayne
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP