Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

My pc is full of adaware and popups

Started by tracybet , Apr 05 2005 06:10 AM

  • Please log in to reply

#1
tracybet
Posted 05 April 2005 - 06:10 AM

tracybet

    Member

  • Member
  • PipPip
  • 18 posts
Logfile of Browser Hijack Recover(BHR) v2.0
http://www.browser-hijack.com/
Log created on 05/04/2005 12:49:11
Microsoft Windows XP Professional Service Pack 2 (Build 2600)
Internet Explorer v6.0.2900.2180 Update Versions: ;SP2;

[Process Manager] - [Process]
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ZoneLabs\isafe.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\WINDOWS\System32\msdtc.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\The Cleaner\tca.exe
C:\Program Files\The Cleaner\tcm.exe
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
C:\Program Files\XoftSpy\XoftSpy.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\SAGEM\SAGEM [email protected] 800-840\dslmon.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\dllhost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Browser Hijack Recover\bhr.exe

[IE Options] - [Normal]
R0 - HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
R0 - HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft..._intl/en/start/
R0 - HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main,Window Title =

[IE Options] - [IE Menu]

[IE Options] - [Internet Options]

[IE Options] - [IE Search Hooks]
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\System32\shdocvw.dll

[IE Add-Ons] - [Toolbars]
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

[IE Add-Ons] - [Explorer Bars]
O9 - Extra "View" Explorer Bars: (No Name) - {32683183-48a0-441b-a342-7c2a440a9478} - (No File)
O9 - Extra "View" Explorer Bars: Favorites Band - {EFA24E61-B078-11D0-89E4-00C04FC9E26E} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra "View" Explorer Bars: History Band - {EFA24E62-B078-11D0-89E4-00C04FC9E26E} - C:\WINDOWS\System32\shdocvw.dll

[IE Add-Ons] - [Context Menu]
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html

[IE Add-Ons] - [BHOs]
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

[IE Add-Ons] - [Tools Menu]
O9 - Extra "Tool" Menu Item: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra "Tool" Menu Item: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra "Tool" Menu Item: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

[IE Add-Ons] - [Tools Button]
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra "Tool" Menu Item: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra Button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

[System Options]

[StartUp]
04 - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run H/PC Connection Agent = C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
04 - HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run ATIPTA = C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
04 - HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run TkBellExe = C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
04 - HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run tcactive = C:\Program Files\The Cleaner\tca.exe
04 - HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run tcmonitor = C:\Program Files\The Cleaner\tcm.exe
04 - HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run HP Software Update = C:\Program Files\HP\HP Software Update\HPWuSchd.exe
04 - HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run Zone Labs Client = C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
04 - HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run HP Component Manager = C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
04 - HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run SunJavaUpdateSched = C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
04 - HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run XoftSpy = C:\Program Files\XoftSpy\XoftSpy.exe -s
04 - HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run etbrun = C:\windows\system32\eliteozi32.exe
O4 - C:\Documents and Settings\Joanne.UKDEP001\Start Menu\Programs\Startup\Microsoft Office OneNote 2003 Quick Launch.lnk = C:\PROGRA~1\MICROS~4\OFFICE11\ONENOTEM.EXE
O4 - C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\DSLMON.lnk = C:\PROGRA~1\SAGEM\SAGEMF~1\dslmon.exe
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Forum
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP