Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Hijack this log please


  • Please log in to reply

#1
Iberia

Iberia

    New Member

  • Member
  • Pip
  • 4 posts
Logfile of HijackThis v1.99.1
Scan saved at 12:39:30, on 01-05-2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Programas\Ficheiros comuns\Symantec Shared\ccSetMgr.exe
D:\Programas\Ficheiros comuns\Symantec Shared\SPBBC\SPBBCSvc.exe
D:\Programas\Ficheiros comuns\Symantec Shared\ccEvtMgr.exe
D:\WINDOWS\system32\spoolsv.exe
D:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
D:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
D:\Programas\PalickSoft\HDD Temperature\HDDTSvc.exe
D:\Programas\Ficheiros comuns\Microsoft Shared\VS7Debug\mdm.exe
D:\Programas\Norton AntiVirus\navapsvc.exe
D:\Programas\Norton AntiVirus\IWP\NPFMntor.exe
D:\WINDOWS\System32\nvsvc32.exe
D:\Programas\Ficheiros comuns\Symantec Shared\CCPD-LC\symlcsvc.exe
D:\WINDOWS\Explorer.EXE
C:\Programas\QuickTime\qttask.exe
D:\Programas\Messenger Plus! 3\MsgPlus.exe
D:\Programas\Ficheiros comuns\Symantec Shared\ccApp.exe
D:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
D:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
D:\WINDOWS\system32\RUNDLL32.EXE
D:\WINDOWS\system32\ctfmon.exe
D:\Programas\Internet Explorer\iexplore.exe
d:\progra~1\intern~1\iexplore.exe
D:\Program Files\SpySubtract\SpySub.exe
D:\WINDOWS\twain_32\CIS600X\WATCH.exe
D:\Programas\Internet Explorer\iexplore.exe
C:\eMule\emule.exe
D:\Programas\MSN Messenger\msnmsgr.exe
D:\WINDOWS\System32\svchost.exe
D:\Programas\Internet Explorer\iexplore.exe
D:\Documents and Settings\Utilizador\Ambiente de trabalho\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.nigoycnal...voDr9h0IAiT.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: 66.218.75.184 mail.yahoo.com
O1 - Hosts: 69.50.166.12 www.go.com
O1 - Hosts: 69.50.166.12 go.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programas\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: AzEntretien Class - {0d2def3a-f4f1-42ec-ac4f-132e7ba6e292} - %SystemRoot%\azentretien.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - D:\Programas\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {D9014E15-794D-C726-C3D4-B1ACD8F3CB1B} - D:\DOCUME~1\UTILIZ~1\APPLIC~1\SOFTBO~1\program trust.exe
O2 - BHO: ZToolbar Activator Class - {da7ff3f8-08be-4cac-bc00-94d91c6ae7f4} - D:\WINDOWS\azesearch3.dll
O2 - BHO: AddressBar Class - {f65b197f-8260-4d52-909a-f70118e646eb} - D:\WINDOWS\system32\iasadm.dll
O3 - Toolbar: AZE Search - {a19ef336-01d4-48e6-926a-fe7e1c747aed} - D:\WINDOWS\azesearch3.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programas\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MessengerPlus3] "D:\Programas\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [ccApp] "D:\Programas\Ficheiros comuns\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] D:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [AVG7_CC] D:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] D:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [atom size camp this] D:\Documents and Settings\All Users\Application Data\barb tons atom size\ShimSoap.exe
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [load build] D:\DOCUME~1\UTILIZ~1\APPLIC~1\4THIS~1\pure test dead.exe
O4 - Startup: Watch.lnk = D:\WINDOWS\twain_32\CIS600X\WATCH.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Programas\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: SpySubtract.lnk = D:\Program Files\SpySubtract\SpySub.exe
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\Programas\PartyPoker\IEExtension.dll
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\Programas\PartyPoker\IEExtension.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programas\Messenger\msmsgs.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - D:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - D:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - D:\Programas\Ficheiros comuns\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - D:\Programas\Ficheiros comuns\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - D:\Programas\Ficheiros comuns\Symantec Shared\ccSetMgr.exe
O23 - Service: HDD Temperature (HDDTService) - PalickSoft - D:\Programas\PalickSoft\HDD Temperature\HDDTSvc.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - D:\Programas\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - D:\Programas\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - D:\Programas\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - D:\PROGRA~1\FICHEI~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - D:\Programas\Ficheiros comuns\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - D:\Programas\Ficheiros comuns\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - D:\Programas\Ficheiros comuns\Symantec Shared\CCPD-LC\symlcsvc.exe
  • 0

Advertisements


#2
Iberia

Iberia

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
Please help me out, i followed all the steps and i did the procedure like 3 times and yet azesearch just keep coming back, i have this problem like 1 week. please help me out.
  • 0

#3
Hemal

Hemal

    Founding Fart

  • Technician
  • 1,470 posts
You may wish to print out a copy of these instructions to follow while you complete this procedure.

Please save Hijack This in a permanent folder (i.e. C:\HJT). This ensures backups are saved and accessible.

Please go offline, close all browsers and any open Windows, making sure that only HijackThis is open. Scan and when it finishes, put an X in the boxes, only next to these following items, then click fix checked.

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.nigoycnal...voDr9h0IAiT.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: 66.218.75.184 mail.yahoo.com
O1 - Hosts: 69.50.166.12 www.go.com
O1 - Hosts: 69.50.166.12 go.com
O2 - BHO: AzEntretien Class - {0d2def3a-f4f1-42ec-ac4f-132e7ba6e292} - %SystemRoot%\azentretien.dll (file missing)
O2 - BHO: ZToolbar Activator Class - {da7ff3f8-08be-4cac-bc00-94d91c6ae7f4} - D:\WINDOWS\azesearch3.dll
O2 - BHO: AddressBar Class - {f65b197f-8260-4d52-909a-f70118e646eb} - D:\WINDOWS\system32\iasadm.dll
O3 - Toolbar: AZE Search - {a19ef336-01d4-48e6-926a-fe7e1c747aed} - D:\WINDOWS\azesearch3.dll
O2 - BHO: (no name) - {D9014E15-794D-C726-C3D4-B1ACD8F3CB1B} - D:\DOCUME~1\UTILIZ~1\APPLIC~1\SOFTBO~1\program trust.exe

Reboot your PC.

If you would please, rescan with HijackThis and post a fresh log in this same topic, and let us know how your system's working. :tazz:
  • 0

#4
Iberia

Iberia

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
Logfile of HijackThis v1.99.1
Scan saved at 15:32:04, on 01-05-2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Programas\Ficheiros comuns\Symantec Shared\ccSetMgr.exe
D:\Programas\Ficheiros comuns\Symantec Shared\SPBBC\SPBBCSvc.exe
D:\Programas\Ficheiros comuns\Symantec Shared\ccEvtMgr.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\Explorer.EXE
D:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
D:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
D:\Programas\PalickSoft\HDD Temperature\HDDTSvc.exe
D:\Programas\Ficheiros comuns\Microsoft Shared\VS7Debug\mdm.exe
D:\Programas\Norton AntiVirus\navapsvc.exe
D:\Programas\Norton AntiVirus\IWP\NPFMntor.exe
D:\WINDOWS\System32\nvsvc32.exe
D:\Programas\Ficheiros comuns\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Programas\QuickTime\qttask.exe
D:\Programas\Messenger Plus! 3\MsgPlus.exe
D:\Programas\Ficheiros comuns\Symantec Shared\ccApp.exe
D:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
D:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
D:\WINDOWS\system32\RUNDLL32.EXE
D:\WINDOWS\system32\ctfmon.exe
d:\progra~1\intern~1\iexplore.exe
D:\Program Files\SpySubtract\SpySub.exe
D:\WINDOWS\twain_32\CIS600X\WATCH.exe
D:\WINDOWS\REGEDIT.exe
D:\Programas\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
d:\progra~1\intern~1\iexplore.exe
D:\Documents and Settings\Utilizador\Ambiente de trabalho\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.sefcasnmj...PoDr9h0IAiT.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.azesearch.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programas\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - D:\Programas\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programas\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MessengerPlus3] "D:\Programas\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [ccApp] "D:\Programas\Ficheiros comuns\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] D:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [AVG7_CC] D:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] D:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [atom size camp this] D:\Documents and Settings\All Users\Application Data\barb tons atom size\ShimSoap.exe
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [load build] D:\DOCUME~1\UTILIZ~1\APPLIC~1\4THIS~1\pure test dead.exe
O4 - Startup: Watch.lnk = D:\WINDOWS\twain_32\CIS600X\WATCH.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Programas\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: SpySubtract.lnk = D:\Program Files\SpySubtract\SpySub.exe
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\Programas\PartyPoker\IEExtension.dll
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\Programas\PartyPoker\IEExtension.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programas\Messenger\msmsgs.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - D:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - D:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - D:\Programas\Ficheiros comuns\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - D:\Programas\Ficheiros comuns\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - D:\Programas\Ficheiros comuns\Symantec Shared\ccSetMgr.exe
O23 - Service: HDD Temperature (HDDTService) - PalickSoft - D:\Programas\PalickSoft\HDD Temperature\HDDTSvc.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - D:\Programas\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - D:\Programas\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - D:\Programas\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - D:\PROGRA~1\FICHEI~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - D:\Programas\Ficheiros comuns\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - D:\Programas\Ficheiros comuns\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - D:\Programas\Ficheiros comuns\Symantec Shared\CCPD-LC\symlcsvc.exe

When i started IE the homepage was azesearch, and it looks like this wasnt fixed:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [url=http://www.sefcasnmjifepjzapoqjg.biz/ChUarAu1vsAJ5yTmQVJPJyKsoG1zjnU3PBPRxzBJAuVnknLJbk5B7PoDr9h0IAiT.php]

Edited by Iberia, 01 May 2005 - 08:39 AM.

  • 0

#5
Hemal

Hemal

    Founding Fart

  • Technician
  • 1,470 posts
get rid of
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.sefcasnmj...PoDr9h0IAiT.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.azesearch.com

After, please delete your temporary files. Double Click My Computer (WinXP: Navigate to Start --->My Computer)
You will see an icon representing your harddrive (most likely C: Drive) Right Click on the hard drive icon and click Properties at the
bottom of the fly out window. One the very first tab (General) you will see a button labeled "Disk Cleanup"...click that button.
Make sure the following are checked:
Downloaded Program Files
Temporary Internet Files and
Recycle Bin

Click OK and Disk Cleanup will delete those files for you.

Run another ad-aware scan if possible to make sure we got rid of all those nasties

after reboot and post a new HiJack This log- is your computer running better?
  • 0

#6
Iberia

Iberia

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
Logfile of HijackThis v1.99.1
Scan saved at 17:06:03, on 01-05-2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Programas\Ficheiros comuns\Symantec Shared\ccSetMgr.exe
D:\Programas\Ficheiros comuns\Symantec Shared\SPBBC\SPBBCSvc.exe
D:\Programas\Ficheiros comuns\Symantec Shared\ccEvtMgr.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\Explorer.EXE
D:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
D:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
D:\Programas\PalickSoft\HDD Temperature\HDDTSvc.exe
D:\Programas\Ficheiros comuns\Microsoft Shared\VS7Debug\mdm.exe
D:\Programas\Norton AntiVirus\navapsvc.exe
D:\Programas\Norton AntiVirus\IWP\NPFMntor.exe
D:\WINDOWS\System32\nvsvc32.exe
D:\Programas\Ficheiros comuns\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Programas\QuickTime\qttask.exe
D:\Programas\Messenger Plus! 3\MsgPlus.exe
D:\Programas\Ficheiros comuns\Symantec Shared\ccApp.exe
D:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
D:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
D:\WINDOWS\system32\RUNDLL32.EXE
D:\WINDOWS\system32\ctfmon.exe
d:\progra~1\intern~1\iexplore.exe
D:\Program Files\SpySubtract\SpySub.exe
D:\WINDOWS\twain_32\CIS600X\WATCH.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Programas\Internet Explorer\iexplore.exe
D:\Documents and Settings\Utilizador\Ambiente de trabalho\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://mgsdzvqwdfzgz...oDr9h0IAiT.html
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programas\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - D:\Programas\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programas\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MessengerPlus3] "D:\Programas\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [ccApp] "D:\Programas\Ficheiros comuns\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] D:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [AVG7_CC] D:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] D:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [atom size camp this] D:\Documents and Settings\All Users\Application Data\barb tons atom size\ShimSoap.exe
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [load build] D:\DOCUME~1\UTILIZ~1\APPLIC~1\4THIS~1\pure test dead.exe
O4 - Startup: Watch.lnk = D:\WINDOWS\twain_32\CIS600X\WATCH.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Programas\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: SpySubtract.lnk = D:\Program Files\SpySubtract\SpySub.exe
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\Programas\PartyPoker\IEExtension.dll
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\Programas\PartyPoker\IEExtension.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programas\Messenger\msmsgs.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - D:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - D:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - D:\Programas\Ficheiros comuns\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - D:\Programas\Ficheiros comuns\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - D:\Programas\Ficheiros comuns\Symantec Shared\ccSetMgr.exe
O23 - Service: HDD Temperature (HDDTService) - PalickSoft - D:\Programas\PalickSoft\HDD Temperature\HDDTSvc.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - D:\Programas\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - D:\Programas\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - D:\Programas\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - D:\PROGRA~1\FICHEI~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - D:\Programas\Ficheiros comuns\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - D:\Programas\Ficheiros comuns\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - D:\Programas\Ficheiros comuns\Symantec Shared\CCPD-LC\symlcsvc.exe

It looks like its working fine now but i have folders in the favorites that i want to remove but they justcant be deleted.
  • 0

#7
Hemal

Hemal

    Founding Fart

  • Technician
  • 1,470 posts
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://mgsdzvqwdfzgz...oDr9h0IAiT.html

^get rid of that and then run and updated ad-aware or spybot scan, try and see if that will solve your problem
  • 0

#8
Hemal

Hemal

    Founding Fart

  • Technician
  • 1,470 posts
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://mgsdzvqwdfzgz...oDr9h0IAiT.html

^get rid of that and then run and updated ad-aware or spybot scan, try and see if that will solve your problem
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP