Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

spyware---startsearch.net


  • Please log in to reply

#1
rondvc

rondvc

    New Member

  • Member
  • Pip
  • 1 posts
A short time ago my homepage started going to startsearch.net. You can see it try to go to the set location but it can't. There is no telling what is in my system. I have Ad-Aware SE Personal and Microsoft Spyware but they don't seem to detect this. Help. Here is my Hijack log:

Logfile of HijackThis v1.99.1
Scan saved at 5:58:47 PM, on 6/1/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
E:\CharterAntiVirusFireWall\Common\FSM32.EXE
E:\MicrosoftAntispyware\gcasServ.exe
E:\qttask.exe
E:\quicktunes\iTunesHelper.exe
E:\IVT BlueSoleil\BlueSoleil.exe
E:\CHARTE~1\backweb\3528733\Program\SERVIC~1.EXE
E:\CharterAntiVirusFireWall\Anti-Virus\fsgk32st.exe
E:\Common\Bin\WinCinemaMgr.exe
E:\CharterAntiVirusFireWall\backweb\3528733\Program\fspex.exe
E:\CharterAntiVirusFireWall\Anti-Virus\FSGK32.EXE
E:\Program Files\WinZip\WZQKPICK.EXE
E:\CharterAntiVirusFireWall\backweb\3528733\program\fsbwsys.exe
C:\WINDOWS\system32\wfxsnt40.exe
E:\CharterAntiVirusFireWall\Common\FSMA32.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
E:\CharterAntiVirusFireWall\Common\FSMB32.EXE
E:\CharterAntiVirusFireWall\Anti-Virus\fssm32.exe
E:\CharterAntiVirusFireWall\Common\FCH32.EXE
E:\WINFAX\wfxctl32.exe
E:\CharterAntiVirusFireWall\Common\FAMEH32.EXE
E:\CharterAntiVirusFireWall\FSPC\fspc.exe
C:\Program Files\iPod\bin\iPodService.exe
E:\CharterAntiVirusFireWall\FWES\Program\fsdfwd.exe
E:\CharterAntiVirusFireWall\Anti-Virus\fsav32.exe
E:\CharterAntiVirusFireWall\FSGUI\fsguiexe.exe
E:\WINFAX\WFXMOD32.EXE
C:\Program Files\Outlook Express\msimn.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
E:\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://charter.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://charter.msn.com/
R3 - Default URLSearchHook is missing
O2 - BHO: VMHomepage Class - {FFFFFFFF-FFFF-FFFF-FFFF-FFFFFFFFFFFA} - C:\WINDOWS\System32\hp53DC.tmp
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Microsoft RPC Module] WINrpc32.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [AOL 9.0 Optimized] AOLCLIENT.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [zzzHPSETUP] D:\Setup.exe
O4 - HKLM\..\Run: [ap9h4qmo] C:\WINDOWS\System32\ap9h4qmo.exe
O4 - HKLM\..\Run: [hutdowns] C:\WINDOWS\System32\hutdowns.exe
O4 - HKLM\..\Run: [etbrun] C:\windows\system32\elitevjd32.exe
O4 - HKLM\..\Run: [F-Secure Manager] "E:\CharterAntiVirusFireWall\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "E:\CharterAntiVirusFireWall\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "E:\CharterAntiVirusFireWall\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [News Service] "E:\CharterAntiVirusFireWall\FSGUI\ispnews.exe"
O4 - HKLM\..\Run: [gcasServ] "E:\MicrosoftAntispyware\gcasServ.exe"
O4 - HKLM\..\Run: [QuickTime Task] "E:\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] E:\quicktunes\iTunesHelper.exe
O4 - HKLM\..\RunServices: [Microsoft RPC Module] WINrpc32.exe
O4 - HKCU\..\Run: [ver] C:\WINDOWS\System32\ver.exe
O4 - HKCU\..\Run: [YB23RffEg] C:\Program Files\asdfe57\SPBS.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: WinFax Application Port Starter.lnk = C:\WINDOWS\system32\wfxsnt40.exe
O4 - Startup: WinFax PRO Controller.lnk = E:\WINFAX\wfxctl32.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = E:\Adobe7\Reader\reader_sl.exe
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: InterVideo WinCinema Manager.lnk = E:\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: WinZip Quick Pick.lnk = E:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: Web Filter - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - E:\CharterAntiVirusFireWall\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - E:\CharterAntiVirusFireWall\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Show website &list - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - E:\CharterAntiVirusFireWall\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F02} - E:\CharterAntiVirusFireWall\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: &Suspend Webpage Filter - {200DB664-75B5-47c0-8B45-A44ACCF73F02} - E:\CharterAntiVirusFireWall\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F03} - E:\CharterAntiVirusFireWall\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: &Deny this website - {200DB664-75B5-47c0-8B45-A44ACCF73F03} - E:\CharterAntiVirusFireWall\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F04} - E:\CharterAntiVirusFireWall\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: &Allow this website - {200DB664-75B5-47c0-8B45-A44ACCF73F04} - E:\CharterAntiVirusFireWall\FSPC\fspcmsie.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - E:\Program Files\AIM\aim.exe
O9 - Extra button: Share in Hello - {B13B4423-2647-4cfc-A4B3-C7D56CB83487} - E:\Hello by Picasa\Hello\PicasaCapture.dll
O9 - Extra 'Tools' menuitem: Share in H&ello - {B13B4423-2647-4cfc-A4B3-C7D56CB83487} - E:\Hello by Picasa\Hello\PicasaCapture.dll
O10 - Broken Internet access because of LSP provider 'winsflt.dll' missing
O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} - https://components.v...llsize_bed.html
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....467&clcid=0x409
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/...ro.cab32846.cab
O16 - DPF: {D670D0B3-05AB-4115-9F87-D983EF1AC747} (AOL Downloader Plugin) - http://pak06.picture...US.9.1.6.18.cab
O23 - Service: Charter High-Speed Security Suite (BackWeb Plug-in - 3528733) - Unknown owner - E:\CHARTE~1\backweb\3528733\Program\SERVIC~1.EXE
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - E:\CharterAntiVirusFireWall\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - E:\CharterAntiVirusFireWall\backweb\3528733\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - E:\CharterAntiVirusFireWall\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure HTTP Server (fshttps) - F-Secure Corporation - E:\CharterAntiVirusFireWall\FSPC\fshttps\fshttps.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - E:\CharterAntiVirusFireWall\Common\FSMA32.EXE
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP