Warning!
You're In Danger
All you do with computer is forever stored in harddisk. When you visit sites, send emails...all your action are logged. And it is impossible to remove with standard tools.
Your data is still avalible for foresics. And in some case, for your boss, your friends, your wife, your children.
Every site you or sombody or even somthing, like spyware, opend in your browser with all images, and all downloaded any maybe later removed movies or mp3 songs- ARE STILL THERE and could broke your life!
SECURE YOURSELF RIGHT NOW!
REMOVE ALL SPYWARE FROM YOUR PC!
I had to type all of that, because my copy and paste does not seem to work...atleast, the ctrl+c and ctrl+v dont. And, my task bar (I think that is what its called, the menu with the start button, and minimized programs) is automaticly pulled all the way down at the start, and i cant pull it back up.
Here is my HijackThis log.
Logfile of HijackThis v1.99.1
Scan saved at 12:15:43 AM, on 6/20/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbload.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AIM\aim.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\notepad.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\unzipped\hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.updatesea...earch.php?qq=%1
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.updatesearches.com/bar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.updatesea...earch.php?qq=%1
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.updatesea...earch.php?qq=%1
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.updatesea...earch.php?qq=%1
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.updatesearches.com/
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O2 - BHO: VM Homepage - {FFFFFFFF-FFFF-FFFF-FFFF-FFFFFFFFFFFA} - C:\WINDOWS\system32\hpEFE2.tmp (file missing)
O4 - HKCU\..\Run: [AIM] C:\PROGRA~1\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{33198E1C-5E73-4547-AAAC-082AF10CE22E}: NameServer = 4.2.2.4,4.2.2.5
O20 - Winlogon Notify: style2 - C:\WINDOWS\q258446686_disk.dll (file missing)
O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
Edit: In my last log (Before I edited this), it said that the svchost.exe file was missing in my C:\WINDOWS\SYSTEM32 folder, so I found a backup of it and then put it in there. I can move files again now, and copy and paste is working, so I'm asuming I did good. If I dident, please correct me.
Thank you for your time.
Edited by YoukaiHiei, 20 June 2005 - 01:18 AM.
Sign In
Create Account
