bloodhound removal
Started by
saggitarius50
, Dec 07 2004 09:53 PM
#1
Posted 07 December 2004 - 09:53 PM
saggitarius50
-
- Member
-
- 3 posts
New Member
#2
Posted 07 December 2004 - 11:54 PM
admin
-
- Community Leader
-
- 24,639 posts
Founder Geek
Try this, on the IE toolbar, click Tools -> Internet Options, select the Advanced tab, click the Restore Defaults button.
#3
Posted 08 December 2004 - 04:13 PM
saggitarius50
- Topic Starter
-
- Member
-
- 3 posts
New Member
Yeah, it works now thanks alot. Here ya go.
Logfile of HijackThis v1.98.2
Scan saved at 5:11:10 PM, on 12/8/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Efficient Networks\Tango Manager\app\TangoService.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\System32\spoolvsc.exe
C:\WINDOWS\System32\winssv.exe
C:\WINDOWS\System32\svcshost.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\System32\ntguard32.exe
C:\WINDOWS\System32\btludwvoc.exe
C:\WINDOWS\System32\slserv32.exe
C:\Program Files\ISTsvc\istsvc.exe
C:\Program Files\Windows TaskAd\WinTaskAd.exe
C:\WINDOWS\cossarlb.exe
C:\PROGRA~1\EFFICI~1\TANGOM~2\app\TangoManager.exe
C:\program files\180solutions\sais.exe
C:\Program Files\Windows TaskAd\WinSched.exe
C:\Program Files\Internet Optimizer\optimize.exe
C:\Program Files\BullsEye Network\bin\bargains.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Optimizer\actalert.exe
C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Web_Rebates\WebRebates1.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\system32\svphost.exe
C:\WINDOWS\System32\windupdts.exe
C:\WINDOWS\System32\systcfm.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Web_Rebates\WebRebates0.exe
C:\Program Files\Power Scan\powerscan.exe
C:\WINDOWS\lmt.exe
C:\Program Files\Internet Optimizer\optimize.exe
C:\PROGRA~1\COMMON~1\tsa\tsm2.exe
C:\WINDOWS\system32\svphost.exe
C:\Program Files\Internet Optimizer\actalert.exe
C:\Program Files\Web_Rebates\WebRebates0.exe
C:\PROGRA~1\COMMON~1\tsa\ts2.exe
C:\Hijackthis\HJT.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.couldnotf...count_id=155478
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.couldnotf...count_id=155478
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.slotch.co...count_id=155478
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.couldnotf...count_id=155478
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.alltel.ne...wuser/benefits/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.alltel.ne...wuser/benefits/
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O1 - Hosts: 12.129.205.209 search.netscape.com12.129.205.209 sitefinder.verisign.com
O2 - BHO: &EliteBar - {28CAEFF3-0F18-4036-B504-51D73BD81ABC} - C:\WINDOWS\EliteToolBar\EliteToolBar version 58.dll
O2 - BHO: BHO Class - {ED103D9F-3070-4580-AB1E-E5C179C1AE41} - C:\WINDOWS\ELITES~1\ELITES~1.DLL
O3 - Toolbar: &EliteBar - {825CF5BD-8862-4430-B771-0C15C5CA8DEF} - C:\WINDOWS\EliteToolBar\EliteToolBar version 58.dll
O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe
O4 - HKLM\..\Run: [ccRegVfy] C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe
O4 - HKLM\..\Run: [diagent] "C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [TangoManager] C:\PROGRA~1\EFFICI~1\TANGOM~2\app\TANGOM~1.EXE
O4 - HKLM\..\Run: [Norton Guard 32] ntguard32.exe
O4 - HKLM\..\Run: [WindowsRegKey upd4te2d4te] btludwvoc.exe
O4 - HKLM\..\Run: [Win32 Secure Updates] spoolvsc.exe
O4 - HKLM\..\Run: [Windows service] slserv32.exe
O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe
O4 - HKLM\..\Run: [Windows TaskAd] C:\Program Files\Windows TaskAd\WinTaskAd.exe
O4 - HKLM\..\Run: [VxuOG] C:\WINDOWS\cossarlb.exe
O4 - HKLM\..\Run: [WebRebates0] "C:\Program Files\Web_Rebates\WebRebates0.exe"
O4 - HKLM\..\Run: [sais] c:\program files\180solutions\sais.exe
O4 - HKLM\..\Run: [Power Scan] C:\Program Files\Power Scan\powerscan.exe
O4 - HKLM\..\Run: [lmt] C:\WINDOWS\lmt.exe
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe"
O4 - HKLM\..\Run: [BullsEye Network] C:\Program Files\BullsEye Network\bin\bargains.exe
O4 - HKLM\..\Run: [Win32 SSL Driver] winssv.exe
O4 - HKLM\..\Run: [Microsoft Windows Update] svcshost.exe
O4 - HKLM\..\Run: [Start Upping] windupdts.exe
O4 - HKLM\..\Run: [System32 CF Manager] systcfm.exe
O4 - HKLM\..\RunServices: [Norton Guard 32] ntguard32.exe
O4 - HKLM\..\RunServices: [WindowsRegKey upd4te2d4te] btludwvoc.exe
O4 - HKLM\..\RunServices: [Win32 Secure Updates] spoolvsc.exe
O4 - HKLM\..\RunServices: [Windows service] slserv32.exe
O4 - HKLM\..\RunServices: [Win32 SSL Driver] winssv.exe
O4 - HKLM\..\RunServices: [Microsoft Windows Update] svcshost.exe
O4 - HKLM\..\RunServices: [Start Upping] windupdts.exe
O4 - HKLM\..\RunServices: [System32 CF Manager] systcfm.exe
O4 - HKLM\..\RunOnce: [Win32 Secure Updates] spoolvsc.exe
O4 - HKLM\..\RunOnce: [Win32 SSL Driver] winssv.exe
O4 - HKLM\..\RunOnce: [Microsoft Windows Update] svcshost.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [WindowsRegKey upd4te2d4te] btludwvoc.exe
O4 - HKCU\..\Run: [Win32 Secure Updates] spoolvsc.exe
O4 - HKCU\..\Run: [Win32 SSL Driver] winssv.exe
O4 - HKCU\..\Run: [Microsoft Windows Update] svcshost.exe
O4 - HKCU\..\RunOnce: [Win32 Secure Updates] spoolvsc.exe
O4 - HKCU\..\RunOnce: [Microsoft Windows Update] svcshost.exe
O4 - HKCU\..\RunOnce: [Win32 SSL Driver] winssv.exe
O8 - Extra context menu item: Web Rebates - file://C:\Program Files\Web_Rebates\Sy1150\Tp1150\scri1150a.htm
O9 - Extra button: SideFind - {10E42047-DEB9-4535-A118-B3F6EC39B807} - C:\Program Files\SideFind\sidefind.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O15 - Trusted Zone: http://*.windowsupdate.com
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1102458665546
O17 - HKLM\System\CCS\Services\Tcpip\..\{5F1ADE49-8EEF-440A-8F7E-9DF73417500D}: NameServer = 166.102.165.11 166.102.165.13
Logfile of HijackThis v1.98.2
Scan saved at 5:11:10 PM, on 12/8/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Efficient Networks\Tango Manager\app\TangoService.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\System32\spoolvsc.exe
C:\WINDOWS\System32\winssv.exe
C:\WINDOWS\System32\svcshost.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\System32\ntguard32.exe
C:\WINDOWS\System32\btludwvoc.exe
C:\WINDOWS\System32\slserv32.exe
C:\Program Files\ISTsvc\istsvc.exe
C:\Program Files\Windows TaskAd\WinTaskAd.exe
C:\WINDOWS\cossarlb.exe
C:\PROGRA~1\EFFICI~1\TANGOM~2\app\TangoManager.exe
C:\program files\180solutions\sais.exe
C:\Program Files\Windows TaskAd\WinSched.exe
C:\Program Files\Internet Optimizer\optimize.exe
C:\Program Files\BullsEye Network\bin\bargains.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Optimizer\actalert.exe
C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Web_Rebates\WebRebates1.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\system32\svphost.exe
C:\WINDOWS\System32\windupdts.exe
C:\WINDOWS\System32\systcfm.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Web_Rebates\WebRebates0.exe
C:\Program Files\Power Scan\powerscan.exe
C:\WINDOWS\lmt.exe
C:\Program Files\Internet Optimizer\optimize.exe
C:\PROGRA~1\COMMON~1\tsa\tsm2.exe
C:\WINDOWS\system32\svphost.exe
C:\Program Files\Internet Optimizer\actalert.exe
C:\Program Files\Web_Rebates\WebRebates0.exe
C:\PROGRA~1\COMMON~1\tsa\ts2.exe
C:\Hijackthis\HJT.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.couldnotf...count_id=155478
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.couldnotf...count_id=155478
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.slotch.co...count_id=155478
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.couldnotf...count_id=155478
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.alltel.ne...wuser/benefits/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.alltel.ne...wuser/benefits/
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O1 - Hosts: 12.129.205.209 search.netscape.com12.129.205.209 sitefinder.verisign.com
O2 - BHO: &EliteBar - {28CAEFF3-0F18-4036-B504-51D73BD81ABC} - C:\WINDOWS\EliteToolBar\EliteToolBar version 58.dll
O2 - BHO: BHO Class - {ED103D9F-3070-4580-AB1E-E5C179C1AE41} - C:\WINDOWS\ELITES~1\ELITES~1.DLL
O3 - Toolbar: &EliteBar - {825CF5BD-8862-4430-B771-0C15C5CA8DEF} - C:\WINDOWS\EliteToolBar\EliteToolBar version 58.dll
O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe
O4 - HKLM\..\Run: [ccRegVfy] C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe
O4 - HKLM\..\Run: [diagent] "C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [TangoManager] C:\PROGRA~1\EFFICI~1\TANGOM~2\app\TANGOM~1.EXE
O4 - HKLM\..\Run: [Norton Guard 32] ntguard32.exe
O4 - HKLM\..\Run: [WindowsRegKey upd4te2d4te] btludwvoc.exe
O4 - HKLM\..\Run: [Win32 Secure Updates] spoolvsc.exe
O4 - HKLM\..\Run: [Windows service] slserv32.exe
O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe
O4 - HKLM\..\Run: [Windows TaskAd] C:\Program Files\Windows TaskAd\WinTaskAd.exe
O4 - HKLM\..\Run: [VxuOG] C:\WINDOWS\cossarlb.exe
O4 - HKLM\..\Run: [WebRebates0] "C:\Program Files\Web_Rebates\WebRebates0.exe"
O4 - HKLM\..\Run: [sais] c:\program files\180solutions\sais.exe
O4 - HKLM\..\Run: [Power Scan] C:\Program Files\Power Scan\powerscan.exe
O4 - HKLM\..\Run: [lmt] C:\WINDOWS\lmt.exe
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe"
O4 - HKLM\..\Run: [BullsEye Network] C:\Program Files\BullsEye Network\bin\bargains.exe
O4 - HKLM\..\Run: [Win32 SSL Driver] winssv.exe
O4 - HKLM\..\Run: [Microsoft Windows Update] svcshost.exe
O4 - HKLM\..\Run: [Start Upping] windupdts.exe
O4 - HKLM\..\Run: [System32 CF Manager] systcfm.exe
O4 - HKLM\..\RunServices: [Norton Guard 32] ntguard32.exe
O4 - HKLM\..\RunServices: [WindowsRegKey upd4te2d4te] btludwvoc.exe
O4 - HKLM\..\RunServices: [Win32 Secure Updates] spoolvsc.exe
O4 - HKLM\..\RunServices: [Windows service] slserv32.exe
O4 - HKLM\..\RunServices: [Win32 SSL Driver] winssv.exe
O4 - HKLM\..\RunServices: [Microsoft Windows Update] svcshost.exe
O4 - HKLM\..\RunServices: [Start Upping] windupdts.exe
O4 - HKLM\..\RunServices: [System32 CF Manager] systcfm.exe
O4 - HKLM\..\RunOnce: [Win32 Secure Updates] spoolvsc.exe
O4 - HKLM\..\RunOnce: [Win32 SSL Driver] winssv.exe
O4 - HKLM\..\RunOnce: [Microsoft Windows Update] svcshost.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [WindowsRegKey upd4te2d4te] btludwvoc.exe
O4 - HKCU\..\Run: [Win32 Secure Updates] spoolvsc.exe
O4 - HKCU\..\Run: [Win32 SSL Driver] winssv.exe
O4 - HKCU\..\Run: [Microsoft Windows Update] svcshost.exe
O4 - HKCU\..\RunOnce: [Win32 Secure Updates] spoolvsc.exe
O4 - HKCU\..\RunOnce: [Microsoft Windows Update] svcshost.exe
O4 - HKCU\..\RunOnce: [Win32 SSL Driver] winssv.exe
O8 - Extra context menu item: Web Rebates - file://C:\Program Files\Web_Rebates\Sy1150\Tp1150\scri1150a.htm
O9 - Extra button: SideFind - {10E42047-DEB9-4535-A118-B3F6EC39B807} - C:\Program Files\SideFind\sidefind.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O15 - Trusted Zone: http://*.windowsupdate.com
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1102458665546
O17 - HKLM\System\CCS\Services\Tcpip\..\{5F1ADE49-8EEF-440A-8F7E-9DF73417500D}: NameServer = 166.102.165.11 166.102.165.13
#4
Posted 09 December 2004 - 04:58 PM
saggitarius50
- Topic Starter
-
- Member
-
- 3 posts
New Member
Did i do it right? And is there anything you guys can do to fix it? I would be extremely grateful for any suggestions on fixing this because i have many papers coming up due and id like to get a jump on them. Thanks alot.
#5
Posted 09 December 2004 - 06:51 PM
-=jonnyrotten=-
-
- Retired Staff
-
- 2,678 posts
Member 2k
Ok, looks like you have a little cleaning up do to for us to make this go smoothly.
Go to control panel, add/remove programs and uninstall any or all of the following:
TV Media
Windows Adcontrol
NewDotNet (new.net)
WebRebates
WhenU
180 Solutions
myway
mysearch
mywebsearch
viewpoint manager
viewpoint
wild tangent
weatherbug
gain
gator
gmt
wintools
any searchbar/toolbar besides google
Reboot:
You have a number of randomonly named files on your system. We like to start with an online virus and trojan scan. Even though you have antivirus software on your system, it can become corrupted by malware.
Please run a free online virus scan here (tick the "Auto Clean" checkbox): Needs to be run with Internet Explorer.
http://housecall.antivirus.com/
And a free trojan scan here: (you will have to download the 30 day trial of "The Cleaner" here)
http://www.moosoft.com/
Reboot your PC.
If you would please, rescan with HijackThis and post a fresh log in this same topic, and we'll remove what's left.
Also I have a question. Do you know what "Tango Manager" is by Efficient Networks?
Very Important: Please go here and install this microsoft windows update:
http://www.microsoft...&displaylang=en
-=jonnyrotten=-
Go to control panel, add/remove programs and uninstall any or all of the following:
TV Media
Windows Adcontrol
NewDotNet (new.net)
WebRebates
WhenU
180 Solutions
myway
mysearch
mywebsearch
viewpoint manager
viewpoint
wild tangent
weatherbug
gain
gator
gmt
wintools
any searchbar/toolbar besides google
Reboot:
You have a number of randomonly named files on your system. We like to start with an online virus and trojan scan. Even though you have antivirus software on your system, it can become corrupted by malware.
Please run a free online virus scan here (tick the "Auto Clean" checkbox): Needs to be run with Internet Explorer.
http://housecall.antivirus.com/
And a free trojan scan here: (you will have to download the 30 day trial of "The Cleaner" here)
http://www.moosoft.com/
Reboot your PC.
If you would please, rescan with HijackThis and post a fresh log in this same topic, and we'll remove what's left.
Also I have a question. Do you know what "Tango Manager" is by Efficient Networks?
Very Important: Please go here and install this microsoft windows update:
http://www.microsoft...&displaylang=en
-=jonnyrotten=-
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
