Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Loadingwebsite & urllogic.com [resolved]


  • This topic is locked This topic is locked

#16
Guest_thatman_*

Guest_thatman_*
  • Guest
Hi RoadSongs

It helps a little bit ;)

Have HJT fix the following:
O2 - BHO: (no name) - {5BFDA4F8-1202-552D-3802-CE60A3A086DA} - (no file)
O2 - BHO: (no name) - {823E2691-4C22-5D5E-5123-D40E5E0404C4} - (no file)
O2 - BHO: (no name) - {C6D08BDF-D4F6-D1E4-C29E-B51C99AB541B} - (no file)

Post a new log
Thanks

Kc :tazz:
  • 0

Advertisements


#17
RoadSongs

RoadSongs

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
Hi there when i run hijackthis and then check the 3 items you mentioned and then save the new log this is all that it shows... sorry if i have done something wrong

Logfile of HijackThis v1.99.0
Scan saved at 10:06:34, on 13/02/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\aol\ACS\AOLacsd.exe
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\unzipped\hijackthis[1]\HijackThis.exe
:tazz:
  • 0

#18
Guest_thatman_*

Guest_thatman_*
  • Guest
Hi RoadSongs

Download the old version off HijackThis From here: http://computercops....ackthis1982.zip

And post a log thanks

Kc :tazz:
  • 0

#19
RoadSongs

RoadSongs

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
Hi its the Sunday Dummy here I hope this is getting closer to what you need
Cheers Steve



Logfile of HijackThis v1.99.0
Scan saved at 10:27:40, on 13/02/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\aol\ACS\AOLacsd.exe
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AOL 9.0a\waol.exe
C:\Program Files\AOL 9.0a\shellmon.exe
C:\Program Files\Common Files\AOL\aoltpspd.exe
C:\unzipped\hijackthis[1]\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,First Home Page = C:\Program Files\AOL Toolbar\welcome.html
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.emusic.co...lp/success.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - Global Startup: AOL 9.0 Tray Icon.lnk = C:\Program Files\AOL 9.0a\aoltray.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg...t/c381/chat.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{60B68012-2A35-43A6-ACA4-0B1B2AC996F2}: NameServer = 205.188.146.145
O17 - HKLM\System\CCS\Services\Tcpip\..\{DFEDB4E4-89E1-45C0-B2A0-9F9585797C7C}: NameServer = 152.163.0.26 205.188.64.153
O23 - Service: AOL Connectivity Service - America Online, Inc. - C:\PROGRA~1\COMMON~1\aol\ACS\AOLacsd.exe
O23 - Service: AOL Spyware Protection Service - Unknown - C:\Program Files\Common Files\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
O23 - Service: EpsonBidirectionalService - Unknown - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: McAfee Personal Firewall Service - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
O23 - Service: NVIDIA Display Driver Service - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
  • 0

#20
Guest_thatman_*

Guest_thatman_*
  • Guest
Hi RoadSongs
This one has been knocked out by the malware you will have to reinstall
C:\Program Files\Common Files\AOL\AOL Spyware Protection\\aolserv.exe (file missing)

Congratulations! Your system is CLEAN :tazz:

How do you prevent spyware from being installed again? We strongly recommend installing SpywareBlaster (it's free for personal use). Click Here
QUOTE
Prevent the installation of ActiveX-based spyware, adware, browser hijackers, dialers, and other potentially unwanted pests.
Block spyware/tracking cookies in Internet Explorer and Mozilla/Firefox.
Restrict the actions of potentially dangerous sites in Internet Explorer.
Consumes no system resources.

Download, run, check for updates, download updates, select all, protect against checked. All done. Check for updates every couple of weeks. If you have any errors running the program like a missing file see the link at the bottom of the javacool page.

It's also very important to keep your system up to date to avoid unnecessary security risks. Click Here http://windowsupdate.microsoft.com/ to make sure that you have the latest patches for Windows.

These next two steps are optional, but will provide the greatest protection.
1. Use ANY browser besides Internet Explorer, almost every exploit is crafted to take advantage of an IE weakness. We usually recommend FireFox user posted image.
2. Install Sun's Java. It's much more secure than Microsoft's Java Virtual Machine .

It's okay to delete the Hijack This folder if everything is working okay.

After doing all these, your system will be thoroughly protected from future threats. :thumbsup:

All the best

Kc ;)
  • 0

#21
RoadSongs

RoadSongs

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
Hi
Well many many thanx for all your help and effort its much appreciated and It would have been done quicker if I hadnt been a complete nurd
all the best
Steve
  • 0

#22
RoadSongs

RoadSongs

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
Hi KC

So far so good not a pop up at all since you solved my problems.....and it also sorted out my recycle bin problem I guess they where all tied in
Cheers mate

Steve
  • 0

#23
Guest_thatman_*

Guest_thatman_*
  • Guest
Hi RoadSongs

Thanks to you to.

You did the removals very well

All the best

Kc :tazz:
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP