View previous topic :: View next topic |
Author |
Message |
Mace Member
Joined: 10 Mar 2004 Posts: 67
|
Posted: Fri Feb 18, 2005 1:19 pm Post subject: |
|
|
Ok, you know what?
Download this file : HijackThis
Trust me, 100% no hijack, nor spyware, nor virusses.
Run the program, then press on the button called, "Do a system scan and save a logfile"
Wait for a couple of seconds and then a TXT file will come up with all the programs running and some other information.
Copy the whole TXT file and post it here.
We'll see what we can do then |
|
Back to top |
|
|
Mountain_Dewroo Forum Stalker
Joined: 05 Jul 2004 Posts: 1274
|
Posted: Fri Feb 18, 2005 3:34 pm Post subject: |
|
|
Keep in mind that the i dont use internet explorer.
[quote]Logfile of HijackThis v1.99.1
Scan saved at 4:36:33 PM, on 2/18/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Common Files\CMEII\CMESys.exe
C:\WINDOWS\System32\NETAPI.EXE
C:\Program Files\ICQLite\ICQLite.exe
C:\Program Files\Winamp\Winampa.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\BBSTORE\DSS\DSSAGENT.EXE
C:\Program Files\BullsEye Network\bin\bargains.exe
C:\WINDOWS\System32\uppauajl.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\PrecisionTime\PrecisionTime.exe
C:\Program Files\Date Manager\DateManager.exe
C:\Program Files\D-Link\D-Link DWL-650 Control Utility\Config.exe
C:\Program Files\Common Files\GMT\GMT.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\My Music\My Documents\My Downloads\hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.the-exit.com/search
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.searchalot.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.the-exit.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www/the-exit.com/search
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.the-exit.com/search
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.search-explorer.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = http://www.the-exit.com/search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.the-exit.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.searchalot.com/search.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.searchalot.com/search.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.searchalot.com/search.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.the-exit.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.the-exit.com/search
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.the-exit.com/search
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.the-exit.com/search
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.the-exit.com/search
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,(Default) = http://www.the-exit.com/search
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.searchgateway.net/search/%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.the-exit.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.the-exit.com
R3 - Default URLSearchHook is missing
N3 - Netscape 7: user_pref("browser.startup.homepage", "www.my.yahoo.com"); (C:\Documents and Settings\default\Application Data\Mozilla\Profiles\default\m2xlvd0w.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CPROGRAM%20FILES%5CNETSCAPE%5CNETSCAPE%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\default\Application Data\Mozilla\Profiles\default\m2xlvd0w.slt\prefs.js)
O1 - Hosts: 64.14.40.148 aolsearch.aol.com
O1 - Hosts: 64.14.40.138 runonce.msn.com
O1 - Hosts: 64.14.40.148 auto.search.msn.com
O2 - BHO: BTGrabObj Class - {00000000-F09C-02B4-6EC2-AD0300000000} - C:\WINDOWS\BTGrab.dll
O2 - BHO: Band Class - {01F44A8A-8C97-4325-A378-76E68DC4AB2E} - C:\WINDOWS\systb.dll
O2 - BHO: MyWay Search Assistant BHO - {04079851-5845-4dea-848C-3ECD647AA554} - C:\Program Files\MyWay\SrchAstt\1.bin\MYSRCHAS.DLL
O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
O2 - BHO: URLLink Class - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet6_38.dll
O2 - BHO: (no name) - {83DE62E0-5805-11D8-9B25-00E04C60FAF2} - C:\WINDOWS\2_0_1browserhelper2.dll
O2 - BHO: BHObj Class - {8F4E5661-F99E-4B3E-8D85-0EA71C0748E4} - C:\WINDOWS\wsem302.dll
O2 - BHO: brdg Class - {9C691A33-7DDA-4C2F-BE4C-C176083F35CF} - C:\WINDOWS\Downloaded Program Files\bridge.dll
O2 - BHO: Url Catcher - {CE31A1F7-3D90-4874-8FBE-A5D97F8BC8F1} - C:\WINDOWS\System32\apuc.dll
O2 - BHO: ADP UrlCatcher Class - {F4E04583-354E-4076-BE7D-ED6A80FD66DA} - C:\WINDOWS\System32\msbe.dll
O3 - Toolbar: Search Explorer Toolbar - {23DDAE8C-6A79-4d62-80AA-E95D89CB9811} - C:\WINDOWS\DOWNLOADED PROGRAM FILES\EXPLBAR.DLL
O3 - Toolbar: (no name) - {69550BE2-9A78-11d2-BA91-00600827878D} - C:\WINDOWS\SYSTEM32\SHDOCVW.DLL
O3 - Toolbar: (no name) - {69555BE2-9A78-11d2-BA91-00600827878D} - C:\WINDOWS\SYSTEM32\SHDOCVW.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &SearchBar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
O3 - Toolbar: (no name) - {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - (no file)
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [CMESys] "C:\Program Files\Common Files\CMEII\CMESys.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [INETAPI] C:\WINDOWS\System32\NETAPI.EXE
O4 - HKLM\..\Run: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -minimize
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\Winampa.exe"
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [MSZTCE] C:\WINDOWS\System32\MSZTCE.EXE
O4 - HKLM\..\Run: [VideoDriver] C:\WINDOWS\System32\game32.exe
O4 - HKLM\..\Run: [DSS] C:\WINDOWS\BBSTORE\DSS\DSSAGENT.EXE
O4 - HKLM\..\Run: [GLDStart] C:\Program Files\GLDirect\gldirect.exe -filterstart
O4 - HKLM\..\Run: [RunDLL] rundll32.exe "C:\WINDOWS\Downloaded Program Files\bridge.dll",Load
O4 - HKLM\..\Run: [BullsEye Network] C:\Program Files\BullsEye Network\bin\bargains.exe
O4 - HKLM\..\Run: [kceurmwd] C:\WINDOWS\System32\uppauajl.exe
O4 - HKLM\..\Run: [EbatesMoeMoneyMaker0] "C:\Program Files\Ebates_MoeMoneyMaker\EbatesMoeMoneyMaker0.exe"
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,NewDotNetStartup -s
O4 - HKLM\..\Run: [Win Server Updt] C:\WINDOWS\wupdt.exe
O4 - HKLM\..\Run: [ashMaiSv] C:\PROGRA~1\ALWILS~1\Avast4\ashmaisv.exe
O4 - HKLM\..\Run: [farmmext] C:\WINDOWS\farmmext.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Steam] C:\Program Files\Steam\Steam.exe -silent
O4 - Startup: Spell Magic.lnk = C:\Program Files\Alcoda\Spell Magic\SpellMagic.exe
O4 - Global Startup: Instant Wireless Configuration Utility.lnk = C:\Program Files\Linksys\WPC11 Config Utility\WPC11Cfg.exe
O4 - Global Startup: PrecisionTime.lnk = C:\Program Files\PrecisionTime\PrecisionTime.exe
O4 - Global Startup: Date Manager.lnk = C:\Program Files\Date Manager\DateManager.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Configuration Utility.lnk = C:\Program Files\D-Link\D-Link DWL-650 Control Utility\Config.exe
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O4 - Global Startup: GStartup.lnk = C:\Program Files\Common Files\GMT\GMT.exe
O8 - Extra context menu item: >>> FREE PORN GALLERIES <<< - javascript:{document.location='http://sexmaxx.com/freegalleries.htm';}
O8 - Extra context menu item: >>> HENTAI MOVIES <<< - javascript:{document.location='http://www.archivehentai.com/ah/22/getpassword.html';}
O8 - Extra context menu item: >>> Search The Web <<< - javascript:var txt=window.external.menuArguments.document.selection.createRange().text;if(txt!=''){window.external.menuArguments.document.location='http://www.tinybar.com/ffeed.php?term='+txt;}else{window.external.menuArguments.document.location='http://www.tinybar.com/';}
O8 - Extra context menu item: Ebates - file://C:\Program Files\Ebates_MoeMoneyMaker\Sy350\Tp350\scri350a.htm
O8 - Extra context menu item: Web Savings - file://C:\Program Files\WebSavingsfromEbates\System\Temp\ebateswebsavings_script0.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM32\MSJAVA.DLL
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM32\MSJAVA.DLL
O9 - Extra button: (no name) - {307D80B7-6553-42FB-9C99-19841353B4F0} - http://www.searchalot.com (file missing)
O9 - Extra 'Tools' menuitem: Search the Internet - {307D80B7-6553-42FB-9C99-19841353B4F0} - http://www.searchalot.com (file missing)
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: (no name) - {C21AE3DD-2E97-406B-8C87-A9AD5BBD49D1} - http://www.downloadalot.com (file missing)
O9 - Extra 'Tools' menuitem: Free Software Downloads - {C21AE3DD-2E97-406B-8C87-A9AD5BBD49D1} - http://www.downloadalot.com (file missing)
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM32\SHDOCVW.DLL
O9 - Extra button: Ebates - {6685509E-B47B-4f47-8E16-9A5F3A62F683} - file://C:\Program Files\Ebates_MoeMoneyMaker\Sy350\Tp350\scri350a.htm (file missing) (HKCU)
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O16 - DPF: Win32 Classes -
O16 - DPF: {1D2DCA0D-B30F-40AD-9690-087105F214EC} (IEDial Class) - http://download.nocreditcard.com/download/...t/ieaccess2.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/200207...meInstaller.exe
O16 - DPF: {97245060-2FB2-11D3-B21B-00104B280554} (JaVRML classes) - http://www.robinzone.com/bin/JaVRMLr.cab
O16 - DPF: {9C691A33-7DDA-4C2F-BE4C-C176083F35CF} (brdg Class) - http://static.flingstone.com/cab/2000XP/CD...TInc/bridge.cab
O16 - DPF: {A1DC3241-B122-195F-B21A-000000000000} - http://pluginaccess.com/hollycelebs/Browser_Plugin.cab
O23 - Service: ISEXEng - Unknown owner - C:\WINDOWS\System32\angelex.exe
[/quote] |
|
Back to top |
|
|
Mace Member
Joined: 10 Mar 2004 Posts: 67
|
Posted: Fri Feb 18, 2005 7:04 pm Post subject: |
|
|
Ok, this sucks ass, you have so much adware on your pc.
C:\Program Files\Common Files\CMEII\CMESys.exe
C:\WINDOWS\BBSTORE\DSS\DSSAGENT.EXE
C:\Program Files\BullsEye Network\bin\bargains.exe
C:\Program Files\PrecisionTime\PrecisionTime.exe
C:\Program Files\Date Manager\DateManager.exe
C:\Program Files\Common Files\GMT\GMT.exe
All processes on your pc, and all adware, spyware or related to one of those 2.
First of all, if you don't have spybot Search&destroy and/or ad-aware, get it, scan your pc. If you had done that before you posted this Log file folow the proceed here under. If you didn't do that before making the log file.
Well, then you download and/or run the programs.
Then make a logfile again and we'll see the result.
DON'T DO THIS IF YOU HAVEN'T RUN AD-AWARE AND SPYBOT FIRST!
Ok, what you're going to do now will take a little risk if you do this wrong.
What you're going to do now is open the program Hijack This again.
Now you scan your pc.
You'll get some results.
You must check these results:
C:\Program Files\Common Files\CMEII\CMESys.exe
C:\WINDOWS\BBSTORE\DSS\DSSAGENT.EXE
C:\Program Files\BullsEye Network\bin\bargains.exe
C:\Program Files\PrecisionTime\PrecisionTime.exe
C:\Program Files\Date Manager\DateManager.exe
C:\Program Files\Common Files\GMT\GMT.exe
This press Fix Check.
And your pc wont run those programs anymore.
Trust me, your pc will run better afterwords.
|
|
Back to top |
|
|
Mountain_Dewroo Forum Stalker
Joined: 05 Jul 2004 Posts: 1274
|
Posted: Fri Feb 18, 2005 7:12 pm Post subject: |
|
|
[quote="Mace ()"]
First of all, if you don't have spybot Search&destroy and/or ad-aware, get it, scan your pc. If you had done that before you posted this Log file folow the proceed here under. If you didn't do that before making the log file.
Well, then you download and/or run the programs.
Then make a logfile again and we'll see the result.
[/quote]
Can you provide download links, Sorry. I am so embarssed |
|
Back to top |
|
|
Mace Member
Joined: 10 Mar 2004 Posts: 67
|
|
Back to top |
|
|
Mountain_Dewroo Forum Stalker
Joined: 05 Jul 2004 Posts: 1274
|
Posted: Fri Feb 18, 2005 7:35 pm Post subject: |
|
|
Thank you mace! Your my new hero!
My comp is a LOT more faster thanks to you!
THANK YOU BUTTERFLY MAN! |
|
Back to top |
|
|
Mace Member
Joined: 10 Mar 2004 Posts: 67
|
Posted: Fri Feb 18, 2005 9:49 pm Post subject: |
|
|
Hehe, if your pc is slow, who doesn't use ad-aware or spybot.
Even worse, WHO HASN'T THOSE PROGRAMS? O_O
Trust me, everybody should have them.
Ow could you please post your logfile again.
There were some internet explorder spyware on it, not sure if spybot and as-aware picked it up. |
|
Back to top |
|
|
slet Still very bored
Joined: 19 Mar 2004 Posts: 271
|
Posted: Sat Feb 19, 2005 3:59 am Post subject: |
|
|
[quote="Mace ()"]Ok, this sucks ass, you have so much adware on your pc.
C:\Program Files\Common Files\CMEII\CMESys.exe
C:\WINDOWS\BBSTORE\DSS\DSSAGENT.EXE
C:\Program Files\BullsEye Network\bin\bargains.exe
C:\Program Files\PrecisionTime\PrecisionTime.exe
C:\Program Files\Date Manager\DateManager.exe
C:\Program Files\Common Files\GMT\GMT.exe
All processes on your pc, and all adware, spyware or related to one of those 2.
First of all, if you don't have spybot Search&destroy and/or ad-aware, get it, scan your pc. If you had done that before you posted this Log file folow the proceed here under. If you didn't do that before making the log file.
Well, then you download and/or run the programs.
Then make a logfile again and we'll see the result.
DON'T DO THIS IF YOU HAVEN'T RUN AD-AWARE AND SPYBOT FIRST!
Ok, what you're going to do now will take a little risk if you do this wrong.
What you're going to do now is open the program Hijack This again.
Now you scan your pc.
You'll get some results.
You must check these results:
C:\Program Files\Common Files\CMEII\CMESys.exe
C:\WINDOWS\BBSTORE\DSS\DSSAGENT.EXE
C:\Program Files\BullsEye Network\bin\bargains.exe
C:\Program Files\PrecisionTime\PrecisionTime.exe
C:\Program Files\Date Manager\DateManager.exe
C:\Program Files\Common Files\GMT\GMT.exe
This press Fix Check.
And your pc wont run those programs anymore.
Trust me, your pc will run better afterwords.[/quote]
And you've based all of this on...? |
|
Back to top |
|
|
Mace Member
Joined: 10 Mar 2004 Posts: 67
|
Posted: Sat Feb 19, 2005 7:12 am Post subject: |
|
|
I was looking in his log file. All programs I looked up all the processes I didn't trust.
Not very hard.
|
|
Back to top |
|
|
Mountain_Dewroo Forum Stalker
Joined: 05 Jul 2004 Posts: 1274
|
Posted: Sat Feb 19, 2005 11:50 am Post subject: |
|
|
Here you go! Wow That was FAST!!!
[quote]Logfile of HijackThis v1.99.1
Scan saved at 12:50:00 PM, on 2/19/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\System32\NETAPI.EXE
C:\Program Files\ICQLite\ICQLite.exe
C:\Program Files\Winamp\Winampa.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\BullsEye Network\bin\bargains.exe
C:\WINDOWS\System32\uppauajl.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\My Music\My Documents\My Downloads\hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.the-exit.com/search
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.searchalot.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.the-exit.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www/the-exit.com/search
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.the-exit.com/search
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.search-explorer.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = http://www.the-exit.com/search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.the-exit.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.searchalot.com/search.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.searchalot.com/search.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.searchalot.com/search.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.the-exit.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.the-exit.com/search
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.the-exit.com/search
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.the-exit.com/search
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.the-exit.com/search
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,(Default) = http://www.the-exit.com/search
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.searchgateway.net/search/%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.the-exit.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.the-exit.com
R3 - Default URLSearchHook is missing
N3 - Netscape 7: user_pref("browser.startup.homepage", "www.my.yahoo.com"); (C:\Documents and Settings\default\Application Data\Mozilla\Profiles\default\m2xlvd0w.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CPROGRAM%20FILES%5CNETSCAPE%5CNETSCAPE%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\default\Application Data\Mozilla\Profiles\default\m2xlvd0w.slt\prefs.js)
O1 - Hosts: 64.14.40.148 aolsearch.aol.com
O1 - Hosts: 64.14.40.138 runonce.msn.com
O1 - Hosts: 64.14.40.148 auto.search.msn.com
O2 - BHO: BTGrabObj Class - {00000000-F09C-02B4-6EC2-AD0300000000} - C:\WINDOWS\BTGrab.dll
O2 - BHO: Band Class - {01F44A8A-8C97-4325-A378-76E68DC4AB2E} - C:\WINDOWS\systb.dll
O2 - BHO: MyWay Search Assistant BHO - {04079851-5845-4dea-848C-3ECD647AA554} - C:\Program Files\MyWay\SrchAstt\1.bin\MYSRCHAS.DLL
O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
O2 - BHO: URLLink Class - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet6_38.dll
O2 - BHO: (no name) - {83DE62E0-5805-11D8-9B25-00E04C60FAF2} - C:\WINDOWS\2_0_1browserhelper2.dll
O2 - BHO: BHObj Class - {8F4E5661-F99E-4B3E-8D85-0EA71C0748E4} - C:\WINDOWS\wsem302.dll
O2 - BHO: brdg Class - {9C691A33-7DDA-4C2F-BE4C-C176083F35CF} - C:\WINDOWS\Downloaded Program Files\bridge.dll
O2 - BHO: Url Catcher - {CE31A1F7-3D90-4874-8FBE-A5D97F8BC8F1} - C:\WINDOWS\System32\apuc.dll
O2 - BHO: ADP UrlCatcher Class - {F4E04583-354E-4076-BE7D-ED6A80FD66DA} - C:\WINDOWS\System32\msbe.dll
O3 - Toolbar: Search Explorer Toolbar - {23DDAE8C-6A79-4d62-80AA-E95D89CB9811} - C:\WINDOWS\DOWNLOADED PROGRAM FILES\EXPLBAR.DLL
O3 - Toolbar: (no name) - {69550BE2-9A78-11d2-BA91-00600827878D} - C:\WINDOWS\SYSTEM32\SHDOCVW.DLL
O3 - Toolbar: (no name) - {69555BE2-9A78-11d2-BA91-00600827878D} - C:\WINDOWS\SYSTEM32\SHDOCVW.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &SearchBar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
O3 - Toolbar: (no name) - {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - (no file)
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [INETAPI] C:\WINDOWS\System32\NETAPI.EXE
O4 - HKLM\..\Run: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -minimize
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\Winampa.exe"
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [MSZTCE] C:\WINDOWS\System32\MSZTCE.EXE
O4 - HKLM\..\Run: [VideoDriver] C:\WINDOWS\System32\game32.exe
O4 - HKLM\..\Run: [GLDStart] C:\Program Files\GLDirect\gldirect.exe -filterstart
O4 - HKLM\..\Run: [RunDLL] rundll32.exe "C:\WINDOWS\Downloaded Program Files\bridge.dll",Load
O4 - HKLM\..\Run: [BullsEye Network] C:\Program Files\BullsEye Network\bin\bargains.exe
O4 - HKLM\..\Run: [kceurmwd] C:\WINDOWS\System32\uppauajl.exe
O4 - HKLM\..\Run: [EbatesMoeMoneyMaker0] "C:\Program Files\Ebates_MoeMoneyMaker\EbatesMoeMoneyMaker0.exe"
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,NewDotNetStartup -s
O4 - HKLM\..\Run: [Win Server Updt] C:\WINDOWS\wupdt.exe
O4 - HKLM\..\Run: [ashMaiSv] C:\PROGRA~1\ALWILS~1\Avast4\ashmaisv.exe
O4 - HKLM\..\Run: [farmmext] C:\WINDOWS\farmmext.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Steam] C:\Program Files\Steam\Steam.exe -silent
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -trayboot
O4 - Startup: Spell Magic.lnk = C:\Program Files\Alcoda\Spell Magic\SpellMagic.exe
O4 - Global Startup: Instant Wireless Configuration Utility.lnk = C:\Program Files\Linksys\WPC11 Config Utility\WPC11Cfg.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Configuration Utility.lnk = C:\Program Files\D-Link\D-Link DWL-650 Control Utility\Config.exe
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O8 - Extra context menu item: Ebates - file://C:\Program Files\Ebates_MoeMoneyMaker\Sy350\Tp350\scri350a.htm
O8 - Extra context menu item: Web Savings - file://C:\Program Files\WebSavingsfromEbates\System\Temp\ebateswebsavings_script0.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM32\MSJAVA.DLL
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM32\MSJAVA.DLL
O9 - Extra button: (no name) - {307D80B7-6553-42FB-9C99-19841353B4F0} - http://www.searchalot.com (file missing)
O9 - Extra 'Tools' menuitem: Search the Internet - {307D80B7-6553-42FB-9C99-19841353B4F0} - http://www.searchalot.com (file missing)
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: (no name) - {C21AE3DD-2E97-406B-8C87-A9AD5BBD49D1} - http://www.downloadalot.com (file missing)
O9 - Extra 'Tools' menuitem: Free Software Downloads - {C21AE3DD-2E97-406B-8C87-A9AD5BBD49D1} - http://www.downloadalot.com (file missing)
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM32\SHDOCVW.DLL
O9 - Extra button: Ebates - {6685509E-B47B-4f47-8E16-9A5F3A62F683} - file://C:\Program Files\Ebates_MoeMoneyMaker\Sy350\Tp350\scri350a.htm (file missing) (HKCU)
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O16 - DPF: Win32 Classes -
O16 - DPF: {1D2DCA0D-B30F-40AD-9690-087105F214EC} (IEDial Class) - http://download.nocreditcard.com/download/...t/ieaccess2.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/200207...meInstaller.exe
O16 - DPF: {97245060-2FB2-11D3-B21B-00104B280554} (JaVRML classes) - http://www.robinzone.com/bin/JaVRMLr.cab
O16 - DPF: {9C691A33-7DDA-4C2F-BE4C-C176083F35CF} (brdg Class) - http://static.flingstone.com/cab/2000XP/CD...TInc/bridge.cab
O16 - DPF: {A1DC3241-B122-195F-B21A-000000000000} - http://pluginaccess.com/hollycelebs/Browser_Plugin.cab
O23 - Service: ISEXEng - Unknown owner - C:\WINDOWS\System32\angelex.exe
[/quote] |
|
Back to top |
|
|
EN1X Site Helper
Joined: 27 Sep 2004 Posts: 764
|
Posted: Sat Feb 19, 2005 12:20 pm Post subject: |
|
|
Still having some troubles with my computer, but thankfully not as much as before.
So I wanna say thanks to Lexar, and everyone else.
Thanks. ^_^ |
|
Back to top |
|
|
slet Still very bored
Joined: 19 Mar 2004 Posts: 271
|
Posted: Sat Feb 19, 2005 12:22 pm Post subject: |
|
|
[quote="Mace ()"] All programs I looked up all the processes I didn't trust.
[/quote]
That's not a sentence, and I don't understand what the hell you're saying. |
|
Back to top |
|
|
Mace Member
Joined: 10 Mar 2004 Posts: 67
|
Posted: Sat Feb 19, 2005 12:57 pm Post subject: |
|
|
Hmm, Dewroo, you still have C:\Program Files\BullsEye Network\bin\bargains.exe
Well that is only related to spyware and adware.
And I can see why you stopped using IE, you ahve a lot of IE crap on your pc.
And pr0n
http://pluginaccess.com/hollycelebs/Browser_Plugin.cab = pr0n |
|
Back to top |
|
|
Mace Member
Joined: 10 Mar 2004 Posts: 67
|
Posted: Sat Feb 19, 2005 1:00 pm Post subject: |
|
|
[quote="slet (Jan Alink)"] [quote="Mace ()"] All programs I looked up all the processes I didn't trust.
[/quote]
That's not a sentence, and I don't understand what the hell you're saying. [/quote]
Ja, esbt rare zin, ik heb gewoon alle processen die ik niet vertrouwde opgezocht op google en gekeken of er slechte tussen zaten, als jij nou ook ff je log file psot, dan kan ik die ff checken op pr0n |
|
Back to top |
|
|
Mountain_Dewroo Forum Stalker
Joined: 05 Jul 2004 Posts: 1274
|
Posted: Sat Feb 19, 2005 1:33 pm Post subject: |
|
|
[quote="Mace ()"] Hmm, Dewroo, you still have C:\Program Files\BullsEye Network\bin\bargains.exe
Well that is only related to spyware and adware.
And I can see why you stopped using IE, you ahve a lot of IE crap on your pc.
And pr0n
http://pluginaccess.com/hollycelebs/Browser_Plugin.cab = pr0n [/quote]
Don't remind me of that porn thing, it found ME!
Got rid of "Bargins", Must of missed that. Thank you! |
|
Back to top |
|
|
slet Still very bored
Joined: 19 Mar 2004 Posts: 271
|
Posted: Sat Feb 19, 2005 1:50 pm Post subject: |
|
|
[quote="Mace ()"] [quote="slet (Jan Alink)"] [quote="Mace ()"] All programs I looked up all the processes I didn't trust.
[/quote]
That's not a sentence, and I don't understand what the hell you're saying. [/quote]
Ja, esbt rare zin, ik heb gewoon alle processen die ik niet vertrouwde opgezocht op google en gekeken of er slechte tussen zaten, als jij nou ook ff je log file psot, dan kan ik die ff checken op pr0n [/quote]
You don't really think that I'm gonna delete stuff out of my log file because you tell me to do it, becuase you found it on Google? |
|
Back to top |
|
|
Mountain_Dewroo Forum Stalker
Joined: 05 Jul 2004 Posts: 1274
|
Posted: Sat Feb 19, 2005 2:15 pm Post subject: |
|
|
It help me. It DID Mace, I like you. |
|
Back to top |
|
|
Mace Member
Joined: 10 Mar 2004 Posts: 67
|
Posted: Sun Feb 20, 2005 6:32 am Post subject: |
|
|
[quote="slet (Jan Alink)"] [quote="Mace ()"] [quote="slet (Jan Alink)"] [quote="Mace ()"] All programs I looked up all the processes I didn't trust.
[/quote]
That's not a sentence, and I don't understand what the hell you're saying. [/quote]
Ja, esbt rare zin, ik heb gewoon alle processen die ik niet vertrouwde opgezocht op google en gekeken of er slechte tussen zaten, als jij nou ook ff je log file psot, dan kan ik die ff checken op pr0n [/quote]
You don't really think that I'm gonna delete stuff out of my log file because you tell me to do it, becuase you found it on Google? [/quote]
Well, I think I know more about software and windows then you do. <_< |
|
Back to top |
|
|
slet Still very bored
Joined: 19 Mar 2004 Posts: 271
|
Posted: Sun Feb 20, 2005 7:20 am Post subject: |
|
|
[quote="Mace ()"] [quote="slet (Jan Alink)"] [quote="Mace ()"] [quote="slet (Jan Alink)"] [quote="Mace ()"] All programs I looked up all the processes I didn't trust.
[/quote]
That's not a sentence, and I don't understand what the hell you're saying. [/quote]
Ja, esbt rare zin, ik heb gewoon alle processen die ik niet vertrouwde opgezocht op google en gekeken of er slechte tussen zaten, als jij nou ook ff je log file psot, dan kan ik die ff checken op pr0n [/quote]
You don't really think that I'm gonna delete stuff out of my log file because you tell me to do it, becuase you found it on Google? [/quote]
Well, I think I know more about software and windows then you do. <_< [/quote]
muwahahahaha, you make me laugh out loud. |
|
Back to top |
|
|
Mountain_Dewroo Forum Stalker
Joined: 05 Jul 2004 Posts: 1274
|
Posted: Sun Feb 20, 2005 11:00 am Post subject: |
|
|
Slet, Mace is a Genius!!!
So... Um...
Stick your head in a Weenie jar! |
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
|