Jump to content
Compatible Support Forums

tanya

Members
 View Profile  See their activity

  • Content count

    1

  • Joined

  • Last visited

    Never

Community Reputation

0 Neutral

About tanya

  • Rank
    stranger
  1. tanya
    im at witts end i have tried everything to manually get rid of this hijacker. I am not an expert on computering and i heard of a free sotware called HijackThis! and decided to give it a try i came up with this? Logfile of HijackThis v1.99.0 Scan saved at 13:38:57, on 30/12/2004 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: F:\WINDOWS\System32\smss.exe F:\WINDOWS\system32\winlogon.exe F:\WINDOWS\system32\services.exe F:\WINDOWS\system32\lsass.exe F:\WINDOWS\system32\svchost.exe F:\WINDOWS\System32\svchost.exe F:\WINDOWS\Explorer.EXE F:\WINDOWS\system32\spoolsv.exe F:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe F:\PROGRA~1\NORTON~1\NORTON~4\GHOSTS~2.EXE F:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe F:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE F:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE F:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe F:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe F:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe F:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe F:\WINDOWS\SOUNDMAN.EXE F:\Program Files\BT Voyager 105 ADSL Modem\dslstat.exe F:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe F:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0F2.EXE F:\Program Files\Common Files\Symantec Shared\ccApp.exe F:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe F:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe F:\Program Files\Messenger\msmsgs.exe F:\Program Files\GIANT Company Software\GIANT AntiSpyware\gcasServ.exe F:\Program Files\Windows ServeAd\WinServAd.exe F:\Program Files\Windows ServeAd\WinServSuit.exe F:\Program Files\BT Broadband Basic Help\bin\mpbtn.exe F:\Program Files\GIANT Company Software\GIANT AntiSpyware\gcasDtServ.exe F:\Program Files\GIANT Company Software\GIANT AntiSpyware\GIANTAntiSpywareMain.exe F:\Program Files\Internet Explorer\iexplore.exe F:\Program Files\Lavasoft\Ad-aware 6\Ad-watch.exe F:\DOCUME~1\JANEDA~1\LOCALS~1\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://searchmiracle.com/sp.php R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.ask.co.uk R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.ask.co.uk R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.btbroadbandstart.com/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 O2 - BHO: (no name) - {ED103D9F-3070-4580-AB1E-E5C179C1AE41} - (no file) O3 - Toolbar: (no name) - {825CF5BD-8862-4430-B771-0C15C5CA8DEF} - (no file) O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [DSLSTATEXE] F:\Program Files\BT Voyager 105 ADSL Modem\dslstat.exe icon O4 - HKLM\..\Run: [DSLAGENTEXE] F:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe O4 - HKLM\..\Run: [EPSON Stylus Photo R300 Series] F:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0F2.EXE /P30 "EPSON Stylus Photo R300 Series" /O6 "USB001" /M "Stylus Photo R300" O4 - HKLM\..\Run: [ccApp] "F:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [GhostStartTrayApp] F:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe O4 - HKLM\..\Run: [AcctMgr] F:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe /startup O4 - HKLM\..\Run: [NeroCheck] F:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [DAEMON Tools-1033] "F:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [AntiSpy] F:\Program Files\Omniquad AntiSpy\AntiSpy.exe startup O4 - HKLM\..\Run: [gcasServ] "F:\Program Files\GIANT Company Software\GIANT AntiSpyware\gcasServ.exe" O4 - HKLM\..\Run: [Windows ServeAd] F:\Program Files\Windows ServeAd\WinServAd.exe O4 - HKLM\..\Run: [kalvsys] F:\windows\system32\kalvnuk32.exe O4 - HKLM\..\Run: [FlashClean] F:\Program Files\FlashClean\FlashClean.exe %1 O4 - HKLM\..\RunServices: [Microsoft Machine] sysini.exe O4 - HKLM\..\RunOnce: [GIANTAntiSpywareCleaner] F:\Program Files\GIANT Company Software\GIANT AntiSpyware\gcASCleaner.exe O4 - HKCU\..\Run: [MSMSGS] "F:\Program Files\Messenger\msmsgs.exe" /background O4 - Global Startup: BT Broadband Basic Help.lnk = F:\Program Files\BT Broadband Basic Help\bin\matcli.exe O9 - Extra button: (no name) - {0D555BC6-E331-48b3-A60E-AAC0DF79438A} - F:\WINDOWS\System32\shdocvw.dll O9 - Extra 'Tools' menuitem: Popup Blocker - {0D555BC6-E331-48b3-A60E-AAC0DF79438A} - F:\WINDOWS\System32\shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{FD75BF30-7FB2-4ABE-BB8F-F7422CDE3515}: NameServer = 194.72.9.34 194.74.65.68 O23 - Service: Symantec Event Manager - Symantec Corporation - F:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation - Symantec Corporation - F:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager - Symantec Corporation - F:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: GhostStartService - Symantec Corporation - F:\PROGRA~1\NORTON~1\NORTON~4\GHOSTS~2.EXE O23 - Service: NvCplScan - Unknown - F:\WINDOWS\system32\msc32.exe (file missing) O23 - Service: Norton AntiVirus Auto Protect Service - Symantec Corporation - F:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe O23 - Service: Norton Unerase Protection - Symantec Corporation - F:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE O23 - Service: SAVScan - Symantec Corporation - F:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe O23 - Service: ScriptBlocking Service - Symantec Corporation - F:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Speed Disk service - Symantec Corporation - F:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE O23 - Service: Symantec Core LC - Symantec Corporation - F:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: SymWMI Service - Symantec Corporation - F:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe i have absolutely no idea what this means but maybe someone could help? I have anti virus programs which find two main spyware programs called WindUpdates(browser plug-in) and SearchMiracle.Elitebar (browser plug-in) the programs quarantine the viruses/spyware and i manually delete them this does not seem to be doing the trick though PLEASE HELP x
×