iambigbrother.com

needcomputerhelp · Jul 11, 2004

Re: iambigbrother.com Need help to remove******

Iambigbrother has taken over my homepage and I did the process of using ad-aware, then spybot, and now hijackthis software and here is what came up after the scan with hijackthisIf there is someone out there in netland that can help me with this as far as letting me know what to remove and what not to remove from my system I would greatly appreciate it):

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\SYSTEM32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\MWW32\MANAGER\MWMDMSVC.EXE
C:\WINNT\MWW32\MANAGER\MWSSW32.EXE
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\adddk32.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\tp4mon.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINNT\System32\spool\drivers\w32x86\3\hpztsb04.exe
C:\WINNT\System32\IEHost35.exe
C:\WINNT\system32\syson32.exe
C:\WINNT\system32\wuauclt.exe
C:\Program Files\CallWave\IAM.exe
C:\Program Files\StealthRay\StealthRay.exe
C:\Program Files\StealthRay\SRBHOMgr.exe
C:\Documents and Settings\oem1\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = file://C:\WINNT\system32\SearchBar.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINNT\oijvf.dll/sp.html#37680
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = res://oijvf.dll/index.html#37680
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = res://oijvf.dll/index.html#37680
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.scourweb.net/nph-search.cgi?partner=wesb1&look=sbar1_srchbtn
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINNT\oijvf.dll/sp.html#37680
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = res://oijvf.dll/index.html#37680
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINNT\oijvf.dll/sp.html#37680
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.scourweb.net/nph-search.cgi?partner=wesrch1&look=stmpl1&kw=
O2 - BHO: (no name) - {F1C8A09D-2716-3BFC-7D77-F02DB18D6266} - C:\WINNT\ipfx.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Modem Update Reminder] C:\WINNT\MWW32\manager\mwremind.exe autorun
O4 - HKLM\..\Run: [TrackPointSrv] tp4mon.exe
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINNT\System32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe
O4 - HKLM\..\Run: [ccRegVfy] C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe
O4 - HKLM\..\Run: [SymTray - Norton SystemWorks] C:\Program Files\Common Files\Symantec Shared\Symtray.exe SetReg
O4 - HKLM\..\Run: [Bakra] C:\WINNT\System32\IEHost35.exe
O4 - HKLM\..\Run: [syson32.exe] C:\WINNT\system32\syson32.exe
O4 - HKLM\..\Run: [SpySpotter] C:\PROGRA~1\SPYSPO~1\SpySpotter.exe
O4 - HKLM\..\Run: [SpyBlocs] C:\Program Files\SpyBlocs\SpyBlocs.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM95\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\spydoctor.exe" /Q
O4 - HKLM\..\RunOnce: [SymTray - Norton SystemWorks] C:\Program Files\Common Files\Symantec Shared\Symtrdr.exe
O4 - Global Startup: ThinkPad Modem Copyright.lnk = C:\WINNT\MWW32\manager\mwcpyrt.exe
O4 - Global Startup: updater.lnk = C:\Program Files\Common Files\updater\wupdater.exe
O4 - Global Startup: Internet Answering Machine.lnk = C:\Program Files\CallWave\IAM.exe
O4 - Global Startup: StealthRay.lnk = C:\Program Files\StealthRay\StealthRay.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O9 - Extra 'Tools' menuitem: MaxSpeed (HKLM)
O9 - Extra 'Tools' menuitem: Launch Copernic Agent (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
O9 - Extra button: Copernic Agent (HKLM)
O9 - Extra button: AIM (HKLM)
O9 - Extra button: Real.com (HKLM)
O16 - DPF: {11111111-1111-1111-1111-111111113456} - file://c:\info6_s.cab
O16 - DPF: {2ABE804B-4D3A-41BF-A172-304627874B45} - http://akamai.downloadv3.com/binaries/DialHTML/EGDHTML_US.cab
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D8751823-3CEB-43DE-B249-008D508F71AB}: NameServer = 66.59.100.87 205.166.61.160

Log in or Sign up

iambigbrother.com

needcomputerhelp Registered Member

Log in or Sign up

iambigbrother.com

needcomputerhelp Registered Member

Useful Searches