|
|
#1
November 22nd, 2003, 03:48 AM
|
|||
|
|||
rightfinder - what a pest
Hi All Learned Ones,
I've had rouble with rightfinder coming up as my home page, using MS Internet Explorer. I've installed Ad-aware and Hijack This, run them both. Here is the log file of what Hijack This has identified - after some deletions by me. Is there anything in this logfile below which looks suspicious ( or perhaps shouldn't be there ) to you? Am running VET as my anti virus software. Thanks, I appreciate the help you offer in this forum, even though my knowledge is limited. Logfile of HijackThis v1.97.7 Scan saved at 7:36:52 PM, on 22/11/03 Platform: Windows 98 SE (Win9x 4.10.2222A) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32.EXE C:\WINDOWS\SYSTEM\MPREXE.EXE C:\WINDOWS\SYSTEM\mmtask.tsk C:\WINDOWS\EXPLORER.EXE C:\WINDOWS\SYSTEM\RNAAPP.EXE C:\WINDOWS\SYSTEM\TAPISRV.EXE C:\WINDOWS\TASKMON.EXE C:\WINDOWS\SYSTEM\SYSTRAY.EXE C:\SBPCI\CTMIX32.EXE C:\WINDOWS\SYSTEM\VETMSG9X.EXE C:\VET\VETTRAY.EXE C:\WINDOWS\SYSTEM\P2P NETWORKING\P2P NETWORKING.EXE C:\WINDOWS\SYSTEM\SPOOL32.EXE C:\WINDOWS\SYSTEM\WMIEXE.EXE C:\WINDOWS\SYSTEM\E_S10IC2.EXE C:\WINDOWS\SYSTEM\DDHELP.EXE C:\WINDOWS\DESKTOP\HIJACKTHIS.EXE O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe O4 - HKLM\..\Run: [SystemTray] SysTray.Exe O4 - HKLM\..\Run: [bpcpost.exe] C:\WINDOWS\SYSTEM\bpcpost.exe O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\Run: [CreativeMixer] C:\SBPCI\ctmix32.exe /T O4 - HKLM\..\Run: [Vet Alert] C:\WINDOWS\System\VetMsg9x.exe O4 - HKLM\..\Run: [VetTray] C:\VET\VETTRAY.EXE O4 - HKLM\..\Run: [lar] C:\WINDOWS\DESKTOP\LLASS.EXE O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\RunServices: [lar] C:\WINDOWS\DESKTOP\LLASS.EXE O4 - HKCU\..\Run: [AddClass] C:\WINDOWS\ADDCLASS.EXE O4 - Startup: EPSON Background Monitor.lnk = C:\ESM2\Stms.exe O4 - Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\SYSTEM\E_SRCV02.EXE O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll O12 - Plugin for .bmp: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/swdir.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O16 - DPF: {351CF0CE-B05A-11D2-ABD9-00104B685417} (PWImageControl Class) - http://ebay.sj.ipixmedia.com/code//PWActiveXImgCtl.cab O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security2.norton.com/sa/common/common/bin/cabsa.cab O16 - DPF: {6B4788E2-BAE8-11D2-A1B4-00400512739B} (PWMediaSendControl Class) - http://216.249.25.152/code/PWActiveXImgCtl.CAB Thanks, look ofrward to your reply Regards jackafrica |
|
#2
November 22nd, 2003, 06:13 AM
|
||||
|
||||
|
Re:rightfinder - what a pest
Hi jackafrica,
Welcome at Wilders.  To get rid of the rightfinder hijack, please download, unzip and run CWShredder written by Merijn (creator of HijackThis) But you also seem to have a trojan: http://www.sophos.com/virusinfo/analyses/trojinora.html Have HijackThis Fix: O4 - HKLM\..\Run: [lar] C:\WINDOWS\DESKTOP\LLASS.EXE and after a reboot follow additional instructions here: http://www.sophos.com/virusinfo/analyses/trojinora.html Regards, Pieter
__________________
Regards, Pieter Itīs nice to be important, but itīs more important to be nice. Remove & Prevent spyware It's human to make mistakes. It's even more so to blame the computer for it. |
|
#3
November 22nd, 2003, 01:38 PM
|
||||
|
||||
|
Re:rightfinder - what a pest
Welcome from me, too Jack, and let us know if that gets ya runnin' smooth again!
__________________
"The price of freedom is eternal vigilance." - Thomas Jefferson |
|
#4
November 22nd, 2003, 03:05 PM
|
|||
|
|||
|
Re:rightfinder - what a pest
Thanks Pieter and Detox,
Looks as though, with your help in directions ( and the very useful programs ), the beastie is gone. Must confess to be somewhat disappointed my VET anti virus program did not alert me of the infection. Given that updates are run every day, this program would seem to be lacking. Looks like a new learning curve for me Again, my heartfelt thanks for helping me. Best regards jackafrica |
|
#5
November 22nd, 2003, 03:13 PM
|
||||
|
||||
|
Re:rightfinder - what a pest
Hi jackafrica,
Glad we could help. Regards, Pieter
__________________
Regards, Pieter Itīs nice to be important, but itīs more important to be nice. Remove & Prevent spyware It's human to make mistakes. It's even more so to blame the computer for it. |
|
#6
November 22nd, 2003, 06:03 PM
|
||||
|
||||
|
Re:rightfinder - what a pest
Good to hear; gave pieter another cookie but I'm afraid he's gonna get chunky with all those
__________________
"The price of freedom is eternal vigilance." - Thomas Jefferson |
|
#7
November 22nd, 2003, 06:11 PM
|
||||
|
||||
|
Re:rightfinder - what a pest
Never fear Detox,
I'm one of those annoying people that can eat all they want without gaining an ounce. 
__________________
Regards, Pieter Itīs nice to be important, but itīs more important to be nice. Remove & Prevent spyware It's human to make mistakes. It's even more so to blame the computer for it. |
|
#8
November 22nd, 2003, 06:18 PM
|
||||
|
||||
|
Re:rightfinder - what a pest
Quote:
You might want to install an Anti Trojan program. Not all AV's detect Trojans. Dolf
__________________
Idealism is what precedes experience; cynicism is what follows.
Of those who say nothing, few are silent.
|
| « Previous Thread | Next Thread » |
| Thread Tools | Search this Thread |
|
|
