Help needed

Discussion in 'adware, spyware & hijack cleaning' started by Shanamaj, Jul 5, 2004.

Thread Status:
Not open for further replies.
  1. Shanamaj

    Shanamaj Registered Member

    Joined:
    Jul 5, 2004
    Posts:
    1
    I have constant problems with spywares & hijackers and I don't seem to be able to fix them with my spyware tools and heaps of tutorials online.
    Please help me

    Logfile of HijackThis v1.97.7
    Scan saved at 01:43:13, on 2004-07-09
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program\IBM\Bluetooth Software\bin\btwdins.exe
    C:\Program\Diskeeper\DkService.exe
    C:\Program\LF Connection Keeper\lfck.exe
    C:\Program\Delade filer\Microsoft Shared\VS7Debug\mdm.exe
    C:\Norman\NVC\BIN\ZANDA.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\Program\WinGate\WinGate.exe
    C:\WINDOWS\Explorer.EXE
    C:\NORMAN\Nvc\BIN\ZLH.EXE
    C:\Program\DOWNLO~1\DAP.EXE
    C:\Program\NetPeeker\NPGUI.exe
    C:\Program\Java\j2re1.4.2_04\bin\jusched.exe
    C:\Utopia\Angel\Angel.exe
    C:\Program\mIRC\Pulse\Pulse.exe
    C:\Program\IBM\Bluetooth Software\BTTray.exe
    C:\Program\Trillian\trillian.exe
    C:\Program\Avant Browser\iexplore.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\WINDOWS\System32\javaw.exe
    C:\Program\Babylon\Babylon.exe
    C:\Program\Winamp\winamp.exe
    D:\spel\CounterStrike\platform\Steam.exe
    C:\NORMAN\Nvc\BIN\nvcoas.exe
    C:\NORMAN\Nvc\BIN\NVCSCHED.EXE
    C:\NORMAN\Nvc\BIN\NYMSE.EXE
    C:\NORMAN\Nvc\BIN\NJEEVES.EXE
    C:\NORMAN\Nvc\BIN\cclaw.exe
    C:\Program\mIRC\mirc.exe
    C:\Program\BulletProofSoft.com\SpywareRemover\Spyware.exe
    C:\Program\BulletProofSoft.com\SpywareRemover\F2D94EEE.DLL
    C:\Program\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.websearch.com/ie.aspx?tb_id=3
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = res://C:\Program\Toolbar\toolbar.dll/sa
    R3 - Default URLSearchHook is missing
    O2 - BHO: (no name) - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - C:\Program\Download Accelerator Plus\DAPBHO.dll
    O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\Program\Download Accelerator Plus\DAPIEBar.dll
    O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
    O4 - HKLM\..\Run: [Norman ZANDA] C:\NORMAN\Nvc\BIN\ZLH.EXE /LOAD /SPLASH
    O4 - HKLM\..\Run: [DownloadAccelerator] C:\Program\DOWNLO~1\DAP.EXE /STARTUP
    O4 - HKLM\..\Run: [NetPeeker] C:\Program\NetPeeker\NPGUI.exe Minimize
    O4 - HKLM\..\Run: [Babylon Client] C:\Program\Babylon\Babylon.exe -AutoStart
    O4 - HKLM\..\Run: [DataLayer] C:\Program\Delade filer\PCSuite\DataLayer\DataLayer.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program\Java\j2re1.4.2_04\bin\jusched.exe
    O4 - HKCU\..\Run: [Angel] C:\Utopia\Angel\Angel.exe
    O4 - HKCU\..\Run: [Pulse] C:\Program\mIRC\Pulse\Pulse.exe -splash
    O4 - HKCU\..\Run: [Trillian] C:\Program\Trillian\trillianpro.exe
    O4 - Global Startup: BTTray.lnk = ?
    O4 - Global Startup: Microsoft Office.lnk = C:\Program\Microsoft Office\Office10\OSA.EXE
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O8 - Extra context menu item: &Download with &DAP - C:\Program\DOWNLO~1\dapextie.htm
    O8 - Extra context menu item: Blockera alla bilder från samma sida - C:\Program\Avant Browser\AddAllToADBlackList.htm
    O8 - Extra context menu item: Download &all with DAP - C:\Program\DOWNLO~1\dapextie2.htm
    O8 - Extra context menu item: Lägg till i AD Svartlistan - C:\Program\Avant Browser\AddToADBlackList.htm
    O8 - Extra context menu item: Markera - C:\Program\Avant Browser\Highlight.htm
    O8 - Extra context menu item: Send To &Bluetooth - C:\Program\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O8 - Extra context menu item: Skicka till &Bluetooth - C:\Program\IBM\Bluetooth Software\btsendto_ie_ctx.htm
    O8 - Extra context menu item: Sök - C:\Program\Avant Browser\Search.htm
    O8 - Extra context menu item: Öppna alla länkar på sidan... - C:\Program\Avant Browser\OpenAllLinks.htm
    O9 - Extra 'Tools' menuitem: Sun Java-konsol (HKLM)
    O9 - Extra button: Run DAP (HKLM)
    O9 - Extra button: ICQ 4.1 (HKLM)
    O9 - Extra 'Tools' menuitem: ICQ Lite (HKLM)
    O9 - Extra button: @btrez.dll,-4015 (HKLM)
    O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 (HKLM)
    O9 - Extra button: Real.com (HKLM)
    O9 - Extra button: Messenger (HKLM)
    O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
    O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralInitialSetup1.0.0.8.cab
    O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://download.yahoo.com/dl/installs/yinst0401.cab
    O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) - http://office.microsoft.com/officeupdate/content/opuc.cab
    O16 - DPF: {597C45C2-2D39-11D5-8D53-0050048383FE} (OPUCatalog Class) - http://office.microsoft.com/productupdates/content/opuc.cab
    O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} - http://toolbar.google.com/data/sv/big/1.1.62-big/GoogleNav.cab
    O16 - DPF: {7584C670-2274-4EFB-B00B-D6AABA6D3850} (Microsoft RDP Client Control (redist)) - http://for100.dk/tsweb/msrdp.cab
    O16 - DPF: {79B96C72-C0D0-4DC8-BC7E-9F314A918228} - http://ak.imgfarm.com/images/nocache/myspeedbar/myinitialsetup1.0.0.7.cab
    O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.installengine.com/engine/isetup.cab
    O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37866.5076736111
    O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C1} (GINBILLARD8 Class) - http://216.127.51.94/g_bin_eng/billard8_2_0_0_6.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{9340C200-AC93-4F6C-ABD9-E3D41D5DDB1D}: NameServer = 195.67.199.9,195.67.199.10
    O17 - HKLM\System\CCS\Services\Tcpip\..\{F459A2EE-86EB-4455-BE77-A3059D92895A}: NameServer = 195.67.199.12,195.67.199.13
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 127.0.0.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 127.0.0.1
     
    Last edited: Jul 8, 2004
Thread Status:
Not open for further replies.