help xxxtoolbar is clamped around my jugular.

Discussion in 'adware, spyware & hijack cleaning' started by shadoweternal, May 30, 2004.

Thread Status:
Not open for further replies.
  1. shadoweternal

    shadoweternal Registered Member

    Joined:
    May 30, 2004
    Posts:
    1
    Logfile of HijackThis v1.97.3
    Scan saved at 07:38, on 5/30/2004
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS1\System32\smss.exe
    C:\WINDOWS1\system32\winlogon.exe
    C:\WINDOWS1\system32\services.exe
    C:\WINDOWS1\system32\lsass.exe
    C:\WINDOWS1\system32\svchost.exe
    C:\WINDOWS1\System32\svchost.exe
    C:\WINDOWS1\system32\spoolsv.exe
    C:\WINDOWS1\System32\GEARSEC.EXE
    C:\WINDOWS1\System32\svchost.exe
    C:\WINDOWS1\System32\VetMsgNT.exe
    C:\WINDOWS1\System32\MsPMSPSv.exe
    C:\WINDOWS1\System32\hkcmd.exe
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\PROGRA~1\CA\ETRUST~1\ETRUST~1\VetTray.exe
    C:\Program Files\Smartalec Game Accelerator\gamexl.exe
    C:\program files\powerstrip\pstrip.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
    C:\Program Files\AWS\WeatherBug\Weather.exe
    C:\Program Files\I8kfanGUI\I8kfanGUI.exe
    C:\Program Files\iolo\System Mechanic 4 Professional\PopupStopper.exe
    C:\Program Files\EnigmaticSoftware\CacheSentry\CacheSentry.exe
    C:\Program Files\SBC\Connection Manager\CManager.exe
    C:\PROGRA~1\BroadJump\CorrectConnect Engine\CCD.exe
    C:\PROGRA~1\BroadJump\Client Foundation\CFD.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS1\explorer.exe
    C:\Program Files\FerretSoft\WebFerret\WebFerret.exe
    C:\WINDOWS1\regedit.exe
    C:\Program Files\FerretSoft\WebFerret\WebFerret.exe
    C:\Documents and Settings\Owner.SHADOWETERNAL.000\Desktop\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://msn.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Shadow Eternal Unhuman Think Capacity
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS1\System32\hkcmd.exe
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [VetTray] C:\PROGRA~1\CA\ETRUST~1\ETRUST~1\VetTray.exe
    O4 - HKLM\..\Run: [Zone Labs Client] C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [GameXL] "C:\Program Files\Smartalec Game Accelerator\gamexl.exe"
    O4 - HKLM\..\Run: [pstrip.exe] "C:\Program Files\PowerStrip\pstrip.exe"
    O4 - HKLM\..\Run: [cmanager.exe] "C:\Program Files\SBC\Connection Manager\CManager.exe"
    O4 - HKLM\..\Run: [PowerStrip] c:\program files\powerstrip\pstrip.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS1\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
    O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
    O4 - HKCU\..\Run: [i8kfangui] C:\Program Files\I8kfanGUI\I8kfanGUI.exe /startup
    O4 - HKCU\..\Run: [Steam] "c:\progra~1\steam1\steam.exe" -silent
    O4 - HKCU\..\Run: [System Mechanic Popup Stopper] "C:\Program Files\iolo\System Mechanic 4 Professional\PopupStopper.exe"
    O4 - Startup: cachesentry.lnk = C:\Program Files\EnigmaticSoftware\CacheSentry\CacheSentry.exe
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O8 - Extra context menu item: IE Booster Copy Meister - res://C:\Program Files\IE Booster 2\ieb.dll/copy-wiz.ieb
    O8 - Extra context menu item: IE Booster Interactive HTML Detective - res://C:\Program Files\IE Booster 2\ieb.dll/contextmenu.ieb
    O8 - Extra context menu item: IE Booster List Images - res://C:\Program Files\IE Booster 2\ieb.dll/ImagesModule.ieb
    O8 - Extra context menu item: IE Booster List Links - res://C:\Program Files\IE Booster 2\ieb.dll/LinksModule.ieb
    O8 - Extra context menu item: IE Booster Open Frame In New Window - res://C:\Program Files\IE Booster 2\ieb.dll/open-frame-in-new-window.ieb
    O8 - Extra context menu item: IE Booster Open Frame In This Window - res://C:\Program Files\IE Booster 2\ieb.dll/open-frame-in-new-window.ieb
    O8 - Extra context menu item: IE Booster Web Page Analyzer - res://C:\Program Files\IE Booster 2\ieb.dll/element.ieb
    O8 - Extra context menu item: Yahoo! Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
    O8 - Extra context menu item: Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
    O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
    O9 - Extra button: Yahoo! Login (HKLM)
    O9 - Extra 'Tools' menuitem: Yahoo! Login (HKLM)
    O9 - Extra button: Messenger (HKLM)
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
    O9 - Extra button: MSKB (HKLM)
    O9 - Extra 'Tools' menuitem: MSKB (HKLM)
    O9 - Extra button: show/hide IEB Toolbar (HKLM)
    O9 - Extra 'Tools' menuitem: IE Booster Toolbar (HKLM)
    O9 - Extra button: Page Analysis (HKCU)
    O9 - Extra 'Tools' menuitem: IE Booster Web Page Analyzer (HKCU)
    O9 - Extra button: HTML Detective (HKCU)
    O9 - Extra 'Tools' menuitem: IE Booster Interactive HTML Detective (HKCU)
    O12 - Plugin for .mpeg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
    O12 - Plugin for .mpg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
    O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
    O16 - DPF: ppctlcab - http://www.pestscan.com/scanner/ppctlcab.cab
    O16 - DPF: {01CA75F1-054B-4A63-9221-C6926369EC52} (HS_live Control) - http://install.homestead.com/~site/InstallFiles/SIFiles/lpxlive/HS_live.cab
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
    O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://www.pestscan.com/scanner/axscanner.cab
    O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
    O16 - DPF: {638AF6A2-81A1-4655-9FFA-9FC09CDE22CF} (CScanner Object) - http://www.pestscan.com/scanner/ppctlcab.cab
    O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - http://us.games2.yimg.com/download.games.yahoo.com/games/play/client/exentctl_0_0_0_1.ocx
    O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.installengine.com/engine/isetup.cab
    O16 - DPF: {9CF28A69-7659-4C51-BFD5-9ADE19E19EC3} (RegConfig Class) - http://download.yahoo.com/dl/installs/bkm/prod/yregcfg.cab
    O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yse/ymmapi_416.dll
    O16 - DPF: {B942A249-D1E7-4C11-98AE-FCB76B08747F} (RealArcadeRdxIE Class) - http://games-dl.real.com/gameconsole/Bundler/CAB/RealArcadeRdxIE.cab
    O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {CA034DCC-A580-4333-B52F-15F98C42E04C} (Downloader Class) - https://www.stopzilla.com/_download/Auto_Installer/dwnldr.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{64A072CA-86C6-41AF-BEA8-BCFC6FDEB3EE}: NameServer = 65.43.19.26 206.141.192.60
     
  2. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,440
    Location:
    Netherlands
    Hi shadoweternal,

    Your log looks clean.
    What's the problem exactly and why are you using an old version of HijackThis ?

    Regards,

    Pieter
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.