startpage hijacked

Discussion in 'adware, spyware & hijack cleaning' started by crille4, Jul 15, 2004.

Thread Status:
Not open for further replies.
  1. crille4

    crille4 Registered Member

    Joined:
    Jul 15, 2004
    Posts:
    1
    hope this is the place to write i need help to fix it

    Logfile of HijackThis v1.98.0
    Scan saved at 15:28:34, on 2004-07-15
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Unable to get Internet Explorer version!

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program\Stardock\Object Desktop\WindowBlinds\wbload.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program\Delade filer\EPSON\EBAPI\SAgent2.exe
    E:\iclogin1.2.exe
    C:\WINDOWS\System32\inetsrv\inetinfo.exe
    C:\Program\Photodex\ProShow\ScsiAccess.exe
    C:\WINDOWS\system32\Smartscaps.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program\PestPatrol\PPControl.exe
    C:\Program\PestPatrol\PPMemCheck.exe
    C:\Program\PestPatrol\CookiePatrol.exe
    C:\Program\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program\IDEAL Calendar\Calendar.exe
    C:\Program\ATI Multimedia\main\launchpd.exe
    C:\Program\Rainlendar\Rainlendar.exe
    C:\Program\Trillian\trillian.exe
    C:\Program\Internet Explorer\iexplore.exe
    C:\Documents and Settings\Crille\Skrivbord\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\oymjf.dll/sp.html#28129
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = res://oymjf.dll/index.html#28129
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = res://oymjf.dll/index.html#28129
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\oymjf.dll/sp.html#28129
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\oymjf.dll/sp.html#28129
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = res://oymjf.dll/index.html#28129
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R3 - Default URLSearchHook is missing
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {38676255-FF52-44C8-27F2-446E092C177F} - C:\WINDOWS\system32\iemz.dll
    O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
    O4 - HKLM\..\Run: [PestPatrol Control Center] C:\Program\PestPatrol\PPControl.exe
    O4 - HKLM\..\Run: [PPMemCheck] C:\Program\PestPatrol\PPMemCheck.exe
    O4 - HKLM\..\Run: [CookiePatrol] C:\Program\PestPatrol\CookiePatrol.exe
    O4 - HKLM\..\Run: [ATIPTA] C:\Program\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [IDEAL Calendar] "C:\Program\IDEAL Calendar\Calendar.exe"
    O4 - HKLM\..\Run: [DrWebScheduler] "C:\Program\DrWeb for Windows\drwebscd.exe"
    O4 - HKLM\..\Run: [SpIDerMail] "C:\Program\DrWeb for Windows\spiderml.exe"
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [iemz.exe] C:\WINDOWS\system32\iemz.exe
    O4 - HKCU\..\Run: [ATI Remote Control] C:\Program\ATI Multimedia\RemCtrl\ATIRW.exe
    O4 - HKCU\..\Run: [ATI Launchpad] "C:\Program\ATI Multimedia\main\launchpd.exe"
    O4 - Startup: Rainlendar.lnk = C:\Program\Rainlendar\Rainlendar.exe
    O4 - Startup: trillian.lnk = ?
    O8 - Extra context menu item: Ladda ner med alla FlashGet - C:\Program\FlashGet\jc_all.htm
    O8 - Extra context menu item: Ladda ner med FlashGet - C:\Program\FlashGet\jc_link.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
    O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
    O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\Program\ATI Multimedia\tv\EXPLBAR.DLL
    O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: StringEncr - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\stringencr\StringEncr.exe
    O9 - Extra 'Tools' menuitem: &StringEncr - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\stringencr\StringEncr.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\drwebsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\drwebsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\drwebsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\drwebsp.dll
    O18 - Protocol: icoo - {4A8DADD4-5A25-4D41-8599-CB7458766220} - C:\WINDOWS\msopt.dll
     
    crille4, Jul 15, 2004
    #1
  2. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Hi have moved this to the appropriate forum :)

    Good luck. Pilli
     
    Pilli, Jul 15, 2004
    #2
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...