Thread: i hate pop ups
View Single Post
  #1  
Old 10-18-2004, 09:45 AM
savedtheday89 savedtheday89 is offline
Member
  
Join Date: Oct 2004
Posts: 39
Send a message via AIM to savedtheday89 Send a message via MSN to savedtheday89
i hate pop ups
for my sisters computer which is crazy ... i have everything downloaded.. here's hjt log .. thanks

Logfile of HijackThis v1.98.2
Scan saved at 9:44:11 AM, on 10/18/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSSystem32PackethSvc.exe
C:PROGRA~1COMMON~1AOLACSacsd.exe
C:WINDOWSSystem32nvsvc32.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSwanmpsvc.exe
C:Program FilesiPodbiniPodService.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOW***plorer.EXE
C:windowssystemhpsysdrv.exe
C:WINDOWSsystem32ps2.exe
C:Program FilesDownloadWaredw.exe
C:Program FilesRealRealPlayerRealPlay.exe
C:Program FilesQuickTimeqttask.exe
C:windowsredirect9a.exe
C:WINDOWSSystem32P2P NetworkingP2P Networking.exe
C:WINDOWSSystem32SahAgent.exe
C:Program FilesViewpointViewpoint ManagerViewMgr.exe
C:PROGRA~1MYWEBS~1bar1.binmwsoemon.exe
C:WINDOWSSystem32RUNDLL32.exe
C:Program FilesWeb_RebatesWebRebates0.exe
C:Program FilesMessengermsmsgs.exe
C:Program FilesAmerica Online 9.0aoltray.exe
C:Program FilesWeb_RebatesWebRebates1.exe
C:Program FilesAOL Companioncompanion.exe
C:Program FilesInternet ExplorerIEXPLORE.EXE
C:PROGRA~1RECOMM~1v15rh.exe
Cocuments and SettingsOwnerDesktopHijackThis.exe

R1 - HKCUSoftwareMicrosoftInternet Explorer,SearchURL = http://searchbar.findthewebsiteyouneed.com/
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://searchbar.findthewebsiteyouneed.com
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.findthewebsiteyouneed.com
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://search.media-search.net/nph-search....ok=stmpl1&find=
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,SearchAssistant = http://searchbar.findthewebsiteyouneed.com/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://us3.hpwis.com/
R1 - HKCUSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = http://search.media-search.net/nph-search....ok=stmpl1&find=
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = http://searchbar.findthewebsiteyouneed.com
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKCUSoftwareMicrosoftInternet ExplorerSearchURL,(Default) = websearch.drsnsrch.com/q.cgi?q=
R1 - HKLMSoftwareMicrosoftInternet ExplorerSearchURL,(Default) = hhttp://search.media-search.net/nph-search.cgi?track=mssrc&look=stmpl1&find=
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = localhost
R3 - URLSearchHook: (no name) - {9368D063-44BE-49B9-BD14-BB9663FD38FC} - (no file)
R3 - URLSearchHook: (no name) - {5D60FF48-95BE-4956-B4C6-6BB168A70310} - (no file)
O1 - Hosts: 80.69.74.15 auto.search.msn.com
O2 - BHO: MxTargetObj Class - {0000607D-D204-42C7-8E46-216055BF9918} - C:WINDOWSmxTarget.dll
O2 - BHO: (no name) - {00041A26-7033-432C-94C7-6371DE343822} - (no file)
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:Program FilesMyWebSearchSrchAstt1.binMWSSRCAS.DLL
O2 - BHO: Band Class - {01F44A8A-8C97-4325-A378-76E68DC4AB2E} - C:WINDOWSsystb.dll
O2 - BHO: Recommended Hotfix - {0421701D-CF13-4E70-ADF0-45A953E7CB8B} - C:Program FilesRecommended Hotfix - 421701Dv15RH.DLL
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:Program FilesMyWebSearchbar1.binMWSBAR.DLL
O2 - BHO: Setup.Setup1 - {2E65A557-173C-4DE9-860B-28FC5CACA542} - COCUME~1ALLUSE~1APPLIC~1SetupSetup.dll
O2 - BHO: CATLEvents Object - {60112085-E1CE-4e0e-823A-EBB1AD98804C} - COCUME~1JennaLOCALS~1Temprbarc.dat
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - crogram filesgooglegoogletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSystem32msdxm.ocx
O3 - Toolbar: &My Way Speedbar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - C:Program FilesMyWaymyBar1.binMYBAR.DLL
O3 - Toolbar: (no name) - {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - (no file)
O3 - Toolbar: My &Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:Program FilesMyWebSearchbar1.binMWSBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - crogram filesgooglegoogletoolbar1.dll
O4 - HKLM..Run: [hpsysdrv] c:windowssystemhpsysdrv.exe
O4 - HKLM..Run: [Recguard] C:WINDOWSSMINSTRECGUARD.EXE
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM..Run: [IgfxTray] C:WINDOWSSystem32igfxtray.exe
O4 - HKLM..Run: [HotKeysCmds] C:WINDOWSSystem32hkcmd.exe
O4 - HKLM..Run: [PS2] C:WINDOWSsystem32ps2.exe
O4 - HKLM..Run: [HPGamesActiveMenu] C:Program FilesWildTangentActiveMenuHPGamesActiveMenu.exe
O4 - HKLM..Run: [PromulGate] "C:Program FilesDelFinPromulGatePgMonitr.exe"
O4 - HKLM..Run: [MediaLoads Installer] "C:Program FilesDownloadWaredw.exe" /H
O4 - HKLM..Run: [RealTray] C:Program FilesRealRealPlayerRealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe" -atboottime
O4 - HKLM..Run: [WT GameChannel] C:Program FilesWildTangentAppsGameChannel.exe
O4 - HKLM..Run: [redirect] C:windowsredirect9a.exe
O4 - HKLM..Run: [easywww] C:windowseasywww2.exe
O4 - HKLM..Run: [P2P Networking] C:WINDOWSSystem32P2P NetworkingP2P Networking.exe /AUTOSTART
O4 - HKLM..Run: [updater] C:Program FilesCommon filesupdaterwupdater.exe
O4 - HKLM..Run: [SAHAgent] C:WINDOWSSystem32SahAgent.exe
O4 - HKLM..Run: [msbb] C:WINDOWSSystem32msbb.exe
O4 - HKLM..Run: [Belt] C:WINDOWSBelt.exe
O4 - HKLM..Run: [FLSVCCWEL] C:WINDOWSFLSVCCWEL.exe
O4 - HKLM..Run: [Media-Search] "C:Program Filesmsnetv9msnet.EXE" /H
O4 - HKLM..Run: [ViewMgr] C:Program FilesViewpointViewpoint ManagerViewMgr.exe
O4 - HKLM..Run: [Search-Exe] "C:Program Filessev11se.EXE" /H
O4 - HKLM..Run: [Win Server Updt] C:WINDOWSwupdt.exe
O4 - HKLM..Run: [New.net Startup] rundll32 ,NewDotNetStartup -s
O4 - HKLM..Run: [prpzjtxyepga] C:WINDOWSSystem32jrokvj.exe
O4 - HKLM..Run: [crabr] C:WINDOWSFontscrabr.exe
O4 - HKLM..Run: [MyWebSearch Email Plugin] C:PROGRA~1MYWEBS~1bar1.binmwsoemon.exe
O4 - HKLM..Run: [WildTangent CDA] RUNDLL32.exe "C:Program FilesWildTangentAppsCDAcdaEngine0400.dll",cdaEngin eMain
O4 - HKLM..Run: [iTunesHelper] C:Program FilesiTunesiTunesHelper.exe
O4 - HKLM..Run: [WebRebates0] "C:Program FilesWeb_RebatesWebRebates0.exe"
O4 - HKLM..RunOnce: [RealPlayer_update] C:Program FilesAmerica Online 9.0JitiReal9_codec_upd.exe restart
O4 - HKCU..Run: [MSMSGS] "C:Program FilesMessengermsmsgs.exe" /background
O4 - HKCU..Run: [Microsoft Works Update Detection] C:Program FilesMicrosoft WorksWkDetect.exe
O4 - HKCU..Run: [eZmmod] C:PROGRA~1ezulammod.exe
O4 - HKCU..Run: [MyWebSearch Email Plugin] C:PROGRA~1MYWEBS~1bar1.binmwsoemon.exe
O4 - Startup: MyWebSearch Email Plugin.lnk = C:Program FilesMyWebSearchbar1.binMWSOEMON.EXE
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:Program FilesAmerica Online 9.0aoltray.exe
O4 - Global Startup: AOL Companion.lnk = C:Program FilesAOL Companioncompanion.exe
O4 - Global Startup: hp center UI.lnk = C:Program Fileshp center137903ShadowShadowBar.exe
O4 - Global Startup: hp center.lnk = C:Program Fileshp center137903ProgramBackWeb-137903.exe
O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOfficeOSA9.EXE
O4 - Global Startup: MyWebSearch Email Plugin.lnk = C:Program FilesMyWebSearchbar1.binMWSOEMON.EXE
O8 - Extra context menu item: &Google Search - res://crogram filesgoogleGoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZSxdm314
O8 - Extra context menu item: Backward Links - res://crogram filesgoogleGoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://crogram filesgoogleGoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://crogram filesgoogleGoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://crogram filesgoogleGoogleToolbar1.dll/cmtrans.html
O8 - Extra context menu item: Web Rebates - file://C:Program FilesWeb_RebatesSy1150Tp1150scri1150a.htm
O9 - Extra button: Researcher - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:Program FilesCommon FilesMicrosoft SharedEncarta ResearcherEROPROJ.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:Program FilesAIM95aim.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:WINDOWSwebrelated.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:WINDOWSwebrelated.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:WINDOWSSystem32Shdocvw.dll
O10 - Hijacked Internet access by New.Net
O16 - DPF: {00000EF1-0786-4633-87C6-1AA7A44296DA} - http://www.netpaloffers.net/NetpalOffers/D...MO1/r3un10n.cab
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O16 - DPF: {79B96C72-C0D0-4DC8-BC7E-9F314A918228} - http://imgfarm.com/images/nocache/myspeedb...etup1.0.0.3.cab
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.installengine.com/engine/isetup.cab
O16 - DPF: {DCF0768D-BA7A-101A-B57A-0000C0C3ED5F} - file://C:x.cab

you all are awesome
__________________
--Kelly
Reply With Quote