republican-creole
Search:  

 
theme to black backgroundlet page decide theme
HomeFind ServiceReviewsISP NewsFAQsForumsToolsDatabaseAbout 
 
   All ForumsHot TopicsGallery






how-to block ads


 
Forums » Up and Running » Security » Security » hijack this log computer 2
Search Topic:
Uniqs:
86		 Share Topic:
RSS topic:
toggle:
flat / full
normal / watch
Posting:
Post a:
Post a:
Links: ·Hijack This logs? ·Panda Free Tools ·Vundo Removal
Yahoo Mail + Zone Alarm Pro »
« Please Prove My Father Wrong!  
AuthorAll Replies

owood1

join:2004-05-06
Milton, FL

reply to owood1
Re: hijack this log computer 2

Thanks John2g.
Don't know where the MyWay came from. Did want to get rid of it. There was an entry for MyWay that I removed. None for a MyWay Bar nor could I find anything for the fun web products easy installer.

Ran SpyBot S&D, Ad-Aware and Spy Ferret with latest updates
earler this am. Just ran them again. Both times no problems found.
to forum · permalink · · 2004-05-20 18:03:45 · Reply to this


John2g
Qui Tacet Consentit
Premium
join:2001-08-10
England		reply to owood1
I would then download Ad-aware or SpyBot S&D, update and then run.
to forum · permalink · · 2004-05-20 16:54:27 · Reply to this


John2g
Qui Tacet Consentit
Premium
join:2001-08-10
England

reply to owood1
You have Mywebsearch

Removal
Open 'Add/Remove Programs' in the Control Panel. Select the 'My Search Bar' (MySearch variant), 'MyWay Speed Bar' (MyWay) or 'My Web Search Bar' (MyWeb) entry and click 'Remove'. For the MyWeb variant, be sure to also remove 'Fun Web Products Easy Installer'.

You can then reset your home page (Internet Options->General->Start Page) if it has been changed, and search settings (Internet Options->Programs->Reset web settings).
--
Better to remain silent and be thought a fool, than to speak and remove all doubt.
to forum · permalink · · 2004-05-20 16:52:25 · Reply to this

owood1

join:2004-05-06
Milton, FL

  I am following the steps in the 'I think my computer is infected or hijacked FAQ

Logfile of HijackThis v1.97.7
Scan saved at 12:42:00 PM, on 5/20/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\Explorer.EXE
F:\WINDOWS\system32\spoolsv.exe
F:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
F:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
F:\Program Files\Common Files\Symantec Shared\ccApp.exe
F:\Program Files\ScanSoft\OmniPagePro12.0\Opware12.exe
F:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
F:\QUICKENW\QWDLLS.EXE
F:\Program Files\Zone Labs\ZoneAlarm\zonealarm.exe
F:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE
F:\WINDOWS\System32\nvsvc32.exe
F:\WINDOWS\System32\ofps.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\System32\Tablet.exe
F:\WINDOWS\system32\ZONELABS\vsmon.exe
\Ziggy\F\Media\HijackThis.exe

O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - F:\Program Files\MyWebSearch\SearchAt\1.bin\MWSSRCAS.DLL
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - f:\windows\googletoolbar1.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - F:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: Guard-IE - {D2F719F3-106A-402B-9996-3A5B12ACA564} - F:\Program Files\Failsafe\GuardIE\PnIE.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - F:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - F:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Guard-IE - {37C8204D-97C3-4127-BB28-1BFF3FA2F7DA} - F:\Program Files\Failsafe\GuardIE\PnIE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - f:\windows\googletoolbar1.dll
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] F:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [EM_EXEC] F:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [UpdReg] F:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "F:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "F:\Program Files\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [ccApp] "F:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "F:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NeroCheck] F:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Opware12] "F:\Program Files\ScanSoft\OmniPagePro12.0\Opware12.exe"
O4 - HKLM\..\Run: [myNetWatchman] F:\Program Files\myNetWatchman\NWClient.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [MsnMsgr] "F:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Microsoft Office.lnk = F:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Acrobat Assistant.lnk = F:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: Quicken Startup.lnk = F:\QUICKENW\QWDLLS.EXE
O4 - Global Startup: Billminder.lnk = F:\QUICKENW\BILLMIND.EXE
O4 - Global Startup: ZoneAlarm.lnk = F:\Program Files\Zone Labs\ZoneAlarm\zonealarm.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = F:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &Google Search - res://f:\windows\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://f:\windows\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://f:\windows\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Si&milar Pages - res://f:\windows\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://f:\windows\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
O9 - Extra button: @F:\Program Files\Failsafe\GuardIE\PnIE.dll,-100 (HKLM)
O9 - Extra 'Tools' menuitem: @F:\Program Files\Failsafe\GuardIE\PnIE.dll,-100 (HKLM)
O12 - Plugin for .spop: F:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: Yahoo! Pool 2 - »download.games.yahoo.com/games/c···tc_x.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - »download.macromedia.com/pub/shoc···wdir.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - »ak.imgfarm.com/images/nocache/fu···.0.6.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - »download.yahoo.com/dl/installs/yinst0309.cab
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - »download.microsoft.com/download/···9VCM.CAB
O16 - DPF: {6B4788E2-BAE8-11D2-A1B4-00400512739B} (PWMediaSendControl Class) - »216.249.24.142/code/PWActiveXImgCtl.CAB
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - »v4.windowsupdate.microsoft.com/C···78587963
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - »download.macromedia.com/pub/shoc···lash.cab
O16 - DPF: {DF6A0F17-0B1E-11D4-829D-00C04F6843FE} (Microsoft Office Tools on the Web Control) - »officeupdate.microsoft.com/Templ···outc.cab
to forum · permalink · · 2004-05-20 14:58:01 · Reply to this
Forums » Up and Running » Security » SecurityYahoo Mail + Zone Alarm Pro »
« Please Prove My Father Wrong!  

Monday, 30-Nov 02:52:11 Terms of Use | Privacy Policy | Hosting by www.nac.net - DSL,Hosting & Co-lo | feedback | contact
over 10 years online! © 1999-2009 dslreports.com.republican-creole
page compression OFF
Most commented news this week
· [124] Time Warner Cable Fires Broadside At Broadcasters
· [112] New AT&T Ad Campaign Hits Back At Verizon
· [96] Apple Joins AT&T Verizon Snark Fest
· [87] New Bill Takes Aim At Higher Verizon ETFs
· [82] Weekend Open Thread
· [80] TiVo Sees Record Customer Losses
· [79] Verizon CEO: Hulu Will Be Dead Soon
· [69] In-Flight Internet Headed For Bumpy Landing?
· [63] Thanksgiving Open Thread
· [41] ICANN Slams DNS Redirection
Most people now reading
· Are GPS's better today? [General Questions]
· Is Easynews down? [Filesharing Software]
· [Newsgroups] Newzleech down? [Filesharing Software]
· Windows 7 boot manager editing questions [Microsoft Help]
· Grey Cup on the Web? [Canadian Chat]
· Netgear WNDR3700 [Comcast HSI]
· [How to] Install Asterisk on an Asus WL-520GU router [VOIP Tech Chat]
· persistent connection to qw-in-f113.1e100.net on boot [Security]
· [Newsgroups] Newzleech is either down or gone for good... [Filesharing Software]
· [ PVP] 3.2 DK PvP D/W Spec... [World of Warcraft]