Content Top
DAL Computer Help » Internet Security Help » Spyware, Adware, Viruses and HijackThis Logs » tell wat to do hijacklog

Recommended Fix

Click here to fix Windows Errors and Optimize Windows Performance

Need Computer Help?
Register Now for FREE

tell wat to do hijacklog

Reply
Thread Tools
Spyware, Adware, Viruses and HijackThis Logs
  #1 (permalink)  
Old 16-07-2005, 12:02 PM
Newbie
D-A-L Newbie
  
Join Date: Jul 2005
Posts: 4
vicky_4949 Is a beginner here at D-A-L
tell wat to do hijacklog
i want a solution for my problem as automaticly the windows opens search pages and that sort of things


Logfile of HijackThis v1.99.1
Scan saved at 3:58:49 AM, on 7/16/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\system32\srv32.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\System32\mouse.exe
D:\WINDOWS\System32\pctspk.exe
D:\WINDOWS\System32\PV92Tray.exe
D:\WINDOWS\System32\igfxtray.exe
D:\WINDOWS\System32\hkcmd.exe
D:\Program Files\ISTsvc\istsvc.exe
D:\WINDOWS\rsrbkkk.exe
D:\Program Files\Internet Optimizer\optimize.exe
D:\Program Files\Common Files\soft602\pdfSaver.exe
D:\Program Files\Messenger\msmsgs.exe
C:\Program Files\PDF\pdfSaver\pdfSaver3.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\WINDOWS\system32\cmd.exe
D:\Program Files\BullsEye Network\bin\bargains.exe
D:\WINDOWS\System32\wuauclt.exe
D:\WINDOWS\System32\mssetup32.exe
D:\Program Files\HijackThis.exe

R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: BHObj Class - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - D:\WINDOWS\nem220.dll
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - D:\Program Files\GetRight\xx2gr.dll
O2 - BHO: BAHelper Class - {A3FDD654-A057-4971-9844-4ED8E67DBBB8} - D:\Program Files\SideFind\sfbho.dll
O2 - BHO: ADP UrlCatcher Class - {F4E04583-354E-4076-BE7D-ED6A80FD66DA} - D:\WINDOWS\System32\msbe.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: ISTbar - {FAA356E4-D317-42a6-AB41-A3021C6E7D52} - D:\Program Files\ISTbar\istbarcm.dll
O4 - HKLM\..\Run: [mouse] mouse.exe
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [PV92TRAY] PV92Tray.exe
O4 - HKLM\..\Run: [IgfxTray] D:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] D:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [IST Service] D:\Program Files\ISTsvc\istsvc.exe
O4 - HKLM\..\Run: [tQIdT0f8] D:\WINDOWS\rsrbkkk.exe
O4 - HKLM\..\Run: [Internet Optimizer] "D:\Program Files\Internet Optimizer\optimize.exe"
O4 - HKLM\..\Run: [BullsEye Network] D:\Program Files\BullsEye Network\bin\bargains.exe
O4 - HKLM\..\Run: [Power Scan] D:\Program Files\Power Scan\powerscan.exe
O4 - HKLM\..\Run: [602PC SUITE PDF Saver] "D:\Program Files\Common Files\soft602\pdfSaver.exe"
O4 - HKLM\..\Run: [Microsoft Update 32] mssetup32.exe
O4 - HKLM\..\RunServices: [mouse] mouse.exe
O4 - HKLM\..\RunServices: [Microsoft Update 32] mssetup32.exe
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [pdfSaver3] "c:\Program Files\PDF\pdfSaver\pdfSaver3.exe"
O8 - Extra context menu item: Download with GetRight - D:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: Open with GetRight Browser - D:\Program Files\GetRight\GRbrowse.htm
O9 - Extra button: SideFind - {10E42047-DEB9-4535-A118-B3F6EC39B807} - D:\Program Files\SideFind\sidefind.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS\web\related.htm
O15 - Trusted Zone: http://ny.contentmatch.net (HKLM)
O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} (Installer Class) - http://www.ysbweb.com/ist/softwares/v4.0/ysb_cracks.cab
O16 - DPF: {7C559105-9ECF-42B8-B3F7-832E75EDD959} (Installer Class) - http://www.xxxtoolbar.com/ist/softwares/v4.0/0006_regular.cab
O16 - DPF: {CDCBE0F1-D13A-4F86-A963-3A272D3ABA7E} (VacPro.internazionale_ver15) - http://advnt01.com/dialer/internazionale_ver15.CAB
O17 - HKLM\System\CCS\Services\Tcpip\..\{EC60FDF0-735C-4EA3-84EC-A5F0D53A45E7}: NameServer = 202.138.97.193 202.138.96.2
O20 - Winlogon Notify: igfxcui - D:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Srv32 - Unknown owner - D:\WINDOWS\system32\srv32.exe
O23 - Service: SuperProServer - Unknown owner - C:\Tally631\spnsrvnt.exe (file missing)

sir plz reply
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #2 (permalink)  
Old 16-07-2005, 09:35 PM
HJThis's Avatar
Senior Member
Loyal Contributor
  
Join Date: Aug 2004
Posts: 2,233
HJThis Helps others at D-A-LHJThis Helps others at D-A-L
Send a message via MSN to HJThis
Wink Re: tell wat to do hijacklog
Hello,vicky_4949 & Welcome

Press control-alt-delete to get into the task manager and end the follow processes if they exist:
srv32.exe
mouse.exe
istsvc.exe
rsrbkkk.exe
optimize.exe
bargains.exe
powerscan.exe
mssetup32.exe

If you get an error when deleting a file. Right click on the file and check to see if the read only attribute is checked. if it is uncheck it and try again.

Uninstall the following via the Add/Remove Panel (Start->(Settings)->Control Panel->Add/Remove Programs) if they exist:
IST Service
Internet Optimizer
BullsEye Network
Power Scan
SideFind

Check the following items in HijackThis.
Close all windows except HijackThis and click Fix checked:

R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)

O2 - BHO: BHObj Class - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - D:\WINDOWS\nem220.dll
O2 - BHO: BAHelper Class - {A3FDD654-A057-4971-9844-4ED8E67DBBB8} - D:\Program Files\SideFind\sfbho.dll
O2 - BHO: ADP UrlCatcher Class - {F4E04583-354E-4076-BE7D-ED6A80FD66DA} - D:\WINDOWS\System32\msbe.dll
O3 - Toolbar: ISTbar - {FAA356E4-D317-42a6-AB41-A3021C6E7D52} - D:\Program Files\ISTbar\istbarcm.dll

O4 - HKLM\..\Run: [mouse] mouse.exe
O4 - HKLM\..\Run: [IST Service] D:\Program Files\ISTsvc\istsvc.exe
O4 - HKLM\..\Run: [tQIdT0f8] D:\WINDOWS\rsrbkkk.exe
O4 - HKLM\..\Run: [Internet Optimizer] "D:\Program Files\Internet Optimizer\optimize.exe"
O4 - HKLM\..\Run: [BullsEye Network] D:\Program Files\BullsEye Network\bin\bargains.exe
O4 - HKLM\..\Run: [Power Scan] D:\Program Files\Power Scan\powerscan.exe
O4 - HKLM\..\Run: [Microsoft Update 32] mssetup32.exe
O4 - HKLM\..\RunServices: [mouse] mouse.exe
O4 - HKLM\..\RunServices: [Microsoft Update 32] mssetup32.exe

O9 - Extra button: SideFind - {10E42047-DEB9-4535-A118-B3F6EC39B807} - D:\Program Files\SideFind\sidefind.dll

O15 - Trusted Zone: http://ny.contentmatch.net (HKLM)

O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} (Installer Class) - http://www.ysbweb.com/ist/softwares/v4.0/ysb_cracks.cab
O16 - DPF: {7C559105-9ECF-42B8-B3F7-832E75EDD959} (Installer Class) - http://www.xxxtoolbar.com/ist/softwa...06_regular.cab
O16 - DPF: {CDCBE0F1-D13A-4F86-A963-3A272D3ABA7E} (VacPro.internazionale_ver15) - http://advnt01.com/dialer/internazionale_ver15.CAB

O23 - Service: Srv32 - Unknown owner - D:\WINDOWS\system32\srv32.exe

Make sure you can view hidden and system files: Instructions here

Then Boot to safe mode: Instructions here

Delete the following files\folders IF still present:
D:\WINDOWS\nem220.dll<--This file
D:\Program Files\SideFind\<--This folder
D:\WINDOWS\System32\msbe.dll<--This file
D:\Program Files\ISTbar\<--This folder
D:\Program Files\ISTsvc\<--This folder
D:\Program Files\Internet Optimizer\<--This folder
D:\Program Files\BullsEye Network\<--This folder
D:\Program Files\Power Scan\<--This folder
D:\WINDOWS\system32\srv32.exe<--This file

Still in Safe Mode do a file Search for these here if found delete them
mouse.exe
mssetup32.exe

Then do a reboot till us how it is & show new logfile.

HGD
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
Reply

« Previous Thread | Next Thread »

Thread Tools

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Plz check this hijacklog thanks norman Spyware, Adware, Viruses and HijackThis Logs 13 01-09-2008 02:14 PM
Can look at my HiJackLog scared46 Spyware, Adware, Viruses and HijackThis Logs 15 26-09-2005 07:43 PM
help here's my copy of hijacklog 4evafresh Spyware, Adware, Viruses and HijackThis Logs 1 14-06-2005 10:30 PM
Need help Owen, Norton's found some spyware and here is my HiJacklog scared46 Spyware, Adware, Viruses and HijackThis Logs 2 17-03-2005 08:31 PM
I think I have a virus can you look at my hijacklog bigsal2786 Spyware, Adware, Viruses and HijackThis Logs 3 23-09-2004 09:09 AM


All times are GMT +1. The time now is 04:38 PM.
Member Login
Remember me ?
Forgot password?
Ads

Want to Advertise? Click Here
Help Categories
Desktop / Server Apps
Drivers
Firewalls and Networks
Games
General Internet Issues
Hardware
Linux
MAC OS
Modding / Overclocking
Search Engines
Spyware and Security
Web Development
Windows 2000
Windows 7
Windows 98
Windows ME
Windows Vista
Windows XP

Computer Repair Companies
Bottom Corner Bottom Nav