1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Hijackthis log...something really wrong

Discussion in 'Web & Email' started by jdr18, Sep 14, 2003.

Thread Status:
Not open for further replies.
Advertisement
  1. jdr18

    jdr18 Thread Starter

    Joined:
    Sep 1, 2003
    Messages:
    108
    Hey topbanana, you helped me with the cwsearch problem, wondering if you could give me a hand again. Went to a website friend told me about. "everwars" I think it was. Now my homepage/search is completely haywire. Here's the log,

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.passthison.com/r4/?vu083003
    O1 - Hosts: 127.127.127.127 elite
    O1 - Hosts: 64.191.95.139 www.google.com
    O1 - Hosts: 64.191.95.139 google.com
    O1 - Hosts: 64.191.95.139 www.altavista.com
    O1 - Hosts: 64.191.95.139 altavista.com
    O1 - Hosts: 64.191.95.139 search.yahoo.com
    O1 - Hosts: 64.191.95.139 uk.search.yahoo.com
    O1 - Hosts: 64.191.95.139 ca.search.yahoo.com
    O1 - Hosts: 64.191.95.139 jp.search.yahoo.com
    O1 - Hosts: 64.191.95.139 au.search.yahoo.com
    O1 - Hosts: 64.191.95.139 de.search.yahoo.com
    O1 - Hosts: 64.191.95.139 search.yahoo.co.jp
    O1 - Hosts: 64.191.95.139 www.lycos.de
    O1 - Hosts: 64.191.95.139 www.lycos.ca
    O1 - Hosts: 64.191.95.139 www.lycos.jp
    O1 - Hosts: 64.191.95.139 www.lycos.co.jp
    O1 - Hosts: 64.191.95.139 alltheweb.com
    O1 - Hosts: 64.191.95.139 web.ask.com
    O1 - Hosts: 64.191.95.139 ask.com
    O1 - Hosts: 64.191.95.139 www.ask.com
    O1 - Hosts: 64.191.95.139 www.teoma.com
    O1 - Hosts: 64.191.95.139 search.aol.com
    O1 - Hosts: 64.191.95.139 www.looksmart.com
    O1 - Hosts: 64.191.95.139 search.msn.com
    O1 - Hosts: 64.191.95.139 ca.search.msn.com
    O1 - Hosts: 64.191.95.139 fr.ca.search.msn.com
    O1 - Hosts: 64.191.95.139 search.fr.msn.be
    O1 - Hosts: 64.191.95.139 search.fr.msn.ch
    O1 - Hosts: 64.191.95.139 search.latam.yupimsn.com
    O1 - Hosts: 64.191.95.139 search.msn.at
    O1 - Hosts: 64.191.95.139 search.msn.be
    O1 - Hosts: 64.191.95.139 search.msn.ch
    O1 - Hosts: 64.191.95.139 search.msn.co.in
    O1 - Hosts: 64.191.95.139 search.msn.co.jp
    O1 - Hosts: 64.191.95.139 search.msn.co.kr
    O1 - Hosts: 64.191.95.139 search.msn.com.br
    O1 - Hosts: 64.191.95.139 search.msn.com.hk
    O1 - Hosts: 64.191.95.139 search.msn.com.my
    O1 - Hosts: 64.191.95.139 search.msn.com.sg
    O1 - Hosts: 64.191.95.139 search.msn.com.tw
    O1 - Hosts: 64.191.95.139 search.msn.co.za
    O1 - Hosts: 64.191.95.139 search.msn.de
    O1 - Hosts: 64.191.95.139 search.msn.dk
    O1 - Hosts: 64.191.95.139 search.msn.es
    O1 - Hosts: 64.191.95.139 search.msn.fi
    O1 - Hosts: 64.191.95.139 search.msn.fr
    O1 - Hosts: 64.191.95.139 search.msn.it
    O1 - Hosts: 64.191.95.139 search.msn.nl
    O1 - Hosts: 64.191.95.139 search.msn.no
    O1 - Hosts: 64.191.95.139 search.msn.se
    O1 - Hosts: 64.191.95.139 search.ninemsn.com.au
    O1 - Hosts: 64.191.95.139 search.t1msn.com.mx
    O1 - Hosts: 64.191.95.139 search.xtramsn.co.nz
    O1 - Hosts: 64.191.95.139 search.yupimsn.com
    O1 - Hosts: 64.191.95.139 uk.search.msn.com
    O1 - Hosts: 64.191.95.139 search.lycos.com
    O1 - Hosts: 64.191.95.139 www.lycos.com
    O1 - Hosts: 64.191.95.139 www.google.ca
    O1 - Hosts: 64.191.95.139 google.ca
    O1 - Hosts: 64.191.95.139 www.google.uk
    O1 - Hosts: 64.191.95.139 www.google.co.uk
    O1 - Hosts: 64.191.95.139 www.google.com.au
    O1 - Hosts: 64.191.95.139 www.google.co.jp
    O1 - Hosts: 64.191.95.139 www.google.jp
    O1 - Hosts: 64.191.95.139 www.google.at
    O1 - Hosts: 64.191.95.139 www.google.be
    O1 - Hosts: 64.191.95.139 www.google.ch
    O1 - Hosts: 64.191.95.139 www.google.de
    O1 - Hosts: 64.191.95.139 www.google.dk
    O1 - Hosts: 64.191.95.139 www.google.fi
    O1 - Hosts: 64.191.95.139 www.google.fr
    O1 - Hosts: 64.191.95.139 www.google.com.gr
    O1 - Hosts: 64.191.95.139 www.google.com.hk
    O1 - Hosts: 64.191.95.139 www.google.ie
    O1 - Hosts: 64.191.95.139 www.google.co.il
    O1 - Hosts: 64.191.95.139 www.google.it
    O1 - Hosts: 64.191.95.139 www.google.co.kr
    O1 - Hosts: 64.191.95.139 www.google.com.mx
    O1 - Hosts: 64.191.95.139 www.google.nl
    O1 - Hosts: 64.191.95.139 www.google.co.nz
    O1 - Hosts: 64.191.95.139 www.google.pl
    O1 - Hosts: 64.191.95.139 www.google.pt
    O1 - Hosts: 64.191.95.139 www.google.com.ru
    O1 - Hosts: 64.191.95.139 www.google.com.sg
    O1 - Hosts: 64.191.95.139 www.google.co.th
    O1 - Hosts: 64.191.95.139 www.google.com.tr
    O1 - Hosts: 64.191.95.139 www.google.com.tw
    O1 - Hosts: 64.191.95.139 google.at
    O1 - Hosts: 64.191.95.139 google.be
    O1 - Hosts: 64.191.95.139 google.de
    O1 - Hosts: 64.191.95.139 google.dk
    O1 - Hosts: 64.191.95.139 google.fi
    O1 - Hosts: 64.191.95.139 google.fr
    O1 - Hosts: 64.191.95.139 google.com.hk
    O1 - Hosts: 64.191.95.139 google.ie
    O1 - Hosts: 64.191.95.139 google.co.il
    O1 - Hosts: 64.191.95.139 google.it
    O1 - Hosts: 64.191.95.139 google.co.kr
    O1 - Hosts: 64.191.95.139 google.com.mx
    O1 - Hosts: 64.191.95.139 google.nl
    O1 - Hosts: 64.191.95.139 google.co.nz
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
    O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
    O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\Run: [AudioHQ] C:\Program Files\Creative\SBLive\AudioHQ\AHQTB.EXE
    O4 - HKLM\..\Run: [TCASUTIEXE] TCAUDIAG -off
    O4 - HKLM\..\Run: [POINTER] point32.exe
    O4 - HKLM\..\Run: [Norton Auto-Protect] C:\PROGRA~1\NORTON~1\NAVAPW32.EXE /LOADQUIET
    O4 - HKLM\..\Run: [Norton eMail Protect] C:\PROGRAM FILES\NORTON ANTIVIRUS\POProxy.exe
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\SYSTEM\hpztsb04.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
    O4 - HKLM\..\Run: [CreateCD50] "c:\Program Files\Common Files\Adaptec Shared\CreateCD\CreateCD50.exe" -r
    O4 - HKLM\..\Run: [AdaptecDirectCD] "c:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
    O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
    O4 - Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
    O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
    O4 - Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Startup: Camio Viewer.lnk = C:\Program Files\Sierra Imaging\Image Expert\IXApplet.exe
    O9 - Extra button: Related (HKLM)
    O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
    O9 - Extra button: AIM (HKLM)
    O9 - Extra button: Dell Home (HKCU)
    O16 - DPF: {02466323-75ED-11CF-A267-0020AF2546EA} (VivoActive Control) - http://vivo.real.com/dldv2/vvweb.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield Setup Player) - http://www.installengine.com/engine/isetup.cab
    O16 - DPF: {9DBAFCCF-592F-FFFF-FFFF-00608CEC297C} - http://download.weatherbug.com/minibug/tricklers/AWS/minibuginstaller.cab
    O16 - DPF: {68BCE50A-DC9B-4519-A118-6FDA19DB450D} (Info Class) - http://www.blizzard.com/register/war3beta/si.cab
    O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    O16 - DPF: {28F00B0F-DC4E-11D3-ABEC-005004A44EEB} (Register Class) - http://content.hiwirenetworks.net/inbrowser/cabfiles/2.5.30/Hiwire.cab
    O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52...le.com/samantha/us/win/QuickTimeInstaller.exe
    O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?37864.3409490741
    O16 - DPF: {A7798D6C-C6B5-4F26-9363-F7CDBBFFA607} (download Class) - http://www.gigex.com/ActiveX/vxpspeeddelivery.dll
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
    O16 - DPF: {B8E71371-F7F7-11D2-A2CE-0060B0FB9D0D} (CDToolCtrl Class) - http://free.aol.com/tryaolfree/cdt175/aolcdt175.cab


    P.S. a warning box also popped up telling me about the extreme number of things detected.

    Thanks again...need to fix this fast for school.
     
  2. Top Banana

    Top Banana

    Joined:
    Nov 10, 2002
    Messages:
    1,344
    Fix with HijackThis:

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.passthison.com/r4/?vu083003
    O1 - Hosts: 127.127.127.127 elite
    O1 - Hosts: 64.191.95.139 www.google.com
    O1 - Hosts: 64.191.95.139 google.com
    O1 - Hosts: 64.191.95.139 www.altavista.com
    O1 - Hosts: 64.191.95.139 altavista.com
    O1 - Hosts: 64.191.95.139 search.yahoo.com
    O1 - Hosts: 64.191.95.139 uk.search.yahoo.com
    O1 - Hosts: 64.191.95.139 ca.search.yahoo.com
    O1 - Hosts: 64.191.95.139 jp.search.yahoo.com
    O1 - Hosts: 64.191.95.139 au.search.yahoo.com
    O1 - Hosts: 64.191.95.139 de.search.yahoo.com
    O1 - Hosts: 64.191.95.139 search.yahoo.co.jp
    O1 - Hosts: 64.191.95.139 www.lycos.de
    O1 - Hosts: 64.191.95.139 www.lycos.ca
    O1 - Hosts: 64.191.95.139 www.lycos.jp
    O1 - Hosts: 64.191.95.139 www.lycos.co.jp
    O1 - Hosts: 64.191.95.139 alltheweb.com
    O1 - Hosts: 64.191.95.139 web.ask.com
    O1 - Hosts: 64.191.95.139 ask.com
    O1 - Hosts: 64.191.95.139 www.ask.com
    O1 - Hosts: 64.191.95.139 www.teoma.com
    O1 - Hosts: 64.191.95.139 search.aol.com
    O1 - Hosts: 64.191.95.139 www.looksmart.com
    O1 - Hosts: 64.191.95.139 search.msn.com
    O1 - Hosts: 64.191.95.139 ca.search.msn.com
    O1 - Hosts: 64.191.95.139 fr.ca.search.msn.com
    O1 - Hosts: 64.191.95.139 search.fr.msn.be
    O1 - Hosts: 64.191.95.139 search.fr.msn.ch
    O1 - Hosts: 64.191.95.139 search.latam.yupimsn.com
    O1 - Hosts: 64.191.95.139 search.msn.at
    O1 - Hosts: 64.191.95.139 search.msn.be
    O1 - Hosts: 64.191.95.139 search.msn.ch
    O1 - Hosts: 64.191.95.139 search.msn.co.in
    O1 - Hosts: 64.191.95.139 search.msn.co.jp
    O1 - Hosts: 64.191.95.139 search.msn.co.kr
    O1 - Hosts: 64.191.95.139 search.msn.com.br
    O1 - Hosts: 64.191.95.139 search.msn.com.hk
    O1 - Hosts: 64.191.95.139 search.msn.com.my
    O1 - Hosts: 64.191.95.139 search.msn.com.sg
    O1 - Hosts: 64.191.95.139 search.msn.com.tw
    O1 - Hosts: 64.191.95.139 search.msn.co.za
    O1 - Hosts: 64.191.95.139 search.msn.de
    O1 - Hosts: 64.191.95.139 search.msn.dk
    O1 - Hosts: 64.191.95.139 search.msn.es
    O1 - Hosts: 64.191.95.139 search.msn.fi
    O1 - Hosts: 64.191.95.139 search.msn.fr
    O1 - Hosts: 64.191.95.139 search.msn.it
    O1 - Hosts: 64.191.95.139 search.msn.nl
    O1 - Hosts: 64.191.95.139 search.msn.no
    O1 - Hosts: 64.191.95.139 search.msn.se
    O1 - Hosts: 64.191.95.139 search.ninemsn.com.au
    O1 - Hosts: 64.191.95.139 search.t1msn.com.mx
    O1 - Hosts: 64.191.95.139 search.xtramsn.co.nz
    O1 - Hosts: 64.191.95.139 search.yupimsn.com
    O1 - Hosts: 64.191.95.139 uk.search.msn.com
    O1 - Hosts: 64.191.95.139 search.lycos.com
    O1 - Hosts: 64.191.95.139 www.lycos.com
    O1 - Hosts: 64.191.95.139 www.google.ca
    O1 - Hosts: 64.191.95.139 google.ca
    O1 - Hosts: 64.191.95.139 www.google.uk
    O1 - Hosts: 64.191.95.139 www.google.co.uk
    O1 - Hosts: 64.191.95.139 www.google.com.au
    O1 - Hosts: 64.191.95.139 www.google.co.jp
    O1 - Hosts: 64.191.95.139 www.google.jp
    O1 - Hosts: 64.191.95.139 www.google.at
    O1 - Hosts: 64.191.95.139 www.google.be
    O1 - Hosts: 64.191.95.139 www.google.ch
    O1 - Hosts: 64.191.95.139 www.google.de
    O1 - Hosts: 64.191.95.139 www.google.dk
    O1 - Hosts: 64.191.95.139 www.google.fi
    O1 - Hosts: 64.191.95.139 www.google.fr
    O1 - Hosts: 64.191.95.139 www.google.com.gr
    O1 - Hosts: 64.191.95.139 www.google.com.hk
    O1 - Hosts: 64.191.95.139 www.google.ie
    O1 - Hosts: 64.191.95.139 www.google.co.il
    O1 - Hosts: 64.191.95.139 www.google.it
    O1 - Hosts: 64.191.95.139 www.google.co.kr
    O1 - Hosts: 64.191.95.139 www.google.com.mx
    O1 - Hosts: 64.191.95.139 www.google.nl
    O1 - Hosts: 64.191.95.139 www.google.co.nz
    O1 - Hosts: 64.191.95.139 www.google.pl
    O1 - Hosts: 64.191.95.139 www.google.pt
    O1 - Hosts: 64.191.95.139 www.google.com.ru
    O1 - Hosts: 64.191.95.139 www.google.com.sg
    O1 - Hosts: 64.191.95.139 www.google.co.th
    O1 - Hosts: 64.191.95.139 www.google.com.tr
    O1 - Hosts: 64.191.95.139 www.google.com.tw
    O1 - Hosts: 64.191.95.139 google.at
    O1 - Hosts: 64.191.95.139 google.be
    O1 - Hosts: 64.191.95.139 google.de
    O1 - Hosts: 64.191.95.139 google.dk
    O1 - Hosts: 64.191.95.139 google.fi
    O1 - Hosts: 64.191.95.139 google.fr
    O1 - Hosts: 64.191.95.139 google.com.hk
    O1 - Hosts: 64.191.95.139 google.ie
    O1 - Hosts: 64.191.95.139 google.co.il
    O1 - Hosts: 64.191.95.139 google.it
    O1 - Hosts: 64.191.95.139 google.co.kr
    O1 - Hosts: 64.191.95.139 google.com.mx
    O1 - Hosts: 64.191.95.139 google.nl
    O1 - Hosts: 64.191.95.139 google.co.nz
     
  3. jdr18

    jdr18 Thread Starter

    Joined:
    Sep 1, 2003
    Messages:
    108
    That it topbanana?

    Seems ok now.
     
  4. Top Banana

    Top Banana

    Joined:
    Nov 10, 2002
    Messages:
    1,344
    Following the advice given here would be worthwhile.
     
  5. jdr18

    jdr18 Thread Starter

    Joined:
    Sep 1, 2003
    Messages:
    108
    Indeed it has been Topbanana. Thanks for the help. Tonight i begin the process of downloading windows updates/spyware protection. Hopefully I'll never need your help again. Thanks for saving my computer twice now though. :)
     
  6. Top Banana

    Top Banana

    Joined:
    Nov 10, 2002
    Messages:
    1,344
    No problem jdr18. :)
     
  7. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/164888

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice