1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Solved: This might be the worst i have seen

Discussion in 'Virus & Other Malware Removal' started by mmbc_voltron, Oct 7, 2006.

Thread Status:
Not open for further replies.
Advertisement
  1. mmbc_voltron

    mmbc_voltron Thread Starter

    Joined:
    Jul 13, 2004
    Messages:
    421
    I can't even boot in normal mode.
    I will be doing everything in Safe mode

    I just turned off restore
    and running a Panda scan
    Next i will take care of Newdot.net but what file to i fix?
    What are the next tools i should run?




    Logfile of HijackThis v1.99.1
    Scan saved at 12:52:48 PM, on 10/7/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Documents and Settings\Owner\Desktop\CD\hijackthis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://tooncomics.com/main/sp.php
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qus7.hpwis.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-qus7.hpwis.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.2020search.com/search/9884/search.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.shopnav.com/apps/epa/epa?cid=shnv9884&s=
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.att.net/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.att.net
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cus.../*http://www.yahoo.com/ext/search/search.html
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.shopnav.com/apps/epa/epa?cid=shnv9884&s=
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://red.clientapps.yahoo.com/customize/ie/defaults/stp/ymsgr*http://my.yahoo.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://as.starware.com/dp/search?x=...H+Wpjpu/0kzaCKvJ4ouNb+Az5HLqbyFWjGSP4vvKryk0M
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.worldnet/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = http://www.fastwebfinder.com/hp.php
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by AT&T WorldNet Service
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\i28pcco0.slt\prefs.js)
    O2 - BHO: (no name) - SOFTWARE - (no file)
    O2 - BHO: (no name) - {00000000-0000-451E-8ADE-409DD4B9ED18} - C:\Program Files\6uzlwxyp\6uzlwxyp.dll (file missing)
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: CSMHelperObj Class - {0F660F64-F4C9-477F-8529-44181B717472} - C:\Program Files\AT&T\WnClient\Programs\CSMBHO.dll
    O2 - BHO: (no name) - {10DDB7C9-7D2A-47FA-9A25-E83E7B80C58F} - C:\Program Files\CSBB\CSBB.dll (file missing)
    O2 - BHO: SNHlprObj Class - {14b3d246-6274-40b5-8d50-6c2ade2ab29b} - C:\Program Files\Srng\SNHelper.dll
    O2 - BHO: (no name) - {18AFE2E9-4F4E-4211-ABB6-E6B78662C315} - C:\Program Files\CSBB\CSBB.dll (file missing)
    O2 - BHO: DNSErr object - {1E1B2879-88FF-11D2-8D96-D7ACAC95951F} - C:\WINDOWS\DNSErr.dll (file missing)
    O2 - BHO: (no name) - {20782702-08B7-48B2-A031-E15266145D99} - C:\Program Files\CSBB\CSBB.dll (file missing)
    O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
    O2 - BHO: (no name) - {34D0FBF0-90FA-4676-A649-EE98EC0F08F0} - C:\Program Files\CSBB\CSBB.dll (file missing)
    O2 - BHO: (no name) - {45A4902E-4479-4EAE-A186-8D0F7E4C78DE} - C:\Program Files\Starware316\bin\Starware316.dll
    O2 - BHO: URLLink - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet7_22.dll
    O2 - BHO: (no name) - {50A21896-C342-4C5A-BE50-BFA43C0133CE} - C:\Program Files\CSBB\CSBB.dll (file missing)
    O2 - BHO: (no name) - {9F4B36CD-FE24-43C9-B452-38FD4ECE30E1} - C:\Program Files\CSBB\CSBB.dll (file missing)
    O2 - BHO: (no name) - {9F8B34AD-6A85-4D05-A646-14E0C7B0AB35} - C:\Program Files\CSBB\CSBB.dll (file missing)
    O2 - BHO: (no name) - {B9F5581C-5FBE-46B0-9A47-0DC94FC49051} - C:\Program Files\CSBB\CSBB.dll (file missing)
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O2 - BHO: (no name) - {C83F72EF-5FC2-40DA-86D2-50695885F3F6} - C:\Program Files\CSBB\CSBB.dll (file missing)
    O2 - BHO: (no name) - {E4BE31E9-87E9-4553-8595-48718A4CA823} - C:\Program Files\CSBB\CSBB.dll (file missing)
    O2 - BHO: (no name) - {E5F3D99F-9DC0-4179-8583-7C0FB3EA383C} - C:\Program Files\CSBB\CSBB.dll (file missing)
    O2 - BHO: (no name) - {F2CE164C-FCC2-43B2-9096-CD53C576E372} - C:\Program Files\CSBB\CSBB.dll (file missing)
    O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
    O3 - Toolbar: 2020 Search - {4E1075F4-EEC4-4a86-ADD7-CD5F52858C31} - C:\WINDOWS\2020SE~1.DLL (file missing)
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Starware316 - {9FB3908C-6565-4CB0-95F8-E9F85258723C} - C:\Program Files\Starware316\bin\Starware316.dll
    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded
    O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [Power Scan] C:\Program Files\Power Scan\powerscan.exe
    O4 - HKLM\..\Run: [Srng] \Program Files\Srng\Srng.exe
    O4 - HKLM\..\Run: [S3TRAY2] S3tray2.exe
    O4 - HKLM\..\Run: [TV Media] C:\Program Files\TV Media\Tvm.exe
    O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
    O4 - HKLM\..\Run: [QuickFinder Scheduler] "C:\Program Files\Corel\WordPerfect Office 2002\Programs\QFSCHD100.EXE"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [6uzlwxyp] C:\Program Files\6uzlwxyp\6uzlwxyp.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s
    O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
    O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [Reminder] C:\Program Files\Microsoft Money\System\System\reminder.exe
    O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
    O4 - HKCU\..\Run: [TV Media] C:\Program Files\TV Media\Tvm.exe
    O4 - HKCU\..\Run: [kkim] C:\PROGRA~1\COMMON~1\kkim\kkimm.exe
    O4 - HKCU\..\Run: [WinFixer2005] "C:\Program Files\WinFixer_2005\UWFX5.exe" /scan
    O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
    O4 - Startup: PowerReg Scheduler V3.exe
    O4 - Startup: PowerReg Scheduler.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
    O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
    O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
    O8 - Extra context menu item: &RSDN Search - res://C:\WINDOWS\2020SE~1.DLL/GoRSDN.dll.htm
    O9 - Extra button: Sidesearch - {000007C6-17DF-4438-92A4-DE5537471BA3} - C:\Program Files\Lycos\Sidesearch\sidesearch1211.dll (file missing)
    O9 - Extra button: AnyWho - {0264505A-6793-44E0-AC75-9DCE3B13185C} - C:\Program Files\AT&T\WnClient\Programs\AnyWho.exe
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
    O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Hijacked Internet access by New.Net
    O10 - Hijacked Internet access by New.Net
    O10 - Hijacked Internet access by New.Net
    O10 - Hijacked Internet access by New.Net
    O10 - Hijacked Internet access by New.Net
    O14 - IERESET.INF: START_PAGE_URL=http://www.att.net
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1156825129671
    O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yse/ymmapi_416.dll
    O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.leaguelineup.com/XUpload.ocx
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
    O23 - Service: .NET Framework Service (.NET Connection Service) - Unknown owner - C:\WINDOWS\svchost.exe
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: FreezeScreenSaver - Unknown owner - C:\WINDOWS\system32\FreezeScreenSaver.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: Content Monitoring Tool (msCMTSrvc) - Unknown owner - C:\WINDOWS\system32\msCMTSrvc.exe (file missing)
    O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
    O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
    O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
     
  2. Flrman1

    Flrman1

    Joined:
    Jul 26, 2002
    Messages:
    46,329
    * First Click here to download LspFix

    You may not need it, but go ahead and download it just in case.

    Go to Add/Remove programs and uninstall New.Net (NewDotNet). If it will not uninstall do this:

    Now go here and scroll to the bottom of the page to Precedure 4 and download and run the New.Net uninstaller.

    If you lose your internet connection after running the New.Net uninstaller, Run LspFix, and click Finish. (Don't do anything else)

    That should restore the internet connection.


    * Download the free version of AVG Anti-Spyware 7.5 here.
    • Click on the "Download Now" button and save the setup file to your desktop.
    • Doubleclick on the avgas-setup file to begin the installation.
    • When the installation is complete, open AVG Anti-Spyware and update the definition files.
    • On the main screen click on the "Update now" link and the update should begin immediately.
      • If the update does not begin, select the "Start Update" button, the update will start and a progress bar will show the updates being installed.
    • When the update has completed select the "Scanner" icon at the top of the screen, then select the "Settings" tab.
    • Once in the Settings screen click on "Recommended actions" and then select "Quarantine".
    • Under "Reports"
      • Select "Automatically generate report after every scan"
      • Un-Select "Only if threats were found"
    • If you cannot download the updates, update manuallly according to the directions here.
    • If you do the manual update, look under "Full database" and click the "Download now" button.
    • DO NOT run a scan yet. You will do that later in safe mode.

    * Click here for info on how to boot to safe mode if you don't already know how.


    * Now copy these instructions to notepad and save them to your desktop. You will need them to refer to in safe mode.


    * Restart your computer into safe mode now. Perform the following steps in safe mode:


    * Run AVG Anti-Spyware:
    • Launch AVG Anti-Spyware by double-clicking the icon on your desktop.
    • Select the "Scanner" icon at the top and then the "Scan" tab then click on "Complete System Scan".
    • It will then begin the scanning process, be patient it may take a while for the scan to complete.
    • When the scan is complete, you must select an action.
    • Select "Apply all actions"
    • Next select the "Reports" icon at the top.
    • Select the "Save report as" button in the lower left hand of the screen
    • Save the report as a text file and save it to your desktop.
    • Close AVG Anti-Spyware.

    * Restart back into Windows normally now.


    * Come back here and post a new HijackThis log, as well as the log from the AVG Anti-Spyware scan.
     
  3. Flrman1

    Flrman1

    Joined:
    Jul 26, 2002
    Messages:
    46,329
    * Also open Hijack This and click on the "Open the Misc Tools section" button. Click on the "Open Uninstall Manager" button. Click the "Save List" button. Copy and paste that list here.
     
  4. mmbc_voltron

    mmbc_voltron Thread Starter

    Joined:
    Jul 13, 2004
    Messages:
    421
    ---------------------------------------------------------
    AVG Anti-Spyware - Scan Report
    ---------------------------------------------------------

    + Created at: 4:36:04 PM 10/7/2006

    + Scan result:



    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\2020Search2020Search -> Adware.2020Search : Ignored.
    HKU\S-1-5-21-2516161889-3725554718-1933066400-1003\Software\2020Search -> Adware.2020Search : Ignored.
    HKU\S-1-5-21-2516161889-3725554718-1933066400-1003\Software\2020Search\2020Search -> Adware.2020Search : Ignored.
    HKU\S-1-5-21-2516161889-3725554718-1933066400-1003\Software\2020Search\2020Search\Historyfiles -> Adware.2020Search : Ignored.
    HKU\S-1-5-21-2516161889-3725554718-1933066400-1003\Software\2020Search\2020Search\Historys1 -> Adware.2020Search : Ignored.
    HKU\S-1-5-21-2516161889-3725554718-1933066400-1003\Software\2020Search\popupmanager -> Adware.2020Search : Ignored.
    C:\Program Files\Bargain Buddy\bin2\bargains.exe -> Adware.BargainBuddy : Ignored.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TV Media -> Adware.BroadCastPC : Ignored.
    C:\Program Files\6uzlwxyp\bhm9pm13.DLL -> Adware.ClearSearch : Ignored.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpiderSidebar -> Adware.ClearSearch : Ignored.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\UrlSidebar -> Adware.ClearSearch : Ignored.
    C:\Program Files\Starware316\bin\Starware316.dll -> Adware.Comet : Ignored.
    C:\Program Files\ISTbar -> Adware.ISTBar : Ignored.
    HKLM\SOFTWARE\Classes\GoRSDN.ContextItem -> Adware.ISTBar : Ignored.
    HKLM\SOFTWARE\Classes\GoRSDN.ContextItem.1 -> Adware.ISTBar : Ignored.
    HKLM\SOFTWARE\Classes\GoRSDN.ContextItem\CLSID -> Adware.ISTBar : Ignored.
    HKLM\SOFTWARE\Classes\GoRSDN.ContextItem\CurVer -> Adware.ISTBar : Ignored.
    HKLM\SOFTWARE\Classes\Pugi.PugiObj -> Adware.ISTBar : Ignored.
    HKLM\SOFTWARE\Classes\Pugi.PugiObj.1 -> Adware.ISTBar : Ignored.
    HKLM\SOFTWARE\Classes\Pugi.PugiObj\CLSID -> Adware.ISTBar : Ignored.
    HKLM\SOFTWARE\Classes\Pugi.PugiObj\CurVer -> Adware.ISTBar : Ignored.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ISTbarISTbar -> Adware.ISTBar : Ignored.
    HKU\S-1-5-21-2516161889-3725554718-1933066400-1003\Software\IST -> Adware.ISTBar : Ignored.
    HKU\S-1-5-21-2516161889-3725554718-1933066400-1003\Software\ISTbar -> Adware.ISTBar : Ignored.
    C:\Documents and Settings\Owner\Desktop\CD\NNuninstall.exe -> Adware.NewDotNet : Ignored.
    C:\Program Files\NewDotNet -> Adware.NewDotNet : Ignored.
    C:\Program Files\NewDotNet\newdotnet7_22.dll -> Adware.NewDotNet : Ignored.
    C:\WINDOWS\NDNuninstall6_90.exe -> Adware.NewDotNet : Ignored.
    C:\WINDOWS\NDNuninstall6_98.exe -> Adware.NewDotNet : Ignored.
    C:\WINDOWS\NDNuninstall7_14.exe -> Adware.NewDotNet : Ignored.
    C:\WINDOWS\NDNuninstall7_22.exe -> Adware.NewDotNet : Ignored.
    HKU\.DEFAULT\Software\New.net -> Adware.NewDotNet : Ignored.
    HKU\S-1-5-18\Software\New.net -> Adware.NewDotNet : Ignored.
    HKU\S-1-5-21-2516161889-3725554718-1933066400-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} -> Adware.NewDotNet : Ignored.
    HKU\S-1-5-21-2516161889-3725554718-1933066400-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} -> Adware.NewDotNet : Ignored.
    [1532] C:\Program Files\NewDotNet\newdotnet7_22.dll -> Adware.NewDotNet : Ignored.
    [720] C:\Program Files\NewDotNet\newdotnet7_22.dll -> Adware.NewDotNet : Ignored.
    [796] C:\Program Files\NewDotNet\newdotnet7_22.dll -> Adware.NewDotNet : Ignored.
    [812] C:\Program Files\NewDotNet\newdotnet7_22.dll -> Adware.NewDotNet : Ignored.
    [864] C:\Program Files\NewDotNet\newdotnet7_22.dll -> Adware.NewDotNet : Ignored.
    C:\Program Files\Power Scan -> Adware.PowerScan : Ignored.
    HKU\S-1-5-21-2516161889-3725554718-1933066400-1003\Software\PowerScan -> Adware.PowerScan : Ignored.
    HKLM\SOFTWARE\Classes\TypeLib\{CE7C3CE2-4B15-11D1-ABED-709549C10000} -> Adware.RegiFast : Ignored.
    HKLM\SOFTWARE\Classes\WUSN.1 -> Adware.SaveNow : Ignored.
    C:\Program Files\Srng\SNHelper.dll -> Adware.ShopNav : Ignored.
    C:\Program Files\Srng\SrngUtil.exe -> Adware.ShopNav : Ignored.
    C:\WINDOWS\svchost.exe -> Adware.ShopNav : Ignored.
    C:\Program Files\Common Files\kkim\kkimd\kkimc.dll -> Adware.TargetServer : Ignored.
    C:\Program Files\TV Media\Tvm.exe -> Adware.TotalVelocity : Ignored.
    C:\Program Files\Common Files\WinSoftware\FCrXML.dll -> Adware.Winfixer : Ignored.
    HKLM\SOFTWARE\Classes\SNHlprObj.SNHlprObj -> Hijacker.ShopNav : Ignored.
    HKLM\SOFTWARE\Classes\SNHlprObj.SNHlprObj.1 -> Hijacker.ShopNav : Ignored.
    HKLM\SOFTWARE\Classes\SNHlprObj.SNHlprObj\CurVer -> Hijacker.ShopNav : Ignored.
    HKU\S-1-5-21-2516161889-3725554718-1933066400-1003\Software\Srng -> Hijacker.ShopNav : Ignored.
    C:\hp\region\EN_US-ie.reg -> Hijacker.StartPage : Ignored.
    :mozilla.13:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\i28pcco0.slt\cookies.txt -> TrackingCookie.2o7 : Ignored.
    C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> TrackingCookie.Advertising : Ignored.
    C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> TrackingCookie.Atdmt : Ignored.
    C:\Documents and Settings\Owner\Cookies\[email protected][1].txt -> TrackingCookie.Doubleclick : Ignored.
    C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> TrackingCookie.Hitbox : Ignored.
    C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> TrackingCookie.Hitbox : Ignored.
    :mozilla.14:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\i28pcco0.slt\cookies.txt -> TrackingCookie.Ru4 : Ignored.
    :mozilla.15:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\i28pcco0.slt\cookies.txt -> TrackingCookie.Ru4 : Ignored.
    :mozilla.10:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\i28pcco0.slt\cookies.txt -> TrackingCookie.Specificclick : Ignored.
    :mozilla.11:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\i28pcco0.slt\cookies.txt -> TrackingCookie.Specificclick : Ignored.
    :mozilla.12:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\i28pcco0.slt\cookies.txt -> TrackingCookie.Specificclick : Ignored.
    :mozilla.8:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\i28pcco0.slt\cookies.txt -> TrackingCookie.Specificclick : Ignored.
    :mozilla.9:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\i28pcco0.slt\cookies.txt -> TrackingCookie.Specificclick : Ignored.
    C:\Documents and Settings\Owner\Cookies\[email protected][1].txt -> TrackingCookie.Statcounter : Ignored.


    ::Report end
     
  5. Flrman1

    Flrman1

    Joined:
    Jul 26, 2002
    Messages:
    46,329
    You need to run AVG antispyware again and follow the directions that I gave you exactly. You didn't have it fix anything it found. Everything it found says "Ignored" like so:

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\2020Search2020Sear ch -> Adware.2020Search : Ignored

    The scan accomplished nothing since you didn't have it fix anything. Please go back and do it again and this time have it quarantine what it finds like my directions say. Save the report again and post it here along with a new HJT log and the Uninstall Manager list.
     
  6. mmbc_voltron

    mmbc_voltron Thread Starter

    Joined:
    Jul 13, 2004
    Messages:
    421
    ---------------------------------------------------------
    AVG Anti-Spyware - Scan Report
    ---------------------------------------------------------

    + Created at: 4:36:04 PM 10/7/2006

    + Scan result:



    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\2020Search2020Search -> Adware.2020Search : Ignored.
    HKU\S-1-5-21-2516161889-3725554718-1933066400-1003\Software\2020Search -> Adware.2020Search : Ignored.
    HKU\S-1-5-21-2516161889-3725554718-1933066400-1003\Software\2020Search\2020Search -> Adware.2020Search : Ignored.
    HKU\S-1-5-21-2516161889-3725554718-1933066400-1003\Software\2020Search\2020Search\Historyfiles -> Adware.2020Search : Ignored.
    HKU\S-1-5-21-2516161889-3725554718-1933066400-1003\Software\2020Search\2020Search\Historys1 -> Adware.2020Search : Ignored.
    HKU\S-1-5-21-2516161889-3725554718-1933066400-1003\Software\2020Search\popupmanager -> Adware.2020Search : Ignored.
    C:\Program Files\Bargain Buddy\bin2\bargains.exe -> Adware.BargainBuddy : Ignored.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TV Media -> Adware.BroadCastPC : Ignored.
    C:\Program Files\6uzlwxyp\bhm9pm13.DLL -> Adware.ClearSearch : Ignored.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpiderSidebar -> Adware.ClearSearch : Ignored.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\UrlSidebar -> Adware.ClearSearch : Ignored.
    C:\Program Files\Starware316\bin\Starware316.dll -> Adware.Comet : Ignored.
    C:\Program Files\ISTbar -> Adware.ISTBar : Ignored.
    HKLM\SOFTWARE\Classes\GoRSDN.ContextItem -> Adware.ISTBar : Ignored.
    HKLM\SOFTWARE\Classes\GoRSDN.ContextItem.1 -> Adware.ISTBar : Ignored.
    HKLM\SOFTWARE\Classes\GoRSDN.ContextItem\CLSID -> Adware.ISTBar : Ignored.
    HKLM\SOFTWARE\Classes\GoRSDN.ContextItem\CurVer -> Adware.ISTBar : Ignored.
    HKLM\SOFTWARE\Classes\Pugi.PugiObj -> Adware.ISTBar : Ignored.
    HKLM\SOFTWARE\Classes\Pugi.PugiObj.1 -> Adware.ISTBar : Ignored.
    HKLM\SOFTWARE\Classes\Pugi.PugiObj\CLSID -> Adware.ISTBar : Ignored.
    HKLM\SOFTWARE\Classes\Pugi.PugiObj\CurVer -> Adware.ISTBar : Ignored.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ISTbarISTbar -> Adware.ISTBar : Ignored.
    HKU\S-1-5-21-2516161889-3725554718-1933066400-1003\Software\IST -> Adware.ISTBar : Ignored.
    HKU\S-1-5-21-2516161889-3725554718-1933066400-1003\Software\ISTbar -> Adware.ISTBar : Ignored.
    C:\Documents and Settings\Owner\Desktop\CD\NNuninstall.exe -> Adware.NewDotNet : Ignored.
    C:\Program Files\NewDotNet -> Adware.NewDotNet : Ignored.
    C:\Program Files\NewDotNet\newdotnet7_22.dll -> Adware.NewDotNet : Ignored.
    C:\WINDOWS\NDNuninstall6_90.exe -> Adware.NewDotNet : Ignored.
    C:\WINDOWS\NDNuninstall6_98.exe -> Adware.NewDotNet : Ignored.
    C:\WINDOWS\NDNuninstall7_14.exe -> Adware.NewDotNet : Ignored.
    C:\WINDOWS\NDNuninstall7_22.exe -> Adware.NewDotNet : Ignored.
    HKU\.DEFAULT\Software\New.net -> Adware.NewDotNet : Ignored.
    HKU\S-1-5-18\Software\New.net -> Adware.NewDotNet : Ignored.
    HKU\S-1-5-21-2516161889-3725554718-1933066400-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} -> Adware.NewDotNet : Ignored.
    HKU\S-1-5-21-2516161889-3725554718-1933066400-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} -> Adware.NewDotNet : Ignored.
    [1532] C:\Program Files\NewDotNet\newdotnet7_22.dll -> Adware.NewDotNet : Ignored.
    [720] C:\Program Files\NewDotNet\newdotnet7_22.dll -> Adware.NewDotNet : Ignored.
    [796] C:\Program Files\NewDotNet\newdotnet7_22.dll -> Adware.NewDotNet : Ignored.
    [812] C:\Program Files\NewDotNet\newdotnet7_22.dll -> Adware.NewDotNet : Ignored.
    [864] C:\Program Files\NewDotNet\newdotnet7_22.dll -> Adware.NewDotNet : Ignored.
    C:\Program Files\Power Scan -> Adware.PowerScan : Ignored.
    HKU\S-1-5-21-2516161889-3725554718-1933066400-1003\Software\PowerScan -> Adware.PowerScan : Ignored.
    HKLM\SOFTWARE\Classes\TypeLib\{CE7C3CE2-4B15-11D1-ABED-709549C10000} -> Adware.RegiFast : Ignored.
    HKLM\SOFTWARE\Classes\WUSN.1 -> Adware.SaveNow : Ignored.
    C:\Program Files\Srng\SNHelper.dll -> Adware.ShopNav : Ignored.
    C:\Program Files\Srng\SrngUtil.exe -> Adware.ShopNav : Ignored.
    C:\WINDOWS\svchost.exe -> Adware.ShopNav : Ignored.
    C:\Program Files\Common Files\kkim\kkimd\kkimc.dll -> Adware.TargetServer : Ignored.
    C:\Program Files\TV Media\Tvm.exe -> Adware.TotalVelocity : Ignored.
    C:\Program Files\Common Files\WinSoftware\FCrXML.dll -> Adware.Winfixer : Ignored.
    HKLM\SOFTWARE\Classes\SNHlprObj.SNHlprObj -> Hijacker.ShopNav : Ignored.
    HKLM\SOFTWARE\Classes\SNHlprObj.SNHlprObj.1 -> Hijacker.ShopNav : Ignored.
    HKLM\SOFTWARE\Classes\SNHlprObj.SNHlprObj\CurVer -> Hijacker.ShopNav : Ignored.
    HKU\S-1-5-21-2516161889-3725554718-1933066400-1003\Software\Srng -> Hijacker.ShopNav : Ignored.
    C:\hp\region\EN_US-ie.reg -> Hijacker.StartPage : Ignored.
    :mozilla.13:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\i28pcco0.slt\cookies.txt -> TrackingCookie.2o7 : Ignored.
    C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> TrackingCookie.Advertising : Ignored.
    C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> TrackingCookie.Atdmt : Ignored.
    C:\Documents and Settings\Owner\Cookies\[email protected][1].txt -> TrackingCookie.Doubleclick : Ignored.
    C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> TrackingCookie.Hitbox : Ignored.
    C:\Documents and Settings\Owner\Cookies\[email protected][2].txt -> TrackingCookie.Hitbox : Ignored.
    :mozilla.14:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\i28pcco0.slt\cookies.txt -> TrackingCookie.Ru4 : Ignored.
    :mozilla.15:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\i28pcco0.slt\cookies.txt -> TrackingCookie.Ru4 : Ignored.
    :mozilla.10:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\i28pcco0.slt\cookies.txt -> TrackingCookie.Specificclick : Ignored.
    :mozilla.11:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\i28pcco0.slt\cookies.txt -> TrackingCookie.Specificclick : Ignored.
    :mozilla.12:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\i28pcco0.slt\cookies.txt -> TrackingCookie.Specificclick : Ignored.
    :mozilla.8:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\i28pcco0.slt\cookies.txt -> TrackingCookie.Specificclick : Ignored.
    :mozilla.9:C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\i28pcco0.slt\cookies.txt -> TrackingCookie.Specificclick : Ignored.
    C:\Documents and Settings\Owner\Cookies\[email protected][1].txt -> TrackingCookie.Statcounter : Ignored.


    ::Report end
     
  7. mmbc_voltron

    mmbc_voltron Thread Starter

    Joined:
    Jul 13, 2004
    Messages:
    421
    Sorry for the duplicate reply

    I right clicked on everything and had it delete everything and appled action
     
  8. mmbc_voltron

    mmbc_voltron Thread Starter

    Joined:
    Jul 13, 2004
    Messages:
    421
    i am doing another scan with the quarantine option
     
  9. Flrman1

    Flrman1

    Joined:
    Jul 26, 2002
    Messages:
    46,329
    OK, post the results of that scan and a new Hijack This log.

    Also open Hijack This and click on the "Open the Misc Tools section" button. Click on the "Open Uninstall Manager" button. Click the "Save List" button. Copy and paste that list here.
     
  10. mmbc_voltron

    mmbc_voltron Thread Starter

    Joined:
    Jul 13, 2004
    Messages:
    421
    Sorry to keep you waiting but the thing kept shutting off. I think i have other hardware issues and will just do a format and reinstall once i fix the hardware
     
  11. Flrman1

    Flrman1

    Joined:
    Jul 26, 2002
    Messages:
    46,329
  12. Flrman1

    Flrman1

    Joined:
    Jul 26, 2002
    Messages:
    46,329
    Since this problem has been solved, I'm closing this thread. If you need it reopened please PM me or one of the other mods.

    Anyone else with a similar problem please start a "New Thread".
     
  13. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/507554

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice