1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Solved Somethings Wrong

Discussion in 'Windows XP' started by HexStar, Aug 30, 2003.

Unmark Solved
Thread Status:
Not open for further replies.
Advertisement
  1. HexStar

    HexStar Guest Thread Starter

    Recently whenever I've been resuming from Hibernation on my laptop, my HD has serious activity mysteriosuly and I am not running anything. Here's my HijackThis log:

    Logfile of HijackThis v1.96.2
    Scan saved at 9:28:40 AM, on 8/30/2003
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Grisoft\AVG6\avgcc32.exe
    C:\Program Files\2Wire\Gateway\2PortalMon.exe
    C:\Program Files\iPod\bin\iPodManager.exe
    C:\WINDOWS\wt\updater\wcmdmgr.exe
    C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Tiny\tiny.exe
    C:\Program Files\WinZip\WZQKPICK.EXE
    C:\Program Files\GetRight\getright.exe
    C:\Program Files\GetRight\getright.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
    C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
    C:\PROGRA~1\YAHOO!\PARENT~1\ypc.exe
    C:\PROGRA~1\YAHOO!\MESSEN~1\YPAGER.EXE
    c:\program files\internet explorer\iexplore.exe
    C:\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://rd.yahoo.com/customize/sbcydsl/defaults/sb/*http://www.yahoo.com/search/ie.html
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.johnscompany.net/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://rd.yahoo.com/customize/sbcydsl/defaults/sb/*http://www.yahoo.com/search/ie.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://rd.yahoo.com/customize/sbcydsl/defaults/su/*http://www.yahoo.com
    O2 - BHO: (no name) - {00000EF1-0786-4633-87C6-1AA7A44296DA} - C:\WINDOWS\System32\Gr02.dll (file missing)
    O2 - BHO: (no name) - {0352960F-47BE-11D5-AB93-00D0B760B4EB} - C:\Program Files\Topicks\Bin\HtCheck2.dll (file missing)
    O2 - BHO: Yahoo! Companion BHO - {13F537F0-AF09-11d6-9029-0002B31F9E59} - C:\Program Files\Yahoo!\Common\ycomp5,0,8,0.dll
    O2 - BHO: (no name) - {14b3d246-6274-40b5-8d50-6c2ade2ab29b} - C:\Program Files\Srng\SNHelper.dll (file missing)
    O2 - BHO: (no name) - {65C8C1F5-230E-4DC9-9A0D-F3159A5E7778} - C:\Program Files\POP\pop167.dll (file missing)
    O2 - BHO: (no name) - {c900b400-cdfe-11d3-976a-00e02913a9e0} - C:\Program Files\webHancer\programs\whiehlpr.dll (file missing)
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: Topicks Categories - {80E81A0E-9741-4FBC-8EE3-3B78C04ADA1D} - C:\Program Files\Topicks\Bin\TpBar.dll (file missing)
    O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Common\ycomp5,0,8,0.dll
    O4 - HKLM\..\Run: [AVG_CC] C:\Program Files\Grisoft\AVG6\avgcc32.exe /startup
    O4 - HKLM\..\Run: [DownloadWare] "C:\Program Files\DownloadWare\dw.exe" /H
    O4 - HKLM\..\Run: [RVP] "C:\Program Files\RVP\bpc.exe"
    O4 - HKLM\..\Run: [srng] \Program Files\Srng\Srng.exe
    O4 - HKLM\..\Run: [SearchEnhancement] "C:\Program Files\scbar\v1\scbar.exe" /U
    O4 - HKLM\..\Run: [webHancer Agent] "C:\Program Files\webHancer\Programs\whAgent.exe"
    O4 - HKLM\..\Run: [Premeter] C:\PROGRA~1\NETRAT~1\Premeter\nrpr.exe
    O4 - HKLM\..\Run: [2wSysTray] C:\Program Files\2Wire\Gateway\2PortalMon.exe
    O4 - HKLM\..\Run: [wcmdmgr] C:\WINDOWS\wt\updater\wcmdmgrl.exe -launch
    O4 - HKLM\..\Run: [iPodManager] C:\Program Files\iPod\bin\iPodManager.exe
    O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [Tiny - Mail Inspector] C:\Program Files\Tiny\tiny.exe
    O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
    O4 - Startup: Tiny - Mail Inspector.lnk = C:\Program Files\Tiny\tiny.exe
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O4 - Global Startup: GetRight - Tray Icon.lnk = C:\Program Files\GetRight\getright.exe
    O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
    O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
    O8 - Extra context menu item: Sothink SWF Decompiler - C:\Program Files\SourceTec\Sothink SWF Decompiler\InternetExplorer.htm
    O9 - Extra button: Yahoo! Login (HKLM)
    O9 - Extra 'Tools' menuitem: Yahoo! Login (HKLM)
    O9 - Extra button: Messenger (HKLM)
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
    O9 - Extra button: Research (HKLM)
    O9 - Extra button: Related (HKLM)
    O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
    O9 - Extra button: SWFDecompiler (HKLM)
    O9 - Extra 'Tools' menuitem: Sothink SWF Decompiler (HKLM)
    O9 - Extra button: Messenger (HKLM)
    O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
    O10 - Broken Internet access because of LSP provider 'ypclsp.dll' missing
    O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com/pcpitstop/PCPitStop.CAB
    O16 - DPF: {1842B0EE-B597-11D4-8997-00104BD12D94} (iCC Class) - http://pcpitstop.com/internet/pcpConnCheck.cab
    O16 - DPF: {2253F320-AB68-4A07-917D-4F12D8884A06} (ChainCast VMR Client Proxy) - http://64.124.45.181/downloads/ccpm_0237.cab
    O16 - DPF: {90A29DA5-D020-4B18-8660-6689520C7CD7} (DmiReader Class) - http://ftp.us.dell.com/fixes/PROFILER.CAB
    O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.installengine.com/engine/isetup.cab
    O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37801.7837384259
    O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://download.yahoo.com/dl/installs/ymail/ymmapi.dll
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{3A7BB35F-0AFD-4212-8FE5-47D8C2672DAA}: NameServer = 151.164.1.8 206.13.28.12
    O17 - HKLM\System\CS1\Services\Tcpip\..\{3A7BB35F-0AFD-4212-8FE5-47D8C2672DAA}: NameServer = 151.164.1.8 206.13.28.12

    Can someone let me know why this is happening please?

    Thanks in advance,

    HexStar
     
  2. Sponsor

  3. HexStar

    HexStar Guest Thread Starter

    Can someone please help me?
     
  4. HexStar

    HexStar Guest Thread Starter

    I'd like some help please. Please help me!:(
     
  5. 700mb80min

    700mb80min Banned

    Joined:
    Jul 24, 2003
    Messages:
    2,025
    Start with Spybot Search And Destroy . Download , run it , and " fix selected " all that it finds , and then post your log again.
     
  6. Triple6

    Triple6 Moderator

    Joined:
    Dec 26, 2002
    Messages:
    51,793
    Well you have several infections of Spyware/adware.

    Download ADAWARE, update it and run it - fix all problems.

    http://www.lavasoft.de/software/adaware/

    After that post that log again, I see a few things that might be left behind and several I'm not sure about. Is AVG up-to-date? Do a scan for viruses.

    You should also defrag your harddrive, this will help quite abit.
     
  7. 700mb80min

    700mb80min Banned

    Joined:
    Jul 24, 2003
    Messages:
    2,025
    "Download ADAWARE, update it and run it - fix all problems."

    Why all of a sudden adaware is the flavour of the month . After i responded with spybot.

    :confused:
     
  8. Flrman1

    Flrman1

    Joined:
    Jul 26, 2002
    Messages:
    46,329
    HexStar

    Run Hijack This again and put a check by these. Close all browser windows and "Fix checked"

    O2 - BHO: (no name) - {00000EF1-0786-4633-87C6-1AA7A44296DA} - C:\WINDOWS\System32\Gr02.dll (file missing)

    O2 - BHO: (no name) - {0352960F-47BE-11D5-AB93-00D0B760B4EB} - C:\Program Files\Topicks\Bin\HtCheck2.dll (file missing)

    O2 - BHO: (no name) - {14b3d246-6274-40b5-8d50-6c2ade2ab29b} - C:\Program Files\Srng\SNHelper.dll (file missing)

    O2 - BHO: (no name) - {65C8C1F5-230E-4DC9-9A0D-F3159A5E7778} - C:\Program Files\POP\pop167.dll (file missing)

    O2 - BHO: (no name) - {c900b400-cdfe-11d3-976a-00e02913a9e0} - C:\Program Files\webHancer\programs\whiehlpr.dll (file missing)

    O3 - Toolbar: Topicks Categories - {80E81A0E-9741-4FBC-8EE3-3B78C04ADA1D} - C:\Program Files\Topicks\Bin\TpBar.dll (file missing)

    O4 - HKLM\..\Run: [DownloadWare] "C:\Program Files\DownloadWare\dw.exe" /H

    O4 - HKLM\..\Run: [RVP] "C:\Program Files\RVP\bpc.exe"

    O4 - HKLM\..\Run: [srng] \Program Files\Srng\Srng.exe

    O4 - HKLM\..\Run: [SearchEnhancement] "C:\Program Files\scbar\v1\scbar.exe" /U

    O4 - HKLM\..\Run: [webHancer Agent] "C:\Program Files\webHancer\Programs\whAgent.exe"

    O4 - HKLM\..\Run: [Premeter] C:\PROGRA~1\NETRAT~1\Premeter\nrpr.exe

    O4 - HKLM\..\Run: [wcmdmgr] C:\WINDOWS\wt\updater\wcmdmgrl.exe -launch

    O16 - DPF: {2253F320-AB68-4A07-917D-4F12D8884A06} (ChainCast VMR Client Proxy) - http://64.124.45.181/downloads/ccpm_0237.cab

    O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.installengine.com/engine/isetup.cab

    Restart your computer and delete:
    The C:\Program Files\DownloadWare folder
    The C:\Program Files\RVP folder
    The C:\Program Files\scbar folder
    The C:\Program Files\Netratings folder
     
  9. HexStar

    HexStar Guest Thread Starter

    OK, I ran AVG and checked the entire HD for viruses, and found none, I also ran Adaware 6.0 and found some adware which I removed. I also ran Spybot Search And Destroy and were able to fix lots of items. Here's my HijackThis log now:

    Logfile of HijackThis v1.96.2
    Scan saved at 7:10:30 PM, on 8/30/2003
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\2Wire\Gateway\2PortalMon.exe
    C:\Program Files\iPod\bin\iPodManager.exe
    C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Tiny\tiny.exe
    C:\Program Files\WinZip\WZQKPICK.EXE
    C:\Program Files\GetRight\getright.exe
    C:\Program Files\GetRight\getright.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
    C:\PROGRA~1\YAHOO!\MESSEN~1\YPAGER.EXE
    c:\program files\internet explorer\iexplore.exe
    C:\Program Files\SBC Yahoo!\Connection Manager\ConnectionManager.exe
    C:\Program Files\ActiveScreenLock 1.3\ActiveScreenLock.exe
    C:\Program Files\Yahoo!\Parental Controls\ypc.exe
    C:\PROGRA~1\Grisoft\AVG6\AVGCC32.EXE
    C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
    C:\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://rd.yahoo.com/customize/sbcydsl/defaults/sb/*http://www.yahoo.com/search/ie.html
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.johnscompany.net/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://rd.yahoo.com/customize/sbcydsl/defaults/sb/*http://www.yahoo.com/search/ie.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://rd.yahoo.com/customize/sbcydsl/defaults/su/*http://www.yahoo.com
    O2 - BHO: (no name) - {00000EF1-0786-4633-87C6-1AA7A44296DA} - (no file)
    O2 - BHO: Yahoo! Companion BHO - {13F537F0-AF09-11d6-9029-0002B31F9E59} - C:\Program Files\Yahoo!\Common\ycomp5,0,8,0.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Common\ycomp5,0,8,0.dll
    O4 - HKLM\..\Run: [AVG_CC] C:\Program Files\Grisoft\AVG6\avgcc32.exe /startup
    O4 - HKLM\..\Run: [srng] \Program Files\Srng\Srng.exe
    O4 - HKLM\..\Run: [2wSysTray] C:\Program Files\2Wire\Gateway\2PortalMon.exe
    O4 - HKLM\..\Run: [iPodManager] C:\Program Files\iPod\bin\iPodManager.exe
    O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [Tiny - Mail Inspector] C:\Program Files\Tiny\tiny.exe
    O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
    O4 - Startup: Tiny - Mail Inspector.lnk = C:\Program Files\Tiny\tiny.exe
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O4 - Global Startup: GetRight - Tray Icon.lnk = C:\Program Files\GetRight\getright.exe
    O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
    O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
    O8 - Extra context menu item: Sothink SWF Decompiler - C:\Program Files\SourceTec\Sothink SWF Decompiler\InternetExplorer.htm
    O9 - Extra button: Yahoo! Login (HKLM)
    O9 - Extra 'Tools' menuitem: Yahoo! Login (HKLM)
    O9 - Extra button: Messenger (HKLM)
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
    O9 - Extra button: Research (HKLM)
    O9 - Extra button: Related (HKLM)
    O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
    O9 - Extra button: SWFDecompiler (HKLM)
    O9 - Extra 'Tools' menuitem: Sothink SWF Decompiler (HKLM)
    O9 - Extra button: Messenger (HKLM)
    O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
    O10 - Broken Internet access because of LSP provider 'ypclsp.dll' missing
    O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com/pcpitstop/PCPitStop.CAB
    O16 - DPF: {1842B0EE-B597-11D4-8997-00104BD12D94} (iCC Class) - http://pcpitstop.com/internet/pcpConnCheck.cab
    O16 - DPF: {2253F320-AB68-4A07-917D-4F12D8884A06} (ChainCast VMR Client Proxy) - http://64.124.45.181/downloads/ccpm_0237.cab
    O16 - DPF: {90A29DA5-D020-4B18-8660-6689520C7CD7} (DmiReader Class) - http://ftp.us.dell.com/fixes/PROFILER.CAB
    O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.installengine.com/engine/isetup.cab
    O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37801.7837384259
    O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://download.yahoo.com/dl/installs/ymail/ymmapi.dll
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{3A7BB35F-0AFD-4212-8FE5-47D8C2672DAA}: NameServer = 151.164.1.8 206.13.28.12
    O17 - HKLM\System\CS1\Services\Tcpip\..\{3A7BB35F-0AFD-4212-8FE5-47D8C2672DAA}: NameServer = 151.164.1.8 206.13.28.12
     
  10. HexStar

    HexStar Guest Thread Starter

    Please let me know what to do next. Thanks!:)
     
  11. HexStar

    HexStar Guest Thread Starter

    OK, will do.:)

    Who knows? I was wondering that to lol.:)
     
  12. HexStar

    HexStar Guest Thread Starter

    OK I fixed and removed all of the following:

    O2 - BHO: (no name) - {00000EF1-0786-4633-87C6-1AA7A44296DA} - C:\WINDOWS\System32\Gr02.dll (file missing)

    O2 - BHO: (no name) - {0352960F-47BE-11D5-AB93-00D0B760B4EB} - C:\Program Files\Topicks\Bin\HtCheck2.dll (file missing)

    O2 - BHO: (no name) - {14b3d246-6274-40b5-8d50-6c2ade2ab29b} - C:\Program Files\Srng\SNHelper.dll (file missing)

    O2 - BHO: (no name) - {65C8C1F5-230E-4DC9-9A0D-F3159A5E7778} - C:\Program Files\POP\pop167.dll (file missing)

    O2 - BHO: (no name) - {c900b400-cdfe-11d3-976a-00e02913a9e0} - C:\Program Files\webHancer\programs\whiehlpr.dll (file missing)

    O3 - Toolbar: Topicks Categories - {80E81A0E-9741-4FBC-8EE3-3B78C04ADA1D} - C:\Program Files\Topicks\Bin\TpBar.dll (file missing)

    O4 - HKLM\..\Run: [DownloadWare] "C:\Program Files\DownloadWare\dw.exe" /H

    O4 - HKLM\..\Run: [RVP] "C:\Program Files\RVP\bpc.exe"

    O4 - HKLM\..\Run: [srng] \Program Files\Srng\Srng.exe

    O4 - HKLM\..\Run: [SearchEnhancement] "C:\Program Files\scbar\v1\scbar.exe" /U

    O4 - HKLM\..\Run: [webHancer Agent] "C:\Program Files\webHancer\Programs\whAgent.exe"

    O4 - HKLM\..\Run: [Premeter] C:\PROGRA~1\NETRAT~1\Premeter\nrpr.exe

    O4 - HKLM\..\Run: [wcmdmgr] C:\WINDOWS\wt\updater\wcmdmgrl.exe -launch

    O16 - DPF: {2253F320-AB68-4A07-917D-4F12D8884A06} (ChainCast VMR Client Proxy) - http://64.124.45.181/downloads/ccpm_0237.cab

    O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.installengine.com/engine/isetup.cab

    Restart your computer and delete:
    The C:\Program Files\DownloadWare folder
    The C:\Program Files\RVP folder
    The C:\Program Files\scbar folder
    The C:\Program Files\Netratings folder
    . Now here's my HijackThis log:

    Logfile of HijackThis v1.96.2
    Scan saved at 7:48:03 PM, on 8/30/2003
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Grisoft\AVG6\avgcc32.exe
    C:\Program Files\2Wire\Gateway\2PortalMon.exe
    C:\Program Files\iPod\bin\iPodManager.exe
    C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Tiny\tiny.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\WinZip\WZQKPICK.EXE
    C:\Program Files\GetRight\getright.exe
    C:\Program Files\GetRight\getright.exe
    C:\PROGRA~1\YAHOO!\PARENT~1\ypc.exe
    C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
    C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
    C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    c:\program files\internet explorer\iexplore.exe
    C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    C:\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://rd.yahoo.com/customize/sbcydsl/defaults/sb/*http://www.yahoo.com/search/ie.html
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.johnscompany.net/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://rd.yahoo.com/customize/sbcydsl/defaults/sb/*http://www.yahoo.com/search/ie.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://rd.yahoo.com/customize/sbcydsl/defaults/su/*http://www.yahoo.com
    O2 - BHO: Yahoo! Companion BHO - {13F537F0-AF09-11d6-9029-0002B31F9E59} - C:\Program Files\Yahoo!\Common\ycomp5,0,8,0.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Common\ycomp5,0,8,0.dll
    O4 - HKLM\..\Run: [AVG_CC] C:\Program Files\Grisoft\AVG6\avgcc32.exe /startup
    O4 - HKLM\..\Run: [2wSysTray] C:\Program Files\2Wire\Gateway\2PortalMon.exe
    O4 - HKLM\..\Run: [iPodManager] C:\Program Files\iPod\bin\iPodManager.exe
    O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [Tiny - Mail Inspector] C:\Program Files\Tiny\tiny.exe
    O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
    O4 - Startup: Tiny - Mail Inspector.lnk = C:\Program Files\Tiny\tiny.exe
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O4 - Global Startup: GetRight - Tray Icon.lnk = C:\Program Files\GetRight\getright.exe
    O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
    O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
    O8 - Extra context menu item: Sothink SWF Decompiler - C:\Program Files\SourceTec\Sothink SWF Decompiler\InternetExplorer.htm
    O9 - Extra button: Yahoo! Login (HKLM)
    O9 - Extra 'Tools' menuitem: Yahoo! Login (HKLM)
    O9 - Extra button: Messenger (HKLM)
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
    O9 - Extra button: Research (HKLM)
    O9 - Extra button: Related (HKLM)
    O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
    O9 - Extra button: SWFDecompiler (HKLM)
    O9 - Extra 'Tools' menuitem: Sothink SWF Decompiler (HKLM)
    O9 - Extra button: Messenger (HKLM)
    O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
    O10 - Broken Internet access because of LSP provider 'ypclsp.dll' missing
    O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com/pcpitstop/PCPitStop.CAB
    O16 - DPF: {1842B0EE-B597-11D4-8997-00104BD12D94} (iCC Class) - http://pcpitstop.com/internet/pcpConnCheck.cab
    O16 - DPF: {90A29DA5-D020-4B18-8660-6689520C7CD7} (DmiReader Class) - http://ftp.us.dell.com/fixes/PROFILER.CAB
    O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37801.7837384259
    O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://download.yahoo.com/dl/installs/ymail/ymmapi.dll
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{3A7BB35F-0AFD-4212-8FE5-47D8C2672DAA}: NameServer = 151.164.1.8 206.13.28.12
    O17 - HKLM\System\CS1\Services\Tcpip\..\{3A7BB35F-0AFD-4212-8FE5-47D8C2672DAA}: NameServer = 151.164.1.8 206.13.28.12

    This is the log after running a complete scan in AVG, a complete scan in Adaware 6.0, and doing a complete scan in Spybot Search And Destroy and fixing/removing whatever errors/problems them found. Let me know what I should do nexdt if anything please. Thanks!:)
     
  13. Flrman1

    Flrman1

    Joined:
    Jul 26, 2002
    Messages:
    46,329
    Looks good! (y)
     
  14. HexStar

    HexStar Guest Thread Starter

    Cool! So that's all, I'm done?
     
  15. HexStar

    HexStar Guest Thread Starter

    Hold on a sec, is this serious: O10 - Broken Internet access because of LSP provider 'ypclsp.dll' missing?
     
  16. HexStar

    HexStar Guest Thread Starter

    I can still access the web though....but still is it serious/important?
     
  17. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Similar Threads - Somethings Wrong
  1. Slardy
    Replies:
    2
    Views:
    295
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/160767