ronnybuzz

Members

View Profile See their activity

Posts
1
Joined
November 19, 2009
Last visited
December 1, 2009

Reputation

0 Neutral

can't use search in yahoo or access google

ronnybuzz posted a topic in Resolved Malware Removal Logs

a while ago i was buying a part on line and a box came up and said i was infected and for 49.95 i could fix it. i tried to exit out and since then i have trouble with the net. same as the above mentioned problems. i ran hijack this and this is my log. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 9:21:45 PM, on 11/18/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\drivers\dcfssvc.exe C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Motive\McciCMService.exe C:\Program Files\Eset\nod32krn.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Program Files\Viewpoint\Common\ViewpointService.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\devldr32.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R3 - URLSearchHook: (no name) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - (no file) O1 - Hosts: 74.125.45.100 paysoftbillsolution.com O1 - Hosts: 64.86.16.97 google.ae O1 - Hosts: 64.86.16.97 google.as O1 - Hosts: 64.86.16.97 google.at O1 - Hosts: 64.86.16.97 google.az O1 - Hosts: 64.86.16.97 google.ba O1 - Hosts: 64.86.16.97 google.be O1 - Hosts: 64.86.16.97 google.bg O1 - Hosts: 64.86.16.97 google.bs O1 - Hosts: 64.86.16.97 google.ca O1 - Hosts: 64.86.16.97 google.cd O1 - Hosts: 64.86.16.97 google.com.gh O1 - Hosts: 64.86.16.97 google.com.hk O1 - Hosts: 64.86.16.97 google.com.jm O1 - Hosts: 64.86.16.97 google.com.mx O1 - Hosts: 64.86.16.97 google.com.my O1 - Hosts: 64.86.16.97 google.com.na O1 - Hosts: 64.86.16.97 google.com.nf O1 - Hosts: 64.86.16.97 google.com.ng O1 - Hosts: 64.86.16.97 google.ch O1 - Hosts: 64.86.16.97 google.com.np O1 - Hosts: 64.86.16.97 google.com.pr O1 - Hosts: 64.86.16.97 google.com.qa O1 - Hosts: 64.86.16.97 google.com.sg O1 - Hosts: 64.86.16.97 google.com.tj O1 - Hosts: 64.86.16.97 google.com.tw O1 - Hosts: 64.86.16.97 google.dj O1 - Hosts: 64.86.16.97 google.de O1 - Hosts: 64.86.16.97 google.dk O1 - Hosts: 64.86.16.97 google.dm O1 - Hosts: 64.86.16.97 google.ee O1 - Hosts: 64.86.16.97 google.fi O1 - Hosts: 64.86.16.97 google.fm O1 - Hosts: 64.86.16.97 google.fr O1 - Hosts: 64.86.16.97 google.ge O1 - Hosts: 64.86.16.97 google.gg O1 - Hosts: 64.86.16.97 google.gm O1 - Hosts: 64.86.16.97 google.gr O1 - Hosts: 64.86.16.97 google.ht O1 - Hosts: 64.86.16.97 google.ie O1 - Hosts: 64.86.16.97 google.im O1 - Hosts: 64.86.16.97 google.in O1 - Hosts: 64.86.16.97 google.it O1 - Hosts: 64.86.16.97 google.ki O1 - Hosts: 64.86.16.97 google.la O1 - Hosts: 64.86.16.97 google.li O1 - Hosts: 64.86.16.97 google.lv O1 - Hosts: 64.86.16.97 google.ma O1 - Hosts: 64.86.16.97 google.ms O1 - Hosts: 64.86.16.97 google.mu O1 - Hosts: 64.86.16.97 google.mw O1 - Hosts: 64.86.16.97 google.nl O1 - Hosts: 64.86.16.97 google.no O1 - Hosts: 64.86.16.97 google.nr O1 - Hosts: 64.86.16.97 google.nu O1 - Hosts: 64.86.16.97 google.pl O1 - Hosts: 64.86.16.97 google.pn O1 - Hosts: 64.86.16.97 google.pt O1 - Hosts: 64.86.16.97 google.ro O1 - Hosts: 64.86.16.97 google.ru O1 - Hosts: 64.86.16.97 google.rw O1 - Hosts: 64.86.16.97 google.sc O1 - Hosts: 64.86.16.97 google.se O1 - Hosts: 64.86.16.97 google.sh O1 - Hosts: 64.86.16.97 google.si O1 - Hosts: 64.86.16.97 google.sm O1 - Hosts: 64.86.16.97 google.sn O1 - Hosts: 64.86.16.97 google.st O1 - Hosts: 64.86.16.97 google.tl O1 - Hosts: 64.86.16.97 google.tm O1 - Hosts: 64.86.16.97 google.tt O1 - Hosts: 64.86.16.97 google.us O1 - Hosts: 64.86.16.97 google.vu O1 - Hosts: 64.86.16.97 google.ws O1 - Hosts: 64.86.16.97 google.co.ck O1 - Hosts: 64.86.16.97 google.co.id O1 - Hosts: 64.86.16.97 google.co.il O1 - Hosts: 64.86.16.97 google.co.in O1 - Hosts: 64.86.16.97 google.co.jp O1 - Hosts: 64.86.16.97 google.co.kr O1 - Hosts: 64.86.16.97 google.co.ls O1 - Hosts: 64.86.16.97 google.co.ma O1 - Hosts: 64.86.16.97 google.co.nz O1 - Hosts: 64.86.16.97 google.co.tz O1 - Hosts: 64.86.16.97 google.co.ug O1 - Hosts: 64.86.16.97 google.co.uk O1 - Hosts: 64.86.16.97 google.co.za O1 - Hosts: 64.86.16.97 google.co.zm O1 - Hosts: 64.86.16.97 google.com O1 - Hosts: 64.86.16.97 google.com.af O1 - Hosts: 64.86.16.97 google.com.ag O1 - Hosts: 64.86.16.97 google.com.ar O1 - Hosts: 64.86.16.97 google.com.au O1 - Hosts: 64.86.16.97 google.com.bn O1 - Hosts: 64.86.16.97 google.com.br O1 - Hosts: 64.86.16.97 google.com.by O1 - Hosts: 64.86.16.97 google.com.bz O1 - Hosts: 64.86.16.97 google.com.cu O1 - Hosts: 64.86.16.97 google.com.ec O1 - Hosts: 64.86.16.97 google.com.fj O1 - Hosts: 64.86.16.97 www.google.ae O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {10E0E75E-6701-4134-9D95-C0942ED1F1C8} (Snapfish Outlook Import ActiveX Control) - http://www2.snapfish.com/SnapfishOutlookImport.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1122512010327 O23 - Service: Dcfssvc - Eastman Kodak Company - C:\WINDOWS\system32\drivers\dcfssvc.exe O23 - Service: GhostStartService - Symantec Corporation - C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe -- End of file - 9319 bytes thank you much ronny b
- November 19, 2009
- 2 replies

Sign In

ronnybuzz

Posts

Joined

Last visited

Reputation

can't use search in yahoo or access google

Browse

Activity

Personal

Business

Business Modules

Partners

Learn

Start here

Type of malware/attacks

How does it get on my computer?

Scams and grifts

Support

Important Information