Jump to content

Windows Protection Suite Removed but no gmail


BDillon
 Share

Recommended Posts

Hi,

I removed Windows Protection Suite with Malware Bytes' Anti-Malware, but gmail still does not work. Here is the hijackthis log file below. I have ad-aware, super anti-spyware, and rootrepeal on my computer, as well. I've been trying to get help on hijack this forum, but nothing has worked yet.

Any help is appreciated, thank you!

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 10:32:31, on 03/09/2009

Platform: Windows XP SP3, v.3264 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP3 (6.00.2900.3264)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Avira\AntiVir Desktop\sched.exe

C:\Program Files\Avira\AntiVir Desktop\avguard.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\HPZipm12.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\ezSP_Px.exe

C:\Program Files\NETGEAR\WG511\Utility\WG511WLU.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe

C:\Program Files\COMODO\SafeSurf\cssurf.exe

C:\Program Files\COMODO\COMODO Internet Security\cfp.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Webroot\Washer\wwDisp.exe

C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\WINDOWS\System32\MsPMSPSv.exe

C:\Program Files\iBurst Dashboard V2\DashboardLauncher.exe

C:\Program Files\iBurst Terminal\iBurst_Terminal_UTL.EXE

C:\Program Files\WinZip\WZQKPICK.EXE

C:\Program Files\Webroot\Washer\WasherSvc.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\Skype\Plugin Manager\skypePM.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R3 - URLSearchHook: DefaultSearchHook Class - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Program Files\AskSearch\bin\DefaultSearch.dll

O1 - Hosts: 74.125.45.100 4-open-davinci.com

O1 - Hosts: 74.125.45.100 securitysoftwarepayments.com

O1 - Hosts: 74.125.45.100 privatesecuredpayments.com

O1 - Hosts: 74.125.45.100 secure.privatesecuredpayments.com

O1 - Hosts: 74.125.45.100 getantivirusplusnow.com

O1 - Hosts: 74.125.45.100 secure-plus-payments.com

O1 - Hosts: 74.125.45.100 www.getantivirusplusnow.com

O1 - Hosts: 74.125.45.100 www.secure-plus-payments.com

O1 - Hosts: 74.125.45.100 www.getavplusnow.com

O1 - Hosts: 74.125.45.100 www.securesoftwarebill.com

O1 - Hosts: 74.125.45.100 secure.paysecuresystem.com

O1 - Hosts: 64.86.17.56 google.ae

O1 - Hosts: 64.86.17.56 google.as

O1 - Hosts: 64.86.17.56 google.at

O1 - Hosts: 64.86.17.56 google.az

O1 - Hosts: 64.86.17.56 google.ba

O1 - Hosts: 64.86.17.56 google.be

O1 - Hosts: 64.86.17.56 google.bg

O1 - Hosts: 64.86.17.56 google.bs

O1 - Hosts: 64.86.17.56 google.ca

O1 - Hosts: 64.86.17.56 google.cd

O1 - Hosts: 64.86.17.56 google.com.gh

O1 - Hosts: 64.86.17.56 google.com.hk

O1 - Hosts: 64.86.17.56 google.com.jm

O1 - Hosts: 64.86.17.56 google.com.mx

O1 - Hosts: 64.86.17.56 google.com.my

O1 - Hosts: 64.86.17.56 google.com.na

O1 - Hosts: 64.86.17.56 google.com.nf

O1 - Hosts: 64.86.17.56 google.com.ng

O1 - Hosts: 64.86.17.56 google.ch

O1 - Hosts: 64.86.17.56 google.com.np

O1 - Hosts: 64.86.17.56 google.com.pr

O1 - Hosts: 64.86.17.56 google.com.qa

O1 - Hosts: 64.86.17.56 google.com.sg

O1 - Hosts: 64.86.17.56 google.com.tj

O1 - Hosts: 64.86.17.56 google.com.tw

O1 - Hosts: 64.86.17.56 google.dj

O1 - Hosts: 64.86.17.56 google.de

O1 - Hosts: 64.86.17.56 google.dk

O1 - Hosts: 64.86.17.56 google.dm

O1 - Hosts: 64.86.17.56 google.ee

O1 - Hosts: 64.86.17.56 google.fi

O1 - Hosts: 64.86.17.56 google.fm

O1 - Hosts: 64.86.17.56 google.fr

O1 - Hosts: 64.86.17.56 google.ge

O1 - Hosts: 64.86.17.56 google.gg

O1 - Hosts: 64.86.17.56 google.gm

O1 - Hosts: 64.86.17.56 google.gr

O1 - Hosts: 64.86.17.56 google.ht

O1 - Hosts: 64.86.17.56 google.ie

O1 - Hosts: 64.86.17.56 google.im

O1 - Hosts: 64.86.17.56 google.in

O1 - Hosts: 64.86.17.56 google.it

O1 - Hosts: 64.86.17.56 google.ki

O1 - Hosts: 64.86.17.56 google.la

O1 - Hosts: 64.86.17.56 google.li

O1 - Hosts: 64.86.17.56 google.lv

O1 - Hosts: 64.86.17.56 google.ma

O1 - Hosts: 64.86.17.56 google.ms

O1 - Hosts: 64.86.17.56 google.mu

O1 - Hosts: 64.86.17.56 google.mw

O1 - Hosts: 64.86.17.56 google.nl

O1 - Hosts: 64.86.17.56 google.no

O1 - Hosts: 64.86.17.56 google.nr

O1 - Hosts: 64.86.17.56 google.nu

O1 - Hosts: 64.86.17.56 google.pl

O1 - Hosts: 64.86.17.56 google.pn

O1 - Hosts: 64.86.17.56 google.pt

O1 - Hosts: 64.86.17.56 google.ro

O1 - Hosts: 64.86.17.56 google.ru

O1 - Hosts: 64.86.17.56 google.rw

O1 - Hosts: 64.86.17.56 google.sc

O1 - Hosts: 64.86.17.56 google.se

O1 - Hosts: 64.86.17.56 google.sh

O1 - Hosts: 64.86.17.56 google.si

O1 - Hosts: 64.86.17.56 google.sm

O1 - Hosts: 64.86.17.56 google.sn

O1 - Hosts: 64.86.17.56 google.st

O1 - Hosts: 64.86.17.56 google.tl

O1 - Hosts: 64.86.17.56 google.tm

O1 - Hosts: 64.86.17.56 google.tt

O1 - Hosts: 64.86.17.56 google.us

O1 - Hosts: 64.86.17.56 google.vu

O1 - Hosts: 64.86.17.56 google.ws

O1 - Hosts: 64.86.17.56 google.co.ck

O1 - Hosts: 64.86.17.56 google.co.id

O1 - Hosts: 64.86.17.56 google.co.il

O1 - Hosts: 64.86.17.56 google.co.in

O1 - Hosts: 64.86.17.56 google.co.jp

O1 - Hosts: 64.86.17.56 google.co.kr

O1 - Hosts: 64.86.17.56 google.co.ls

O1 - Hosts: 64.86.17.56 google.co.ma

O1 - Hosts: 64.86.17.56 google.co.nz

O1 - Hosts: 64.86.17.56 google.co.tz

O1 - Hosts: 64.86.17.56 google.co.ug

O1 - Hosts: 64.86.17.56 google.co.uk

O1 - Hosts: 64.86.17.56 google.co.za

O1 - Hosts: 64.86.17.56 google.co.zm

O1 - Hosts: 64.86.17.56 google.com

O1 - Hosts: 64.86.17.56 google.com.af

O1 - Hosts: 64.86.17.56 google.com.ag

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - (no file)

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)

O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\system32\ezSP_Px.exe

O4 - HKLM\..\Run: [WG511WLU] C:\Program Files\NETGEAR\WG511\Utility\WG511WLU.exe -hide

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe

O4 - HKLM\..\Run: [COMODO SafeSurf] "C:\Program Files\COMODO\SafeSurf\cssurf.exe" -s

O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [Window Washer] C:\Program Files\Webroot\Washer\wwDisp.exe

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exe

O4 - Global Startup: Dashboard Launcher.lnk = ?

O4 - Global Startup: iBurst_Terminal UTL.lnk = ?

O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE

O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1146725520578

O17 - HKLM\System\CCS\Services\Tcpip\..\{AD3E2CC9-B809-4D13-8324-902AEF416531}: NameServer = 196.46.70.10 196.2.97.234

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll C:\WINDOWS\system32\cssdll32.dll

O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe

O23 - Service: Google Update Service (gupdate1ca1872d9223dde) (gupdate1ca1872d9223dde) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Window Washer Engine (wwEngineSvc) - Webroot Software, Inc. - C:\Program Files\Webroot\Washer\WasherSvc.exe

--

End of file - 11513 bytes

Link to post
Share on other sites

  • 2 weeks later...
Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.