NEED HELP PLEAZ!!

doe · June 23, 2007

as the topic !@#$%^&*le puts it I NEED HELP. ive been getting random pop ups. i know wuts causing them because my spyware found the problem the thing is that it cant fix it i ran HijackThis and this is what i got please help..here is the log of wut hijackthis came up with i dont know wuts good or bad

Logfile of Trend Micro HijackThis v2.0.0 (BETA)

Scan saved at 7:38:23 PM, on 3/22/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\ls!@#$%^&*.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe

C:\Program Files\MarkAny\ContentSafer\MAAgent.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\MCROSO~1.NET\winspool.exe

C:\Program Files\Spyware Doctor\sdhelp.exe

C:\WINDOWS\system32\wdfmgr.exe

C:\WINDOWS\System32\alg.exe

C:\Do!@#$%^&*ents and Settings\D03\My Do!@#$%^&*ents\?icrosoft\n?tepad.exe

C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\WINDOWS\system32\svchost.exe

C:\PROGRA~1\Yahoo!\MESSEN~1\YServer.exe

C:\Do!@#$%^&*ents and Settings\D03\Desktop\HiJackThis_v2.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://yahoo.sbc.com/dsl

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 69.88.144.161:

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: (no name) - H@497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)

O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: (no name) - {154D4FDA-A765-A591-4917-FB8DCA03D5C0} - C:\WINDOWS\system32\mbrh.dll

O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll

O2 - BHO: (no name) - {6C6B8C69-9285-4D94-8492-9E920C8C2B65} - C:\WINDOWS\System32\winhid64.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll

O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll

O2 - BHO: (no name) - È?49E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)

O2 - BHO: (no name) - ø?B4B5B-68BC-4B02-94D6-2FC0DE4A7897} - (no file)

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O4 - HKLM\..\Run: [s3TRAY2] S3tray2.exe

O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"

O4 - HKLM\..\Run: [sMSTray] C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe

O4 - HKLM\..\Run: [MAAgent] C:\Program Files\MarkAny\ContentSafer\MAAgent.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [Ahmp] "C:\WINDOWS\MCROSO~1.NET\winspool.exe" -vt yazb

O4 - HKCU\..\Run: [Grbsadty] "C:\Do!@#$%^&*ents and Settings\D03\My Do!@#$%^&*ents\?icrosoft\n?tepad.exe"

O4 - HKUS\S-1-5-18\..\Run: [spyware Doctor] (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [spyware Doctor] (User 'Default user')

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/200612...ex/qtplugin.cab

O16 - DPF: {231B1C6E-F934-42A2-92B6-C2FEFEC24276} (yucsetreg Class) - C:\Program Files\Yahoo!\common\yucconfig.dll

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1.5.0/jin...ows-i586-jc.cab

O16 - DPF: {E5168F0C-8591-11D4-BCDF-006008B7FEA4} - http://aldine-platoweb.aldine.k12.tx.us/pa...ab/pwlninst.cab

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Indexing Service (CiSvc) - Unknown owner - C:\WINDOWS\system32\cisvc.exe (file missing)

O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: PC Tools Spyware Doctor (SDhelper) - Unknown owner - C:\Program Files\Spyware Doctor\sdhelp.exe

--

End of file - 4978 bytes

rootbear75 · June 23, 2007

C:\Do!@#$%^&*ents and Settings\D03\My Do!@#$%^&*ents\?icrosoft\n?tepad.exe

thats a false file

unless you had notepad running....

delete that whole folder

doe · June 24, 2007

nevermind its ok i fixed it thanx n e ways

★ Dav · June 24, 2007

1. moving to tech support (correct forum for this kind of thing)

2. Closed as problem solved.

Sign In

NEED HELP PLEAZ!!

Recommended Posts

doe

rootbear75

doe

★ Dav

Other Zones

Discord

Activity