Home > Hjt Log > HJT Log - Clayfan2004_13

HJT Log - Clayfan2004_13

A tutorial on installing & using this product can be found here: Using SpywareBlaster to protect your computer from Spyware and Malware Update all these programs regularly - Make sure you A case like this could easily cost hundreds of thousands of dollars. Back to top #10 raw raw Bleeping Hacker Members 2,577 posts OFFLINE Gender:Male Location:Texas Local time:06:40 PM Posted 21 November 2004 - 01:10 PM WildTangent is known to be spyware.Use HJT Log - clayfan2004_13 Help please?

Use a Firewall - I can not stress how important it is that you use a Firewall on your computer. Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htmO8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.htmlO8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.htmlO8 - Extra context menu item: Please try the request again. This will provide realtime spyware & hijacker protection on your computer alongside your virus protection.

thanks Back to top #4 clayfan2004_13 clayfan2004_13 Topic Starter Members 10 posts OFFLINE Local time:06:40 PM Posted 19 November 2004 - 09:55 PM oh, nvm, i see it Back to Be sure to close all browser windows, including this one before clicking the Fix button.R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://us4.hpwis.com/R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-us4.hpwis.com/R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/.../search/ie.htmlR1 Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quietO4 - HKCU\..\Run: [Microsoft Works Update Detection] c:\Program Files\Microsoft Works\WkDetect.exeO4 - Global Startup: hp center UI.lnk = C:\Program Files\hp center\137903\Shadow\ShadowBar.exeO4 - Global Startup: hp center.lnk = C:\Program Files\hp The system returned: (22) Invalid argument The remote host or network may be down.

Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dllO3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dllO4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exeO4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXEO4 - HKLM\..\Run: [DDCM] "C:\Program Files\WildTangent\DDC\DDCManager\DDCMan.exe" -BackgroundO4 - HKLM\..\Run: [DDCActiveMenu] Using the site is easy and fun. Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dllO3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dllO4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exeO4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXEO4 - HKLM\..\Run: [DDCM] "C:\Program Files\WildTangent\DDC\DDCManager\DDCMan.exe" -BackgroundO4 - HKLM\..\Run: [DDCActiveMenu] Now you have C:\HJT\ folder.

Several functions may not work. Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dllO2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocxO2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO2 - BHO: Google Toolbar Helper - CONTRIBUTE TO OUR LEGAL DEFENSE All unused funds will be donated to the Electronic Frontier Foundation (EFF). BLEEPINGCOMPUTER NEEDS YOUR HELP!

Please try the request again. Site Changelog Community Forum Software by IP.Board Sign In Use Facebook Use Twitter Need an account? As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged Change the Download signed ActiveX controls to PromptChange the Download unsigned ActiveX controls to DisableChange the Initialize and script ActiveX controls not marked as safe to DisableChange the Installation of desktop

For a tutorial on Firewalls and a listing of some available ones see the link below: Understanding and Using Firewalls Visit Microsoft's Windows Update Site Frequently - It is important that Back to top #3 clayfan2004_13 clayfan2004_13 Topic Starter Members 10 posts OFFLINE Local time:06:40 PM Posted 19 November 2004 - 09:54 PM where is the C:\ ? Your cache administrator is webmaster. Your cache administrator is webmaster.

Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htmO8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.htmlO8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.htmlO8 - Extra context menu item: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dllO9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htmO9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htmO9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site. The system returned: (22) Invalid argument The remote host or network may be down.

rawcreations.net @raw_creations Current systems: WHAT OS, BackTrack-raw, PCLinuxOS, Peppermint OS 6, Kali Linuxand a custom Linux From Scratch server hosting a bunch of top secret stuff. Without a firewall your computer is succeptible to being hacked and taken over. Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quietO4 - HKCU\..\Run: [Microsoft Works Update Detection] c:\Program Files\Microsoft Works\WkDetect.exeO4 - Global Startup: hp center UI.lnk = C:\Program Files\hp center\137903\Shadow\ShadowBar.exeO4 - Global Startup: hp center.lnk = C:\Program Files\hp Your cache administrator is webmaster.

The system returned: (22) Invalid argument The remote host or network may be down. Generated Tue, 24 Jan 2017 23:39:55 GMT by s_hp81 (squid/3.5.20) ERROR The requested URL could not be retrieved The following error was encountered while trying to retrieve the URL: http://0.0.0.10/ Connection rawcreations.net @raw_creations Current systems: WHAT OS, BackTrack-raw, PCLinuxOS, Peppermint OS 6, Kali Linuxand a custom Linux From Scratch server hosting a bunch of top secret stuff.

Instructions on how to do this can be found here:How to see hidden filesRun Hijackthis again, click scan, and Put a checkmark next to each of these.

Please re-enable javascript to access full functionality. If we have ever helped you in the past, please consider helping us. See this link for a listing of some online & their stand-alone antivirus programs: Virus, Spyware, and Malware Protection and Removal Resources Update your AntiVirus Software - It is imperitive that Back to top #13 clayfan2004_13 clayfan2004_13 Topic Starter Members 10 posts OFFLINE Local time:06:40 PM Posted 21 November 2004 - 10:49 PM Thank you so much!

Please do the following:Please make sure that you can view all hidden files. its really anoying and makin my computer terribly slow :_(Heres my log:Logfile of HijackThis v1.97.7Scan saved at 5:35:11 PM, on 9/19/2004Platform: Windows XP (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 (6.00.2600.0000)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\LEXBCES.EXEC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\LEXPPS.EXEC:\WINDOWS\Explorer.EXEC:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exeC:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exeC:\WINDOWS\System32\nvsvc32.exeC:\WINDOWS\System32\svchost.exeC:\windows\system\hpsysdrv.exeC:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exeC:\HP\KBD\KBD.EXEC:\WINDOWS\System32\hkcmd.exeC:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exeC:\WINDOWS\System32\LXSUPMON.EXEC:\temp\salm.exeC:\Program Files\BullsEye A tutorial on installing & using this product can be found here: Using Ad-aware to remove Spyware, Malware, & Hijackers from Your Computer Install SpywareBlaster - SpywareBlaster will added a large Please do the following:Please make sure that you can view all hidden files.

Glad I was able to help. Thanks Back to top #8 raw raw Bleeping Hacker Members 2,577 posts OFFLINE Gender:Male Location:Texas Local time:06:40 PM Posted 20 November 2004 - 12:32 PM WildTangent is know to contain rawcreations.net @raw_creations Current systems: WHAT OS, BackTrack-raw, PCLinuxOS, Peppermint OS 6, Kali Linuxand a custom Linux From Scratch server hosting a bunch of top secret stuff. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.

It makes backups and they need to be kept all in one place.Click My Computer, then C:\In the menu bar, File->New->Folder.That will create a folder named New Folder, which you can Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dllO9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htmO9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htmO9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} You should also scan your computer with program on a regular basis just as you would an antivirus software. Please do the following:Please make sure that you can view all hidden files.

You can find instructions on how to enable and reenable system restore here:Managing Windows Millenium System RestoreorWindows XP System Restore GuideRenable system restore with instructions from tutorial aboveReboot your computer to Your cache administrator is webmaster. Back to top #9 clayfan2004_13 clayfan2004_13 Topic Starter Members 10 posts OFFLINE Local time:06:40 PM Posted 20 November 2004 - 01:46 PM >>>C:\WINDOWS\System32\msbe.dllC:\Program Files\Windows AdControl\WinAdCtl.exe<-Delete Windows AdControl Folder<<

Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dllO3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dllO4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exeO4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXEO4 - HKLM\..\Run: [DDCM] "C:\Program Files\WildTangent\DDC\DDCManager\DDCMan.exe" -BackgroundO4 - HKLM\..\Run: [DDCActiveMenu] A tutorial on installing & using this product can be found here: Using Spybot - Search & Destroy to remove Spyware , Malware, and Hijackers Install Ad-Aware - Install and download rawcreations.net @raw_creations Current systems: WHAT OS, BackTrack-raw, PCLinuxOS, Peppermint OS 6, Kali Linuxand a custom Linux From Scratch server hosting a bunch of top secret stuff.