[SOLVED]I Hate Spyware

Sith_Apprentice · October 1, 2004

Here is my hijack this log. I have panda antivirus, spybot, spyware blaster, adaware, and spyguard all installed on my machine. They seem to remove some of the entires but not all. Please help me.

Logfile of HijackThis v1.98.2

Scan saved at 12:28:03 PM, on 10/1/2004

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:

D:\WINDOWS\System32\smss.exe

D:\WINDOWS\system32\winlogon.exe

D:\WINDOWS\system32\services.exe

D:\WINDOWS\system32\lsass.exe

D:\WINDOWS\system32\svchost.exe

D:\WINDOWS\System32\svchost.exe

D:\WINDOWS\system32\spoolsv.exe

D:\Program Files\Executive Software\Diskeeper\DkService.exe

D:\Program Files\Panda Software\Panda Antivirus Platinum\Firewall\PavFires.exe

D:\Program Files\Panda Software\Panda Antivirus Platinum\pavsrv51.exe

D:\Program Files\Panda Software\Panda Antivirus Platinum\AVENGINE.EXE

D:\Program Files\Panda Software\Panda Antivirus Platinum\apvxdwin.exe

D:\WINDOWS\inetg\services.exe

D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

D:\Program Files\Panda Software\Panda Antivirus Platinum\pavProxy.exe

D:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE

D:\WINDOWS\system32\t?skmgr.exe

D:\WINDOWS\explorer.exe

D:\PROGRA~1\AIM\aim.exe

D:\Program Files\SpywareGuard\sgmain.exe

D:\Program Files\SpywareGuard\sgbhp.exe

D:\Program Files\Yahoo!\Messenger\YPager.exe

D:\Program Files\Internet Explorer\iexplore.exe

D:\Program Files\WinRAR\WinRAR.exe

D:\Documents and Settings\Ulic\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://channels.aimtoday.com/search/aimtoolbar.jsp

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.msn.com

R3 - URLSearchHook: (no name) - {C7EDAB2E-D7F9-11D8-BA48-C79B0C409D70} - (no file)

F3 - REG:win.ini: run=D:\WINDOWS\inetg\services.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - D:\Program Files\SpywareGuard\dlprotect.dll

O2 - BHO: (no name) - {4AFA6559-9210-0FEF-8325-675578AE274E} - D:\WINDOWS\System32\egtugekd.dll

O2 - BHO: (no name) - {5321E378-FFAD-4999-8C62-03CA8155F0B3} - (no file)

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx

O3 - Toolbar: (no name) - {815A82AE-CDEF-11D8-BA48-A6D245798277} - (no file)

O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - D:\Program Files\AIM Toolbar\AIMBar.dll

O4 - HKLM\..\Run: [sCANINICIO] "D:\Program Files\Panda Software\Panda Antivirus Platinum\Inicio.exe"

O4 - HKLM\..\Run: [APVXDWIN] "D:\Program Files\Panda Software\Panda Antivirus Platinum\APVXDWIN.EXE" /s

O4 - HKLM\..\Run: [xp_system] D:\WINDOWS\inetg\services.exe

O4 - HKLM\..\Run: [spybotSnD] "D:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autoclose /waitstart

O4 - HKLM\..\Run: [MSConfig] D:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto

O4 - HKLM\..\RunOnce: [Ad-aware] "D:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-aware.exe" "+b1"

O4 - HKCU\..\Run: [xp_system] D:\WINDOWS\inetg\services.exe

O4 - HKCU\..\Run: [spybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [H/PC Connection Agent] "D:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"

O4 - Startup: SpywareGuard.lnk = D:\Program Files\SpywareGuard\sgmain.exe

O4 - Global Startup: SpywareBlaster (2).lnk = D:\Program Files\SpywareBlaster\spywareblaster.exe

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O8 - Extra context menu item: &AIM Search - res://D:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)

O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MICROS~2\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MICROS~2\INetRepl.dll

O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\PROGRA~1\MICROS~2\INetRepl.dll

O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - D:\Program Files\Yahoo!\Messenger\yhexbmes0411.dll

O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - D:\Program Files\Yahoo!\Messenger\yhexbmes0411.dll

O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - D:\PROGRA~1\AIM\aim.exe

O15 - Trusted Zone: www.mt-download.com

O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB

O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/get_file.php...c5501e7089a2147

O16 - DPF: {1842B0EE-B597-11D4-8997-00104BD12D94} (iCC Class) - http://www.pcpitstop.com/internet/pcpConnCheck.cab

O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EP...ol_v1-0-3-9.cab

O16 - DPF: {EFAEF0E4-F044-4D57-9900-1C3FF18524C9} (AV Class) - http://www.pcpitstop.com/antivirus/PitPav.cab

Thank you very much for all your help.

Sith_Apprentice · October 2, 2004

Here is my new HJT log. I saw that it should be in its own folder so i did that, i also ran adaware and spybot.