• Announcements

    • LS.Andy

      Support for other products than adaware, ad block, web protection and Web Companion   05/05/2017

      Support for the following products is handled by the Lavasoft support team: Lavasoft Tuneup Kit Lavasoft PC Optimizer Lavasoft Driver Updater Lavasoft Registry Tuner Lavasoft Privacy Toolbox Lavasoft File Shredder Lavasoft Digital Lock

      For help with these products, contact the support team here: http://www.lavasoft.com/support/supportcenter/
       
Sign in to follow this  
Followers 0
DaleJ

Security Center Has Hijacked My Home Page

4 posts in this topic

I have two problems that may be related as they happened at the same time. First something has caused my home page to change to an advertisement for anti-virus and spyware software I have never heard of. When I try to reset my home page, it does not take.

 

Second I have a blinking icon on my start menu that tells me that spyware has been found and I must click to buy their software to remove it. Unfortunately, I tried to remove it using the McAfee dos removal tool which required me to disable "restore" before running it and now I don't have any restore points I can use.

Share this post


Link to post
Share on other sites

My Hijack This Log is below:

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 3:39:52 PM, on 8/9/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Boot mode: Normal

 

Running processes:

E:\WINDOWS\System32\smss.exe

E:\WINDOWS\System32\winlogon.exe

E:\WINDOWS\system32\services.exe

E:\WINDOWS\system32\lsass.exe

E:\WINDOWS\system32\svchost.exe

E:\WINDOWS\System32\svchost.exe

E:\WINDOWS\system32\spoolsv.exe

E:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

E:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

e:\program files\mcafee.com\agent\mcdetect.exe

e:\PROGRA~1\mcafee.com\vso\mcshield.exe

e:\PROGRA~1\mcafee.com\agent\mctskshd.exe

E:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe

E:\WINDOWS\System32\nvsvc32.exe

E:\WINDOWS\System32\svchost.exe

E:\Program Files\iPod\bin\iPodService.exe

E:\WINDOWS\Explorer.EXE

E:\Program Files\Video ActiveX Access\iesmn.exe

E:\Program Files\Video ActiveX Access\imsmain.exe

E:\Program Files\McAfee.com\VSO\mcvsshld.exe

E:\Program Files\Video ActiveX Access\imsmn.exe

E:\PROGRA~1\mcafee.com\agent\mcagent.exe

E:\Program Files\Video ActiveX Access\iesmin.exe

E:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe

E:\WINDOWS\BCMSMMSG.exe

E:\Program Files\Creative\Shared Files\CAMTRAY.EXE

e:\progra~1\mcafee.com\vso\mcvsescn.exe

E:\Program Files\McAfee.com\VSO\oasclnt.exe

E:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe

E:\Program Files\Common Files\Real\Update_OB\realsched.exe

E:\Program Files\Unlocker\UnlockerAssistant.exe

E:\Program Files\Java\jre1.6.0_02\bin\jusched.exe

E:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EA.EXE

E:\Program Files\iTunes\iTunesHelper.exe

E:\WINDOWS\system32\RUNDLL32.EXE

E:\Program Files\Messenger\msmsgs.exe

E:\WINDOWS\system32\ctfmon.exe

E:\WINDOWS\DvzCommon\DvzMsgr.exe

E:\WINDOWS\system32\devldr32.exe

E:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe

E:\Program Files\Nikon\PictureProject\NkbMonitor.exe

E:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe

E:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe

E:\Program Files\palm\HOTSYNC.EXE

e:\progra~1\mcafee.com\vso\mcvsftsn.exe

E:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe

E:\Program Files\Internet Explorer\iexplore.exe

E:\Program Files\Trend Micro\HijackThis\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.comcast.net/toolbar2.0/search/

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.comcast.net/toolbar2.0/search/

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/def...//www.yahoo.com

F2 - REG:system.ini: Shell=

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {34E6F97C-34E0-4CE5-B92B-F83634BEDC01} - E:\Program Files\Video ActiveX Access\iesplg.dll

O2 - BHO: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - E:\PROGRA~1\COMCAS~1\COMCAS~2.DLL

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.6.0_02\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - e:\progra~1\mcafee.com\vso\mcvsshl.dll

O3 - Toolbar: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - E:\PROGRA~1\COMCAS~1\COMCAS~2.DLL

O4 - HKLM\..\Run: [MCUpdateExe] E:\PROGRA~1\mcafee.com\agent\mcupdate.exe

O4 - HKLM\..\Run: [VSOCheckTask] "E:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask

O4 - HKLM\..\Run: [VirusScan Online] E:\Program Files\McAfee.com\VSO\mcvsshld.exe

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [MCAgentExe] e:\PROGRA~1\mcafee.com\agent\mcagent.exe

O4 - HKLM\..\Run: [ePocrates] D:\setup.exe D:\+2

O4 - HKLM\..\Run: [AdaptecDirectCD] "E:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"

O4 - HKLM\..\Run: [bCMSMMSG] BCMSMMSG.exe

O4 - HKLM\..\Run: [Creative WebCam Tray] E:\Program Files\Creative\Shared Files\CAMTRAY.EXE

O4 - HKLM\..\Run: [OASClnt] E:\Program Files\McAfee.com\VSO\oasclnt.exe

O4 - HKLM\..\Run: [MPFExe] E:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe

O4 - HKLM\..\Run: [TkBellExe] "E:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [unlockerAssistant] "E:\Program Files\Unlocker\UnlockerAssistant.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "E:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"

O4 - HKLM\..\Run: [EPSON Stylus CX6600 Series] E:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EA.EXE /P26 "EPSON Stylus CX6600 Series" /O6 "USB003" /M "Stylus CX6600"

O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "E:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit

O4 - HKCU\..\Run: [MSMSGS] "E:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe

O4 - HKLM\..\Policies\Explorer\Run: [user32.dll] E:\Program Files\Video ActiveX Access\iesmn.exe

O4 - HKLM\..\Policies\Explorer\Run: [rare] E:\Program Files\Video ActiveX Access\imsmain.exe

O4 - Startup: HotSync Manager.lnk = E:\Program Files\palm\HOTSYNC.EXE

O4 - Global Startup: Adobe Reader Speed Launch.lnk = E:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: DataViz Messenger.lnk = E:\WINDOWS\DvzCommon\DvzMsgr.exe

O4 - Global Startup: Microsoft Office.lnk = E:\Program Files\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: NkbMonitor.exe.lnk = E:\Program Files\Nikon\PictureProject\NkbMonitor.exe

O4 - Global Startup: Picture Package Menu.lnk = E:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe

O4 - Global Startup: Picture Package VCD Maker.lnk = E:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe

O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...arch.jhtml?p=ZN

O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_02\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_02\bin\ssv.dll

O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - E:\Program Files\AIM\aim.exe

O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - E:\Documents and Settings\Dale\Start Menu\Programs\IMVU\Run IMVU.lnk

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/200312...meInstaller.exe

O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://bin.mcafee.com/molbin/shared/mcinsc...73/mcinsctl.cab

O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://207.188.7.150/11f38114fc036affea22/...ip/RdxIE601.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1154786757640

O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab

O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://bin.mcafee.com/molbin/shared/mcgdmg...,16/mcgdmgr.cab

O16 - DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} (Toontown Installer ActiveX Control) - http://a.download.toontown.com/sv1.0.20.19/ttinst.cab

O22 - SharedTaskScheduler: electroosmoses - {eb86b46a-d6db-4478-8f5f-06cb2ebc1b35} - blank (file missing)

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - E:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

O23 - Service: Apple Mobile Device - Apple, Inc. - E:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - E:\Program Files\iPod\bin\iPodService.exe

O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - e:\program files\mcafee.com\agent\mcdetect.exe

O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - e:\PROGRA~1\mcafee.com\vso\mcshield.exe

O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - e:\PROGRA~1\mcafee.com\agent\mctskshd.exe

O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - E:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe

O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - E:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\System32\nvsvc32.exe

 

--

End of file - 10436 bytes

Share this post


Link to post
Share on other sites

Since I have not heard from anyone I went ahead and tried some of the things that were recommended in the other posts. I ran the ATF Cleaner and AVG-Antispyware as had been recommended for other people. It did not help at all. I still have a spyware ad as my home page and I cannot changfe it and I have a blinking icon that periodically tells me I am infected with this or that.

 

After doing these I ran a new Hijack this log file included below.

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 11:12:49 AM, on 8/10/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Boot mode: Normal

 

Running processes:

E:\WINDOWS\System32\smss.exe

E:\WINDOWS\System32\winlogon.exe

E:\WINDOWS\system32\services.exe

E:\WINDOWS\system32\lsass.exe

E:\WINDOWS\system32\svchost.exe

E:\WINDOWS\System32\svchost.exe

E:\WINDOWS\system32\spoolsv.exe

E:\WINDOWS\Explorer.EXE

E:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

E:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

e:\program files\mcafee.com\agent\mcdetect.exe

e:\PROGRA~1\mcafee.com\vso\mcshield.exe

e:\PROGRA~1\mcafee.com\agent\mctskshd.exe

E:\Program Files\Video ActiveX Access\iesmn.exe

E:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe

E:\Program Files\Video ActiveX Access\imsmain.exe

E:\WINDOWS\system32\devldr32.exe

E:\Program Files\McAfee.com\VSO\mcvsshld.exe

E:\Program Files\Video ActiveX Access\iesmin.exe

E:\WINDOWS\System32\nvsvc32.exe

E:\Program Files\Video ActiveX Access\imsmn.exe

e:\program files\mcafee.com\agent\mcagent.exe

e:\progra~1\mcafee.com\vso\mcvsescn.exe

E:\WINDOWS\System32\svchost.exe

E:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe

E:\WINDOWS\BCMSMMSG.exe

E:\Program Files\Creative\Shared Files\CAMTRAY.EXE

E:\Program Files\McAfee.com\VSO\oasclnt.exe

E:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe

E:\Program Files\Common Files\Real\Update_OB\realsched.exe

E:\Program Files\Unlocker\UnlockerAssistant.exe

E:\Program Files\Java\jre1.6.0_02\bin\jusched.exe

E:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EA.EXE

E:\Program Files\iTunes\iTunesHelper.exe

E:\WINDOWS\system32\RUNDLL32.EXE

E:\Program Files\Messenger\msmsgs.exe

E:\WINDOWS\system32\ctfmon.exe

E:\WINDOWS\DvzCommon\DvzMsgr.exe

E:\Program Files\Nikon\PictureProject\NkbMonitor.exe

E:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe

E:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe

E:\Program Files\palm\HOTSYNC.EXE

e:\progra~1\mcafee.com\vso\mcvsftsn.exe

E:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe

E:\Program Files\iPod\bin\iPodService.exe

E:\Program Files\Trend Micro\HijackThis\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.comcast.net/toolbar2.0/search/

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.comcast.net/toolbar2.0/search/

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/def...//www.yahoo.com

F2 - REG:system.ini: Shell=

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {34E6F97C-34E0-4CE5-B92B-F83634BEDC01} - E:\Program Files\Video ActiveX Access\iesplg.dll

O2 - BHO: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - E:\PROGRA~1\COMCAS~1\COMCAS~2.DLL

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.6.0_02\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - e:\progra~1\mcafee.com\vso\mcvsshl.dll

O3 - Toolbar: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - E:\PROGRA~1\COMCAS~1\COMCAS~2.DLL

O4 - HKLM\..\Run: [MCUpdateExe] e:\PROGRA~1\mcafee.com\agent\McUpdate.exe

O4 - HKLM\..\Run: [VSOCheckTask] "E:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask

O4 - HKLM\..\Run: [VirusScan Online] E:\Program Files\McAfee.com\VSO\mcvsshld.exe

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [MCAgentExe] e:\PROGRA~1\mcafee.com\agent\mcagent.exe

O4 - HKLM\..\Run: [ePocrates] D:\setup.exe D:\+2

O4 - HKLM\..\Run: [AdaptecDirectCD] "E:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"

O4 - HKLM\..\Run: [bCMSMMSG] BCMSMMSG.exe

O4 - HKLM\..\Run: [Creative WebCam Tray] E:\Program Files\Creative\Shared Files\CAMTRAY.EXE

O4 - HKLM\..\Run: [OASClnt] E:\Program Files\McAfee.com\VSO\oasclnt.exe

O4 - HKLM\..\Run: [MPFExe] E:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe

O4 - HKLM\..\Run: [TkBellExe] "E:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [unlockerAssistant] "E:\Program Files\Unlocker\UnlockerAssistant.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "E:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"

O4 - HKLM\..\Run: [EPSON Stylus CX6600 Series] E:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EA.EXE /P26 "EPSON Stylus CX6600 Series" /O6 "USB003" /M "Stylus CX6600"

O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "E:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit

O4 - HKCU\..\Run: [MSMSGS] "E:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe

O4 - HKLM\..\Policies\Explorer\Run: [user32.dll] E:\Program Files\Video ActiveX Access\iesmn.exe

O4 - HKLM\..\Policies\Explorer\Run: [rare] E:\Program Files\Video ActiveX Access\imsmain.exe

O4 - Startup: HotSync Manager.lnk = E:\Program Files\palm\HOTSYNC.EXE

O4 - Global Startup: Adobe Reader Speed Launch.lnk = E:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: DataViz Messenger.lnk = E:\WINDOWS\DvzCommon\DvzMsgr.exe

O4 - Global Startup: Microsoft Office.lnk = E:\Program Files\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: NkbMonitor.exe.lnk = E:\Program Files\Nikon\PictureProject\NkbMonitor.exe

O4 - Global Startup: Picture Package Menu.lnk = E:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe

O4 - Global Startup: Picture Package VCD Maker.lnk = E:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe

O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...arch.jhtml?p=ZN

O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_02\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_02\bin\ssv.dll

O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - E:\Program Files\AIM\aim.exe

O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - E:\Documents and Settings\Dale\Start Menu\Programs\IMVU\Run IMVU.lnk

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/200312...meInstaller.exe

O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://bin.mcafee.com/molbin/shared/mcinsc...73/mcinsctl.cab

O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://207.188.7.150/11f38114fc036affea22/...ip/RdxIE601.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1154786757640

O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab

O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://bin.mcafee.com/molbin/shared/mcgdmg...,16/mcgdmgr.cab

O16 - DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} (Toontown Installer ActiveX Control) - http://a.download.toontown.com/sv1.0.20.19/ttinst.cab

O22 - SharedTaskScheduler: electroosmoses - {eb86b46a-d6db-4478-8f5f-06cb2ebc1b35} - blank (file missing)

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - E:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

O23 - Service: Apple Mobile Device - Apple, Inc. - E:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - E:\Program Files\iPod\bin\iPodService.exe

O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - e:\program files\mcafee.com\agent\mcdetect.exe

O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - e:\PROGRA~1\mcafee.com\vso\mcshield.exe

O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - e:\PROGRA~1\mcafee.com\agent\mctskshd.exe

O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - E:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe

O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - E:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\System32\nvsvc32.exe

 

--

End of file - 10509 bytes

Share this post


Link to post
Share on other sites

After reviewing numerous posts, I decided to try Smitfraudfix. It appears to have worked. the blinking warning is gone an I can now set my home page to the one that I want. Please review the below HijackThis log and confirm I have done all that need to be done.

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 2:54:07 PM, on 8/10/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Boot mode: Normal

 

Running processes:

E:\WINDOWS\System32\smss.exe

E:\WINDOWS\System32\winlogon.exe

E:\WINDOWS\system32\services.exe

E:\WINDOWS\system32\lsass.exe

E:\WINDOWS\system32\svchost.exe

E:\WINDOWS\System32\svchost.exe

E:\WINDOWS\system32\spoolsv.exe

E:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

E:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

e:\program files\mcafee.com\agent\mcdetect.exe

e:\PROGRA~1\mcafee.com\vso\mcshield.exe

e:\PROGRA~1\mcafee.com\agent\mctskshd.exe

E:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe

E:\WINDOWS\System32\nvsvc32.exe

E:\WINDOWS\System32\svchost.exe

E:\Program Files\iPod\bin\iPodService.exe

E:\WINDOWS\Explorer.EXE

E:\Program Files\McAfee.com\VSO\mcvsshld.exe

E:\PROGRA~1\mcafee.com\agent\mcagent.exe

e:\progra~1\mcafee.com\vso\mcvsescn.exe

E:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe

E:\WINDOWS\BCMSMMSG.exe

E:\Program Files\Creative\Shared Files\CAMTRAY.EXE

E:\Program Files\McAfee.com\VSO\oasclnt.exe

E:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe

E:\Program Files\Common Files\Real\Update_OB\realsched.exe

E:\Program Files\Unlocker\UnlockerAssistant.exe

E:\Program Files\Java\jre1.6.0_02\bin\jusched.exe

E:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EA.EXE

E:\Program Files\iTunes\iTunesHelper.exe

E:\WINDOWS\system32\RUNDLL32.EXE

E:\Program Files\Messenger\msmsgs.exe

E:\WINDOWS\system32\ctfmon.exe

E:\WINDOWS\DvzCommon\DvzMsgr.exe

E:\Program Files\Nikon\PictureProject\NkbMonitor.exe

E:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe

E:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe

E:\Program Files\palm\HOTSYNC.EXE

E:\WINDOWS\system32\devldr32.exe

E:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe

e:\progra~1\mcafee.com\vso\mcvsftsn.exe

E:\Program Files\Trend Micro\HijackThis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/home.html

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.comcast.net/toolbar2.0/search/

F2 - REG:system.ini: Shell=

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - E:\PROGRA~1\COMCAS~1\COMCAS~2.DLL

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.6.0_02\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - e:\progra~1\mcafee.com\vso\mcvsshl.dll

O3 - Toolbar: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - E:\PROGRA~1\COMCAS~1\COMCAS~2.DLL

O4 - HKLM\..\Run: [MCUpdateExe] E:\PROGRA~1\mcafee.com\agent\McUpdate.exe

O4 - HKLM\..\Run: [VSOCheckTask] "E:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask

O4 - HKLM\..\Run: [VirusScan Online] E:\Program Files\McAfee.com\VSO\mcvsshld.exe

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [MCAgentExe] e:\PROGRA~1\mcafee.com\agent\mcagent.exe

O4 - HKLM\..\Run: [ePocrates] D:\setup.exe D:\+2

O4 - HKLM\..\Run: [AdaptecDirectCD] "E:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"

O4 - HKLM\..\Run: [bCMSMMSG] BCMSMMSG.exe

O4 - HKLM\..\Run: [Creative WebCam Tray] E:\Program Files\Creative\Shared Files\CAMTRAY.EXE

O4 - HKLM\..\Run: [OASClnt] E:\Program Files\McAfee.com\VSO\oasclnt.exe

O4 - HKLM\..\Run: [MPFExe] E:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe

O4 - HKLM\..\Run: [TkBellExe] "E:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [unlockerAssistant] "E:\Program Files\Unlocker\UnlockerAssistant.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "E:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"

O4 - HKLM\..\Run: [EPSON Stylus CX6600 Series] E:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EA.EXE /P26 "EPSON Stylus CX6600 Series" /O6 "USB003" /M "Stylus CX6600"

O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "E:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit

O4 - HKCU\..\Run: [MSMSGS] "E:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-21-789336058-1767777339-725345543-1005\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe (User 'Carly')

O4 - HKUS\S-1-5-21-789336058-1767777339-725345543-1005\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\qttask.exe" -atboottime (User 'Carly')

O4 - HKUS\S-1-5-21-789336058-1767777339-725345543-1005\..\Run: [Aim6] "E:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp (User 'Carly')

O4 - HKUS\S-1-5-21-789336058-1767777339-725345543-1006\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe (User 'Jeremy')

O4 - HKUS\S-1-5-21-789336058-1767777339-725345543-1009\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\qttask.exe" -atboottime (User 'Susan')

O4 - HKUS\S-1-5-21-789336058-1767777339-725345543-501\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\qttask.exe" -atboottime (User 'Guest')

O4 - S-1-5-21-789336058-1767777339-725345543-1006 Startup: IMVU.lnk = E:\Program Files\IMVU\IMVUClient.exe (User 'Jeremy')

O4 - Startup: HotSync Manager.lnk = E:\Program Files\palm\HOTSYNC.EXE

O4 - Global Startup: Adobe Reader Speed Launch.lnk = E:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: DataViz Messenger.lnk = E:\WINDOWS\DvzCommon\DvzMsgr.exe

O4 - Global Startup: Microsoft Office.lnk = E:\Program Files\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: NkbMonitor.exe.lnk = E:\Program Files\Nikon\PictureProject\NkbMonitor.exe

O4 - Global Startup: Picture Package Menu.lnk = E:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe

O4 - Global Startup: Picture Package VCD Maker.lnk = E:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe

O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...arch.jhtml?p=ZN

O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_02\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_02\bin\ssv.dll

O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - E:\Program Files\AIM\aim.exe

O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - E:\Documents and Settings\Dale\Start Menu\Programs\IMVU\Run IMVU.lnk

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/200312...meInstaller.exe

O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://bin.mcafee.com/molbin/shared/mcinsc...73/mcinsctl.cab

O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://207.188.7.150/11f38114fc036affea22/...ip/RdxIE601.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1154786757640

O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab

O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://bin.mcafee.com/molbin/shared/mcgdmg...,16/mcgdmgr.cab

O16 - DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} (Toontown Installer ActiveX Control) - http://a.download.toontown.com/sv1.0.20.19/ttinst.cab

O22 - SharedTaskScheduler: electroosmoses - {eb86b46a-d6db-4478-8f5f-06cb2ebc1b35} - blank (file missing)

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - E:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

O23 - Service: Apple Mobile Device - Apple, Inc. - E:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - E:\Program Files\iPod\bin\iPodService.exe

O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - e:\program files\mcafee.com\agent\mcdetect.exe

O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - e:\PROGRA~1\mcafee.com\vso\mcshield.exe

O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - e:\PROGRA~1\mcafee.com\agent\mctskshd.exe

O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - E:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe

O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - E:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\System32\nvsvc32.exe

 

--

End of file - 10274 bytes

Share this post


Link to post
Share on other sites
Sign in to follow this  
Followers 0