HJT Help...

By BrownEyedGurlx2
Nov 27, 2004
  1. I generally only use FireFox but happened to use IE and got a ton of spyware/adaware on my comp. I ran adaware, cwshredder, spybot, removed adcontrol and taskad in safe mode and ran a new log in safe mode . . can someone just look this over to make sure I have not missed anything? Thank you.

    Logfile of HijackThis v1.98.2
    Scan saved at 3:14:04 PM, on 11/27/2004
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\Program Files\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\WINDOWS\System32\GoogleToolbar_1.1.54-deleon.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk.disabled
    O4 - Global Startup: Go Daddy Software Go Daddy VPN Client.lnk.disabled
    O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
    O9 - Extra button: - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\IEExtension.dll
    O9 - Extra 'Tools' menuitem: - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\IEExtension.dll
  2. AtK SpAdE

    AtK SpAdE TechSpot Chancellor Posts: 1,495

    I am no expert on security but, i think you have done as much as you can do. Good luck

    Sean :darth:
  3. Mictlantecuhtli

    Mictlantecuhtli TS Evangelist Posts: 4,345   +11


    Is GoDaddy some sort of application that you use? If not, then you can delete these:

    These also look suspicious and unnecessary to me:

    Welcome to TechSpot!
  4. BrownEyedGurlx2

    BrownEyedGurlx2 TS Rookie Topic Starter

    Godaddy is my VPN client . . and partypoker, well hell yes I need that :)
  5. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Hello and welcome to Techspot.

    Apart from the go daddy stuff as Mict said it looks fine to me.

    Regards Howard :wave: :wave:
  6. BrownEyedGurlx2

    BrownEyedGurlx2 TS Rookie Topic Starter

    fantastic, thanks guys!
  7. RealBlackStuff

    RealBlackStuff TS Rookie Posts: 6,503

    Yup, I agree.
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...