MyTechSupport.ca :: Your Computer Technical Resource Headquarters! MyTechSupport.ca :: Your Computer Technical Resource Headquarters!
HOME FORUMS RESOURCES & TOOLS ARTICLES ONLINE STORE ABOUT US
Computer Support Forums arrow Internet & Network Support arrow Security & Viruses arrow Topic: help - winfixer/look2me issues
June 03, 2020, 02:12:58 AM
 

Home Forum Rules Help Search Mobile Version Login Register

Welcome, Guest. Please login or register.
Did you miss your activation email?
June 03, 2020, 02:12:58 AM

Login with username, password and session length
 Featured Sites:
News
New  New Poll on our main page!
"My experience with Vista..."
  0 Members and 1 Guest are viewing this topic.
Pages: [1] Go Down Print
Author Topic: help - winfixer/look2me issues  (Read 919 times)
postom
Newbie
*

Karma: +0/-0
Offline Offline

Gender: Female
Posts: 1


Bookmark and Share

View Profile
« on: August 08, 2005, 01:24:28 AM »

Okay, i'm using win 2k professional, it's my roommate's computer, it's a few years old...

i keep getting the winfixer/look2me, virtual bouncer, coolwebsearch, ezula, and addestroyer - all keep coming back no matter what i freakin do.

i've ran spybot, ad-aware, cwshredder, ewido, and anything i found that was obvious out of hijack this.... here is the current scan....


Logfile of HijackThis v1.99.1
Scan saved at 9:11:04 PM, on 8/7/2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\rundll32.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Media Access\MediaAccess.exe
C:\Program Files\Rebate Retriever\RebateRetriever.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Administrator\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
O2 - BHO: Band Class - {00027925-0017-4faf-9539-90E4AC0B9EC5} - C:\WINNT\ttext.dll
O4 - HKLM\..\Run: [winsync] C:\WINNT\system32\llppoj.exe reg_run
O4 - HKLM\..\Run: [AUNPS2] RUNDLL32 AUNPS2.DLL,_Run@16
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe
O4 - HKLM\..\Run: [Rebate Retriever] C:\Program Files\Rebate Retriever\RebateRetriever.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [CMAPP] "C:\Program Files\CMAPP\Client\cmappclient.exe"
O4 - HKCU\..\Run: [CAS Client] "C:\Program Files\Cas\Client\casclient.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ntmrcl] C:\WINNT\system32\ntmrcl.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1123449168783
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5free/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = cityonahill.org
O17 - HKLM\System\CCS\Services\Tcpip\..\{7FD62B66-BBE6-4EC3-8C04-7F736EB2B05C}: NameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = cityonahill.org
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = cityonahill.org
O20 - Winlogon Notify: Internet Settings - C:\WINNT\system32\SUMPAPI.DLL
O20 - Winlogon Notify: nwprovau - C:\WINNT\SYSTEM32\nwprovau.dll
O23 - Service: CWShredder Service - InterMute, Inc. - C:\Documents and Settings\Administrator\Desktop\cwshredder.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Windows VisFx Components - Unknown owner - C:\WINNT\srcesvc.exe (file missing)

Logged

 
Geekgirl
Global Moderator
Hero Member
*****

Karma: +25/-1
Offline Offline

Gender: Female
Posts: 3175



Bookmark and Share

View Profile
« Reply #1 on: August 08, 2005, 01:22:35 PM »

Download L2mfix
Save the file to your desktop and double click l2mfix.exe. Click the Install button to extract the files and follow the prompts, then open the newly added l2mfix folder on your desktop. Double click l2mfix.bat and select option #1 for Run Find Log by typing 1 and then pressing enter. This scan takes time to complete, then notepad will open with a log. Copy the contents of that log and paste it here

Please Do NOT run option #2 OR any other files in the l2mfix folder until told to.
Logged




Girlz Rule ...Boyz Drool
____________________________
ALWAYS BACKUP YOUR REGISTRY BEFORE EDITING
Pages: [1] Go Up Print 
 
Jump to:  

Powered by MySQL Powered by PHP

Powered by SMF 1.1.21 | SMF © 2015, Simple Machines

Valid XHTML 1.0! Valid CSS!

Disclaimer
This site is NOT responsible for any damage that the information on this site may cause to your system. Everything you try, whether inspired by the response given from this site or not, is entirely at your own risk. All product names and company names used herein are for identification purpose only and may be trademarks or registered trademarks of their respective owners. We are in no way affiliated or representing any of the companies on this site unless specified.
Back to Top
Stop Spam Harvesters, Join Project Honey Pot Fight Back Against Spammers! Get Firefox! Get Thunderbird! View Sylvain Amyots profile on LinkedIn
Back to Top
Google visited last this page October 05, 2016, 12:03:49 AM