CWS & TOOLBAR Problem - Please Help with HJT Log

Discuss Wi-Fi setups, cybersecurity, and network troubleshooting.
Post Reply
chris3737
Registered User
Posts: 1
Joined: October 2nd, 2005, 2:29 pm
Location: UK

CWS & TOOLBAR Problem - Please Help with HJT Log

Post by chris3737 »

Hello, Any help would be much appreciated. I've used HJT to try to get rid of CWS and the toolbar. I've been deleted entry 03 below over and over but it re-enters there at every reboot. Below is the latest HJT Log: Logfile of HijackThis v1.99.1 Scan saved at 15:00:39, on 02/10/05 Platform: Windows 98 SE (Win9x 4.10.2222A) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32.EXE C:\WINDOWS\SYSTEM\MPREXE.EXE C:\WINDOWS\SYSTEM\mmtask.tsk C:\WINDOWS\EXPLORER.EXE C:\WINDOWS\SYSTEM\SYSTRAY.EXE C:\WINDOWS\TASKMON.EXE C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\TEATIMER.EXE C:\WINDOWS\SYSTEM\WMIEXE.EXE C:\UNZIPPED\HIJACKTHIS\HIJACKTHIS.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O3 - Toolbar: SearchToolbar - {08BEC6AA-49FC-4379-3587-4B21E286C19E} - C:\WINDOWS\SYSTEM\VXFJJ.DLL O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun O4 - HKLM\..\Run: [SystemTray] SysTray.Exe O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\Run: [GSISETUP] C:\WINDOWS\TEMP\GsiInst.exe INSTALL C:\WINDOWS\TEMP\.\V205Res 23 O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\RunServices: [BCMHal] rundll32.exe bcmhal9x.dll,BCInit O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O12 - Plugin for .avi: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll O12 - Plugin for .mpeg: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin4.dll O12 - Plugin for .mpg: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin4.dll Thanks in advance, Chris
Top
richh0323
Registered User
Posts: 512
Joined: December 14th, 2004, 8:47 pm
Location: Buffalo, New York

Post by richh0323 »

Start out by turning off you're system restore (start/help and support/tools/system restore/system restore settings/ check box to turn off) Start up in safe mode, run HiJack this and fix the following entries, R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 O3 - Toolbar: SearchToolbar - {08BEC6AA-49FC-4379-3587-4B21E286C19E} - C:\WINDOWS\SYSTEM\VXFJJ.DLL Now go to this site follow the link and download CWShredder, follow the instructions and run it. After you do this start up in normal mode, post new HJ log, and if all is good then we'll turn back on system restore
If I could remember all I have forgotten, I would be a smart man.
Top
richh0323
Registered User
Posts: 512
Joined: December 14th, 2004, 8:47 pm
Location: Buffalo, New York

Post by richh0323 »

Opps link... http://www.spywareinfo.com/articles/cws/
If I could remember all I have forgotten, I would be a smart man.
Top
Post Reply

Return to “Networking & Security”