I know I'm about to expose my ignorance, but I'm having all manner o
troubles. I've been running Adaware, CWShredder, and AVG. They appea
to be dealing with the infections well, but coolweb and a troja
startpage virus keep showing back up. I've updated hoping to close u
some holes in security, but that seems to have been unsuccessful. I'
getting an error that says:
The instruction at "0x0380359e" referenced memory at "0xf0f3354f". Th
memory could not be "read".
In addition to this, my web browser is sometimes redirected to a searc
page that is obviously not innocent in nature. I also have page sourc
showing in my browser on some pages.
I apologize if this is inappropriate, but I've posted my Hijack Thi
log (It's not terribly long).
Any help would be appreciated.
Smiles,
Trudy Scales
Logfile of HijackThis v1.97.7
Scan saved at 10:57:09 PM, on 5/4/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
C:\PROGRA~1\VCOM\Fix-It\mxtask.exe
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Grisoft\AVG6\avgcc32.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\NetZero\exec.exe
C:\PROGRA~1\VCOM\Fix-It\mxtask.exe
C:\Program Files\NetZero\exec.exe
C:\WINDOWS\system32\ntvdm.exe
C:\WINDOWS\TEMP\HIJACKTH.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar
http://my.netzero.net/s/search?r=minisearch
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page
http://my.netzero.net/s/search?r=minisearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page
http://my.netzero.net/s/search?r=minisearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_UR
= http://my.netzero.net/s/search?r=minisearch
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant
http://my.netzero.net/s/search?r=minisearch
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default)
http://my.netzero.net/s/search?r=minisearch
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: URLSearchHook Class
{37D2CDBF-2AF4-44AA-8113-BD0D2DA3C2B8} - C:\Progra
Files\NZSearch\SearchEnh1.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a}
C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll (file missing)
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zon
Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [AVG_CC] C:\Program Files\Grisoft\AVG6\avgcc32.ex
/startup
O4 - HKCU\..\Run: [spc_w] "C:\Program Files\NZSearch\hcm.exe" -w
O8 - Extra context menu item: Add to filterlist (WebWasher)
http://-Web.Washer-/ie_add
O8 - Extra context menu item: Fill Forms &] - file://C:\Progra
Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: RF Toolbar &2 - file://C:\Progra
Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Fill Forms (HKLM)
O9 - Extra 'Tools' menuitem: Fill Forms &] (HKLM
-
TrudyScale
-----------------------------------------------------------------------
Posted via http://www.mcse.m
-----------------------------------------------------------------------
View this thread: http://www.mcse.ms/message640759.htm
ppp3