I did everything step by step as indicated in the instructions on how to remove spyware. Still IE will not get to the internet. I downloaded Netscape as a work around but I would like to get this fixed. Here is the HJT log.
Logfile of HijackThis v1.97.7
Scan saved at 10:41:28 PM, on 8/30/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
C:\WINDOWS\System32\DVDRAMSV.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\ezSP_Px.exe
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\Program Files\TOSHIBA\DualPointUtility\TEDTray.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
C:\Program Files\ViceVersa Pro\VICEVERSA.EXE
C:\Program Files\Toshiba\Toshiba Applet\tpwrsave.exe
C:\Program Files\Toshiba\Toshiba Applet\TMEPROP.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Netscape\Netscape\Netscp.exe
C:\Program Files\Common Files\efax\HotTray.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Iolo\Macro Magic\Macros.exe
C:\Program Files\Common Files\efax\Dllcmd32.exe
C:\Program Files\Network Associates\PGPNT\PGPTray.exe
C:\Program Files\Palm\HOTSYNC.EXE
C:\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://companyweb
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=localhost:9090 ftp=localhost:9093 https=localhost:9092
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,Shellnext =
http://www.ddcd.jp/dd3e/toshiba/cd/update.html
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [NDSTray.exe] "C:\Program Files\Toshiba\ConfigFree\NDSTray.exe"
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [DpUtil] C:\Program Files\TOSHIBA\DualPointUtility\TEDTray.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
O4 - HKLM\..\Run: [ViceVersa Pro] C:\Program Files\ViceVersa Pro\VICEVERSA.EXE
O4 - HKLM\..\Run: [TPWRSAVE] C:\Program Files\Toshiba\Toshiba Applet\tpwrsave.exe -S
O4 - HKLM\..\Run: [TMEPROP] C:\Program Files\Toshiba\Toshiba Applet\TMEPROP.exe -S
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [\\WS1\EPSON Stylus C84 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2D1.EXE /P29 "\\WS1\EPSON Stylus C84 Series" /O5 "LPT1:" /M "Stylus C84"
O4 - HKLM\..\Run: [\\WS1\EPSON Stylus C84 Series (Copy 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2D1.EXE /P38 "\\WS1\EPSON Stylus C84 Series (Copy 1)" /O5 "LPT1:" /M "Stylus C84"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [PPMemCheck] "C:\Program Files\PestPatrol\PPMemCheck.exe"
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM95\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Mozilla Quick Launch] "C:\Program Files\Netscape\Netscape\Netscp.exe" -turbo
O4 - Startup: HotSync Manager.lnk = C:\Program Files\Palm\HOTSYNC.EXE
O4 - Global Startup: eFax.com Tray Menu.lnk = C:\Program Files\Common Files\efax\HotTray.exe
O4 - Global Startup: Iolo Macro Magic.lnk = C:\Program Files\Iolo\Macro Magic\Macros.exe
O4 - Global Startup: Live Menu.lnk = C:\Program Files\Common Files\efax\Dllcmd32.exe
O4 - Global Startup: PGPtray.lnk = C:\Program Files\Network Associates\PGPNT\PGPTray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: Research (HKLM)
O9 - Extra button: AIM (HKLM)
O12 - Plugin for .mid: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin2.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://companyweb
O16 - DPF: {7584C670-2274-4EFB-B00B-D6AABA6D3850} (Microsoft RDP Client Control (redist)) -
https://mail.adcommprepaid.com/Remote/msrdp.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://active.macromedia.com/flash2/cabs/swflash.cab
O16 - DPF: {DA1AFC19-F19A-4BE8-9D9C-7926A759139E} (LDCDirector.MainDoc) -
http://www.ldcdirect.com/LDCDirector.CAB
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = ADCOMMINC.local
O17 - HKLM\Software\..\Telephony: DomainName = ADCOMMINC.local
O17 - HKLM\System\CCS\Services\Tcpip\..\{A60921F0-E6D7-49D4-852A-6AFC57FC722E}: Domain = adcomminc.local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = ADCOMMINC.local
Stumble It!
Tweet This
Bookmark on Delicious
Share on Facebook
Share on MySpace