Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Search Engines malfunctioning 2

Status
Not open for further replies.
xjlkx

xjlkx

IS-IT--Management
Nov 21, 2002
107
US
An interesting problem here...

I have a windows 2000 sp4 laptop with IE6. I can cruise the net with no problem, however, whenever I try to use a search engine (any search engine - yahoo, google, etc), the search instantly returns a "This page cannot be found" error.

Any ideas?
 
Sort by date Sort by votes
Hi xjlkx

Please Download hijackthis from


Unzip, doubleclick HijackThis.exe, and hit "Scan".

After the scan has finished the "scan" button will turn into a "save log" button

save the log file and paste it here

Do not delete anything yet, as most things hijackthis finds are harmless and needed.

steam
 
Upvote 0 Downvote
OK, I ran Hijack This, and this is the log I got:

Logfile of HijackThis v1.97.3
Scan saved at 10:54:28 AM, on 10/15/2003
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\drivers\CDAC11BA.EXE
C:\WINNT\System32\svchost.exe
C:\WINNT\System32\rasinf.exe
C:\WINNT\system32\msvswr.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\Program Files\Sophos SWEEP for NT\SWEEPSRV.SYS
C:\Program Files\Sophos SWEEP for NT\SWUPDATE.EXE
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\System32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Drag'n Drop CD\BinFiles\DragDrop.exe
C:\WINNT\System32\WScript.exe
C:\PROGRA~1\Sony\JOGDIA~1\JogServ2.exe
D:\Program Files\RealPopup\RealPopup.exe
C:\Program Files\Browser Mouse\Browser Mouse\1.0\lwbwheel.exe
C:\Program Files\Yahoo!\Messenger\ypager.exe
C:\Program Files\PowerPanel\Program\PcfMgr.exe
C:\Program Files\Sophos SWEEP for NT\ICMON.EXE
D:\Program Files\Microsoft Office\Office\1033\OLFSNT40.EXE
C:\WINNT\DvzCommon\DvzMsgr.exe
D:\Program Files\Microsoft Office\Office\1033\msoffice.exe
D:\Program Files\Check Mail\MAD\CHKML32.EXE
D:\Program Files\abouttime\AboutTime.exe
C:\Program Files\Sony Handheld\HOTSYNC.EXE
C:\progra~1\Support.com\client\bin\tgcmd.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
M:\gmw5.exe
C:\PROGRA~1\WinZip\winzip32.exe
C:\DOCUME~1\MAD~1.INC\LOCALS~1\Temp\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by America Online
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = O1 - Hosts: 127.127.127.127 elite
O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 google.com
O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 altavista.com
O1 - Hosts: 207.44.194.56 search.yahoo.com
O1 - Hosts: 207.44.194.56 uk.search.yahoo.com
O1 - Hosts: 207.44.194.56 ca.search.yahoo.com
O1 - Hosts: 207.44.194.56 jp.search.yahoo.com
O1 - Hosts: 207.44.194.56 au.search.yahoo.com
O1 - Hosts: 207.44.194.56 de.search.yahoo.com
O1 - Hosts: 207.44.194.56 search.yahoo.co.jp
O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 alltheweb.com
O1 - Hosts: 207.44.194.56 web.ask.com
O1 - Hosts: 207.44.194.56 ask.com
O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 search.aol.com
O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 ca.search.msn.com
O1 - Hosts: 207.44.194.56 fr.ca.search.msn.com
O1 - Hosts: 207.44.194.56 search.fr.msn.be
O1 - Hosts: 207.44.194.56 search.fr.msn.ch
O1 - Hosts: 207.44.194.56 search.latam.yupimsn.com
O1 - Hosts: 207.44.194.56 search.msn.at
O1 - Hosts: 207.44.194.56 search.msn.be
O1 - Hosts: 207.44.194.56 search.msn.ch
O1 - Hosts: 207.44.194.56 search.msn.co.in
O1 - Hosts: 207.44.194.56 search.msn.co.jp
O1 - Hosts: 207.44.194.56 search.msn.co.kr
O1 - Hosts: 207.44.194.56 search.msn.com.br
O1 - Hosts: 207.44.194.56 search.msn.com.hk
O1 - Hosts: 207.44.194.56 search.msn.com.my
O1 - Hosts: 207.44.194.56 search.msn.com.sg
O1 - Hosts: 207.44.194.56 search.msn.com.tw
O1 - Hosts: 207.44.194.56 search.msn.co.za
O1 - Hosts: 207.44.194.56 search.msn.de
O1 - Hosts: 207.44.194.56 search.msn.dk
O1 - Hosts: 207.44.194.56 search.msn.es
O1 - Hosts: 207.44.194.56 search.msn.fi
O1 - Hosts: 207.44.194.56 search.msn.fr
O1 - Hosts: 207.44.194.56 search.msn.it
O1 - Hosts: 207.44.194.56 search.msn.nl
O1 - Hosts: 207.44.194.56 search.msn.no
O1 - Hosts: 207.44.194.56 search.msn.se
O1 - Hosts: 207.44.194.56 search.ninemsn.com.au
O1 - Hosts: 207.44.194.56 search.t1msn.com.mx
O1 - Hosts: 207.44.194.56 search.xtramsn.co.nz
O1 - Hosts: 207.44.194.56 search.yupimsn.com
O1 - Hosts: 207.44.194.56 uk.search.msn.com
O1 - Hosts: 207.44.194.56 search.lycos.com
O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 google.ca
O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 google.at
O1 - Hosts: 207.44.194.56 google.be
O1 - Hosts: 207.44.194.56 google.de
O1 - Hosts: 207.44.194.56 google.dk
O1 - Hosts: 207.44.194.56 google.fi
O1 - Hosts: 207.44.194.56 google.fr
O1 - Hosts: 207.44.194.56 google.com.hk
O1 - Hosts: 207.44.194.56 google.ie
O1 - Hosts: 207.44.194.56 google.co.il
O1 - Hosts: 207.44.194.56 google.it
O1 - Hosts: 207.44.194.56 google.co.kr
O1 - Hosts: 207.44.194.56 google.com.mx
O1 - Hosts: 207.44.194.56 google.nl
O1 - Hosts: 207.44.194.56 google.co.nz
O1 - Hosts: 207.44.194.56 google.pl
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Common\ycomp5_1_6_0.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Common\ycomp5_1_6_0.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [OmgStartup] C:\Program Files\Common Files\Sony Shared\OpenMG\OmgStartup.exe
O4 - HKLM\..\Run: [JOGSERV2.EXE] C:\Program Files\Sony\Jog Dial Utility\JogServ2.exe
O4 - HKLM\..\Run: [Drag'n Drop CD] C:\Program Files\Drag'n Drop CD\BinFiles\DragDrop.exe /StartUp
O4 - HKLM\..\Run: [ZTgServerSwitch] c:\program files\support.com\client\lserver\server.vbs
O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\System32\NeroCheck.exe
O4 - HKLM\..\Run: [Realpopup] D:\Program Files\RealPopup\RealPopup.exe
O4 - HKLM\..\Run: [LWBMOUSE] C:\Program Files\Browser Mouse\Browser Mouse\1.0\lwbwheel.exe
O4 - HKCU\..\Run: [RealPopup] "D:\Program Files\Real Popup\RealPopup.exe" BOOT
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - Startup: Shortcut to CHKML32.lnk = D:\Program Files\Check Mail\MAD\CHKML32.EXE
O4 - Startup: AboutTime.lnk = D:\Program Files\abouttime\AboutTime.exe
O4 - Startup: HotSync Manager.lnk = C:\Program Files\Sony Handheld\HOTSYNC.EXE
O4 - Global Startup: PowerPanel.lnk = C:\Program Files\PowerPanel\Program\PcfMgr.exe
O4 - Global Startup: InterCheck Monitor.LNK = C:\Program Files\Sophos SWEEP for NT\ICMON.EXE
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Symantec Fax Starter Edition Port.lnk = D:\Program Files\Microsoft Office\Office\1033\OLFSNT40.EXE
O4 - Global Startup: DataViz Messenger.lnk = C:\WINNT\DvzCommon\DvzMsgr.exe
O8 - Extra context menu item: Yahoo! Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O9 - Extra button: Create Mobile Favorite (HKLM)
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... (HKLM)
O9 - Extra button: ATI TV (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra button: Real.com (HKLM)
O12 - Plugin for .au: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll
O12 - Plugin for .DImg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O12 - Plugin for .qt: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll
O12 - Plugin for .wav: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - O16 - DPF: {28F00B0F-DC4E-11D3-ABEC-005004A44EEB} (Register Class) - O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - O16 - DPF: {7CF052DE-C74F-421B-B04A-3B3037EF5887} (CCMPGui Class) - O16 - DPF: {9184D21C-9835-42C5-A883-EA8BE7FC048D} (Downloader Class) - O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - O16 - DPF: {C4847596-972C-11D0-9567-00A0C9273C2A} (Crystal Report Viewer Control) - O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = intranet.incomusa.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = intranet.incomusa.com
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = intranet.incomusa.com

WHAT A MESS!
 
Upvote 0 Downvote
Unfortunately, that Qhosts Fix did not detect the virus. This is the HiJack This Log run after teh Qhosts Fix.

Logfile of HijackThis v1.97.3
Scan saved at 1:51:06 PM, on 10/15/2003
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\drivers\CDAC11BA.EXE
C:\WINNT\System32\svchost.exe
C:\WINNT\System32\rasinf.exe
C:\WINNT\system32\msvsso.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\Program Files\Sophos SWEEP for NT\SWEEPSRV.SYS
C:\Program Files\Sophos SWEEP for NT\SWUPDATE.EXE
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\System32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Drag'n Drop CD\BinFiles\DragDrop.exe
C:\WINNT\System32\WScript.exe
C:\PROGRA~1\Sony\JOGDIA~1\JogServ2.exe
D:\Program Files\RealPopup\RealPopup.exe
C:\Program Files\Browser Mouse\Browser Mouse\1.0\lwbwheel.exe
C:\Program Files\Yahoo!\Messenger\ypager.exe
C:\Program Files\PowerPanel\Program\PcfMgr.exe
C:\Program Files\Sophos SWEEP for NT\ICMON.EXE
D:\Program Files\Microsoft Office\Office\1033\OLFSNT40.EXE
C:\WINNT\DvzCommon\DvzMsgr.exe
D:\Program Files\Microsoft Office\Office\1033\msoffice.exe
D:\Program Files\Check Mail\MAD\CHKML32.EXE
D:\Program Files\abouttime\AboutTime.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\progra~1\Support.com\client\bin\tgcmd.exe
C:\Program Files\Sony Handheld\HOTSYNC.EXE
C:\PROGRA~1\WinZip\winzip32.exe
C:\DOCUME~1\MAD~1.INC\LOCALS~1\Temp\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by America Online
O1 - Hosts: 127.127.127.127 elite
O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 google.com
O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 altavista.com
O1 - Hosts: 207.44.194.56 search.yahoo.com
O1 - Hosts: 207.44.194.56 uk.search.yahoo.com
O1 - Hosts: 207.44.194.56 ca.search.yahoo.com
O1 - Hosts: 207.44.194.56 jp.search.yahoo.com
O1 - Hosts: 207.44.194.56 au.search.yahoo.com
O1 - Hosts: 207.44.194.56 de.search.yahoo.com
O1 - Hosts: 207.44.194.56 search.yahoo.co.jp
O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 alltheweb.com
O1 - Hosts: 207.44.194.56 web.ask.com
O1 - Hosts: 207.44.194.56 ask.com
O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 search.aol.com
O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 ca.search.msn.com
O1 - Hosts: 207.44.194.56 fr.ca.search.msn.com
O1 - Hosts: 207.44.194.56 search.fr.msn.be
O1 - Hosts: 207.44.194.56 search.fr.msn.ch
O1 - Hosts: 207.44.194.56 search.latam.yupimsn.com
O1 - Hosts: 207.44.194.56 search.msn.at
O1 - Hosts: 207.44.194.56 search.msn.be
O1 - Hosts: 207.44.194.56 search.msn.ch
O1 - Hosts: 207.44.194.56 search.msn.co.in
O1 - Hosts: 207.44.194.56 search.msn.co.jp
O1 - Hosts: 207.44.194.56 search.msn.co.kr
O1 - Hosts: 207.44.194.56 search.msn.com.br
O1 - Hosts: 207.44.194.56 search.msn.com.hk
O1 - Hosts: 207.44.194.56 search.msn.com.my
O1 - Hosts: 207.44.194.56 search.msn.com.sg
O1 - Hosts: 207.44.194.56 search.msn.com.tw
O1 - Hosts: 207.44.194.56 search.msn.co.za
O1 - Hosts: 207.44.194.56 search.msn.de
O1 - Hosts: 207.44.194.56 search.msn.dk
O1 - Hosts: 207.44.194.56 search.msn.es
O1 - Hosts: 207.44.194.56 search.msn.fi
O1 - Hosts: 207.44.194.56 search.msn.fr
O1 - Hosts: 207.44.194.56 search.msn.it
O1 - Hosts: 207.44.194.56 search.msn.nl
O1 - Hosts: 207.44.194.56 search.msn.no
O1 - Hosts: 207.44.194.56 search.msn.se
O1 - Hosts: 207.44.194.56 search.ninemsn.com.au
O1 - Hosts: 207.44.194.56 search.t1msn.com.mx
O1 - Hosts: 207.44.194.56 search.xtramsn.co.nz
O1 - Hosts: 207.44.194.56 search.yupimsn.com
O1 - Hosts: 207.44.194.56 uk.search.msn.com
O1 - Hosts: 207.44.194.56 search.lycos.com
O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 google.ca
O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 google.at
O1 - Hosts: 207.44.194.56 google.be
O1 - Hosts: 207.44.194.56 google.de
O1 - Hosts: 207.44.194.56 google.dk
O1 - Hosts: 207.44.194.56 google.fi
O1 - Hosts: 207.44.194.56 google.fr
O1 - Hosts: 207.44.194.56 google.com.hk
O1 - Hosts: 207.44.194.56 google.ie
O1 - Hosts: 207.44.194.56 google.co.il
O1 - Hosts: 207.44.194.56 google.it
O1 - Hosts: 207.44.194.56 google.co.kr
O1 - Hosts: 207.44.194.56 google.com.mx
O1 - Hosts: 207.44.194.56 google.nl
O1 - Hosts: 207.44.194.56 google.co.nz
O1 - Hosts: 207.44.194.56 google.pl
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Common\ycomp5_1_6_0.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Common\ycomp5_1_6_0.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [OmgStartup] C:\Program Files\Common Files\Sony Shared\OpenMG\OmgStartup.exe
O4 - HKLM\..\Run: [JOGSERV2.EXE] C:\Program Files\Sony\Jog Dial Utility\JogServ2.exe
O4 - HKLM\..\Run: [Drag'n Drop CD] C:\Program Files\Drag'n Drop CD\BinFiles\DragDrop.exe /StartUp
O4 - HKLM\..\Run: [ZTgServerSwitch] c:\program files\support.com\client\lserver\server.vbs
O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\System32\NeroCheck.exe
O4 - HKLM\..\Run: [Realpopup] D:\Program Files\RealPopup\RealPopup.exe
O4 - HKLM\..\Run: [LWBMOUSE] C:\Program Files\Browser Mouse\Browser Mouse\1.0\lwbwheel.exe
O4 - HKCU\..\Run: [RealPopup] "D:\Program Files\Real Popup\RealPopup.exe" BOOT
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - Startup: Shortcut to CHKML32.lnk = D:\Program Files\Check Mail\MAD\CHKML32.EXE
O4 - Startup: AboutTime.lnk = D:\Program Files\abouttime\AboutTime.exe
O4 - Startup: HotSync Manager.lnk = C:\Program Files\Sony Handheld\HOTSYNC.EXE
O4 - Global Startup: PowerPanel.lnk = C:\Program Files\PowerPanel\Program\PcfMgr.exe
O4 - Global Startup: InterCheck Monitor.LNK = C:\Program Files\Sophos SWEEP for NT\ICMON.EXE
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Symantec Fax Starter Edition Port.lnk = D:\Program Files\Microsoft Office\Office\1033\OLFSNT40.EXE
O4 - Global Startup: DataViz Messenger.lnk = C:\WINNT\DvzCommon\DvzMsgr.exe
O8 - Extra context menu item: Yahoo! Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O9 - Extra button: Create Mobile Favorite (HKLM)
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... (HKLM)
O9 - Extra button: ATI TV (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra button: Real.com (HKLM)
O12 - Plugin for .au: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll
O12 - Plugin for .DImg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O12 - Plugin for .qt: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll
O12 - Plugin for .wav: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - O16 - DPF: {28F00B0F-DC4E-11D3-ABEC-005004A44EEB} (Register Class) - O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - O16 - DPF: {7CF052DE-C74F-421B-B04A-3B3037EF5887} (CCMPGui Class) - O16 - DPF: {9184D21C-9835-42C5-A883-EA8BE7FC048D} (Downloader Class) - O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - O16 - DPF: {C4847596-972C-11D0-9567-00A0C9273C2A} (Crystal Report Viewer Control) - O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = intranet.incomusa.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = intranet.incomusa.com
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = intranet.incomusa.com
 
Upvote 0 Downvote
I have never known this not to work before

Please read this page carefully :-


Then run the tool again.....

This is a direct link :-


If you have to remove it manually it involves A LOT of registry editing - so getting the tool to work will save you a lot of time and trouble.

steam
 
Upvote 0 Downvote
Your HOSTS file has been hijacked.

Delete all the entries like this:
O1 - Hosts: 127.127.127.127 elite
O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 google.com
O1 - Hosts: 207.44.194.56 O1 - Hosts: 207.44.194.56 altavista.com
O1 - Hosts: 207.44.194.56 search.yahoo.com
O1 -
 
Upvote 0 Downvote
It might be easier just to copy and paste the below as a new HOSTS file.

# Copyright (c) 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost



Note that there are two blank lines on purpose at the end of the file.

The HOSTS file (no file extension) can be found usually in your %windir%\system32\drivers\etc folder.
 
Upvote 0 Downvote
Where do I find the hosts file?
 
Upvote 0 Downvote
Sorry, it was right there at the end of the post!
 
Upvote 0 Downvote
Thanks guys! With the help of HiJack This, I went through and deleted the hijacked hosts and everything is back to normal. Apparently the virus was removed from the computer, and thats why it wasn't detected - but the settings obviously did not revert. Way to go guys, you never fail me!
 
Upvote 0 Downvote
This problem actually occurs with the hosts file. All you need to do is to remove that file. I am sending you the detailed steps to do that. Please make sure that you remove only the "Hosts" file and nothing else.
Also these steps are for XP only. If using anything else please make the necessary modifications. I am sure that this should work as it has worked for me.
1. Click on Start.

2. Click on search.

3. Click on files and folders.

4. Click on the Tools option on the menu bar and select the Folder options.

5. Select the View tab.

6. In the new window that opens under the option Hidden files and folders check the box beside Show hidden files and folders.

7. Click on Apply and then on Ok.

8. Click on All files and folders.

9. Type "hosts" (without quotation marks) in the file name box and click Search.

(Some versions of Windows list this as Find Now.)

10. Once you locate the (hosts¦ file within your Windows or WINNT directory, right click the file and click Delete. Please delete the hosts file which is in the path "C:\WINDOWS\system32\drivers\etc"



Nikhil Dev.


You can also mail me at the following email addresses :-
infokarma@india.com
infokarma@yahoo.com
infokarma@fusemail.com
infokarma@punkass.com
infokarma@coolgoose.com
infokarma@sexmagnet.com
chunchu_nikhil_dev@msn.com
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

goombawaho
  • Locked
  • Question
Google search results look different in Firefox as of today
Replies
3
Views
134
goombawaho
goombawaho
melmitts
  • Locked
  • Question
Internet Explorer Search Error
Replies
14
Views
172
ChrisHirst
ChrisHirst
Peppper
  • Locked
  • Question
Default Tab Search Results - removal?
Replies
5
Views
77
lindamartin
lindamartin
alexvidakovic
  • Locked
  • Question
help me to get rid of the ask search toolbar
Replies
1
Views
81
JustinEzequiel
JustinEzequiel
JordanWitthoft
  • Locked
  • Question
Google search still points at our website for business that was sold
Replies
6
Views
118
Sympology
Sympology

Part and Inventory Search

Sponsor

Back
Top