active services trouble

Unknown
edited September 2005 in Spyware & Virus Removal
am having trouble finding the active services as the zip file did not work.

startuplist:
Running processes:

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\ipke.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Common Files\AOL\1124320911\ee\AOLHostManager.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Common Files\AOL\1124320911\ee\AOLServiceHost.exe
C:\Program Files\Warez P2P Client\warez.exe
C:\Program Files\Trace Blaster\tbtray.exe
C:\Program Files\MemoryBlaster\MemoryBlaster.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Common Files\AOL\1124320911\ee\AOLServiceHost.exe
C:\Program Files\Common Files\AOL\1124320911\ee\AOLServiceHost.exe
C:\PROGRA~1\WINZIP\winzip32.exe
C:\Documents and Settings\James Rice\Local Settings\Temp\HijackThis.exe


HJT scan:
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\javasa32.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\AOL\1124320911\ee\AOLHostManager.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Warez P2P Client\warez.exe
C:\Program Files\Common Files\AOL\1124320911\ee\AOLServiceHost.exe
C:\Program Files\Trace Blaster\tbtray.exe
C:\Program Files\MemoryBlaster\MemoryBlaster.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Common Files\AOL\1124320911\ee\AOLServiceHost.exe
C:\Program Files\Common Files\AOL\1124320911\ee\AOLServiceHost.exe
C:\Program Files\Grisoft\AVG7\avgwb.dat
C:\Program Files\WinZip\WINZIP32.EXE
C:\Documents and Settings\James Rice\Local Settings\Temp\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\hadbb.dll/sp.html#37049
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\hadbb.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\hadbb.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\hadbb.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\hadbb.dll/sp.html#37049
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\hadbb.dll/sp.html#37049
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\hadbb.dll/sp.html#37049
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Class - {07DCD1F0-3431-2061-572B-9CC2066EF30E} - C:\WINDOWS\system32\addkj.dll
O2 - BHO: Class - {59029D6A-8D10-E933-6516-C7F103C893F1} - C:\WINDOWS\system32\netep32.dll
O2 - BHO: Class - {EE9651FF-BAC2-5AC2-F05A-4F78D61ADF97} - C:\WINDOWS\winus32.dll

plus all the r4 RunOnce entries

Comments

  • primesuspectprimesuspect Beepin n' Boopin Detroit, MI Icrontian
    edited September 2005
    Sorry about the crazy delay. We're working on beefing up our SWAT TEAM staff. Do you still need help with this issue?
  • morada2007
    edited September 2005
    No, I just deleted all of the Run02 entries, I think. Well anyway, I don't seem to have Home Search Assistant anymore nor any other spyware that was messing up my computer. Everything is running fine now. Thanks anyway. Alyssa

    P.S. Thanks a LOT though for all the directions for getting rid of HSA. It was a HUGE help.
This discussion has been closed.