i have tried stopzilla, spy doctor, and malware bytes, none deleted virus here is my hijackthis logfile help me tell what to do. i cant do system restore it was shut off by virus.
heres my log file
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:00:20 PM, on 11/23/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Safe mode with network support
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\STOPzilla!\STOPzilla.exe
C:\program files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentV… Settings,ProxyOverride = *.local
O2 - BHO: SITEguard BHO - {1827766B-9F49-4854-8034-F6EE26FCB1EC} - C:\Program Files\STOPzilla!\SZSG.dll
O2 - BHO: UrlHelper Class - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - E:\Program Files\iMesh Applications\iMesh\iMeshIEHelper.dll
O2 - BHO: MediaBar - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - C:\Program Files\iMeshMediabarTb\iMeshMediaBarDx.dl…
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: STOPzilla Browser Helper Object - {E3215F20-3212-11D6-9F8B-00D0B743919D} - C:\Program Files\STOPzilla!\SZIEBHO.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_pl…
O3 - Toolbar: STOPzilla - {98828DED-A591-462F-83BA-D2F62A68B8B8} - C:\Program Files\STOPzilla!\SZSG.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: MediaBar - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - C:\Program Files\iMeshMediabarTb\iMeshMediaBarDx.dl…
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [LogonStudio] "C:\Program Files\WinCustomize\LogonStudio\logonstud… /RANDOM
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4Service… -launchedbylogin
O4 - HKLM\..\Run: [SDFix] C:\DOCUME~1\truth51\Desktop\SDFix\RunThi… /second
O4 - HKLM\..\Run: [winupdate86.exe] C:\WINDOWS\system32\winupdate86.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [Advanced Virus Remover] C:\Program Files\AdvancedVirusRemover\AVR.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Advanced Virus Remover] C:\Program Files\AdvancedVirusRemover\AVR.exe (User 'Default user')
O9 - Extra button: Rip YouTube File - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files\SoundTaxi\YouTubeRipper.dll
O9 - Extra 'Tools' menuitem: Rip YouTube file embedded in this page - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files\SoundTaxi\YouTubeRipper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\winhelper86.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\winhelper86.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService)
Resolved Question
Show me another »How to delete google/yahoo hijack virus ?
Best Answer - Chosen by Voters
Superantispyware from- http://www.superantispyware.com/
How To Run Microsoft Malicious Software Removal Tool
http://www.pchell.com/virus/malicioussof…
http://www.gmer.net/
O4 - HKUS\S-1-5-18\..\Run: [Advanced Virus Remover] C:\Program Files\AdvancedVirusRemover\AVR... (User 'SYSTEM')*******************
O4 - HKUS\.DEFAULT\..\Run: [Advanced Virus Remover] C:\Program Files\AdvancedVirusRemover\AVR... (User 'Default user')*******************
O10 - Unknown file in Winsock LSP: c:\windows\system32\winhelper8... ********************
O10 - Unknown file in Winsock LSP: c:\windows\system32\winhelper8..********…
How To Run Microsoft Malicious Software Removal Tool
http://www.pchell.com/virus/malicioussof…
http://www.gmer.net/
O4 - HKUS\S-1-5-18\..\Run: [Advanced Virus Remover] C:\Program Files\AdvancedVirusRemover\AVR... (User 'SYSTEM')*******************
O4 - HKUS\.DEFAULT\..\Run: [Advanced Virus Remover] C:\Program Files\AdvancedVirusRemover\AVR... (User 'Default user')*******************
O10 - Unknown file in Winsock LSP: c:\windows\system32\winhelper8... ********************
O10 - Unknown file in Winsock LSP: c:\windows\system32\winhelper8..********…
100% 2 Votes
There are currently no comments for this question.
* You must be logged into Answers to add comments. Sign in or Register.
This question about "How to delete google… " was originally asked on Yahoo! Answers Australia
Other Answers (0)
No other answers.
Answers International
- Argentina
- Australia
- Brazil
- Canada
- China
- France
- Germany
- Hong Kong
- India
- Indonesia
- Italy
- Japan
- Malaysia
- Mexico
- New Zealand
- Philippines
- Quebec
- Singapore
- South Korea
- Spain
- Taiwan
- Thailand
- United Kingdom
- United States
- Vietnam
- en Español
Yahoo! does not evaluate or guarantee the accuracy of any Yahoo! Answers content. Click here for the Full Disclaimer.
Help us improve Yahoo! Answers. Send Feedback
Copyright © 2013 Yahoo! Inc. All Rights Reserved.