Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

hello please help me

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

hello please help me

Unread postby steven_elvisda » January 19th, 2007, 11:59 am

hello every please help me to read this hijackthis log for me.
Code: Select all
Logfile of HijackThis v1.99.1
Scan saved at 10:37:00 PM, on 1/19/2007
Platform: Windows XP  (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Hijackthis\HijackThis.exe

O1 - Hosts: survey88.allyes.com
O1 - Hosts: adtaobao.allyes.com
O1 - Hosts: code.qihoo.com
O1 - Hosts: union.mop.com
O1 - Hosts: js.kkunion.com
O1 - Hosts: v.kkunion.com
O1 - Hosts: v.21cn.com
O1 - Hosts: iplusms.allyes.com
O1 - Hosts: mms.t2t2.com
O1 - Hosts: ivr.dobig.net
O1 - Hosts: www.u8u.com
O1 - Hosts: u.u8u.com
O1 - Hosts: img.zhangxiu.com
O1 - Hosts: tl.linktone.com
O1 - Hosts: channel.e78.com
O1 - Hosts: u.7town.com
O1 - Hosts: union.95ol.com.cn
O1 - Hosts: mms1.95ol.com.cn
O1 - Hosts: mfs.95ol.com.cn
O1 - Hosts: tl.a8.com
O1 - Hosts: ad01.a8.com
O1 - Hosts: u2.caiku.com
O1 - Hosts: mms.caiku.com
O1 - Hosts: code1.caiku.com
O1 - Hosts: pub.lele.com
O1 - Hosts: u.lele.com
O1 - Hosts: 7town.com
O1 - Hosts: tvsend.7town.com
O1 - Hosts: ivrsend.7town.com
O1 - Hosts: tlt.7town.com
O1 - Hosts: gsend.7town.com
O1 - Hosts: smssend.7town.com
O1 - Hosts: mmssend.moyu.com
O1 - Hosts: 91ivr.com
O1 - Hosts: myad.91ivr.com
O1 - Hosts: u.91ivr.com
O1 - Hosts: union.91ivr.com
O1 - Hosts: cm.p4p.cn.yahoo.com
O1 - Hosts: un.265.com
O1 - Hosts: union.qq.com
O1 - Hosts: view.aliunion.cn.yahoo.com
O1 - Hosts: union.narrowad.com
O1 - Hosts: ln.heima8.com
O1 - Hosts: www.fboat.cn
O1 - Hosts: cpro.baidu.com
O1 - Hosts: unstat.baidu.com
O1 - Hosts: y.cnxad.com
O1 - Hosts: www.ewowo.com
O1 - Hosts: template.union.163.com
O1 - Hosts: new.is686.com
O1 - Hosts: creative.unionsys.bolaa.com
O1 - Hosts: www.qyule.com
O1 - Hosts: 99e.cc
O1 - Hosts: www.91ivr.com
O1 - Hosts: mg.ukaka.com
O1 - Hosts: kooxoo2.ad4all.net
O1 - Hosts: www.8fff.com
O1 - Hosts: union.pomoho.com
O1 - Hosts:
O1 - Hosts: www.end123.com
O1 - Hosts: w1.7clink.com
O1 - Hosts: w2.7clink.com
O1 - Hosts: union01.com
O1 - Hosts: click.8le8le.com
O1 - Hosts: stbanner.allyes.com
O1 - Hosts: mms1.moyu.com
O1 - Hosts: u.moyu.com
O1 - Hosts: mmsu.moyu.com
O1 - Hosts: show.moyu.com
O1 - Hosts: ivrsend.moyu.com
O1 - Hosts: ivru.moyu.com
O1 - Hosts: ivr1.moyu.com
O1 - Hosts: corep.dmcast.com
O1 - Hosts: m081.dmcast.com
O1 - Hosts: dcww.dmcast.com
O1 - Hosts: renren.dmcast.com
O1 - Hosts: files.henbang.net
O1 - Hosts: bannerbox.cn
O1 - Hosts: www.bannerbox.cn
O1 - Hosts: action.coopen.cn
O1 - Hosts: u4.sky99.cn
O1 - Hosts: u1.sky99.cn
O1 - Hosts: u2.sky99.cn
O1 - Hosts: u3.sky99.cn
O1 - Hosts: sky99.cn
O1 - Hosts: u.sky99.cn
O1 - Hosts: u.ete.cn
O1 - Hosts: ip.alexaanywhere.com
O1 - Hosts: www.365tan.com
O1 - Hosts: www.winopen.cn
O1 - Hosts: www.tanip.com
O1 - Hosts: alexaanywhere.com
O1 - Hosts: jssb.alexaanywhere.com
O1 - Hosts: ns250.alexaanywhere.com
O1 - Hosts: sb.alexaanywhere.com
O1 - Hosts: ip.alexaanywhere.com
O1 - Hosts: pop.9v.cn
O1 - Hosts: xuni.myad.cn
O1 - Hosts: iebar.t2t2.com
O1 - Hosts: error.newcell.cn
O1 - Hosts: auto.search.msn.com
O2 - BHO: Info cache - {385AB8C6-FB22-4D17-8834-064E2BA0A6F0} - C:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\pctools.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O10 - Unknown file in Winsock LSP: c:\program files\armor2net\armor2net personal firewall\netdog.dll
O10 - Unknown file in Winsock LSP: c:\program files\armor2net\armor2net personal firewall\netdog.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{196BB9EE-06F0-44DF-9106-20FF15A3F455}: NameServer =,
O17 - HKLM\System\CS6\Services\Tcpip\..\{196BB9EE-06F0-44DF-9106-20FF15A3F455}: NameServer =,
O17 - HKLM\System\CS7\Services\Tcpip\..\{196BB9EE-06F0-44DF-9106-20FF15A3F455}: NameServer =,
O17 - HKLM\System\CS8\Services\Tcpip\..\{196BB9EE-06F0-44DF-9106-20FF15A3F455}: NameServer =,
O23 - Service: Ati HotKey Poller - Unknown owner - C:\windows\System32\Ati2evxx.exe (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: DepExMTLstHTML (ExMTLstHTML) - Unknown owner - C:\Windows\system32\MQTWBEH.EXE (file missing)
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - Unknown owner - C:\Program Files\TuneUp WinStyler\WinStylerThemeSvc.exe (file missing)

Active Member
Posts: 1
Joined: January 19th, 2007, 11:52 am
Register to Remove

Unread postby Bob4 » January 19th, 2007, 12:17 pm

Update Your Windows XP.
You are currently using an unpatched version of Windows XP.
Before attempting to remove malware, it is CRITICAL that you update to Service Pack 1a.
Get SP1a here : http://www.microsoft.com/windowsxp/downloads/updates/sp1/default.mspx
You should also get SP2, but NOT NOW, rather only after your machine is clean.
After updating your Windows to SP1a, post a new HijackThis log please, using the Reply button.
User avatar
MRU Master
MRU Master
Posts: 6070
Joined: November 12th, 2005, 11:26 am
Location: Florida

Unread postby NonSuch » February 1st, 2007, 6:15 am

This topic is now closed due to inactivity. If you wish it reopened, please send us an email to 'admin at malwareremoval.com' with a link to your thread.

You can help support this site from this link :
Donations For Malware Removal

Please do not contact us if you are not the topic starter. A valid, working link to the closed topic is required along with the user name used. If the user name does not match the one in the thread linked, the email will be deleted.
User avatar
Posts: 27257
Joined: February 23rd, 2005, 7:08 am
Location: California

Return to Infected? Virus, malware, adware, ransomware, oh my!

Who is online

Users browsing this forum: No registered users and 21 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware