Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: virus

  1. #1
    Member
    Join Date
    Jun 2006
    Posts
    25
    Points
    2

    Default virus

    bloodhound virus what is it? i think my computer may b infected with it.

  2. #2
    Member steamwiz's Avatar
    Join Date
    Sep 2003
    Location
    Yorkshire U.K.
    Posts
    14,022
    Points
    2335

    Default

    It all depends where it is ... it may be a false positive, especially if NORTON is finding it.

    Please give more details...

    steam
    Look here for Ways to keep your computer safe
    M'SOFT MVP -Windows Security 2004/8 .member ASAP -

  3. #3
    Member
    Join Date
    Jun 2006
    Posts
    25
    Points
    2

    Default

    well i did not have any anti virus and then it says my computer is inffected with the bloodhound virus and ever since then norton is telling me that i have a virus called w32.sillyp2p wich i asumed that it was in windows system 32 with it saying w32 but i cannot find it. please can u help.

  4. #4
    Member
    Join Date
    Jun 2006
    Posts
    25
    Points
    2

    Default

    as a result of this virus i keep getting pop ups

  5. #5
    Member Spyware Fighter Clark76's Avatar
    Join Date
    Feb 2006
    Location
    Cleveland, Ohio
    Posts
    1,359
    Points
    239

    Default

    Hello

    Go through the instructions in this in this link http://www.help2go.com/component/opt...wtopic/t,9709/

    If your problems still persist then post a Highjackthis log so an expert can take a look at it.

    benc

  6. #6
    Member
    Join Date
    Jun 2006
    Posts
    25
    Points
    2

    Default

    how do i find a Highjackthis log

  7. #7
    Member
    Join Date
    Jun 2006
    Posts
    25
    Points
    2

    Default hijack log

    Logfile of HijackThis v1.99.1
    Scan saved at 13:17:39, on 05/07/2006
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\STOPzilla!\SZServer.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Real\RealPlayer\RealPlay.exe
    C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
    C:\Documents and Settings\steven\Desktop\Picasa2\PicasaMediaDetector.exe
    C:\Program Files\ICQLite\ICQLite.exe
    C:\Program Files\Common Files\AOL\1145703613\ee\AOLHostManager.exe
    C:\WINDOWS\wanmpsvc.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Common Files\AOL\1145703613\ee\AOLServiceHost.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
    C:\Program Files\STOPzilla!\STOPzilla.exe
    C:\Program Files\Microsoft Office\Office\OSA.EXE
    C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
    C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
    C:\Program Files\LimeWire\LimeWire.exe
    C:\Program Files\Messenger\msmsgs.exe
    c:\program files\common files\aol\1145703613\ee\services\antiSpywareApp\ver2_0_12\AOLSP Scheduler.exe
    C:\Program Files\Common Files\AOL\1145703613\ee\AOLServiceHost.exe
    C:\WINDOWS\System32\wuauclt.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\System32\wuauclt.exe
    C:\Program Files\Common Files\STOPzilla!\SZBlkLst.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Documents and Settings\SHIRLEY\Local Settings\Temp\Temporary Directory 2 for hijackthis[1].zip\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.acer.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer Provided By Wanadoo
    R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll
    O2 - BHO: STOPzilla Browser Helper Object - {E3215F20-3212-11D6-9F8B-00D0B743919D} - C:\Program Files\STOPzilla!\SZIEBHO.dll
    O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll
    O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O4 - HKLM\..\Run: [HTpatch] C:\WINDOWS\htpatch.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
    O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1145703613\ee\AOLHostManager.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [BearShare] "C:\Program Files\BearShare\BearShare.exe" /pause
    O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
    O4 - HKLM\..\Run: [My Web Search Bar] rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\MWSBAR.DLL,S
    O4 - HKLM\..\Run: [Picasa Media Detector] C:\Documents and Settings\steven\Desktop\Picasa2\PicasaMediaDetector.exe
    O4 - HKLM\..\Run: [ICQ Lite] "C:\Program Files\ICQLite\ICQLite.exe" -minimize
    O4 - HKLM\..\Run: [defender] C:\\dfndrc_4a.exe
    O4 - HKLM\..\Run: [keyboard] C:\\kybrdc_4.exe
    O4 - HKLM\..\Run: [newname] C:\\nwnmc_4.exe
    O4 - HKLM\..\Run: [Microsoft 32 Service] C:\WINDOWS\system32\WinExec.exe
    O4 - HKLM\..\Run: [Admin Manager Update] C:\WINDOWS\system32\OSExec.exe
    O4 - HKLM\..\Run: [Remote Update Verification] C:\WINDOWS\system32\MSExecCfg.exe
    O4 - HKLM\..\Run: [NT Application Server] C:\WINDOWS\system32\MSAVCfg.exe
    O4 - HKLM\..\Run: [MS Manager Socket] C:\WINDOWS\system32\OSAV32.exe
    O4 - HKLM\..\Run: [XP Manager Socket] C:\WINDOWS\system32\OSAVCfg.exe
    O4 - HKLM\..\Run: [Microsoft 32 Manager] C:\WINDOWS\system32\WinExec.exe
    O4 - HKLM\..\Run: [Secure Server 32] C:\WINDOWS\system32\OSOCX32.exe
    O4 - HKLM\..\Run: [Firewall Socket Device] C:\WINDOWS\system32\WinOCX32.exe
    O4 - HKLM\..\Run: [Win Verification Application] C:\WINDOWS\system32\DBExecCom.exe
    O4 - HKLM\..\Run: [Driver Device Update] C:\WINDOWS\system32\SysExec.exe
    O4 - HKLM\..\Run: [Driver Device Service] C:\WINDOWS\system32\SysExec.exe
    O4 - HKLM\..\Run: [Root Service Validation] C:\WINDOWS\system32\MSAVCfg.exe
    O4 - HKLM\..\Run: [Microsoft Device Service] C:\WINDOWS\system32\OSAVCfg.exe
    O4 - HKLM\..\Run: [Secure Server Device] C:\WINDOWS\system32\DBDllServ.exe
    O4 - HKLM\..\Run: [System Client Manager] C:\WINDOWS\system32\MSExecCom.exe
    O4 - HKLM\..\Run: [Current Manager Update] C:\WINDOWS\system32\OSDllServ.exe
    O4 - HKLM\..\Run: [MS Server 32] C:\WINDOWS\system32\OSOCX32.exe
    O4 - HKLM\..\Run: [Registry Client Manager] C:\WINDOWS\system32\MSExecCfg.exe
    O4 - HKLM\..\Run: [System Verification Manager] C:\WINDOWS\system32\MSExecCom.exe
    O4 - HKLM\..\Run: [Root Service Verification] C:\WINDOWS\system32\DBDllServ.exe
    O4 - HKLM\..\Run: [Root Update Verification] C:\WINDOWS\system32\DBDllServ.exe
    O4 - HKLM\..\Run: [Remote Update Client] C:\WINDOWS\system32\DBDllCom.exe
    O4 - HKLM\..\Run: [XP Application Socket] C:\WINDOWS\system32\WinAVCfg.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [SSC_UserPrompt] "C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe"
    O4 - HKLM\..\Run: [NAV CfgWiz] C:\Program Files\Common Files\Symantec Shared\SymProbe.exe -r "C:\Program Files\Norton AntiVirus\CfgWiz.exe" /GUID {0D7956A2-5A08-4ec2-A72C-DF8495A66016} /MODE CfgWiz /CMDLINE "REBOOT"
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [STOPzilla] C:\Program Files\STOPzilla!\STOPzilla.exe /autostart
    O4 - HKLM\..\RunServices: [Microsoft 32 Service] C:\WINDOWS\system32\WinExec.exe
    O4 - HKLM\..\RunServices: [Admin Manager Update] C:\WINDOWS\system32\OSExec.exe
    O4 - HKLM\..\RunServices: [Remote Update Verification] C:\WINDOWS\system32\MSExecCfg.exe
    O4 - HKLM\..\RunServices: [NT Application Server] C:\WINDOWS\system32\MSAVCfg.exe
    O4 - HKLM\..\RunServices: [XP Manager Socket] C:\WINDOWS\system32\OSAVCfg.exe
    O4 - HKLM\..\RunServices: [MS Manager Socket] C:\WINDOWS\system32\OSAV32.exe
    O4 - HKLM\..\RunServices: [Microsoft 32 Manager] C:\WINDOWS\system32\WinExec.exe
    O4 - HKLM\..\RunServices: [Secure Server 32] C:\WINDOWS\system32\OSOCX32.exe
    O4 - HKLM\..\RunServices: [Firewall Socket Device] C:\WINDOWS\system32\WinOCX32.exe
    O4 - HKLM\..\RunServices: [Win Verification Application] C:\WINDOWS\system32\DBExecCom.exe
    O4 - HKLM\..\RunServices: [Driver Device Update] C:\WINDOWS\system32\SysExec.exe
    O4 - HKLM\..\RunServices: [Driver Device Service] C:\WINDOWS\system32\SysExec.exe
    O4 - HKLM\..\RunServices: [Root Service Validation] C:\WINDOWS\system32\MSAVCfg.exe
    O4 - HKLM\..\RunServices: [Microsoft Device Service] C:\WINDOWS\system32\OSAVCfg.exe
    O4 - HKLM\..\RunServices: [Secure Server Device] C:\WINDOWS\system32\DBDllServ.exe
    O4 - HKLM\..\RunServices: [System Client Manager] C:\WINDOWS\system32\MSExecCom.exe
    O4 - HKLM\..\RunServices: [Current Manager Update] C:\WINDOWS\system32\OSDllServ.exe
    O4 - HKLM\..\RunServices: [MS Server 32] C:\WINDOWS\system32\OSOCX32.exe
    O4 - HKLM\..\RunServices: [Registry Client Manager] C:\WINDOWS\system32\MSExecCfg.exe
    O4 - HKLM\..\RunServices: [System Verification Manager] C:\WINDOWS\system32\MSExecCom.exe
    O4 - HKLM\..\RunServices: [Root Service Verification] C:\WINDOWS\system32\DBDllServ.exe
    O4 - HKLM\..\RunServices: [Root Update Verification] C:\WINDOWS\system32\DBDllServ.exe
    O4 - HKLM\..\RunServices: [Remote Update Client] C:\WINDOWS\system32\DBDllCom.exe
    O4 - HKLM\..\RunServices: [XP Application Socket] C:\WINDOWS\system32\WinAVCfg.exe
    O4 - HKCU\..\Run: [Microsoft 32 Manager] C:\WINDOWS\system32\MSDllCom.exe
    O4 - HKCU\..\Run: [Secure Server 32] C:\WINDOWS\system32\OSOCX32.exe
    O4 - HKCU\..\Run: [Admin Manager Update] C:\WINDOWS\system32\SysOCX32.exe
    O4 - HKCU\..\Run: [Firewall Socket Device] C:\WINDOWS\system32\WinOCX32.exe
    O4 - HKCU\..\Run: [Registry Client Manager] C:\WINDOWS\system32\MSExecCfg.exe
    O4 - HKCU\..\Run: [Win Verification Application] C:\WINDOWS\system32\DBExecCom.exe
    O4 - HKCU\..\Run: [System Verification Manager] C:\WINDOWS\system32\MSExecCom.exe
    O4 - HKCU\..\Run: [Root Service Verification] C:\WINDOWS\system32\DBDllServ.exe
    O4 - HKCU\..\Run: [Root Update Verification] C:\WINDOWS\system32\DBDllServ.exe
    O4 - HKCU\..\Run: [NT Application Server] C:\WINDOWS\system32\MSAVCfg.exe
    O4 - HKCU\..\Run: [Root Service Validation] C:\WINDOWS\system32\MSAVCfg.exe
    O4 - HKCU\..\Run: [Remote Update Client] C:\WINDOWS\system32\DBDllCom.exe
    O4 - HKCU\..\Run: [XP Manager Socket] C:\WINDOWS\system32\OSAVCfg.exe
    O4 - HKCU\..\Run: [Current Manager Update] C:\WINDOWS\system32\OSDllServ.exe
    O4 - HKCU\..\Run: [MS Server 32] C:\WINDOWS\system32\OSOCX32.exe
    O4 - HKCU\..\Run: [XP Application Socket] C:\WINDOWS\system32\WinAVCfg.exe
    O4 - HKCU\..\RunServices: [Microsoft 32 Manager] C:\WINDOWS\system32\MSDllCom.exe
    O4 - HKCU\..\RunServices: [Secure Server 32] C:\WINDOWS\system32\OSOCX32.exe
    O4 - HKCU\..\RunServices: [Admin Manager Update] C:\WINDOWS\system32\SysOCX32.exe
    O4 - HKCU\..\RunServices: [Firewall Socket Device] C:\WINDOWS\system32\WinOCX32.exe
    O4 - HKCU\..\RunServices: [Registry Client Manager] C:\WINDOWS\system32\MSExecCfg.exe
    O4 - HKCU\..\RunServices: [Win Verification Application] C:\WINDOWS\system32\DBExecCom.exe
    O4 - HKCU\..\RunServices: [System Verification Manager] C:\WINDOWS\system32\MSExecCom.exe
    O4 - HKCU\..\RunServices: [Root Service Verification] C:\WINDOWS\system32\DBDllServ.exe
    O4 - HKCU\..\RunServices: [Root Update Verification] C:\WINDOWS\system32\DBDllServ.exe
    O4 - HKCU\..\RunServices: [NT Application Server] C:\WINDOWS\system32\MSAVCfg.exe
    O4 - HKCU\..\RunServices: [Root Service Validation] C:\WINDOWS\system32\MSAVCfg.exe
    O4 - HKCU\..\RunServices: [Remote Update Client] C:\WINDOWS\system32\DBDllCom.exe
    O4 - HKCU\..\RunServices: [XP Manager Socket] C:\WINDOWS\system32\OSAVCfg.exe
    O4 - HKCU\..\RunServices: [Current Manager Update] C:\WINDOWS\system32\OSDllServ.exe
    O4 - HKCU\..\RunServices: [MS Server 32] C:\WINDOWS\system32\OSOCX32.exe
    O4 - HKCU\..\RunServices: [XP Application Socket] C:\WINDOWS\system32\WinAVCfg.exe
    O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
    O4 - Global Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
    O4 - Global Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
    O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
    O4 - Global Startup: PrecisionTime.lnk = C:\Program Files\PrecisionTime\PrecisionTime.exe
    O4 - Global Startup: Date Manager.lnk = C:\Program Files\Date Manager\DateManager.exe
    O4 - Global Startup: AOL 9.0 Tray Icon.lnk = C:\Program Files\AOL 9.0\aoltray.exe
    O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
    O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
    O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe
    O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
    O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
    O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
    O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O14 - IERESET.INF: START_PAGE_URL=http://www.acer.com
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
    O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/noc...up1.0.0.15.cab
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
    O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yaho...st20040510.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1151332488375
    O16 - DPF: {9A54032D-31F7-400D-B184-83B33BDE65FA} (MSN File Upload Control) - http://sc.groups.msn.com/controls/FileUC/MsnUpld.cab
    O16 - DPF: {B64F4A7C-97C9-11DA-8BDE-F66BAD1E3F3A} - http://download.cdn.winsoftware.com/...reeInstall.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary...o.cab32846.cab
    O16 - DPF: {DECEAAA2-370A-49BB-9362-68C3A58DDC62} (SAIX) - http://static.zangocash.com/cab/Seek...008c54b810aed3
    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://games.pogo.com/online2/pogo/h...ploader_v6.cab
    O16 - DPF: {F919FBD3-A96B-4679-AF26-F551439BB5FD} - http://locator1.cdn.imagesrvr.com/si...nerInstall.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{1D5F74B2-CB9F-44D5-8748-69B261986384}: NameServer = 195.92.195.94 195.92.195.95
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
    O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
    O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
    O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: STOPzilla Service (szserver) - Unknown owner - C:\Program Files\Common Files\STOPzilla!\SZServer.exe
    O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

  8. #8
    Member Spyware Fighter Clark76's Avatar
    Join Date
    Feb 2006
    Location
    Cleveland, Ohio
    Posts
    1,359
    Points
    239

    Default

    Stevemiller

    You are running Hijack This from a temporary directory. It needs to be in a permanent folder. Please go into Windows Explorer, click on C:\ then click on File > New > Folder and call it HJT , or another name of your choice. The program creates backup files that we may need to use later. If the program is in a Temporary folder, files may be deleted by you or automatically if your system is set to empty temp files.

    benc

  9. #9
    Member
    Join Date
    Jun 2006
    Posts
    25
    Points
    2

    Default

    is this ok

    Logfile of HijackThis v1.99.1
    Scan saved at 13:40:50, on 05/07/2006
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\STOPzilla!\SZServer.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Real\RealPlayer\RealPlay.exe
    C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
    C:\Documents and Settings\steven\Desktop\Picasa2\PicasaMediaDetector.exe
    C:\Program Files\ICQLite\ICQLite.exe
    C:\Program Files\Common Files\AOL\1145703613\ee\AOLHostManager.exe
    C:\WINDOWS\wanmpsvc.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Common Files\AOL\1145703613\ee\AOLServiceHost.exe
    C:\Program Files\STOPzilla!\STOPzilla.exe
    C:\Program Files\Microsoft Office\Office\OSA.EXE
    C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
    C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
    C:\Program Files\LimeWire\LimeWire.exe
    C:\Program Files\Messenger\msmsgs.exe
    c:\program files\common files\aol\1145703613\ee\services\antiSpywareApp\ver2_0_12\AOLSP Scheduler.exe
    C:\Program Files\Common Files\AOL\1145703613\ee\AOLServiceHost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\System32\wuauclt.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Microsoft Office\Office\WINWORD.EXE
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\hjt\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.acer.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer Provided By Wanadoo
    R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll
    O2 - BHO: STOPzilla Browser Helper Object - {E3215F20-3212-11D6-9F8B-00D0B743919D} - C:\Program Files\STOPzilla!\SZIEBHO.dll
    O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll
    O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O4 - HKLM\..\Run: [HTpatch] C:\WINDOWS\htpatch.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
    O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1145703613\ee\AOLHostManager.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [BearShare] "C:\Program Files\BearShare\BearShare.exe" /pause
    O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
    O4 - HKLM\..\Run: [My Web Search Bar] rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\MWSBAR.DLL,S
    O4 - HKLM\..\Run: [Picasa Media Detector] C:\Documents and Settings\steven\Desktop\Picasa2\PicasaMediaDetector.exe
    O4 - HKLM\..\Run: [ICQ Lite] "C:\Program Files\ICQLite\ICQLite.exe" -minimize
    O4 - HKLM\..\Run: [defender] C:\\dfndrc_4a.exe
    O4 - HKLM\..\Run: [keyboard] C:\\kybrdc_4.exe
    O4 - HKLM\..\Run: [newname] C:\\nwnmc_4.exe
    O4 - HKLM\..\Run: [Microsoft 32 Service] C:\WINDOWS\system32\WinExec.exe
    O4 - HKLM\..\Run: [Admin Manager Update] C:\WINDOWS\system32\OSExec.exe
    O4 - HKLM\..\Run: [Remote Update Verification] C:\WINDOWS\system32\MSExecCfg.exe
    O4 - HKLM\..\Run: [NT Application Server] C:\WINDOWS\system32\MSAVCfg.exe
    O4 - HKLM\..\Run: [MS Manager Socket] C:\WINDOWS\system32\OSAV32.exe
    O4 - HKLM\..\Run: [XP Manager Socket] C:\WINDOWS\system32\OSAVCfg.exe
    O4 - HKLM\..\Run: [Microsoft 32 Manager] C:\WINDOWS\system32\WinExec.exe
    O4 - HKLM\..\Run: [Secure Server 32] C:\WINDOWS\system32\OSOCX32.exe
    O4 - HKLM\..\Run: [Firewall Socket Device] C:\WINDOWS\system32\WinOCX32.exe
    O4 - HKLM\..\Run: [Win Verification Application] C:\WINDOWS\system32\DBExecCom.exe
    O4 - HKLM\..\Run: [Driver Device Update] C:\WINDOWS\system32\SysExec.exe
    O4 - HKLM\..\Run: [Driver Device Service] C:\WINDOWS\system32\SysExec.exe
    O4 - HKLM\..\Run: [Root Service Validation] C:\WINDOWS\system32\MSAVCfg.exe
    O4 - HKLM\..\Run: [Microsoft Device Service] C:\WINDOWS\system32\OSAVCfg.exe
    O4 - HKLM\..\Run: [Secure Server Device] C:\WINDOWS\system32\DBDllServ.exe
    O4 - HKLM\..\Run: [System Client Manager] C:\WINDOWS\system32\MSExecCom.exe
    O4 - HKLM\..\Run: [Current Manager Update] C:\WINDOWS\system32\OSDllServ.exe
    O4 - HKLM\..\Run: [MS Server 32] C:\WINDOWS\system32\OSOCX32.exe
    O4 - HKLM\..\Run: [Registry Client Manager] C:\WINDOWS\system32\MSExecCfg.exe
    O4 - HKLM\..\Run: [System Verification Manager] C:\WINDOWS\system32\MSExecCom.exe
    O4 - HKLM\..\Run: [Root Service Verification] C:\WINDOWS\system32\DBDllServ.exe
    O4 - HKLM\..\Run: [Root Update Verification] C:\WINDOWS\system32\DBDllServ.exe
    O4 - HKLM\..\Run: [Remote Update Client] C:\WINDOWS\system32\DBDllCom.exe
    O4 - HKLM\..\Run: [XP Application Socket] C:\WINDOWS\system32\WinAVCfg.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [SSC_UserPrompt] "C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe"
    O4 - HKLM\..\Run: [NAV CfgWiz] C:\Program Files\Common Files\Symantec Shared\SymProbe.exe -r "C:\Program Files\Norton AntiVirus\CfgWiz.exe" /GUID {0D7956A2-5A08-4ec2-A72C-DF8495A66016} /MODE CfgWiz /CMDLINE "REBOOT"
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [STOPzilla] C:\Program Files\STOPzilla!\STOPzilla.exe /autostart
    O4 - HKLM\..\RunServices: [Microsoft 32 Service] C:\WINDOWS\system32\WinExec.exe
    O4 - HKLM\..\RunServices: [Admin Manager Update] C:\WINDOWS\system32\OSExec.exe
    O4 - HKLM\..\RunServices: [Remote Update Verification] C:\WINDOWS\system32\MSExecCfg.exe
    O4 - HKLM\..\RunServices: [NT Application Server] C:\WINDOWS\system32\MSAVCfg.exe
    O4 - HKLM\..\RunServices: [XP Manager Socket] C:\WINDOWS\system32\OSAVCfg.exe
    O4 - HKLM\..\RunServices: [MS Manager Socket] C:\WINDOWS\system32\OSAV32.exe
    O4 - HKLM\..\RunServices: [Microsoft 32 Manager] C:\WINDOWS\system32\WinExec.exe
    O4 - HKLM\..\RunServices: [Secure Server 32] C:\WINDOWS\system32\OSOCX32.exe
    O4 - HKLM\..\RunServices: [Firewall Socket Device] C:\WINDOWS\system32\WinOCX32.exe
    O4 - HKLM\..\RunServices: [Win Verification Application] C:\WINDOWS\system32\DBExecCom.exe
    O4 - HKLM\..\RunServices: [Driver Device Update] C:\WINDOWS\system32\SysExec.exe
    O4 - HKLM\..\RunServices: [Driver Device Service] C:\WINDOWS\system32\SysExec.exe
    O4 - HKLM\..\RunServices: [Root Service Validation] C:\WINDOWS\system32\MSAVCfg.exe
    O4 - HKLM\..\RunServices: [Microsoft Device Service] C:\WINDOWS\system32\OSAVCfg.exe
    O4 - HKLM\..\RunServices: [Secure Server Device] C:\WINDOWS\system32\DBDllServ.exe
    O4 - HKLM\..\RunServices: [System Client Manager] C:\WINDOWS\system32\MSExecCom.exe
    O4 - HKLM\..\RunServices: [Current Manager Update] C:\WINDOWS\system32\OSDllServ.exe
    O4 - HKLM\..\RunServices: [MS Server 32] C:\WINDOWS\system32\OSOCX32.exe
    O4 - HKLM\..\RunServices: [Registry Client Manager] C:\WINDOWS\system32\MSExecCfg.exe
    O4 - HKLM\..\RunServices: [System Verification Manager] C:\WINDOWS\system32\MSExecCom.exe
    O4 - HKLM\..\RunServices: [Root Service Verification] C:\WINDOWS\system32\DBDllServ.exe
    O4 - HKLM\..\RunServices: [Root Update Verification] C:\WINDOWS\system32\DBDllServ.exe
    O4 - HKLM\..\RunServices: [Remote Update Client] C:\WINDOWS\system32\DBDllCom.exe
    O4 - HKLM\..\RunServices: [XP Application Socket] C:\WINDOWS\system32\WinAVCfg.exe
    O4 - HKCU\..\Run: [Microsoft 32 Manager] C:\WINDOWS\system32\MSDllCom.exe
    O4 - HKCU\..\Run: [Secure Server 32] C:\WINDOWS\system32\OSOCX32.exe
    O4 - HKCU\..\Run: [Admin Manager Update] C:\WINDOWS\system32\SysOCX32.exe
    O4 - HKCU\..\Run: [Firewall Socket Device] C:\WINDOWS\system32\WinOCX32.exe
    O4 - HKCU\..\Run: [Registry Client Manager] C:\WINDOWS\system32\MSExecCfg.exe
    O4 - HKCU\..\Run: [Win Verification Application] C:\WINDOWS\system32\DBExecCom.exe
    O4 - HKCU\..\Run: [System Verification Manager] C:\WINDOWS\system32\MSExecCom.exe
    O4 - HKCU\..\Run: [Root Service Verification] C:\WINDOWS\system32\DBDllServ.exe
    O4 - HKCU\..\Run: [Root Update Verification] C:\WINDOWS\system32\DBDllServ.exe
    O4 - HKCU\..\Run: [NT Application Server] C:\WINDOWS\system32\MSAVCfg.exe
    O4 - HKCU\..\Run: [Root Service Validation] C:\WINDOWS\system32\MSAVCfg.exe
    O4 - HKCU\..\Run: [Remote Update Client] C:\WINDOWS\system32\DBDllCom.exe
    O4 - HKCU\..\Run: [XP Manager Socket] C:\WINDOWS\system32\OSAVCfg.exe
    O4 - HKCU\..\Run: [Current Manager Update] C:\WINDOWS\system32\OSDllServ.exe
    O4 - HKCU\..\Run: [MS Server 32] C:\WINDOWS\system32\OSOCX32.exe
    O4 - HKCU\..\Run: [XP Application Socket] C:\WINDOWS\system32\WinAVCfg.exe
    O4 - HKCU\..\RunServices: [Microsoft 32 Manager] C:\WINDOWS\system32\MSDllCom.exe
    O4 - HKCU\..\RunServices: [Secure Server 32] C:\WINDOWS\system32\OSOCX32.exe
    O4 - HKCU\..\RunServices: [Admin Manager Update] C:\WINDOWS\system32\SysOCX32.exe
    O4 - HKCU\..\RunServices: [Firewall Socket Device] C:\WINDOWS\system32\WinOCX32.exe
    O4 - HKCU\..\RunServices: [Registry Client Manager] C:\WINDOWS\system32\MSExecCfg.exe
    O4 - HKCU\..\RunServices: [Win Verification Application] C:\WINDOWS\system32\DBExecCom.exe
    O4 - HKCU\..\RunServices: [System Verification Manager] C:\WINDOWS\system32\MSExecCom.exe
    O4 - HKCU\..\RunServices: [Root Service Verification] C:\WINDOWS\system32\DBDllServ.exe
    O4 - HKCU\..\RunServices: [Root Update Verification] C:\WINDOWS\system32\DBDllServ.exe
    O4 - HKCU\..\RunServices: [NT Application Server] C:\WINDOWS\system32\MSAVCfg.exe
    O4 - HKCU\..\RunServices: [Root Service Validation] C:\WINDOWS\system32\MSAVCfg.exe
    O4 - HKCU\..\RunServices: [Remote Update Client] C:\WINDOWS\system32\DBDllCom.exe
    O4 - HKCU\..\RunServices: [XP Manager Socket] C:\WINDOWS\system32\OSAVCfg.exe
    O4 - HKCU\..\RunServices: [Current Manager Update] C:\WINDOWS\system32\OSDllServ.exe
    O4 - HKCU\..\RunServices: [MS Server 32] C:\WINDOWS\system32\OSOCX32.exe
    O4 - HKCU\..\RunServices: [XP Application Socket] C:\WINDOWS\system32\WinAVCfg.exe
    O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
    O4 - Global Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
    O4 - Global Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
    O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
    O4 - Global Startup: PrecisionTime.lnk = C:\Program Files\PrecisionTime\PrecisionTime.exe
    O4 - Global Startup: Date Manager.lnk = C:\Program Files\Date Manager\DateManager.exe
    O4 - Global Startup: AOL 9.0 Tray Icon.lnk = C:\Program Files\AOL 9.0\aoltray.exe
    O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
    O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
    O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe
    O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
    O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
    O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
    O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O14 - IERESET.INF: START_PAGE_URL=http://www.acer.com
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
    O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/noc...up1.0.0.15.cab
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
    O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yaho...st20040510.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1151332488375
    O16 - DPF: {9A54032D-31F7-400D-B184-83B33BDE65FA} (MSN File Upload Control) - http://sc.groups.msn.com/controls/FileUC/MsnUpld.cab
    O16 - DPF: {B64F4A7C-97C9-11DA-8BDE-F66BAD1E3F3A} - http://download.cdn.winsoftware.com/...reeInstall.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary...o.cab32846.cab
    O16 - DPF: {DECEAAA2-370A-49BB-9362-68C3A58DDC62} (SAIX) - http://static.zangocash.com/cab/Seek...008c54b810aed3
    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://games.pogo.com/online2/pogo/h...ploader_v6.cab
    O16 - DPF: {F919FBD3-A96B-4679-AF26-F551439BB5FD} - http://locator1.cdn.imagesrvr.com/si...nerInstall.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{1D5F74B2-CB9F-44D5-8748-69B261986384}: NameServer = 195.92.195.94 195.92.195.95
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
    O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
    O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
    O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: STOPzilla Service (szserver) - Unknown owner - C:\Program Files\Common Files\STOPzilla!\SZServer.exe
    O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

  10. #10
    Member
    Join Date
    Dec 2002
    Posts
    12,000
    Points
    1191

    Default

    WOW... Almost 100 entries that probably are bad.

    You did not follow benc directions on what to do before posting a log
    You did not run Pandasoft scan or Housecall. Please go back to here:

    http://www.help2go.com/component/opt...wtopic/t,9709/

    Run the scans !!!, make note of anything Panda finds and can't fix. Save log and post it here along with a new HJT log.

    But to be honest, if are going to continue your P2P/file sharing, really kind of a waste of our time. You will need to be good at wiping your PC and re installing everything.

    BG

Page 1 of 2 12 LastLast