Computer gone wrong...hjthis log included...
Hello,
My computer seems to be getting slower and slower and now there seems to be no sound, even though my speakers are on. I keep getting pop ups too. Could you please have a look at my log and see if there is anything amiss?
Thank you in advance.
Logfile of HijackThis v1.99.1
Scan saved at 20:22:35, on 19/12/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Norton GoBack\GBPoll.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\keyhook.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Apps\Powercinema\PCMService.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Norton GoBack\GBTray.exe
C:\Program Files\MSN Toolbar Suite\DS\02.01.0000.2217\en-us\bin\WindowsSearch.exe
C:\Program Files\MSN Toolbar Suite\DS\02.01.0000.2217\en-us\bin\WindowsSearchIndexer.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\HP\hpcoretech\comp\hpdarc.exe
C:\Documents and Settings\Deborah Tait\Desktop\hijackthis_199\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bbc.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.wanadoo.co.uk
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.co.uk
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.wanadoo.co.uk/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Wanadoo
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.01.0000.2214\en-us\msntb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Wanadoo - {8B68564D-53FD-4293-B80C-993A9F3988EE} - C:\PROGRA~1\Wanadoo\WSBar\WSBar.dll
O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.01.0000.2214\en-us\msntb.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\nbj.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Norton GoBack.lnk = C:\Program Files\Norton GoBack\GBTray.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.01.0000.2217\en-us\bin\WindowsSearch.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Search with Wanadoo - res://C:\PROGRA~1\Wanadoo\WSBar\WSBar.dll/VSearch.htm
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.wanadoo.co.uk
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://signup.msn.com/pages/MsnInstC.cab
O16 - DPF: {17D72920-7A15-11D4-921E-0080C8DA7A5E} (AimSp32 Class) - http://makeover.ivillage.co.uk/save/makeover.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/en-gb/4,0,0,90/mcinsctl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://groups.msn.com/controls/PhotoUC/MsnPUpld.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/013521baf0163f91f018/netzip/RdxIE601.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.com/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1125218291687
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/en-gb/1,0,0,23/mcgdmgr.cab
O16 - DPF: {CC32D4D8-2A0B-4CEB-B105-C9B968379105} (CGameManagerCtrl Object) - http://www.disney.go.com/games/downloads/gamemanager/DIGGameManager.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: GoBack Polling Service (GBPoll) - Symantec Corporation - C:\Program Files\Norton GoBack\GBPoll.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
My computer seems to be getting slower and slower and now there seems to be no sound, even though my speakers are on. I keep getting pop ups too. Could you please have a look at my log and see if there is anything amiss?
Thank you in advance.
Logfile of HijackThis v1.99.1
Scan saved at 20:22:35, on 19/12/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Norton GoBack\GBPoll.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\keyhook.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Apps\Powercinema\PCMService.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Norton GoBack\GBTray.exe
C:\Program Files\MSN Toolbar Suite\DS\02.01.0000.2217\en-us\bin\WindowsSearch.exe
C:\Program Files\MSN Toolbar Suite\DS\02.01.0000.2217\en-us\bin\WindowsSearchIndexer.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\HP\hpcoretech\comp\hpdarc.exe
C:\Documents and Settings\Deborah Tait\Desktop\hijackthis_199\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bbc.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.wanadoo.co.uk
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.co.uk
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.wanadoo.co.uk/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Wanadoo
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.01.0000.2214\en-us\msntb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Wanadoo - {8B68564D-53FD-4293-B80C-993A9F3988EE} - C:\PROGRA~1\Wanadoo\WSBar\WSBar.dll
O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.01.0000.2214\en-us\msntb.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\nbj.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Norton GoBack.lnk = C:\Program Files\Norton GoBack\GBTray.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.01.0000.2217\en-us\bin\WindowsSearch.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Search with Wanadoo - res://C:\PROGRA~1\Wanadoo\WSBar\WSBar.dll/VSearch.htm
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.wanadoo.co.uk
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://signup.msn.com/pages/MsnInstC.cab
O16 - DPF: {17D72920-7A15-11D4-921E-0080C8DA7A5E} (AimSp32 Class) - http://makeover.ivillage.co.uk/save/makeover.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/en-gb/4,0,0,90/mcinsctl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://groups.msn.com/controls/PhotoUC/MsnPUpld.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/013521baf0163f91f018/netzip/RdxIE601.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.com/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1125218291687
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/en-gb/1,0,0,23/mcgdmgr.cab
O16 - DPF: {CC32D4D8-2A0B-4CEB-B105-C9B968379105} (CGameManagerCtrl Object) - http://www.disney.go.com/games/downloads/gamemanager/DIGGameManager.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: GoBack Polling Service (GBPoll) - Symantec Corporation - C:\Program Files\Norton GoBack\GBPoll.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
0
This discussion has been closed.
Comments
Check the following in HJT and click 'Fix Checked' - Close ALL open Browsers first
R3 - Default URLSearchHook is missing
--
Please download the trial version of Ewido Security Suite here:
http://www.ewido.net/en/download/
Install it, and update the definitions to the newest files. Do NOT run a scan yet.
Next, please reboot your computer in Safe Mode by doing the following:
1) Restart your computer
2) After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
3) Instead of Windows loading as normal, a menu should appear
4) Select the first option, to run Windows in Safe Mode.
For additional help in booting into Safe Mode, see the following site:
http://www.pchell.com/support/safemode.shtml
Once in Safe Mode, please run Ewido, and do a full scan. During the scan it will prompt you to clean files, click OK.
Save the logfile from the scan. Restart your computer in normal mode and please post a new HijackThis log, as well as the log from the Ewido scan.
ok did that...
Logfile of HijackThis v1.99.1
Scan saved at 22:27:38, on 19/12/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Norton GoBack\GBPoll.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\keyhook.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Apps\Powercinema\PCMService.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Norton GoBack\GBTray.exe
C:\Program Files\MSN Toolbar Suite\DS\02.01.0000.2217\en-us\bin\WindowsSearch.exe
C:\Program Files\MSN Toolbar Suite\DS\02.01.0000.2217\en-us\bin\WindowsSearchIndexer.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\MSN Toolbar Suite\DS\02.01.0000.2217\en-us\bin\WindowsSearchFilter.exe
C:\Documents and Settings\Deborah Tait\Desktop\hijackthis_199\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bbc.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.wanadoo.co.uk
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.co.uk
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.wanadoo.co.uk/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Wanadoo
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.01.0000.2214\en-us\msntb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Wanadoo - {8B68564D-53FD-4293-B80C-993A9F3988EE} - C:\PROGRA~1\Wanadoo\WSBar\WSBar.dll
O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.01.0000.2214\en-us\msntb.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\nbj.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Norton GoBack.lnk = C:\Program Files\Norton GoBack\GBTray.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.01.0000.2217\en-us\bin\WindowsSearch.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Search with Wanadoo - res://C:\PROGRA~1\Wanadoo\WSBar\WSBar.dll/VSearch.htm
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.wanadoo.co.uk
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://signup.msn.com/pages/MsnInstC.cab
O16 - DPF: {17D72920-7A15-11D4-921E-0080C8DA7A5E} (AimSp32 Class) - http://makeover.ivillage.co.uk/save/makeover.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/en-gb/4,0,0,90/mcinsctl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://groups.msn.com/controls/PhotoUC/MsnPUpld.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/013521baf0163f91f018/netzip/RdxIE601.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.com/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1125218291687
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/en-gb/1,0,0,23/mcgdmgr.cab
O16 - DPF: {CC32D4D8-2A0B-4CEB-B105-C9B968379105} (CGameManagerCtrl Object) - http://www.disney.go.com/games/downloads/gamemanager/DIGGameManager.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{70A176D4-9D48-4D2E-916F-86D66D8A2B68}: NameServer = 195.92.195.95 195.92.195.94
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: GoBack Polling Service (GBPoll) - Symantec Corporation - C:\Program Files\Norton GoBack\GBPoll.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
ewido anti-malware - Scan report
+ Created on: 11:06:46, 20/12/2005
+ Report-Checksum: 964B1299
+ Scan result:
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@ad.yieldmanager[1].txt[/email] -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@adopt.euroclick[1].txt[/email] -> Spyware.Cookie.Euroclick : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@burstnet[2].txt[/email] -> Spyware.Cookie.Burstnet : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@com[2].txt[/email] -> Spyware.Cookie.Com : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@cz4.clickzs[2].txt[/email] -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wfkicpczmfo.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wfkiekczglp.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wfkionazcbo.stats.esomniture[1].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wfkispdpchp.stats.esomniture[1].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wfkiwhcjgbo.stats.esomniture[1].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wfkoakdzgao.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wfkoamd5mkq.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wfkocid5maq.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wfkooldzcgp.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wfkygicjodq.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wfkykhd5gao.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wfkykkazkgp.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wfkyuodpmep.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wfkywocpihp.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wfl4agczilp.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wfl4woczadp.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wflioidzikp.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wflionazelo.stats.esomniture[1].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wflislazmho.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wfliwoc5sbo.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wflocpdzmbo.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wflogkcjaaq.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wflokoc5oap.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wflosncjwdp.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wflowoc5wdp.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wflyundjido.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wfmighajacp.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wfmiogajkaq.stats.esomniture[1].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wfmiuhdpadq.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wfmyugdjcbq.stats.esomniture[1].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wgk4eodziaq.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wgkiaicpgap.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wgkiaidpkfp.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wgkiakc5kbp.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wgkiekcpsgp.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wgkikjazweq.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wgkiulajcko.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wgkochdpgbp.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wgkoqlazmko.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wgkoslcpadp.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wgkowndjgdq.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wgkyaocpclo.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wjk4egdzolq.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wjk4endpofo.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wjk4opcjmbq.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wjkyepcpwhp.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wjkygoczskp.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wjkysoc5egq.stats.esomniture[1].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wjl4oicjsdo.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wjl4ugdjodp.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wjl4umc5wdo.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wjl4widpehp.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wjlikmdjwbp.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wjlisgcjwbp.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wjlisnczsfp.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wjliwhdjgco.stats.esomniture[1].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wjliwlazgfq.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wjlocmczalo.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wjlocndpokp.stats.esomniture[1].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wjloehcpkco.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wjlokidjkcp.stats.esomniture[1].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wjlokldpcgp.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wjlookdjshp.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wjloshazcdo.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wjlould5mfo.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wjloumcpchp.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wjlyaiajwko.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wjlyejczmbo.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wjlykpd5obp.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wjlyqidpkbp.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wjlyukdzebq.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wjmiahazmfo.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wjmisgczwgq.stats.esomniture[1].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wjmyajczebp.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wjmykmajwfo.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wjmykodzmao.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wjmyqgcpwkq.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wjmysiajmep.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wjmyuhcpwfo.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wjmywhazefo.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wjnycicjwlq.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wjnygiczklp.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@e-2dj6wjnysjdpggo.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@stat.onestat[2].txt[/email] -> Spyware.Cookie.Onestat : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@statcounter[1].txt[/email] -> Spyware.Cookie.Statcounter : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@www.burstbeacon[1].txt[/email] -> Spyware.Cookie.Burstbeacon : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Cookies\deborah [email]tait@www.myaffiliateprogram[1].txt[/email] -> Spyware.Cookie.Myaffiliateprogram : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Local Settings\Temp\Cookies\deborah [email]tait@e-2dj6wfk4ugcpobp.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Local Settings\Temp\Cookies\deborah [email]tait@e-2dj6wfkykhd5gao.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Local Settings\Temp\Cookies\deborah [email]tait@e-2dj6wfkykjd5seo.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Local Settings\Temp\Cookies\deborah [email]tait@e-2dj6wgkikgd5ifo.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Local Settings\Temp\Cookies\deborah [email]tait@e-2dj6wjkoegcjolo.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Local Settings\Temp\Cookies\deborah [email]tait@e-2dj6wjkoeicjifo.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Local Settings\Temp\Cookies\deborah [email]tait@e-2dj6wjkysjcpkhp.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Local Settings\Temp\Cookies\deborah [email]tait@e-2dj6wjl4umdpwdp.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Local Settings\Temp\Cookies\deborah [email]tait@e-2dj6wjlyqkdpolo.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Local Settings\Temp\Cookies\deborah [email]tait@e-2dj6wjmisldjolo.stats.esomniture[2].txt[/email] -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Deborah Tait\Local Settings\Temp\Cookies\deborah [email]tait@statcounter[1].txt[/email] -> Spyware.Cookie.Statcounter : Cleaned with backup
C:\Program Files\Screensavers.com\Installer\bin\ScreensaversInst.dll -> Spyware.Comet : Cleaned with backup
::Report End
Does this look okay?
Thank-you!
---
When in Safe Mode, please DISBALE Norton/Symantec temporarly
--
Check the following in HJT and click 'Fix Checked' - Close ALL open Browsers first
R3 - Default URLSearchHook is missing
--
Reboot back into Normal Mode and check if that entry has gone
Scan saved at 19:50:43, on 20/12/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Norton GoBack\GBPoll.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\keyhook.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Apps\Powercinema\PCMService.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Norton GoBack\GBTray.exe
C:\Program Files\MSN Toolbar Suite\DS\02.01.0000.2217\en-us\bin\WindowsSearch.exe
C:\Program Files\MSN Toolbar Suite\DS\02.01.0000.2217\en-us\bin\WindowsSearchIndexer.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Documents and Settings\Deborah Tait\Desktop\hijackthis_199\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bbc.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.wanadoo.co.uk
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.co.uk
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.wanadoo.co.uk/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Wanadoo
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.01.0000.2214\en-us\msntb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Wanadoo - {8B68564D-53FD-4293-B80C-993A9F3988EE} - C:\PROGRA~1\Wanadoo\WSBar\WSBar.dll
O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.01.0000.2214\en-us\msntb.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\nbj.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Norton GoBack.lnk = C:\Program Files\Norton GoBack\GBTray.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.01.0000.2217\en-us\bin\WindowsSearch.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Search with Wanadoo - res://C:\PROGRA~1\Wanadoo\WSBar\WSBar.dll/VSearch.htm
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.wanadoo.co.uk
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://signup.msn.com/pages/MsnInstC.cab
O16 - DPF: {17D72920-7A15-11D4-921E-0080C8DA7A5E} (AimSp32 Class) - http://makeover.ivillage.co.uk/save/makeover.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/en-gb/4,0,0,90/mcinsctl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://groups.msn.com/controls/PhotoUC/MsnPUpld.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/013521baf0163f91f018/netzip/RdxIE601.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.com/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1125218291687
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/en-gb/1,0,0,23/mcgdmgr.cab
O16 - DPF: {CC32D4D8-2A0B-4CEB-B105-C9B968379105} (CGameManagerCtrl Object) - http://www.disney.go.com/games/downloads/gamemanager/DIGGameManager.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: GoBack Polling Service (GBPoll) - Symantec Corporation - C:\Program Files\Norton GoBack\GBPoll.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
Is this ok now?
Thanks!
Now that your PC is clean you need to follow these easy steps to keeping it this way:
Secure your Internet Explorer by going here and following the instructions there.
Better yet, use an alternative browser! Download FireFox and give it a run. It is far more secure than Internet Explorer. Or, you can get Opera which in my opinion, is better still.
Use a firewall to help prevent your PC's control being usurped by undesireables.
Install and keep updated, Ad-Aware SE, and Spybot S&D.
Run them both on a regular basis, following the manufacturer's recommendations.
Install and keep updated, SpywareBlaster 3.4
Install an anti-virus. There are some good, free AV's available today. Make sure that it is updated regularly and have it scan your system often.
Check for Windows Updates. Microsoft regularly post updates for your systems safe running. Make sure to take advantage of this. Reboot when installed and return to make sure there are no others.
Clear your Temp folders.
Clear out your Temporary internet files and other temp files.
Go to Start > Settings > Control Panel >Internet Options.
Under the General tab click the Delete temporary internet files,
delete all Offline content as well. Clear out Cookies.
Also, go to Start > Find/search > Files or folders > in the named box, type: *.tmp and choose Edit > select all -> File > delete.
Empty/delete the entire contents of the C:\Windows\temp folder and C:\temp folder, if you have one. (Contents but not the folder itself.)
C:\Documents and Settings\username\Local Settings\Temp\
In order to view these files you may have to select 'show hidden files/folders.' Instructions on how to here.
Empty the Recycle Bin.
For XP users.
After something like this it is a good idea to Flush the Restore Points and start fresh.
To flush the XP system Restore Points.
Go to Start>Run and type msconfig. Press enter.
When msconfig opens, click the Launch System Restore Button.
On the next page, click the System Restore Settings link on the left.
Check the box labelled 'Turn off System restore'.
Reboot. Go back in and Turn System Restore Back on. A new Restore Point will be created.
Note that all previous restore points will be lost.
===============
If you have any more problems, post back.
Please consider joining the Folding@Home Project
Join our Folding@Home team! Alzheimer's, Parkinson's, cancer... we're trying to cure them with our computers! You've at least read a little about it in the greeting I sent you when you signed up for the site. We're always really pleased to greet new members to the team, and it's a quick way to become an appreciated member of the community.
MORE INFO: READ THIS
Thank-you for your help! Thank-you so much!
I'm closing this thread. If you need help again then start a new one