DD5A4A's Posts

DD5A4A's Posts

I think this is it.Logfile of HijackThis v1.99.0 Scan saved at 8:34:08 PM, on 1/23/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running proc... See more...
I think this is it.Logfile of HijackThis v1.99.0 Scan saved at 8:34:08 PM, on 1/23/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Dell\EUSW\Support.exe C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe C:\Program Files\Dell\Support\Alert\bin\NotifyAlert.exe C:\WINDOWS\System32\DSentry.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\WINDOWS\BCMSMMSG.exe C:\WINDOWS\system32\BacsTray.exe C:\Program Files\Apoint\Apoint.exe C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe C:\Program Files\Common Files\AOL\ACS\AOLDial.exe C:\Program Files\QuickTime\qttask.exe C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\documents and settings\david\local settings\temp\XkSolGk5t.exe C:\windows\system32\IXVnZ.exe C:\Program Files\Microsoft AntiSpyware\gcasServ.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\fast.exe C:\Documents and Settings\David\Application Data\eetu.exe C:\Program Files\Apoint\Apntex.exe C:\PROGRA~1\COMMON~1\AOL\110133~1\EE\AOLHOS~1.EXE C:\WINDOWS\SYSTEM32\IXVnZ.exe C:\PROGRA~1\COMMON~1\AOL\110133~1\EE\AOLServiceHost.exe C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\wanmpsvc.exe C:\WINDOWS\System32\WLTRYSVC.EXE C:\WINDOWS\System32\bcmwltry.exe C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe C:\WINDOWS\System32\wbem\wmiapsrv.exe C:\Program Files\America Online 9.0b\waol.exe C:\Program Files\America Online 9.0b\shellmon.exe C:\Program Files\Adobe\Acrobat 6.0\Reader\AcroRd32.exe C:\DOCUME~1\David\LOCALS~1\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe C:\Program Files\Messenger\msmsgs.exe R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://shell.windows.com/fileassoc/0409/xml/redir.asp?Ext=pdf R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\Windows\System32\wsaupdater.exe, O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_19_0.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: (no name) - {69D7642D-E041-7BB7-D321-6C557FA92F46} - C:\WINDOWS\System32\pce.dll (file missing) O2 - BHO: (no name) - {6BDE337F-B414-76E0-8072-6C557FA62919} - C:\WINDOWS\System32\iplopg.dll (file missing) O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O2 - BHO: Band Class - {C5183ABC-EB6E-4E05-B8C9-500A16B6CF94} - C:\Program Files\SEP\sep.dll O2 - BHO: Band Class - {CC378B83-9577-44D0-B4F8-0DD965E176FC} - C:\Program Files\eSyndicate\esyn.dll O2 - BHO: Search Help - {E8EAEB34-F7B5-4C55-87FF-720FAF53D841} - C:\Program Files\Middadle\Clicks10017.dll O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file) O3 - Toolbar: Band Class - {C5183ABC-EB6E-4E05-B8C9-500A16B6CF94} - C:\Program Files\SEP\sep.dll O4 - HKLM\..\Run: [DwlClient] C:\Program Files\Common Files\Dell\EUSW\Support.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe O4 - HKLM\..\Run: [bacstray] BacsTray.exe O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe" O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe O4 - HKLM\..\Run: [ccRegVfy] C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe O4 - HKLM\..\Run: [dfLCCVygo] C:\documents and settings\david\local settings\temp\dfLCCVygo.exe O4 - HKLM\..\Run: [SJP] C:\documents and settings\david\local settings\temp\SJP.exe O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1101337512\EE\AOLHostManager.exe O4 - HKLM\..\Run: [sTnj] C:\documents and settings\david\local settings\temp\sTnj.exe O4 - HKLM\..\Run: [XkSolGk5t] C:\documents and settings\david\local settings\temp\XkSolGk5t.exe O4 - HKLM\..\Run: [IXVnZ.exe] c:\windows\system32\IXVnZ.exe O4 - HKLM\..\Run: [6ypz] C:\windows\system32\6ypz.exe O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe" O4 - HKLM\..\Run: [98D0CE0C16B1] rundll32.exe D0CE0C16B1,D0CE0C16B1 O4 - HKLM\..\RunOnce: [MicrosoftAntiSpywareCleaner] C:\Program Files\Microsoft AntiSpyware\gcASCleaner.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Wfmu] C:\WINDOWS\System32\mhc.exe O4 - HKCU\..\Run: [Bmh] C:\WINDOWS\system32\fast.exe O4 - HKCU\..\Run: [Aida] C:\Documents and Settings\David\Application Data\eetu.exe O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra button: TREND MICRO HouseCall - {2B5EA4F8-620A-4A8B-B003-4C8C5EBEA826} - http://uk.trendmicro-europe.com/enterprise/products/housecall_pre.php (file missing) O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file) O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file) O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/download/ipixx.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com/computercheckup/qdiagcc.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab O16 - DPF: {7ED7005B-4AF6-4CFF-9AE0-F243C4B8260F} (HouseCallButton.setup) - http://de.trendmicro-europe.com/file_downloads/common/housecall/HouseCallButton.CAB O17 - HKLM\System\CCS\Services\Tcpip\..\{7B3DBBDC-35AB-41CC-A998-FB4DE3E312E2}: NameServer = 141.155.0.68 151.203.0.84 O23 - Service: AOL Connectivity Service - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe O23 - Service: AOL TopSpeed Monitor - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe O23 - Service: AOL Spyware Protection Service - Unknown - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe O23 - Service: Symantec Event Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Norton AntiVirus Auto Protect Service - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: NVIDIA Driver Helper Service - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: ScriptBlocking Service - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: SymWMI Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe O23 - Service: WAN Miniport (ATW) Service - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe O23 - Service: WLTRYSVC - Unknown - C:\WINDOWS\System32\WLTRYSVC.EXE C:\WINDOWS\System32\bcmwltry.exe (file missing)      
I can't seem to cut and paste the log to this forum, very frustrated. Whenever I try to either highlight the log or click on edit to cut and paste the log disappeares.
Hello,   Was finally able to download HJT after creating its own file. As per the instructions I went to C: drive, Explore, Right click in the main pane, New>Folder, typed HJT then Enter. I th... See more...
Hello,   Was finally able to download HJT after creating its own file. As per the instructions I went to C: drive, Explore, Right click in the main pane, New>Folder, typed HJT then Enter. I then downloaded HJT and ran a scan and after the scan was complete a message appeared advising me to move HJT to its own folder from its current temporary file. How do I do this. How do I post the log so you can look it over? Thanks.
Was finally able to download HJT. Since I'm such a novice please instruct me on how to post my HJT this log and also how to create its own folder.  As per the instructions I went to my C: drive, Explo... See more...
Was finally able to download HJT. Since I'm such a novice please instruct me on how to post my HJT this log and also how to create its own folder.  As per the instructions I went to my C: drive, Explore, right click an open area in the main pane, New>Folder,Type HJT & enter. Was this correct as after I downloaded HJT it downloaded but a message appeared to move it from a temporary file. How do I do this? Thanks!
Today I installed Microsoft Beta 1 AniSpyware to help solve some spyware issues. It found many items that Norton, CWShredder, SpyBot, etc could not find much less delete. Unfortunately I need your ad... See more...
Today I installed Microsoft Beta 1 AniSpyware to help solve some spyware issues. It found many items that Norton, CWShredder, SpyBot, etc could not find much less delete. Unfortunately I need your advice again as to how to finally remove 5 items that manage to keep re-installing themselves. They are:   SEP ADWARE; (15 signatures) this seems to be the worst of the 5.   Esyndicate (9 signatures)   MidAddle   SearchExeHijacker   IEPlugin   Any help/guidance is appreciated. Thanks
Mike, It might be possible to do this with a friend of mine but in case it isn't how else could it be accomplished.?
When I attempted to download Ad-Aware SE Personal the following msg appeared; "Could not initialize installation. File size expected=2636408, size returned=117026." When I attempted to download T... See more...
When I attempted to download Ad-Aware SE Personal the following msg appeared; "Could not initialize installation. File size expected=2636408, size returned=117026." When I attempted to download Trend Micro HouseCall the T-Ball Logo never appeared even after several attempts. I already had Spybot which was recomended by Texruss back in April. It can find no bots at all. BTW my OS is Windows XP. You suggested to go to majorgeeks and  "download HijackThis to its own folder and Midnight Star suggests running HijackThis from "Safw Mode." I 'm a real novice here and don't know how to do these things. If you could walk me through exactly what steps are necessary to accomplish this It would be greatly appreciated. Whatever is living within my system  is wise and won't allow me to download any programs designed to eradicate them! It either won't allow the download or if the program is able to download it won't allow them to run. So, how do I get these programs into my computer? I am also experiencing 2 other annoying probs. When I click the mouse to go somewhere else the cursor jumps out of position by itself. When I type in a domain name and clock "GO" noting happens. I either must highlight the domain name and then click "GO" or I must hit the "GO" key numerous times. Then the screen gets bogged down with that many requests and takes forever. Lastly, when I sign on to Verizon Broadband DSL it now takes at least three (3) attempts to get connected unlike before I began to experience any problems when it only took one time. Any guidance and wisdom would be greatly appreciated!
   My computer is  very slow going from page to page when surfing practically any website, and forget about trying to open an attachment such as a pic. I have run the following programs(or tried t... See more...
   My computer is  very slow going from page to page when surfing practically any website, and forget about trying to open an attachment such as a pic. I have run the following programs(or tried to) without any success. Any guidence would be most appreciated!!!   Symantic/Norton Ani Virus:   Received the following message; "Live Update downloaded all of the update you requested, but all of them failed to install. Please try to get te update at a later time."   CWShredder v. 2.12 (latest):  Received the following message; "Congratulations-no infection found!"   hijackthis_sfx (downloaded 12/24/04):  Received the following message; "hijackthis_sfx.exe is not a valid Win32 application."   IE6.Ospl-KB (Service Pak for Windows XP):  Received the following message; "The version of Internet Explorer you have installed does not match the update you are trying to install."    APL Security Edition 9.0 (won't run): Received the following message; "Do you want to allow software such as ActiveX controls and plug-ins to run?"   When I attempted to install the AOL Computer Check UP the result  was a message: "Could not validate: 10000AOLCCUS.udp,3,14   Hijackthis won't run as well as some others, and what will run doesn'y see anything wrong cause its buried so deep?! What should I do to restore proper function! Thank you!  
Chris Please Help, I tried to download Ad-Aware and SpyBot but the spyware already on my hard drive won't let me. It some how re-routes the request to download these programs and the 'search result... See more...
Chris Please Help, I tried to download Ad-Aware and SpyBot but the spyware already on my hard drive won't let me. It some how re-routes the request to download these programs and the 'search results' window opens with all the pop-up junk. I'm relatively inexperienced with this stuff so if you respond to this please be prepared to explain how to do certain steps ie: cut and paste etc cause I just don't know how! Thanks.