Jump to content

ARMARI

Banned
  • Content Count

    19
  • Joined

  • Last visited

About ARMARI

  • Rank
    Member

Previous Fields

  • Teams:
    Nothing Selected
  1. My homepage has been hijacked by About:blank and i can't remove it please help. here is my log Logfile of HijackThis v1.99.0 Scan saved at 4:49:54 PM, on 20/01/2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\brsvc01a.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\brss01a.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\addqx32.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Scansoft\PaperPort\pptd40nt.exe C:\Vet\VetTray.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\System32\atioglxx.exe C:\WINDOWS\system32\winov32.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe C:\Program Files\Scansoft\PaperPort\SmartUI\SmartUI.exe C:\WINDOWS\System32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Anthony\Local Settings\Temp\Temporary Directory 10 for hijackthis.zip\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\nxqqb.dll/sp.html#37049 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\nxqqb.dll/sp.html#37049 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system32\nxqqb.dll/sp.html#37049 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\nxqqb.dll/sp.html#37049 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\nxqqb.dll/sp.html#37049 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\nxqqb.dll/sp.html#37049 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\nxqqb.dll/sp.html#37049 R3 - Default URLSearchHook is missing O2 - BHO: (no name) - {6BC89B26-3F90-063E-A9AF-B2D80F8C44B2} - C:\WINDOWS\appkj32.dll O4 - HKLM\..\Run: [Admanager Controller] C:\Program Files\Admanager Controller\AdManCtl.exe O4 - HKLM\..\Run: [winov32.exe] C:\WINDOWS\system32\winov32.exe O4 - HKLM\..\RunOnce: [addqx32.exe] C:\WINDOWS\system32\addqx32.exe O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll (file missing) O15 - Trusted Zone: *.frame.crazywinnings.com O15 - Trusted Zone: *.frame.crazywinnings.com (HKLM) O15 - Trusted IP range: 206.161.125.149 O15 - Trusted IP range: (HKLM) O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab O23 - Service: Workstation NetLogon Service - Unknown - C:\WINDOWS\system32\d3oc.exe (file missing)
  2. something has also hijacked my homepage
  3. here is my log Logfile of HijackThis v1.99.0 Scan saved at 9:24:26 AM, on 18/01/2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\brsvc01a.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\brss01a.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\d3oc.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Scansoft\PaperPort\pptd40nt.exe C:\Vet\VetTray.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\System32\atioglxx.exe C:\WINDOWS\netrv32.exe C:\Program Files\Internet Explorer\iexplore.exe C:\DOCUME~1\Anthony\LOCALS~1\Temp\9.tmp.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe C:\Program Files\Scansoft\PaperPort\SmartUI\SmartUI.exe C:\WINDOWS\System32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Optimizer\optimize.exe C:\Program Files\Web_Rebates\WebRebates1.exe C:\Program Files\Web_Rebates\WebRebates0.exe C:\Documents and Settings\Anthony\Local Settings\Temp\Temporary Directory 9 for hijackthis.zip\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.couldnotfind.com/search_page.ht...count_id=155351 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.couldnotfind.com/search_page.ht...count_id=155351 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\gnqlj.dll/sp.html#28129 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\gnqlj.dll/sp.html#28129 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\gnqlj.dll/sp.html#28129 R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.couldnotfind.com/search_page.ht...count_id=155351 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\gnqlj.dll/sp.html#28129 R3 - Default URLSearchHook is missing O2 - BHO: (no name) - {EC5229CB-E994-4040-FBB2-ECB3E57E8FA6} - C:\WINDOWS\ntot.dll O3 - Toolbar: ISTbar - {5F1ABCDB-A875-46c1-8345-B72A4567E486} - C:\PROGRA~1\ISTbar\istbar.dll O4 - HKLM\..\Run: [manager trust web road] C:\Documents and Settings\All Users\Application Data\OOZEBIBMANAGERTRUST\Drive Cash.exe O4 - HKLM\..\Run: [netrv32.exe] C:\WINDOWS\netrv32.exe O4 - HKLM\..\Run: [9.tmp] C:\DOCUME~1\Anthony\LOCALS~1\Temp\9.tmp.exe 0 28129 O4 - HKLM\..\Run: [9.tmp.exe] C:\DOCUME~1\Anthony\LOCALS~1\Temp\9.tmp.exe 1 28129 O4 - HKLM\..\Run: [internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe" O4 - HKLM\..\Run: [bullsEye Network] C:\Program Files\BullsEye Network\bin\bargains.exe O4 - HKLM\..\Run: [WebRebates0] "C:\Program Files\Web_Rebates\WebRebates0.exe" O4 - HKLM\..\RunOnce: [djtopr1150.exe] "C:\DOCUME~1\Anthony\LOCALS~1\Temp\djtopr1150.exe" O8 - Extra context menu item: Web Rebates - file://C:\Program Files\Web_Rebates\Sy1150\Tp1150\scri1150a.htm O15 - Trusted Zone: *.05p.com O15 - Trusted Zone: *.awmdabest.com O15 - Trusted Zone: *.blazefind.com O15 - Trusted Zone: *.clickspring.net O15 - Trusted Zone: *.flingstone.com O15 - Trusted Zone: *.frame.crazywinnings.com O15 - Trusted Zone: *.mt-download.com O15 - Trusted Zone: *.my-internet.info O15 - Trusted Zone: *.scoobidoo.com O15 - Trusted Zone: *.searchbarcash.com O15 - Trusted Zone: *.searchmiracle.com O15 - Trusted Zone: *.slotch.com O15 - Trusted Zone: *.static.topconverting.com O15 - Trusted Zone: *.xxxtoolbar.com O15 - Trusted Zone: *.05p.com (HKLM) O15 - Trusted Zone: *.awmdabest.com (HKLM) O15 - Trusted Zone: *.blazefind.com (HKLM) O15 - Trusted Zone: *.clickspring.net (HKLM) O15 - Trusted Zone: *.flingstone.com (HKLM) O15 - Trusted Zone: *.frame.crazywinnings.com (HKLM) O15 - Trusted Zone: *.mt-download.com (HKLM) O15 - Trusted Zone: *.my-internet.info (HKLM) O15 - Trusted Zone: *.scoobidoo.com (HKLM) O15 - Trusted Zone: *.searchbarcash.com (HKLM) O15 - Trusted Zone: *.searchmiracle.com (HKLM) O15 - Trusted Zone: *.slotch.com (HKLM) O15 - Trusted Zone: *.static.topconverting.com (HKLM) O15 - Trusted Zone: *.xxxtoolbar.com (HKLM) O15 - Trusted IP range: 206.161.125.149 O15 - Trusted IP range: 206.161.124.130 (HKLM) O16 - DPF: {386A771C-E96A-421F-8BA7-32F1B706892F} (Installer Class) - http://www.xxxtoolbar.com/ist/softwares/v4.0/0006_adult.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab O17 - HKLM\System\CS3\Services\Tcpip\Parameters: SearchList = vic.bigpond.net.au O17 - HKLM\System\CS3\Services\VxD\MSTCP: SearchList = vic.bigpond.net.au O23 - Service: Workstation NetLogon Service - Unknown - C:\WINDOWS\system32\d3oc.exe please help
  4. I run adaware....spydoctor...........virus scans.............and i still keep getting redirected to search sites..pop ups. I am using Firefox browser and it is better.....but, it is getting worse. IE is impossible to use......can you help???? Here is my hijack this log: Logfile of HijackThis v1.99.0 Scan saved at 11:40:12 PM, on 1/15/2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\devldr32.exe C:\WINDOWS\System32\drivers\CDAC11BA.EXE C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\isafe.exe C:\WINDOWS\System32\CTsvcCDA.EXE C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\CA\ETRUST~1\ETRUST~2\VetMsg.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe C:\Program Files\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_Monitor.exe C:\Program Files\Hewlett-Packard\PhotoSmart\HP Share-to-Web\hpgs2wnd.exe C:\Program Files\Dell\Support\Alert\bin\DAMon.exe C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe C:\WINDOWS\System32\hphmon03.exe C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE C:\PROGRA~1\HEWLET~1\PHOTOS~1\HPSHAR~1\hpgs2wnf.exe C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Logitech\MouseWare\system\em_exec.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\HPHipm09.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\mmups.exe C:\WINDOWS\System32\secure.exe C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Anti-Spam\QSP-2.1.212.0\QOELoader.exe C:\PROGRA~1\CA\ETRUST~1\ETRUST~2\VetTray.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\System32\w?nspool.exe C:\Documents and Settings\All Users\Start Menu\Programs\Startup\hnfhgy.exe C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe C:\WINDOWS\System32\wuauclt.exe C:\Documents and Settings\daddy\Local Settings\Temp\Temporary Directory 4 for hijackthis.zip\HijackThis.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search-system.com/ O2 - BHO: BTGrabObj Class - {00000000-F09C-02B4-6EC2-AD0300000000} - C:\WINDOWS\BTGrab.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: SDWin32 Class - {3C9E5AB4-CD52-4B83-A9A3-4027B1580A66} - C:\WINDOWS\System32\qijkb.dll (file missing) O2 - BHO: (no name) - {833EA5DC-C30B-CB59-8FEF-E127196E949B} - C:\WINDOWS\system32\msadblock32.dll O2 - BHO: SDWin32 Class - {E8B03FD9-5DAE-4EF3-AE0A-1358EFA1DAF7} - C:\WINDOWS\System32\rofmh.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe O4 - HKLM\..\Run: [AHQInit] C:\Program Files\Creative\SBLive\Program\AHQInit.exe O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe O4 - HKLM\..\Run: [CXMon] "C:\Program Files\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_Monitor.exe" O4 - HKLM\..\Run: [share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\PhotoSmart\HP Share-to-Web\hpgs2wnd.exe O4 - HKLM\..\Run: [Dell|Alert] C:\Program Files\Dell\Support\Alert\bin\DAMon.exe O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe O4 - HKLM\..\Run: [HPHmon03] C:\WINDOWS\System32\hphmon03.exe O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [crei.exe] C:\WINDOWS\system32\crei.exe O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe O4 - HKLM\..\Run: [A70F6A1D-0195-42a2-934C-D8AC0F7C08EB] rundll32.exe E6F1873B.DLL,D9EBC318C O4 - HKLM\..\Run: [98D0CE0C16B1] rundll32.exe D0CE0C16B1,D0CE0C16B1 O4 - HKLM\..\Run: [9m8Hz.exe] c:\documents and settings\daddy\local settings\temp\9m8Hz.exe O4 - HKLM\..\Run: [JYG8KErIY.exe] c:\documents and settings\daddy\local settings\temp\JYG8KErIY.exe O4 - HKLM\..\Run: [mediamotor.exe] C:\WINDOWS\mmups.exe O4 - HKLM\..\Run: [CSV10P70] C:\Program Files\CSBB\CSv10P070.exe O4 - HKLM\..\Run: [secure] C:\WINDOWS\System32\secure.exe O4 - HKLM\..\Run: [mxphmxk] C:\WINDOWS\System32\ibojzy.exe O4 - HKLM\..\Run: [msadcheck] C:\WINDOWS\system32\msadcheck32.exe O4 - HKLM\..\Run: [sSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe O4 - HKLM\..\Run: [QOELOADER] "C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Anti-Spam\QSP-2.1.212.0\QOELoader.exe" O4 - HKLM\..\Run: [VetTray] C:\PROGRA~1\CA\ETRUST~1\ETRUST~2\VetTray.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe" O4 - HKCU\..\Run: [Tzu] C:\WINDOWS\System32\w?nspool.exe O4 - HKCU\..\Run: [msadcheck] C:\WINDOWS\system32\msadcheck32.exe O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet O4 - HKCU\..\Run: [spyware Doctor] "C:\Program Files\Spyware Doctor\spydoctor.exe" /Q O4 - Startup: Billminder.lnk = C:\QUICKENW\billmind.exe O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ? O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: Yahoo! Blackjack - http://download.games.yahoo.com/games/clients/y/jt0_x.cab O16 - DPF: Yahoo! Freecell Solitaire - http://yog55.games.scd.yahoo.com/yog/y/fs9_x.cab O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/potc_x.cab O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540006} (CInstall Class) - http://www.errorguard.com/installation/Install.cab O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/01df080f6a9304306906/...ip/RdxIE601.cab O16 - DPF: {6B4788E2-BAE8-11D2-A1B4-00400512739B} (PWMediaSendControl Class) - http://216.249.24.143/code/PWActiveXImgCtl.CAB O16 - DPF: {6BC013D0-77D9-11D5-AB95-0050DA664D35} - https://myaccounts.nationalcity.com/apps/in...r/Yodelizer.cab O16 - DPF: {886DDE35-E955-11D0-A707-000000521958} - http://69.56.176.78/webplugin.cab O16 - DPF: {9CCE3B43-4DE0-4236-A84E-108CA848EE6A} (WebCam Control) - http://www.webcamnow.com/broadcast/ActiveXWebCam.cab O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/...tiveXPlugin.cab O16 - DPF: {BAB3E70B-A847-4A88-ACFC-778FCCC00287} (CActSetupObj Object) - http://www.odysseusmarketing.com/actsetup.cab O16 - DPF: {CE185270-53A5-11D9-9669-0800200C9A66} - http://www.ouchvideo.com/mmviewer_ic2.cab O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.com/games/popcaploader_v6.cab O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE O23 - Service: CA ISafe - Computer Associates International, Inc. - C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\isafe.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NVIDIA Driver Helper Service - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Pml Driver - HP - C:\WINDOWS\System32\HPHipm09.exe O23 - Service: SymWMI Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe O23 - Service: VET Message Service - Computer Associates International, Inc. - C:\PROGRA~1\CA\ETRUST~1\ETRUST~2\VetMsg.exe O23 - Service: ZESOFT - Unknown - C:\WINDOWS\zeta.exe (file missing)
  5. my computer randomly restarts nearly every hour. here is my log. Logfile of HijackThis v1.99.0 Scan saved at 11:27:41 AM, on 12/01/2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\brsvc01a.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\brss01a.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Scansoft\PaperPort\pptd40nt.exe C:\Vet\VetTray.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\System32\atioglxx.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Scansoft\PaperPort\SmartUI\SmartUI.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\System32\wuauclt.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Documents and Settings\Anthony\Local Settings\Temp\Temporary Directory 9 for hijackthis.zip\HijackThis.exe O2 - BHO: (no name) - {76870A23-9677-59FB-CF21-20DE059A6ECA} - C:\DOCUME~1\Liz\APPLIC~1\CDROMS~1\Idoldefy.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [spySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab
  6. my computer randomly restarts by itself about every hour i dont what causes it. This is my Log: Logfile of HijackThis v1.99.0 Scan saved at 10:19:26 AM, on 12/01/2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) please help!
  7. somebody anybody :help:
  8. I was wondering if anyone could help me with my HJT log and tell me what to keep and what not to keep. it looks like this. Logfile of HijackThis v1.99.0 Scan saved at 10:19:26 AM, on 12/01/2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\brsvc01a.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\brss01a.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Scansoft\PaperPort\pptd40nt.exe C:\Vet\VetTray.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\System32\atioglxx.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\SpyKiller\spykiller.exe C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe C:\Program Files\Scansoft\PaperPort\SmartUI\SmartUI.exe C:\WINDOWS\System32\wuauclt.exe C:\Documents and Settings\Anthony\Local Settings\Temp\Temporary Directory 8 for hijackthis.zip\HijackThis.exe O2 - BHO: (no name) - {76870A23-9677-59FB-CF21-20DE059A6ECA} - C:\DOCUME~1\Liz\APPLIC~1\CDROMS~1\Idoldefy.exe O4 - HKCU\..\Run: [spySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab help would be appreciated
×
×
  • Create New...