Congratulations to AcaCandy on her 100,000th post!
There's no such thing as a stupid question, but they're the easiest to answer.
JoinTour
Login
 
Tag Cloud
acer black screen blue screen boot bsod computer connection crash css dell driver drivers email error ethernet excel firefox firefox 3 freeze game hard drive internet internet explorer itunes laptop linux malware monitor network networking nvidia outlook outlook 2003 outlook 2007 outlook express partition password problem router slow software sound trojan usb video virus vista windows windows xp wireless
Web Design & Development
Search
Search in:
 
Advanced Search
Tech Support Guy Forums > Internet & Networking > Web Design & Development >
unstable IE and FIREFOX :(:(


HELLO AND WELCOME! Before you can post your question, you'll have to register -- it's completely free! Click here to join today! We highly recommend that you print a copy of our Guide for New Members. Enjoy!

Closed Thread
Page 1 of 2 1 2 >
 
Thread Tools
messa's Avatar
Junior Member with 26 posts.
  
Join Date: Oct 2005
Experience: Beginner
09-Oct-2005, 03:00 AM #1
Exclamation unstable IE and FIREFOX :(:(
omg guys pls help with this.. ive searched all over the place for solutions..
i use windows XP pro... uninstalled SP2 a while ago coz it made my life more diffiult.

my IE has stopped working.. i open it and for the first couple seconds it does nothing, then the bar at the bottom shows up... tht shows progress on how far the page has loaded... and it only goes so far as 3-4 of those green bars and stops there... it says "conneting to.." but i wait indefinitely and nothing happens!?!?! theres certain sites tht only work on IE for school and i NEED IT :'(

ALSO, every now n then wen my computers been on and firefox has been left unattended ( like wen i go to university ) i come bak and try to work it and nothing happens.. it just says "looking up" no matter wht website i type in .. i try ervything including reinstalling it .. but only a reboot seems to solve it... i HATE to reboot all the time.. and its very unpredictable.. it will work now and not the next min.. and with IE bailing on me .. its a ruff situation!

i run norton antivirus 2005, zone alarm, spysweeper, spybot, adaware, spyware blaster, cw shredder.... i cant seem to find anything thats controlling my browsers?!

pls pls help with this!
i tried ie fix and it didnt work!
Tapeuup's Avatar
Senior Member with 1,777 posts.
  
Join Date: Apr 2005
Location: OZ
Experience: Death & Taxes
09-Oct-2005, 03:25 AM #2
does it work long enough to download HijackThis 1.99.1
& post it here?
messa's Avatar
Junior Member with 26 posts.
  
Join Date: Oct 2005
Experience: Beginner
09-Oct-2005, 10:39 AM #3
thanx for the ti... heres the log!

Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Windows\system32\LEXBCES.EXE
C:\Windows\system32\spoolsv.exe
C:\Windows\system32\LEXPPS.EXE
C:\Windows\System32\alg.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Windows\system32\wdfmgr.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Raxco\PerfectDisk\PDSched.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Windows\System32\hostsvcs.exe
C:\PROGRA~1\PESTPA~1\PPControl.exe
C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe
C:\Program Files\Blitzz\BWU713\WU713STA.EXE
C:\Program Files\Lexmark X74-X75\lxbbbmon.exe
C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\BitTornado\btdownloadgui.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\IEFix.exe
C:\PROGRA~1\WINZIP\winzip32.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mugglenet.com/
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {8FFCE2DB-D3DD-2385-DAF3-1BB65CF5BC23} - (no file)
O2 - BHO: (no name) - {930AFCFF-CD81-7D1F-DF84-B99B9ECA20CC} - C:\DOCUME~1\ADMINI~1\APPLIC~1\OPENCA~1\Tons Logo.exe (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\STARDO~1\SDIEInt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\Windows\system32\msdxm.ocx
O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\en-us\msntb.dll
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\compaq\cpqsetup\cpqset.exe
O4 - HKLM\..\Run: [hostsvcs] C:\Windows\System32\hostsvcs.exe
O4 - HKLM\..\Run: [PestPatrol Control Center] C:\PROGRA~1\PESTPA~1\PPControl.exe
O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKLM\..\Run: [Lexmark X74-X75] "C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe"
O4 - HKLM\..\Run: [WU713STA.EXE] "C:\Program Files\Blitzz\BWU713\WU713STA.EXE" /START
O4 - HKLM\..\Run: [PRISMSVR.EXE] "C:\Windows\System32\PRISMSVR.EXE" /APPLY
O4 - HKLM\..\Run: [D-Link AirPlus XtremeG] C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKCU\..\Run: [hostsvcs] C:\Windows\System32\hostsvcs.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Startup: zone alarm.lnk = C:\Program Files\Zone Labs\ZoneAlarm\zonealarm.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Bookshelf - c:\Bookshelf.TR\TRBookshelf_.dll.button.js
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Download with Star Downloader - C:\Program Files\Star Downloader\sdie.htm
O8 - Extra context menu item: Enqueue in Star Downloader - C:\Program Files\Star Downloader\sdieenq.htm
O8 - Extra context menu item: Leech with Star Downloader - C:\Program Files\Star Downloader\leechie.htm
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Windows\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Windows\web\related.htm
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\Windows\system32\LEXBCES.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Protected Exchange (MainService) - Unknown owner - C:\Windows\system32\prtcom.exe (file missing)
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDSched.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
messa's Avatar
Junior Member with 26 posts.
  
Join Date: Oct 2005
Experience: Beginner
09-Oct-2005, 10:42 AM #4
first off, im sorry i made th post in the wrong section! but i still got a reply *phew*
Cheeseball81's Avatar
Moderator with 71,635 posts.
  
Join Date: Mar 2004
Location: New York
Experience: Mighty Nerdy
09-Oct-2005, 06:41 PM #5
Click here to download the trial version of Ewido Security Suite:
http://www.ewido.net/en/download/

· Install Ewido.
· During the installation, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
· Launch ewido.
· It will prompt you to update click the OK button and it will go to the main screen.
· On the left side of the main screen click update.
· Click on Start and let it update.
· DO NOT run a scan yet.

Restart your computer into Safe Mode now.
(Start tapping the F8 key at Startup, before the Windows logo screen).
Perform the following steps in Safe Mode:

* Run Ewido:
Click on scanner
Click Complete System Scan and the scan will begin.
During the scan it will prompt you to clean files, click OK.
When the scan is finished, look at the bottom of the screen and click the Save report button.
Save the report to your desktop.

Reboot.

Post a new Hijack This log and the results of the Ewido scan.
__________________
Member of ASAP

Microsoft MVP/Windows - Consumer Security

If we've helped, please donate to TSG.
Tapeuup's Avatar
Senior Member with 1,777 posts.
  
Join Date: Apr 2005
Location: OZ
Experience: Death & Taxes
09-Oct-2005, 06:44 PM #6
Messa, I called in the big guns, do exactly what Cheeseball says, she's an expert at reading these logs.
messa's Avatar
Junior Member with 26 posts.
  
Join Date: Oct 2005
Experience: Beginner
09-Oct-2005, 11:25 PM #7
---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 10:59:56 PM, 10/9/2005
+ Report-Checksum: D243F1A2

+ Scan result:

HKU\S-1-5-21-3563514748-2690133624-1694720459-500\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{c95fe080-8f5d-11d2-a20b-00aa003c157a} -> Spyware.Alexa : Ignored
:mozilla.35:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\orcsk663.default\cookies.txt -> Spyware.Cookie.Com : Ignored
:mozilla.36:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\orcsk663.default\cookies.txt -> Spyware.Cookie.Com : Ignored
:mozilla.109:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\orcsk663.default\cookies.txt -> Spyware.Cookie.Googleadservices : Ignored
:mozilla.33:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Falkag : Ignored
:mozilla.34:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Falkag : Ignored
:mozilla.35:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Falkag : Ignored
:mozilla.36:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Falkag : Ignored
:mozilla.37:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Falkag : Ignored
HKLM\SOFTWARE\Classes\Interface\{CDE7C7D7-EDD4-4FE4-BA9E-7D8DE6E82EDA}\TypeLib\\ -> Spyware.RapidBlaster : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} -> Spyware.Alexa : Cleaned with backup
:mozilla.89:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\orcsk663.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.38:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.76:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.77:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.78:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.79:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.95:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.96:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.110:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.111:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.116:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.117:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.179:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Pro-market : Cleaned with backup
:mozilla.180:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Pro-market : Cleaned with backup
:mozilla.198:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
:mozilla.199:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
:mozilla.203:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Revenue : Cleaned with backup
:mozilla.204:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Revenue : Cleaned with backup
:mozilla.243:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.246:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.247:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.248:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.249:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.255:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Adengage : Cleaned with backup
:mozilla.256:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Adengage : Cleaned with backup
:mozilla.257:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.258:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.259:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.260:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.261:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.262:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Adengage : Cleaned with backup
:mozilla.298:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.321:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.27:C:\Documents and Settings\Moowisha\Application Data\Mozilla\Firefox\Profiles\default.sxq\cookies.txt -> Spyware.Cookie.Revenue : Cleaned with backup
:mozilla.28:C:\Documents and Settings\Moowisha\Application Data\Mozilla\Firefox\Profiles\default.sxq\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.29:C:\Documents and Settings\Moowisha\Application Data\Mozilla\Firefox\Profiles\default.sxq\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.30:C:\Documents and Settings\Moowisha\Application Data\Mozilla\Firefox\Profiles\default.sxq\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.31:C:\Documents and Settings\Moowisha\Application Data\Mozilla\Firefox\Profiles\default.sxq\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup


::Report End



HERE IS THE EWIDO LOG... OMG IT FOUND ALMOST 49 THINGS, I FORGOT ABOUT YOU SAYING I SHUD DELETE, SO THE FIRST 9 ARE IGNORED.. ILL RUN THIS WHOLE THING AGAIN, BUT TELL ME IF U SEE ANYTHING FROM HHERE... HJAK THIS LOG COMING UP
Cheeseball81's Avatar
Moderator with 71,635 posts.
  
Join Date: Mar 2004
Location: New York
Experience: Mighty Nerdy
09-Oct-2005, 11:33 PM #8
Post a new Hijack This log too please
messa's Avatar
Junior Member with 26 posts.
  
Join Date: Oct 2005
Experience: Beginner
09-Oct-2005, 11:38 PM #9
---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 10:59:56 PM, 10/9/2005
+ Report-Checksum: D243F1A2

+ Scan result:

HKU\S-1-5-21-3563514748-2690133624-1694720459-500\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{c95fe080-8f5d-11d2-a20b-00aa003c157a} -> Spyware.Alexa : Ignored
:mozilla.35:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\orcsk663.default\cookies.txt -> Spyware.Cookie.Com : Ignored
:mozilla.36:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\orcsk663.default\cookies.txt -> Spyware.Cookie.Com : Ignored
:mozilla.109:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\orcsk663.default\cookies.txt -> Spyware.Cookie.Googleadservices : Ignored
:mozilla.33:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Falkag : Ignored
:mozilla.34:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Falkag : Ignored
:mozilla.35:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Falkag : Ignored
:mozilla.36:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Falkag : Ignored
:mozilla.37:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Falkag : Ignored
HKLM\SOFTWARE\Classes\Interface\{CDE7C7D7-EDD4-4FE4-BA9E-7D8DE6E82EDA}\TypeLib\\ -> Spyware.RapidBlaster : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} -> Spyware.Alexa : Cleaned with backup
:mozilla.89:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\orcsk663.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.38:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.76:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.77:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.78:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.79:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.95:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.96:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.110:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.111:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.116:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.117:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.179:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Pro-market : Cleaned with backup
:mozilla.180:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Pro-market : Cleaned with backup
:mozilla.198:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
:mozilla.199:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
:mozilla.203:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Revenue : Cleaned with backup
:mozilla.204:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Revenue : Cleaned with backup
:mozilla.243:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.246:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.247:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.248:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.249:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.255:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Adengage : Cleaned with backup
:mozilla.256:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Adengage : Cleaned with backup
:mozilla.257:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.258:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.259:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.260:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.261:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.262:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Adengage : Cleaned with backup
:mozilla.298:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.321:C:\Documents and Settings\Administrator\My Documents\default.sxq\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.27:C:\Documents and Settings\Moowisha\Application Data\Mozilla\Firefox\Profiles\default.sxq\cookies.txt -> Spyware.Cookie.Revenue : Cleaned with backup
:mozilla.28:C:\Documents and Settings\Moowisha\Application Data\Mozilla\Firefox\Profiles\default.sxq\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.29:C:\Documents and Settings\Moowisha\Application Data\Mozilla\Firefox\Profiles\default.sxq\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.30:C:\Documents and Settings\Moowisha\Application Data\Mozilla\Firefox\Profiles\default.sxq\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.31:C:\Documents and Settings\Moowisha\Application Data\Mozilla\Firefox\Profiles\default.sxq\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup


::Report End


HERE IT IS
messa's Avatar
Junior Member with 26 posts.
  
Join Date: Oct 2005
Experience: Beginner
09-Oct-2005, 11:39 PM #10
Logfile of HijackThis v1.99.1
Scan saved at 11:37:47 PM, on 10/9/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Windows\system32\LEXBCES.EXE
C:\Windows\system32\LEXPPS.EXE
C:\Windows\system32\spoolsv.exe
C:\Windows\System32\alg.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Windows\Explorer.EXE
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Windows\system32\wdfmgr.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Windows\System32\hostsvcs.exe
C:\PROGRA~1\PESTPA~1\PPControl.exe
C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe
C:\Program Files\Blitzz\BWU713\WU713STA.EXE
C:\Windows\System32\PRISMSVR.EXE
C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe
C:\Program Files\Lexmark X74-X75\lxbbbmon.exe
C:\Program Files\Raxco\PerfectDisk\PDSched.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Windows\System32\ZoneLabs\vsmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\WINZIP\winzip32.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mugglenet.com/
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {8FFCE2DB-D3DD-2385-DAF3-1BB65CF5BC23} - (no file)
O2 - BHO: (no name) - {930AFCFF-CD81-7D1F-DF84-B99B9ECA20CC} - C:\DOCUME~1\ADMINI~1\APPLIC~1\OPENCA~1\Tons Logo.exe (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\STARDO~1\SDIEInt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\Windows\system32\msdxm.ocx
O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\en-us\msntb.dll
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\compaq\cpqsetup\cpqset.exe
O4 - HKLM\..\Run: [hostsvcs] C:\Windows\System32\hostsvcs.exe
O4 - HKLM\..\Run: [PestPatrol Control Center] C:\PROGRA~1\PESTPA~1\PPControl.exe
O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKLM\..\Run: [Lexmark X74-X75] "C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe"
O4 - HKLM\..\Run: [WU713STA.EXE] "C:\Program Files\Blitzz\BWU713\WU713STA.EXE" /START
O4 - HKLM\..\Run: [PRISMSVR.EXE] "C:\Windows\System32\PRISMSVR.EXE" /APPLY
O4 - HKLM\..\Run: [D-Link AirPlus XtremeG] C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKCU\..\Run: [hostsvcs] C:\Windows\System32\hostsvcs.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Startup: zone alarm.lnk = C:\Program Files\Zone Labs\ZoneAlarm\zonealarm.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Bookshelf - c:\Bookshelf.TR\TRBookshelf_.dll.button.js
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Download with Star Downloader - C:\Program Files\Star Downloader\sdie.htm
O8 - Extra context menu item: Enqueue in Star Downloader - C:\Program Files\Star Downloader\sdieenq.htm
O8 - Extra context menu item: Leech with Star Downloader - C:\Program Files\Star Downloader\leechie.htm
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\Windows\system32\LEXBCES.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Protected Exchange (MainService) - Unknown owner - C:\Windows\system32\prtcom.exe (file missing)
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDSched.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

HERE SORRY
Cheeseball81's Avatar
Moderator with 71,635 posts.
  
Join Date: Mar 2004
Location: New York
Experience: Mighty Nerdy
09-Oct-2005, 11:46 PM #11
Download KillBox here: http://www.downloads.subratam.org/KillBox.zip
Save it to your desktop.
DO NOT run it yet. We will use it later.

Hijack This is running from the Temp folder.
It needs to be in a permanent folder on the hard drive.
It will not function properly from there and it cannot create and restore backups from there.

Redownload it here: http://thespykiller.co.uk/files/hijackthis_sfx.exe

Let it extract to C:\Program Files
Rerun it from there and post a new log.
__________________
Member of ASAP

Microsoft MVP/Windows - Consumer Security

If we've helped, please donate to TSG.
messa's Avatar
Junior Member with 26 posts.
  
Join Date: Oct 2005
Experience: Beginner
09-Oct-2005, 11:50 PM #12
DEAREST CHEESEBALL

i already did that thing with HJT so where so we go next? do u see anything horrifying? i ran so many spy ware searches and found NOTHING!

messa
Cheeseball81's Avatar
Moderator with 71,635 posts.
  
Join Date: Mar 2004
Location: New York
Experience: Mighty Nerdy
09-Oct-2005, 11:52 PM #13
I know you ran Hijack This but we need to do fixes with it.

We can't do the fixes until it's in a permanent folder.
messa's Avatar
Junior Member with 26 posts.
  
Join Date: Oct 2005
Experience: Beginner
09-Oct-2005, 11:53 PM #14
here is another HJT log anyway just incase

Logfile of HijackThis v1.99.1
Scan saved at 11:52:02 PM, on 10/9/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Windows\system32\LEXBCES.EXE
C:\Windows\system32\LEXPPS.EXE
C:\Windows\system32\spoolsv.exe
C:\Windows\System32\alg.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Windows\Explorer.EXE
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Windows\system32\wdfmgr.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Windows\System32\hostsvcs.exe
C:\PROGRA~1\PESTPA~1\PPControl.exe
C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe
C:\Program Files\Blitzz\BWU713\WU713STA.EXE
C:\Windows\System32\PRISMSVR.EXE
C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe
C:\Program Files\Lexmark X74-X75\lxbbbmon.exe
C:\Program Files\Raxco\PerfectDisk\PDSched.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Windows\System32\ZoneLabs\vsmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Administrator\My Documents\hijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mugglenet.com/
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {8FFCE2DB-D3DD-2385-DAF3-1BB65CF5BC23} - (no file)
O2 - BHO: (no name) - {930AFCFF-CD81-7D1F-DF84-B99B9ECA20CC} - C:\DOCUME~1\ADMINI~1\APPLIC~1\OPENCA~1\Tons Logo.exe (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\STARDO~1\SDIEInt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\Windows\system32\msdxm.ocx
O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\en-us\msntb.dll
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\compaq\cpqsetup\cpqset.exe
O4 - HKLM\..\Run: [hostsvcs] C:\Windows\System32\hostsvcs.exe
O4 - HKLM\..\Run: [PestPatrol Control Center] C:\PROGRA~1\PESTPA~1\PPControl.exe
O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKLM\..\Run: [Lexmark X74-X75] "C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe"
O4 - HKLM\..\Run: [WU713STA.EXE] "C:\Program Files\Blitzz\BWU713\WU713STA.EXE" /START
O4 - HKLM\..\Run: [PRISMSVR.EXE] "C:\Windows\System32\PRISMSVR.EXE" /APPLY
O4 - HKLM\..\Run: [D-Link AirPlus XtremeG] C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKCU\..\Run: [hostsvcs] C:\Windows\System32\hostsvcs.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Startup: zone alarm.lnk = C:\Program Files\Zone Labs\ZoneAlarm\zonealarm.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Bookshelf - c:\Bookshelf.TR\TRBookshelf_.dll.button.js
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Download with Star Downloader - C:\Program Files\Star Downloader\sdie.htm
O8 - Extra context menu item: Enqueue in Star Downloader - C:\Program Files\Star Downloader\sdieenq.htm
O8 - Extra context menu item: Leech with Star Downloader - C:\Program Files\Star Downloader\leechie.htm
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\Windows\system32\LEXBCES.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Protected Exchange (MainService) - Unknown owner - C:\Windows\system32\prtcom.exe (file missing)
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDSched.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
messa's Avatar
Junior Member with 26 posts.
  
Join Date: Oct 2005
Experience: Beginner
09-Oct-2005, 11:56 PM #15
PS : in the log i see stuff like blitzz and d link running when im not using them .. im already having my CPU running at 100% and getting stuck all the time... where is all this unused stuff running from?
Closed Thread
Page 1 of 2 1 2 >

THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

« Previous Thread | Web Design & Development | Next Thread »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
WELCOME TO TECH SUPPORT GUY! Are you looking for the solution to your computer problem? Join our site today to ask your question -- for free! Our site is run completely by volunteers who help people like you solve computer problems. See our Welcome Guide to get started.



Thread Tools


Related Sites: 56k Dial-Up | Tech Gift Ideas | Mobile TechGuy | Advertise on TSG
Contact Us - HelpOnThe.Net - Archive - Terms of Service - Top
You Are Using:
Server ID
Advertisements do not imply our endorsement of that product or service.
All times are GMT -4. The time now is 12:52 AM.
Copyright © 1996 - 2008 TechGuy, Inc. All rights reserved.
Powered by vBulletin, Copyright © 2000 - 2008, Jelsoft Enterprises Ltd.
Search Engine Optimization by vBSEO 3.1.0
Powered by Cermak Technologies, Inc.