just ran a hjt log, some stupid windows security thing keeps popping up-alot of help!

This thread has been Locked and is not open to further replies. The original thread starter may use the Report button to request it be reopened but anyone else with a similar issue should start a New Thread. Watch our Welcome Guide to learn how to use this site.


Thread Starter
Sep 5, 2009
My ex used to take care of all this, folks, and now I am solo and clueless :) That being said...I did try to run HJT, did get a log but when I went to run it, it said HJT was being denied something to do with the hosts file.

I ran HJT because when I got home tonight, I noticed I had some windows security thing on my computer screen that said I was infected with 411 viruses, etc etc. I tried to run my symantec virus, but its been disabled by this thing apparently.

Please help if you can, I am going out of my mind, I know this is bad, I can tell from my HJT log. Also, I will probably need lots of help knowing how to find out if I have a firewall, and if so, how I make sure its working properly. This happened while I was at work, and I am the only one that uses this laptop.

Thanks so much in advance!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:47:43 PM, on 9/5/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16876)
Boot mode: Normal
Running processes:
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\ActivIdentity\ActivClient\accoca.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\AOL\1233109787\ee\AOLSoftware.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\ActivIdentity\ActivClient\acevents.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\AOL 9.1\waol.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Documents and Settings\All Users\Application Data\0048be8\WI0048.exe
C:\Program Files\ActivIdentity\ActivClient\acsagent.exe
C:\Program Files\NETGEAR\WPN111\wpn111.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\AOL 9.1\shellmon.exe
C:\Program Files\IObit\Advanced SystemCare 3\Awc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.us.army.mil/
O1 - Hosts: 4-open-davinci.com
O1 - Hosts: securitysoftwarepayments.com
O1 - Hosts: privatesecuredpayments.com
O1 - Hosts: secure.privatesecuredpayments.com
O1 - Hosts: getantivirusplusnow.com
O1 - Hosts: secure-plus-payments.com
O1 - Hosts: www.getantivirusplusnow.com
O1 - Hosts: www.secure-plus-payments.com
O1 - Hosts: www.getavplusnow.com
O1 - Hosts: www.securesoftwarebill.com
O1 - Hosts: secure.paysecuresystem.com
O1 - Hosts: paysoftbillsolution.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: PCCBHO.CPCCBHO - {22FC6CE8-7D47-479F-B74A-BFBB04ADB9AF} - C:\Program Files\Winferno\PC Confidential\PCCBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL Toolbar\aoltb.dll (file missing)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe nvHotkey.dll,Start
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [accrdsub] "C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1233109787\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [PAC207_Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\AOL 9.1\AOL.EXE" -b
O4 - HKCU\..\Run: [AdobeUpdater] "C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe"
O4 - HKCU\..\Run: [Windows Protection Suite] "C:\Documents and Settings\All Users\Application Data\0048be8\WI0048.exe" /s /d
O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Global Startup: ActivClient Agent.lnk = C:\Program Files\ActivIdentity\ActivClient\acsagent.exe
O4 - Global Startup: NETGEAR WPN111 Smart Wizard.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &AOL Toolbar Search - C:\Documents and Settings\All Users\Application Data\AOL\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe
O9 - Extra 'Tools' menuitem: PC Confidential - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe
O9 - Extra button: PC Confidential - {925DAB62-F9AC-4221-806A-057BFB1014AA} - C:\Program Files\Winferno\PC Confidential\PCConfidential.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O15 - Trusted Zone: http://www.ACOM.MIL (HKLM)
O15 - Trusted Zone: http://www.AF.MIL (HKLM)
O15 - Trusted Zone: http://www.AFMS.MIL (HKLM)
O15 - Trusted Zone: http://www.ANTHRAX.MIL (HKLM)
O15 - Trusted Zone: http://www.army.mil (HKLM)
O15 - Trusted Zone: http://www4.army.mil (HKLM)
O15 - Trusted Zone: http://www.ASBCA.MIL (HKLM)
O15 - Trusted Zone: http://www.ASSIST.MIL (HKLM)
O15 - Trusted Zone: http://www.CENTCOM.MIL (HKLM)
O15 - Trusted Zone: http://www.cjtf.army.mil (HKLM)
O15 - Trusted Zone: http://www.DAPS.MIL (HKLM)
O15 - Trusted Zone: http://www.DARPA.MIL (HKLM)
O15 - Trusted Zone: http://www.DAU.MIL (HKLM)
O15 - Trusted Zone: http://www.DC3.MIL (HKLM)
O15 - Trusted Zone: http://www.DCAA.MIL (HKLM)
O15 - Trusted Zone: http://www.DCMA.MIL (HKLM)
O15 - Trusted Zone: http://www.DECA.MIL (HKLM)
O15 - Trusted Zone: http://www.DEFENDAMERICA.MIL (HKLM)
O15 - Trusted Zone: http://www.DEFENSELINK.MIL (HKLM)
O15 - Trusted Zone: http://www.DEPLOYMENTHEALTH.MIL (HKLM)
O15 - Trusted Zone: http://www.DFAS.MIL (HKLM)
O15 - Trusted Zone: http://www.DIA.MIL (HKLM)
O15 - Trusted Zone: http://www.DISA.MIL (HKLM)
O15 - Trusted Zone: http://www.DISAGRID.MIL (HKLM)
O15 - Trusted Zone: http://www.DLA.MIL (HKLM)
O15 - Trusted Zone: http://www.DMSO.MIL (HKLM)
O15 - Trusted Zone: http://www.DOD.MIL (HKLM)
O15 - Trusted Zone: http://www.DODED.MIL (HKLM)
O15 - Trusted Zone: http://www.DSM.MIL (HKLM)
O15 - Trusted Zone: http://www.DSS.MIL (HKLM)
O15 - Trusted Zone: http://www.DTEPI.MIL (HKLM)
O15 - Trusted Zone: http://www.DTIC.MIL (HKLM)
O15 - Trusted Zone: http://www.DTRA.MIL (HKLM)
O15 - Trusted Zone: http://www.EB.MIL (HKLM)
O15 - Trusted Zone: http://www.EUCOM.MIL (HKLM)
O15 - Trusted Zone: http://www.HPC.MIL (HKLM)
O15 - Trusted Zone: http://www.IA.MIL (HKLM)
O15 - Trusted Zone: http://www.JAST.MIL (HKLM)
O15 - Trusted Zone: http://www.JCMOTF.MIL (HKLM)
O15 - Trusted Zone: http://www.JCS.MIL (HKLM)
O15 - Trusted Zone: http://www.JCSE.MIL (HKLM)
O15 - Trusted Zone: http://www.JFCOM.MIL (HKLM)
O15 - Trusted Zone: http://www.JOINTMODELS.MIL (HKLM)
O15 - Trusted Zone: http://www.JS.MIL (HKLM)
O15 - Trusted Zone: http://www.JSC.MIL (HKLM)
O15 - Trusted Zone: http://www.JSF.MIL (HKLM)
O15 - Trusted Zone: http://www.JSIMS.MIL (HKLM)
O15 - Trusted Zone: http://www.JTFGNO.MIL (HKLM)
O15 - Trusted Zone: http://www.JWAC.MIL (HKLM)
O15 - Trusted Zone: http://www.KNOWLEDGENET.MIL (HKLM)
O15 - Trusted Zone: http://www.KOREA50.MIL (HKLM)
O15 - Trusted Zone: http://www.mnf-iraq.com (HKLM)
O15 - Trusted Zone: http://www.NAVY.MIL (HKLM)
O15 - Trusted Zone: http://www.NCSC.MIL (HKLM)
O15 - Trusted Zone: http://www.NIC.MIL (HKLM)
O15 - Trusted Zone: http://www.NIMA.MIL (HKLM)
O15 - Trusted Zone: http://www.NIPR.MIL (HKLM)
O15 - Trusted Zone: http://www.NORAD.MIL (HKLM)
O15 - Trusted Zone: http://www.NORTHCOM.MIL (HKLM)
O15 - Trusted Zone: http://www.NOSC.MIL (HKLM)
O15 - Trusted Zone: http://www.NRO.MIL (HKLM)
O15 - Trusted Zone: http://www.OSD.MIL (HKLM)
O15 - Trusted Zone: http://www.PACOM.MIL (HKLM)
O15 - Trusted Zone: http://www.PCSTRAVEL.MIL (HKLM)
O15 - Trusted Zone: http://www.PDHEALTH.MIL (HKLM)
O15 - Trusted Zone: http://www.PENTAGON.MIL (HKLM)
O15 - Trusted Zone: http://www.SOC.MIL (HKLM)
O15 - Trusted Zone: http://www.SOCDS.MIL (HKLM)
O15 - Trusted Zone: http://www.SOCOM.MIL (HKLM)
O15 - Trusted Zone: http://www.SOUTHCOM.MIL (HKLM)
O15 - Trusted Zone: http://www.SPACECOM.MIL (HKLM)
O15 - Trusted Zone: http://www.STRATCOM.MIL (HKLM)
O15 - Trusted Zone: http://www.TEST.MIL (HKLM)
O15 - Trusted Zone: http://www.TRANSCOM.MIL (HKLM)
O15 - Trusted Zone: http://akoim.us.army.mil (HKLM)
O15 - Trusted Zone: http://mes1.dr1.us.army.mil (HKLM)
O15 - Trusted Zone: http://mes1.ps1.us.army.mil (HKLM)
O15 - Trusted Zone: http://mes2.dr1.us.army.mil (HKLM)
O15 - Trusted Zone: http://mes2.ps1.us.army.mil (HKLM)
O15 - Trusted Zone: http://mes3.dr1.us.army.mil (HKLM)
O15 - Trusted Zone: http://mes3.ps1.us.army.mil (HKLM)
O15 - Trusted Zone: http://mes4.dr1.us.army.mil (HKLM)
O15 - Trusted Zone: http://mes4.ps1.us.army.mil (HKLM)
O15 - Trusted Zone: http://mes5.dr1.us.army.mil (HKLM)
O15 - Trusted Zone: http://mes5.ps1.us.army.mil (HKLM)
O15 - Trusted Zone: http://mes6.dr1.us.army.mil (HKLM)
O15 - Trusted Zone: http://mes6.ps1.us.army.mil (HKLM)
O15 - Trusted Zone: http://www.us.army.mil (HKLM)
O15 - Trusted Zone: http://www.USCG.MIL (HKLM)
O15 - Trusted Zone: http://www.USMC.MIL (HKLM)
O15 - Trusted Zone: http://www.USUHS.MIL (HKLM)
O15 - Trusted Zone: http://www.WHMO.MIL (HKLM)
O15 - Trusted Zone: http://www.WHS.MIL (HKLM)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1204143404703
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1204143528343
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - AppInit_DLLs: c:\windows\system32\glum32.dll,
O20 - Winlogon Notify: ackpbsc - C:\WINDOWS\system32\ackpbsc.dll
O20 - Winlogon Notify: acunlock - C:\Program Files\ActivIdentity\ActivClient\acunlock.dll
O23 - Service: ActivClient Middleware Service (accoca) - ActivIdentity - C:\Program Files\ActivIdentity\ActivClient\accoca.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\WINDOWS\system32\StacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
End of file - 16415 bytes
This thread has been Locked and is not open to further replies. The original thread starter may use the Report button to request it be reopened but anyone else with a similar issue should start a New Thread. Watch our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Members online