Very messy computer.

Guitarislikesex 0 Newbie Poster

18 Years Ago

I had alot of computer problems with spyware and such and such

i could live with it i had spybot search and destory and ad-aware and i still had alot of spyware but now its just too much my browser keeps going off to random sites all the time.

Ive also got the whole shortcuts appearing as .lnk files and i cant get into anything from .exe to shortcuts i got hijackthis and the log looks very messy and i cant even understand it i think its prety bad.

anyone who is willing to help thank you very much.

Cheers,
Ray

heres the log:

Logfile of HijackThis v1.99.1
Scan saved at 6:10:23 PM, on 2/11/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
C:\Program Files\Stardock\Object Desktop\ThemeManager\wbload.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Ray\Application Data\??stem\ping.exe
C:\WINDOWS\System32\SCURIT~1\winword.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Ray\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {D7EA739A-EB2D-9BF4-7007-CF891C0F32EB} - C:\WINDOWS\system32\puljg.dll
O1 - Hosts: com
O1 - Hosts: 1 www.adshooter.com
O1 - Hosts: cks.com
O1 - Hosts: com
O1 - Hosts: earch.com
O1 - Hosts: edgecash.com
O1 - Hosts: 1 www.adshooter.com
O1 - Hosts: cks.com
O1 - Hosts: com
O1 - Hosts: 127.0.0.
O1 - Hosts: 127.0.0.
O1 - Hosts: .0.1 stats.yoursitebar.com
O1 - Hosts: earch.com
O1 - Hosts: edgecash.com
O1 - Hosts: 1 www.adshooter.com
O1 - Hosts: cks.com
O1 - Hosts: com
O1 - Hosts: .1 www.adultfriendfinder.com #[Troj/Small-AG]
O1 - Hosts: 127.0.0.
O1 - Hosts: 127.0.0.
O1 - Hosts: .0.1 stats.yoursitebar.com
O1 - Hosts: earch.com
O1 - Hosts: edgecash.com
O1 - Hosts: 1 www.adshooter.com
O1 - Hosts: cks.com
O1 - Hosts: com
O1 - Hosts: hosting.sextracker.com
O1 - Hosts: racker.com
O1 - Hosts: .1 www.adultfriendfinder.com #[Troj/Small-AG]
O1 - Hosts: 127.0.0.
O1 - Hosts: 127.0.0.
O1 - Hosts: .0.1 stats.yoursitebar.com
O1 - Hosts: earch.com
O1 - Hosts: edgecash.com
O1 - Hosts: 1 www.adshooter.com
O1 - Hosts: cks.com
O1 - Hosts: om
O1 - Hosts: earch.com
O1 - Hosts: edgecash.com
O1 - Hosts: 1 www.adshooter.com
O1 - Hosts: cks.com
O1 - Hosts: 0.0.1 searchforit.com #[eTrust.AdShooter.SearchForIt]
O1 - Hosts: .0.0.1 dl.surfenhance.com #[IE-S
O1 - Hosts: .frontpagecash.com
O1 - Hosts: com
O1 - Hosts: hosting.sextracker.com
O1 - Hosts: racker.com
O1 - Hosts: .1 www.adultfriendfinder.com #[Troj/Small-AG]
O1 - Hosts: 127.0.0.
O1 - Hosts: 127.0.0.
O1 - Hosts: .0.1 stats.yoursitebar.com
O1 - Hosts: earch.com
O1 - Hosts: edgecash.com
O1 - Hosts: 1 www.adshooter.com
O1 - Hosts: cks.com
O1 - Hosts: m #[SunBelt.SearchForIt.AdShooter]
O1 - Hosts: 7.0.0.1 www.mature-women-gallery.net #[morwillsearch.com]
O1 - Hosts: earch.com
O1 - Hosts: edgecash.com
O1 - Hosts: 1 www.adshooter.com
O1 - Hosts: cks.com
O1 - Hosts: 0.0.1 searchforit.com #[eTrust.AdShooter.SearchForIt]
O1 - Hosts: .0.0.1 dl.surfenhance.com #[IE-S
O1 - Hosts: .frontpagecash.com
O1 - Hosts: com
O1 - Hosts: hosting.sextracker.com
O1 - Hosts: racker.com
O1 - Hosts: .1 www.adultfriendfinder.com #[Troj/Small-AG]
O1 - Hosts: 127.0.0.
O1 - Hosts: 127.0.0.
O1 - Hosts: .0.1 stats.yoursitebar.com
O1 - Hosts: .1 www.adultrevenueservice.com
O1 - Hosts: ermedia Corp][Tracking Service]
O1 - Hosts: earch.com
O1 - Hosts: edgecash.com
O1 - Hosts: 1 www.adshooter.com
O1 - Hosts: cks.com
O1 - Hosts: m #[SunBelt.SearchForIt.AdShooter]
O1 - Hosts: 7.0.0.1 www.mature-women-gallery.net #[morwillsearch.com]
O1 - Hosts: earch.com
O1 - Hosts: edgecash.com
O1 - Hosts: 1 www.adshooter.com
O1 - Hosts: cks.com
O1 - Hosts: 0.0.1 searchforit.com #[eTrust.AdShooter.SearchForIt]
O1 - Hosts: .0.0.1 dl.surfenhance.com #[IE-S
O1 - Hosts: .frontpagecash.com
O1 - Hosts: com
O1 - Hosts: hosting.sextracker.com
O1 - Hosts: racker.com
O1 - Hosts: om
O1 - Hosts: yAd]
O1 - Hosts: .1 www.adultfriendfinder.com #[Troj/Small-AG]
O1 - Hosts: 127.0.0.
O1 - Hosts: 127.0.0.
O1 - Hosts: .0.1 stats.yoursitebar.com
O1 - Hosts: .1 www.adultrevenueservice.com
O1 - Hosts: ermedia Corp][Tracking Service]
O1 - Hosts: earch.com
O1 - Hosts: edgecash.com
O1 - Hosts: 1 www.adshooter.com
O1 - Hosts: cks.com
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [Aeao] "C:\WINDOWS\System32\SCURIT~1\winword.exe" -vt yazr
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Rainlendar.lnk = C:\Program Files\Rainlendar\Rainlendar.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Subscribe in Desktop Sidebar - res://C:\Program Files\Desktop Sidebar\sbhelp.dll/menuhandler.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_06\bin\npjpi142_06.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_06\bin\npjpi142_06.dll
O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: http://locator.cdn.imageservr.com
O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/hamsterball/raptisoftgameloader.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab27571.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab27571.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {2E28242B-A689-11D4-80F2-0040266CBB8D} (KX-HCM10 Control) - http://mechcam2.mech.uq.edu.au/kxhcm10.ocx
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://ray269.spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://files.ea.com/downloads/rtpatch/v2/EARTPX.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {665585FD-2068-4C5E-A6D3-53AC3270ECD4} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/en/filesharingctrl.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1151022797265
O16 - DPF: {85D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin class) - http://secure2.comned.com/signuptemplates/securelogin-devel.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab27571.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://libcam.bucknell.edu/activex/AxisCamControl.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {BF985246-09BF-11D2-BE62-006097DF57F6} (SimCityX Control) - http://simcity.ea.com/play/classic/SimCityX.cab
O16 - DPF: {CA034DCC-A580-4333-B52F-15F98C42E04C} (Downloader Class) - http://www.stopzilla.com/_download/Auto_Installer/dwnldr.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} - https://www-secure.symantec.com/techsupp/activedata/SymAData.cab
O16 - DPF: {CE74A05D-ED12-473A-97F8-85FB0E2F479F} (dlControl.UserControl1) - http://www.livemetallica.com/nugster/dlControl.CAB
O16 - DPF: {D03A1C33-1913-4533-A8C1-F2C8D13045DE} - http://www.cjb.net/search.cab
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} - https://www-secure.symantec.com/techsupp/activedata/ActiveData.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab27571.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3B4642D7-5EE6-4BBE-8F9E-8C21AD61C201}: NameServer = 192.168.0.2,192.168.0.1
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Windows Smrss Service - Unknown owner - C:\WINDOWS\svchost.exe (file missing)

windows-virus

1 Contributor
0 Replies
50 Views

Be the first to reply

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.