Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Hijackthis Log: Please Help Diagnose


  • This topic is locked This topic is locked
5 replies to this topic

#1 Blueknight Better 1/2

Blueknight Better 1/2

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:16 PM

Posted 07 April 2006 - 09:51 AM

Logfile of HijackThis v1.99.1
Scan saved at 9:33:53 AM, on 4/7/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SYSTEM32\cidaemon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\RedStrike\UltraWipe\Launcher.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\wisptis.exe
C:\WINDOWS\system32\ntvdm.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Documents and Settings\Owner.TOM-KRISTI-HOME\My Documents\Kristi\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=566...er=6&ar=msnhome
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=566...er=6&ar=msnhome
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - Default URLSearchHook is missing
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {77701e16-9bfe-4b63-a5b4-7bd156758a37} - (no file)
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: (no name) - {EA0D26BD-9029-431A-86E0-83152D67828A} - (no file)
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - Global Startup: Ultra Wipe Launcher.lnk = C:\Program Files\RedStrike\UltraWipe\Launcher.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Internet Cleaner - {45819E58-6E84-4A5D-BD65-A706981E5BE8} - C:\Program Files\Internet Cleaner\ICleaner.exe (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Internet Cleaner - {45819E58-6E84-4A5D-BD65-A706981E5BE8} - C:\Program Files\Internet Cleaner\ICleaner.exe (file missing) (HKCU)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www.snapfish.com/SnapfishActivia.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/virusinfo/webscan.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {99B6E512-3893-4155-9964-8EB8E06099CB} (WebSpyWareKiller Class) - http://download.zonelabs.com/bin/promotion...ctor/WebSWK.cab
O16 - DPF: {9B03C5F1-F5AB-47EE-937D-A8EDA626F876} (Anonymizer Anti-Spyware Scanner) - http://download.zonelabs.com/bin/promotion...ctor/WebAAS.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: PAVWAIT.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

BC AdBot (Login to Remove)

 


m

#2 pskelley

pskelley

  • Staff Emeritus
  • 1,487 posts
  • OFFLINE
  •  
  • Local time:08:16 PM

Posted 14 April 2006 - 08:09 AM

Hello and welcome to the forum. It does help if we know what we are looking for and I do not see any malware in the log. You can remove these dead lines:

Open HijackThis and choose "Do a system scan only" then check the box in front of these line items:

R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {77701e16-9bfe-4b63-a5b4-7bd156758a37} - (no file)
O3 - Toolbar: (no name) - {EA0D26BD-9029-431A-86E0-83152D67828A} - (no file)

Close all programs but HJT and all browser windows, then click on "Fix Checked"

If you have malware issues, please provide more information and a new HJT log.

Thanks...pskelley
BleepingComputer
MS-MVP Windows Security 2007-08
Proud Member ASAP
UNITE Member 2006

#3 Blueknight Better 1/2

Blueknight Better 1/2
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:16 PM

Posted 22 April 2006 - 10:02 AM

I am trying to remove Virtumondo. I have ran a spyware remvoal (Spybot) and it says there are 4 enteries and 2 are in the memory. I have removed the 2 enteries from the registry and it still ends up coming back. What am I doing wrong?

#4 pskelley

pskelley

  • Staff Emeritus
  • 1,487 posts
  • OFFLINE
  •  
  • Local time:08:16 PM

Posted 22 April 2006 - 11:00 AM

Well Tom, I posted instructions on Apr 14 2006, 09:09 AM and a lot can happen in over a week, but at the time your log was posted there was no evidence of the Vundo trojan. If you removed Vundo in the past at some point incorrectly, there is always the possiblity of leftovers and Spybot would have a hard time removing it. Tell you what, you complete the instructions I posted a week ago, and I will take a look at that new HJT log and the information you provide then let you know what I see.

Thanks...

Edited by pskelley, 22 April 2006 - 11:01 AM.

MS-MVP Windows Security 2007-08
Proud Member ASAP
UNITE Member 2006

#5 Blueknight Better 1/2

Blueknight Better 1/2
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:16 PM

Posted 24 April 2006 - 09:48 PM

Logfile of HijackThis v1.99.1
Scan saved at 9:27:35 PM, on 4/24/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\PROGRA~1\MUSICM~1\MUSICM~3\MMDiag.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Linksys\Wireless-B Notebook Adapter\WPC11Cfg.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\nett\Local Settings\Temporary Internet Files\Content.IE5\O3RJY8L1\hijackthis[1]\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell4me.com/myway
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: MSEvents Object - {B313D637-F405-4052-AC37-E2119AB3C8F8} - C:\WINDOWS\system32\vtsqo.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [PRONoMgrWired] C:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~3\mimboot.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Wireless-B Notebook Adapter Utility.lnk = C:\Program Files\Linksys\Wireless-B Notebook Adapter\WPC11Cfg.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1143863240406
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: vtsqo - C:\WINDOWS\system32\vtsqo.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe


Here is my new Hijack This log

--- Search result list ---
VirtuMonde: Root class (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\MSEvents.MSEvents

VirtuMonde: Root class (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\MSEvents.MSEvents.1

VirtuMonde: Class ID (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{B313D637-F405-4052-AC37-E2119AB3C8F8}

VirtuMonde: Browser helper object (Registry key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B313D637-F405-4052-AC37-E2119AB3C8F8}

HitBox: Tracking cookie (Internet Explorer: nett) (Cookie, nothing done)


LinkSynergy: Tracking cookie (Internet Explorer: nett) (Cookie, nothing done)


DoubleClick: Tracking cookie (Internet Explorer: nett) (Cookie, nothing done)


WebTrends live: Tracking cookie (Internet Explorer: nett) (Cookie, nothing done)


FastClick: Tracking cookie (Internet Explorer: nett) (Cookie, nothing done)


WebTrends live: Tracking cookie (Internet Explorer: nett) (Cookie, nothing done)


MediaPlex: Tracking cookie (Internet Explorer: nett) (Cookie, nothing done)


Winfixer: Tracking cookie (Internet Explorer: nett) (Cookie, nothing done)


Winfixer: Tracking cookie (Internet Explorer: nett) (Cookie, nothing done)


Avenue A, Inc.: Tracking cookie (Internet Explorer: nett) (Cookie, nothing done)


FastClick: Tracking cookie (Internet Explorer: nett) (Cookie, nothing done)


Advertising.com: Tracking cookie (Internet Explorer: nett) (Cookie, nothing done)


HitBox: Tracking cookie (Internet Explorer: nett) (Cookie, nothing done)


Common Dialogs: History (2 files) (Registry key, nothing done)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU

Log: Activity: SchedLgU.Txt (Backup file, nothing done)
C:\WINDOWS\SchedLgU.Txt

Log: Install: setupapi.log (Backup file, nothing done)
C:\WINDOWS\setupapi.log

Log: Shutdown: System32\wbem\logs\wbemess.lo_ (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wbemess.lo_

Log: Shutdown: System32\wbem\logs\wbemess.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wbemess.log

Log: Shutdown: System32\wbem\logs\wmiprov.log (Backup file, nothing done)
C:\WINDOWS\System32\wbem\logs\wmiprov.log

Internet Explorer: Typed URL list (4 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1747712119-2547537828-3388759443-1006\Software\Microsoft\Internet Explorer\TypedURLs

Internet Explorer: AutoComplete data (3 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1747712119-2547537828-3388759443-1006\Software\Microsoft\Internet Explorer\IntelliForms\SPW

MS Media Player: Anonymous ID (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1747712119-2547537828-3388759443-1006\Software\Microsoft\MediaPlayer\Preferences\SendUserGUID!=B=0

MS DirectDraw: Most recent application (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name!=

MS DirectInput: Most recent application (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1747712119-2547537828-3388759443-1006\Software\Microsoft\DirectInput\MostRecentApplication\Name!=

MS DirectInput: Most recent application ID (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1747712119-2547537828-3388759443-1006\Software\Microsoft\DirectInput\MostRecentApplication\Id!=

Windows Explorer: User Assistant history IE (7 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1747712119-2547537828-3388759443-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count

Windows Explorer: User Assistant history files (23 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1747712119-2547537828-3388759443-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count

Windows Explorer: Last visited history (2 files) (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1747712119-2547537828-3388759443-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\LastVisitedMRU

Windows Explorer: Recent file global history (Registry key, nothing done)
HKEY_USERS\S-1-5-21-1747712119-2547537828-3388759443-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs

Windows Media SDK: Computer name (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1747712119-2547537828-3388759443-1006\Software\Microsoft\Windows Media\WMSDK\General\ComputerName!=ComputerName

Windows Media SDK: Unique ID (Registry change, nothing done)
HKEY_USERS\S-1-5-21-1747712119-2547537828-3388759443-1006\Software\Microsoft\Windows Media\WMSDK\General\UniqueID!={00000000-0000-0000-0000-000000000000}

Windows Media SDK: Volume serial number (Registry value, nothing done)
HKEY_USERS\S-1-5-21-1747712119-2547537828-3388759443-1006\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

Cookie: Cookie (114) (Cookie, nothing done)


Cache: Cache (5082) (Cache, nothing done)



--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---

2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2006-04-08 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2005-05-31 advcheck.dll (1.0.2.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2005-05-31 Tools.dll (2.0.0.2)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2006-04-07 Includes\Cookies.sbi (*)
2006-04-07 Includes\Dialer.sbi (*)
2006-04-07 Includes\Hijackers.sbi (*)
2006-04-07 Includes\Keyloggers.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2006-04-07 Includes\Malware.sbi (*)
2006-04-07 Includes\PUPS.sbi (*)
2006-04-07 Includes\Revision.sbi (*)
2006-04-07 Includes\Security.sbi (*)
2006-04-07 Includes\Spybots.sbi (*)
2005-02-17 Includes\Tracks.uti (*)
2006-04-07 Includes\Trojans.sbi (*)



--- System information ---
Windows XP (Build: 2600) Service Pack 2
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Hotfix (KB886903)
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
/ Step By Step Interactive Training / SP2: Security Update for Step By Step Interactive Training (KB898458)
/ Windows Media Player 10: Security Update for Windows Media Player 10 (KB911565)
/ Windows XP / SP3: Windows XP Hotfix - KB834707
/ Windows XP / SP3: Windows XP Hotfix - KB873333
/ Windows XP / SP3: Windows XP Hotfix - KB873339
/ Windows XP / SP3: Windows XP Hotfix - KB885250
/ Windows XP / SP3: Windows XP Hotfix - KB885835
/ Windows XP / SP3: Windows XP Hotfix - KB885836
/ Windows XP / SP3: Windows XP Hotfix - KB886185
/ Windows XP / SP3: Windows XP Hotfix - KB887472
/ Windows XP / SP3: Windows XP Hotfix - KB887742
/ Windows XP / SP3: Windows XP Hotfix - KB888113
/ Windows XP / SP3: Windows XP Hotfix - KB888302
/ Windows XP / SP3: Windows XP Hotfix - KB888310
/ Windows XP / SP3: Security Update for Windows XP (KB890046)
/ Windows XP / SP3: Windows XP Hotfix - KB890175
/ Windows XP / SP3: Windows XP Hotfix - KB890859
/ Windows XP / SP3: Windows XP Hotfix - KB891781
/ Windows XP / SP3: Security Update for Windows XP (KB893066)
/ Windows XP / SP3: Windows XP Hotfix - KB893086
/ Windows XP / SP3: Security Update for Windows XP (KB893756)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Update for Windows XP (KB894391)
/ Windows XP / SP3: Security Update for Windows XP (KB896358)
/ Windows XP / SP3: Security Update for Windows XP (KB896422)
/ Windows XP / SP3: Security Update for Windows XP (KB896423)
/ Windows XP / SP3: Security Update for Windows XP (KB896424)
/ Windows XP / SP3: Security Update for Windows XP (KB896428)
/ Windows XP / SP3: Security Update for Windows XP (KB896688)
/ Windows XP / SP3: Update for Windows XP (KB896727)
/ Windows XP / SP3: Update for Windows XP (KB898461)
/ Windows XP / SP3: Security Update for Windows XP (KB899587)
/ Windows XP / SP3: Security Update for Windows XP (KB899588)
/ Windows XP / SP3: Security Update for Windows XP (KB899591)
/ Windows XP / SP3: Security Update for Windows XP (KB900725)
/ Windows XP / SP3: Security Update for Windows XP (KB901017)
/ Windows XP / SP3: Security Update for Windows XP (KB901214)
/ Windows XP / SP3: Security Update for Windows XP (KB902400)
/ Windows XP / SP3: Security Update for Windows XP (KB904706)
/ Windows XP / SP3: Security Update for Windows XP (KB905414)
/ Windows XP / SP3: Security Update for Windows XP (KB905749)
/ Windows XP / SP3: Security Update for Windows XP (KB905915)
/ Windows XP / SP3: Security Update for Windows XP (KB908519)
/ Windows XP / SP3: Security Update for Windows XP (KB908531)
/ Windows XP / SP3: Update for Windows XP (KB910437)
/ Windows XP / SP3: Security Update for Windows XP (KB911562)
/ Windows XP / SP3: Security Update for Windows XP (KB911567)
/ Windows XP / SP3: Security Update for Windows XP (KB911927)
/ Windows XP / SP3: Security Update for Windows XP (KB912812)
/ Windows XP / SP3: Security Update for Windows XP (KB912919)
/ Windows XP / SP3: Security Update for Windows XP (KB913446)


--- Startup entries list ---
Located: HK_LM:Run, AVG7_CC
command: C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
file: C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
size: 357888
MD5: 679093afd939b3c1b88110ebf859984d

Located: HK_LM:Run, ccApp
command: "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
file: C:\Program Files\Common Files\Symantec Shared\ccApp.exe
size: 48752
MD5: 2c2204d0af86e638c75913823c17a295

Located: HK_LM:Run, dla
command: C:\WINDOWS\system32\dla\tfswctrl.exe
file: C:\WINDOWS\system32\dla\tfswctrl.exe
size: 127035
MD5: 2ca827ba68d0cdb5437c40c6f53d7f20

Located: HK_LM:Run, DVDLauncher
command: "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
file: C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
size: 57344
MD5: 7e5fc860ecbd3fe4d0bf7e1814a37b56

Located: HK_LM:Run, igfxhkcmd
command: C:\WINDOWS\system32\hkcmd.exe
file: C:\WINDOWS\system32\hkcmd.exe
size: 77824
MD5: 82adc58b63e069ac4641a33ea9841e54

Located: HK_LM:Run, igfxpers
command: C:\WINDOWS\system32\igfxpers.exe
file: C:\WINDOWS\system32\igfxpers.exe
size: 114688
MD5: a0e2ffb7b0fce82aa3bcc3105306c45c

Located: HK_LM:Run, igfxtray
command: C:\WINDOWS\system32\igfxtray.exe
file: C:\WINDOWS\system32\igfxtray.exe
size: 94208
MD5: 5656d65a9a9f1e3d68d64a350cff1732

Located: HK_LM:Run, iTunesHelper
command: "C:\Program Files\iTunes\iTunesHelper.exe"
file: C:\Program Files\iTunes\iTunesHelper.exe
size: 278528
MD5: 8778072a594e1310c0b7d0a93771e8bd

Located: HK_LM:Run, LogitechCameraAssistant
command: C:\Program Files\Logitech\Video\CameraAssistant.exe
file: C:\Program Files\Logitech\Video\CameraAssistant.exe
size: 434176
MD5: 00fd11e84ef70027d46f92996ff76956

Located: HK_LM:Run, LogitechCameraService(E)
command: C:\WINDOWS\system32\ElkCtrl.exe /automation
file: C:\WINDOWS\system32\ElkCtrl.exe
size: 262144
MD5: 35cadfc53e7d7e4336e7c9c04d66c82b

Located: HK_LM:Run, LogitechVideo[inspector]
command: C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
file:

Located: HK_LM:Run, LVCOMSX
command: C:\WINDOWS\system32\LVCOMSX.EXE
file: C:\WINDOWS\system32\LVCOMSX.EXE
size: 221184
MD5: a95bed8fb2b001fc31f638a446a86d9f

Located: HK_LM:Run, MimBoot
command: C:\PROGRA~1\MUSICM~1\MUSICM~3\mimboot.exe
file: C:\PROGRA~1\MUSICM~1\MUSICM~3\mimboot.exe
size: 11776
MD5: 7dd02abc5fda8d05f70f6d8ffbffd603

Located: HK_LM:Run, PRONoMgrWired
command: C:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe
file: C:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe
size: 86016
MD5: 2948b1e11bff933e08e84eb23c771bee

Located: HK_LM:Run, QuickTime Task
command: "C:\Program Files\QuickTime\qttask.exe" -atboottime
file: C:\Program Files\QuickTime\qttask.exe
size: 155648
MD5: c74c7963eec07af49dce44d64819b2bf

Located: HK_LM:Run, SunJavaUpdateSched
command: C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
file: C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
size: 32881
MD5: ed85b344e6edc30c1bc57ec1a2a56bf3

Located: HK_LM:Run, SynTPEnh
command: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
file: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
size: 536576
MD5: dae4480de163e7827f3c773d24d872e7

Located: HK_LM:Run, SynTPLpr
command: C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
file: C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
size: 98304
MD5: 77bcebe7dc9c4d059b10ddb90aa0edc1

Located: HK_LM:Run, TkBellExe
command: "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
file: C:\Program Files\Common Files\Real\Update_OB\realsched.exe
size: 180269
MD5: 006220ee86eb71c5884f415eaa9e8058

Located: HK_LM:Run, UpdateManager
command: "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
file: C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
size: 110592
MD5: 52b80c30225de81d7ac989dfe7311877

Located: HK_LM:Run, Windows Defender
command: "C:\Program Files\Windows Defender\MSASCui.exe" -hide
file: C:\Program Files\Windows Defender\MSASCui.exe
size: 1420560
MD5: 81aa8ba06a824e637e2ba290d4fa9e3e

Located: HK_CU:Run, DellSupport
command: "C:\Program Files\Dell Support\DSAgnt.exe" /startup
file: C:\Program Files\Dell Support\DSAgnt.exe
size: 306688
MD5: cea4715092cb7984420dbc9f51fb4c35

Located: HK_CU:Run, LogitechSoftwareUpdate
command: "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
file: C:\Program Files\Logitech\Video\ManifestEngine.exe
size: 196608
MD5: 660b6158bc2bc5d7cb1ff18d148c17aa

Located: HK_CU:Run, MSMSGS
command: "C:\Program Files\Messenger\msmsgs.exe" /background
file: C:\Program Files\Messenger\msmsgs.exe
size: 1694208
MD5: 74e6e96c6f0e2eca4edbb7f7a468f259

Located: HK_CU:Run, MsnMsgr
command: "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
file: C:\Program Files\MSN Messenger\MsnMsgr.Exe
size: 7094272
MD5: b83e12b5341c5dcecc5c217a824ffeb1

Located: Startup (common), Digital Line Detect.lnk
command: C:\Program Files\Digital Line Detect\DLG.exe
file: C:\Program Files\Digital Line Detect\DLG.exe
size: 24576
MD5: b66e56733e2cd6a10fda5919625fbf46

Located: Startup (common), Wireless-B Notebook Adapter Utility.lnk
command: C:\Program Files\Linksys\Wireless-B Notebook Adapter\WPC11Cfg.exe
file: C:\Program Files\Linksys\Wireless-B Notebook Adapter\WPC11Cfg.exe
size: 4784640
MD5: ffc407113cd234f32b1dcb8e07a757bf

Located: WinLogon, crypt32chain
command: crypt32.dll
file: crypt32.dll

Located: WinLogon, cryptnet
command: cryptnet.dll
file: cryptnet.dll

Located: WinLogon, cscdll
command: cscdll.dll
file: cscdll.dll

Located: WinLogon, igfxcui
command: igfxdev.dll
file: igfxdev.dll

Located: WinLogon, ScCertProp
command: wlnotify.dll
file: wlnotify.dll

Located: WinLogon, Schedule
command: wlnotify.dll
file: wlnotify.dll

Located: WinLogon, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll

Located: WinLogon, SensLogn
command: WlNotify.dll
file: WlNotify.dll

Located: WinLogon, termsrv
command: wlnotify.dll
file: wlnotify.dll

Located: WinLogon, vtsqo
command: C:\WINDOWS\system32\vtsqo.dll
file: C:\WINDOWS\system32\vtsqo.dll
size: 544788
MD5: 12b8cc5979320404289b15c86983825d

Located: WinLogon, wlballoon
command: wlnotify.dll
file: wlnotify.dll



--- Browser helper object list ---
{5CA3D70E-1895-11CF-8E15-001234567890} (DriveLetterAccess)
BHO name:
CLSID name: DriveLetterAccess
description: Hewlett-Packard's DLA software
classification: Unknown
known filename: tfswshx.dll
info link:
info source: TonyKlein
Path: C:\WINDOWS\system32\dla\
Long name: tfswshx.dll
Short name:
Date (created): 5/11/2005 12:11:16 AM
Date (last access): 4/24/2006 9:32:44 PM
Date (last write): 12/6/2004 1:05:00 AM
Filesize: 118842
Attributes: archive
MD5: 37943B990D318145D1EFCBEEF8F9566A
CRC32: C6D87067
Version: 1.4.8.0

{B313D637-F405-4052-AC37-E2119AB3C8F8} (MSEvents Object)
BHO name:
CLSID name: MSEvents Object
Path: C:\WINDOWS\system32\
Long name: vtsqo.dll
Short name:
Date (created): 11/10/2005 10:52:48 PM
Date (last access): 4/24/2006 9:32:44 PM
Date (last write): 11/10/2005 10:52:54 PM
Filesize: 544788
Attributes:
MD5: 12B8CC5979320404289B15C86983825D
CRC32: 654F61D3



--- ActiveX list ---
{17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool)
DPF name:
CLSID name: Windows Genuine Advantage Validation Tool
Installer: C:\WINDOWS\Downloaded Program Files\LegitCheckControl.inf
Codebase: http://go.microsoft.com/fwlink/?linkid=39204
Path: C:\WINDOWS\system32\
Long name: LegitCheckControl.dll
Short name: LEGITC~1.DLL
Date (created): 7/12/2005 6:04:22 PM
Date (last access): 4/24/2006 8:31:34 PM
Date (last write): 2/14/2006 10:20:14 AM
Filesize: 550120
Attributes: archive
MD5: 7D228B1D5D15352A9E801A30B0E5635E
CRC32: D2BC0486
Version: 1.5.512.0

{4B48D5DF-9021-45F7-A240-60304302A215} (Malicious Software Removal Tool)
DPF name:
CLSID name: Malicious Software Removal Tool
Installer: C:\WINDOWS\Downloaded Program Files\WebCleaner.inf
Codebase: http://download.microsoft.com/download/b/d.../WebCleaner.cab
Path: C:\WINDOWS\Downloaded Program Files\
Long name: WebCleaner.dll
Short name: WEBCLE~1.DLL
Date (created): 3/9/2006 4:10:36 PM
Date (last access): 4/24/2006 9:31:22 PM
Date (last write): 3/9/2006 4:10:36 PM
Filesize: 3393880
Attributes: archive
MD5: 06558D4316AD147481C7F58B2F9B1E35
CRC32: FE1495DA
Version: 1.14.1298.0

{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class)
DPF name:
CLSID name: MUWebControl Class
Installer: C:\WINDOWS\Downloaded Program Files\muweb.inf
Codebase: http://update.microsoft.com/microsoftupdat...b?1143863240406
Path: C:\WINDOWS\system32\
Long name: muweb.dll
Short name:
Date (created): 5/26/2005 5:19:32 AM
Date (last access): 4/24/2006 8:31:52 PM
Date (last write): 5/26/2005 5:19:32 AM
Filesize: 178408
Attributes: archive
MD5: EE37AA2C0700221CD8B02FADCD4C7FB5
CRC32: F5494B06
Version: 5.8.0.2469

{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} (Java Runtime Environment 1.4.2)
DPF name: Java Runtime Environment 1.4.2
CLSID name: Java Plug-in 1.4.2_03
Installer:
Codebase: http://java.sun.com/products/plugin/autodl...indows-i586.cab
Path: C:\Program Files\Java\j2re1.4.2_03\bin\
Long name: NPJPI142_03.dll
Short name: NPJPI1~1.DLL
Date (created): 11/19/2003 5:48:18 PM
Date (last access): 4/24/2006 7:57:06 PM
Date (last write): 11/19/2003 5:48:12 PM
Filesize: 65650
Attributes: archive
MD5: 2AD31341BE41AC9B086128AD86A2B53F
CRC32: 081CFB35
Version: 1.4.2.30



--- Process list ---
PID: 0 ( 0) [System]
PID: 604 ( 4) \SystemRoot\System32\smss.exe
PID: 688 ( 604) \??\C:\WINDOWS\system32\csrss.exe
PID: 712 ( 604) \??\C:\WINDOWS\system32\winlogon.exe
PID: 756 ( 712) C:\WINDOWS\system32\services.exe
size: 108032
MD5: C6CE6EEC82F187615D1002BB3BB50ED4
PID: 768 ( 712) C:\WINDOWS\system32\lsass.exe
size: 13312
MD5: 84885F9B82F4D55C6146EBF6065D75D2
PID: 928 ( 756) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 988 ( 756) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1028 ( 756) C:\Program Files\Windows Defender\MsMpEng.exe
size: 45840
MD5: 948D315495195662BA2A683A7A156BEA
PID: 1068 ( 756) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1180 ( 756) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1304 ( 756) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1428 (1384) C:\WINDOWS\Explorer.EXE
size: 1032192
MD5: A0732187050030AE399B241436565E64
PID: 1568 ( 756) C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
size: 239216
MD5: 38387A6F9FA0E90ADE0FD305534D6108
PID: 1612 ( 756) C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
size: 161392
MD5: 708142436B905543F6361BE7340BE1FB
PID: 1640 ( 756) C:\Program Files\Norton Internet Security\ISSVC.exe
size: 83584
MD5: 6F359FF7058A697127FCD8955817D1D1
PID: 1716 ( 756) C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
size: 185968
MD5: A3BC593AE11D541D1B064EB16C19C7DD
PID: 152 ( 756) C:\WINDOWS\system32\spoolsv.exe
size: 57856
MD5: DA81EC57ACD4CDC3D4C51CF3D409AF9F
PID: 192 ( 756) c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
size: 81920
MD5: 5576C4A655A5E18D5F93F01C6B2C30C4
PID: 280 ( 756) C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
size: 336896
MD5: 9BF46D959F713D64C8FF3DE2B2437863
PID: 292 ( 756) C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
size: 84480
MD5: 66093610FA61142F6BCFD83AFB7E8A29
PID: 368 ( 756) C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
size: 280576
MD5: E431814C506FD4FD1DF82D56F178B4A5
PID: 444 ( 756) C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
size: 127088
MD5: 1A88423B0B1E4117E460701EAC41BB7C
PID: 528 ( 756) C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
size: 356352
MD5: AD33BB7AE6D0D1CBEB253B9E5A719388
PID: 732 ( 756) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1132 ( 756) C:\WINDOWS\system32\wdfmgr.exe
size: 38912
MD5: AB0A7CA90D9E3D6A193905DC1715DED0
PID: 1504 ( 756) C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
size: 308352
MD5: A865BC7FD13E0DEA3B699C388E19FB5E
PID: 2816 ( 756) C:\WINDOWS\System32\alg.exe
size: 44544
MD5: F1958FBF86D5C004CF19A5951A9514B7
PID: 2908 ( 928) C:\WINDOWS\system32\wbem\wmiprvse.exe
size: 218112
MD5: 075EA6C849AB0FE416A3D6DD65C3CF41
PID: 3020 (1428) C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
size: 32881
MD5: ED85B344E6EDC30C1BC57EC1A2A56BF3
PID: 3080 (1428) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
size: 98304
MD5: 77BCEBE7DC9C4D059B10DDB90AA0EDC1
PID: 3116 (1428) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
size: 536576
MD5: DAE4480DE163E7827F3C773D24D872E7
PID: 3160 (1428) C:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe
size: 86016
MD5: 2948B1E11BFF933E08E84EB23C771BEE
PID: 3204 (1428) C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
size: 57344
MD5: 7E5FC860ECBD3FE4D0BF7E1814A37B56
PID: 3316 (1428) C:\WINDOWS\system32\dla\tfswctrl.exe
size: 127035
MD5: 2CA827BA68D0CDB5437C40C6F53D7F20
PID: 3364 (1428) C:\Program Files\Common Files\Symantec Shared\ccApp.exe
size: 48752
MD5: 2C2204D0AF86E638C75913823C17A295
PID: 3428 (1428) C:\Program Files\Common Files\Real\Update_OB\realsched.exe
size: 180269
MD5: 006220EE86EB71C5884F415EAA9E8058
PID: 3588 (1428) C:\Program Files\iTunes\iTunesHelper.exe
size: 278528
MD5: 8778072A594E1310C0B7D0A93771E8BD
PID: 3616 (1428) C:\WINDOWS\system32\LVCOMSX.EXE
size: 221184
MD5: A95BED8FB2B001FC31F638A446A86D9F
PID: 3660 (1428) C:\Program Files\Logitech\Video\CameraAssistant.exe
size: 434176
MD5: 00FD11E84EF70027D46F92996FF76956
PID: 4056 (3508) C:\PROGRA~1\MUSICM~1\MUSICM~3\MMDiag.exe
size: 102400
MD5: 603D421ACD2A3D76210B8F4DFFF43F48
PID: 472 (1428) C:\WINDOWS\system32\ElkCtrl.exe
size: 262144
MD5: 35CADFC53E7D7E4336E7C9C04D66C82B
PID: 2060 ( 756) C:\Program Files\iPod\bin\iPodService.exe
size: 323584
MD5: 962BC769D1008D83F6A00B9DE887EEF4
PID: 2100 (1428) C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
size: 357888
MD5: 679093AFD939B3C1B88110EBF859984D
PID: 2256 (1428) C:\Program Files\Windows Defender\MSASCui.exe
size: 1420560
MD5: 81AA8BA06A824E637E2BA290D4FA9E3E
PID: 2520 (1428) C:\WINDOWS\system32\hkcmd.exe
size: 77824
MD5: 82ADC58B63E069AC4641A33EA9841E54
PID: 2664 ( 928) C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim.exe
size: 416768
MD5: C6E9FD508A4D866CFB672AE70E8944B5
PID: 2736 ( 928) C:\WINDOWS\system32\igfxsrvc.exe
size: 159744
MD5: 2888E77950D6E98A1B1D1BBD05FA4887
PID: 1300 (1428) C:\WINDOWS\system32\igfxpers.exe
size: 114688
MD5: A0E2FFB7B0FCE82AA3BCC3105306C45C
PID: 2872 (1428) C:\Program Files\Dell Support\DSAgnt.exe
size: 306688
MD5: CEA4715092CB7984420DBC9F51FB4C35
PID: 2216 (1428) C:\Program Files\Messenger\msmsgs.exe
size: 1694208
MD5: 74E6E96C6F0E2ECA4EDBB7F7A468F259
PID: 3276 (1428) C:\Program Files\MSN Messenger\MsnMsgr.Exe
size: 7094272
MD5: B83E12B5341C5DCECC5C217A824FFEB1
PID: 4000 (1428) C:\Program Files\Digital Line Detect\DLG.exe
size: 24576
MD5: B66E56733E2CD6A10FDA5919625FBF46
PID: 588 (1428) C:\Program Files\Linksys\Wireless-B Notebook Adapter\WPC11Cfg.exe
size: 4784640
MD5: FFC407113CD234F32B1DCB8E07A757BF
PID: 3848 ( 756) C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
size: 206552
MD5: 04C6C81EF102AE3D4F8F598CFF97E4F9
PID: 3740 (1428) C:\Program Files\Internet Explorer\iexplore.exe
size: 93184
MD5: E7484514C0464642BE7B4DC2689354C8
PID: 2808 (1428) C:\Documents and Settings\nett\Local Settings\Temporary Internet Files\Content.IE5\O3RJY8L1\hijackthis[1]\HijackThis.exe
size: 218112
MD5: EE86268E59E4B38961E7C40D16BE5BB4
PID: 2428 (1428) C:\Program Files\Internet Explorer\iexplore.exe
size: 93184
MD5: E7484514C0464642BE7B4DC2689354C8
PID: 3296 (1428) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 4393096
MD5: 09CA174A605B480318731E691DC98539
PID: 4 ( 0) System


--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 4/24/2006 9:38:55 PM

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINDOWS\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.yahoo.com/
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://www.dell4me.com/myway
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
%SystemRoot%\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.dell4me.com/myway
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://www.dell4me.com/myway
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm


--- Winsock Layered Service Provider list ---


--- Uninstall list ---
(AddressBook)

AVG Free Edition (AVG7Uninstall)
uninstall cmd: C:\Program Files\Grisoft\AVG Free\setup.exe /UNINSTALL

(Branding)

Conexant D110 MDC V.9x Modem (CNXT_MODEM_PCI_VEN_8086&DEV_24x6&SUBSYS_542214F1)
uninstall cmd: C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_8086&DEV_24x6&SUBSYS_542214F1\HXFSETUP.EXE -U -Idel5422k.inf

(Connection Manager)

Dell Digital Jukebox Driver (Dell Digital Jukebox Driver)
uninstall cmd: C:\Program Files\Dell\Digital Jukebox Drivers\DrvUnins.exe /s

Dell Support 5.0.0 (630) (DellSupport)
uninstall cmd: rundll32 C:\PROGRA~1\DELLSU~1\AUInst.dll,ExUninstall

(DirectAnimation)

(DirectDrawEx)

(dlatray.exe)
uninstall cmd: C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}

DVD Decrypter (Remove Only) (DVD Decrypter)
uninstall cmd: "C:\Program Files\DVD Decrypter\uninstall.exe"

DVD Shrink 3.2 (DVD Shrink_is1)
install location: C:\Program Files\DVD Shrink\
uninstall cmd: "C:\Program Files\DVD Shrink\unins000.exe"
publisher: DVD Shrink
help link: http://www.dvdshrink.org

(DXM_Runtime)

(Fontcore)

HijackThis 1.99.1 1.99.1 (HijackThis)
uninstall cmd: C:\DOCUME~1\nett\LOCALS~1\Temp\Temporary Directory 1 for hijackthis[1].zip\HijackThis.exe /uninstall
publisher: Soeperman Enterprises Ltd.

(ICW)

(IE40)

(IE4Data)

(IE5BAKEX)

(IEData)

(InstallShield Uninstall Information)

iPod for Windows 2006-01-10 4.7.0 (InstallShield_{3D047C15-C859-45F7-81CE-F2681778069B})
version: 67567616
version (major): 4
version (minor): 7
estimated size: 52532
install date: 20060118
install location: C:\Program Files\iPod\
install source: C:\WINDOWS\Downloaded Installations\{00C2E789-F948-4BE1-8167-6E6447DC4CE2}\
uninstall cmd: C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{3D047C15-C859-45F7-81CE-F2681778069B} /l1033
publisher: Apple Computer, Inc.
contact: AppleCare
help link: http://www.info.apple.com
readme: http://www.info.apple.com/support/downloads.html

iTunes 6.0.4.2 (InstallShield_{59C4F14F-7590-45FC-BE9F-A67AB3590709})
version: 100663300
version (major): 6
estimated size: 79285
install date: 20060313
install location: C:\Program Files\iTunes\
install source: C:\WINDOWS\Downloaded Installations\{59C4F14F-7590-45FC-BE9F-A67AB3590709}\
uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{59C4F14F-7590-45FC-BE9F-A67AB3590709} /l1033
publisher: Apple Computer, Inc.
contact: AppleCare Support
help link: http://www.info.apple.com/
help telephone: 1-800-275-2273

QuickTime 7.0.4 (InstallShield_{929408E6-D265-4174-805F-81D1D914E2A4})
version: 117440516
version (major): 7
estimated size: 66739
install date: 20060226
install location: C:\Program Files\QuickTime\
install source: C:\DOCUME~1\nett\LOCALS~1\Temp\_is84\
uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{929408E6-D265-4174-805F-81D1D914E2A4} /l1033
publisher: Apple Computer, Inc.
contact: AppleCare Support
help link: http://www.info.apple.com/
help telephone: 1-800-275-2273

iPod for Windows 2005-09-23 4.3.0 (InstallShield_{D4936AAF-FFD0-44A1-A7EA-A2DB41CEB5BC})
version: 67305472
version (major): 4
version (minor): 3
estimated size: 54420
install date: 20051224
install location: C:\Program Files\iPod\
install source: C:\WINDOWS\Downloaded Installations\{B9C0ED57-3C59-4B31-9AE9-50E12D0357DD}\
uninstall cmd: C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{D4936AAF-FFD0-44A1-A7EA-A2DB41CEB5BC} /l1033
publisher: Apple Computer, Inc.
contact: AppleCare
help link: http://www.info.apple.com
readme: http://www.info.apple.com/support/downloads.html

Windows XP Hotfix - KB834707 20040929.110854 (KB834707)
uninstall cmd: C:\WINDOWS\$NtUninstallKB834707$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=834707

Windows XP Hotfix - KB873333 20050114.005213 (KB873333)
uninstall cmd: C:\WINDOWS\$NtUninstallKB873333$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=873333

Windows XP Hotfix - KB873339 20041117.092459 (KB873339)
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=873339

(KB884016)

Windows XP Hotfix - KB885250 20050118.202711 (KB885250)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=885250

Windows XP Hotfix - KB885835 20041027.181713 (KB885835)
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=885835

Windows XP Hotfix - KB885836 20041028.173203 (KB885836)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=885836

Windows XP Hotfix - KB886185 20041021.090540 (KB886185)
uninstall cmd: C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=886185

Windows XP Hotfix - KB887472 20041014.162858 (KB887472)
uninstall cmd: C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=887472

Windows XP Hotfix - KB887742 20041103.095002 (KB887742)
uninstall cmd: C:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=887742

Windows XP Hotfix - KB888113 20041116.131036 (KB888113)
uninstall cmd: C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=888113

Windows XP Hotfix - KB888302 20041207.111426 (KB888302)
uninstall cmd: C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=888302

Windows XP Hotfix - KB888310 20041027.095746 (KB888310)
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=888310

Security Update for Windows XP (KB890046) 1 (KB890046)
install date: 20050816
uninstall cmd: "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=890046

Windows XP Hotfix - KB890175 20041201.233338 (KB890175)
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=890175

Windows XP Hotfix - KB890859 1 (KB890859)
install date: 20050816
uninstall cmd: "C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=890859

Windows XP Hotfix - KB891781 20050110.165439 (KB891781)
uninstall cmd: C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=891781

Security Update for Windows XP (KB893066) 2 (KB893066)
install date: 20050816
uninstall cmd: "C:\WINDOWS\$NtUninstallKB893066$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=893066

Windows XP Hotfix - KB893086 1 (KB893086)
install date: 20050816
uninstall cmd: "C:\WINDOWS\$NtUninstallKB893086$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=893086

Security Update for Windows XP (KB893756) 1 (KB893756)
install date: 20050816
uninstall cmd: "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=893756

(KB893803)

Windows Installer 3.1 (KB893803) 3.1 (KB893803v2)
uninstall cmd: "C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=42467

Update for Windows XP (KB894391) 1 (KB894391)
install date: 20050816
uninstall cmd: "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=894391

Security Update for Windows XP (KB896358) 1 (KB896358)
install date: 20050816
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896358

Security Update for Windows XP (KB896422) 1 (KB896422)
install date: 20050816
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896422

Security Update for Windows XP (KB896423) 1 (KB896423)
install date: 20050816
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896423

Security Update for Windows XP (KB896424) 1 (KB896424)
install date: 20051114
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896424

Security Update for Windows XP (KB896428) 1 (KB896428)
install date: 20050816
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896428

Security Update for Windows XP (KB896688) 1 (KB896688)
install date: 20051019
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896688$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.co

#6 pskelley

pskelley

  • Staff Emeritus
  • 1,487 posts
  • OFFLINE
  •  
  • Local time:08:16 PM

Posted 25 April 2006 - 08:30 AM

OK, listen up. These are logs from two different computers:

Logfile of HijackThis v1.99.1 Scan saved at 9:33:53 AM, on 4/7/2006
This log HJT is here: C:\Documents and Settings\Owner.TOM-KRISTI-HOME\My Documents\Kristi\HijackThis.exe
and it is running AVG as the antivirus program.


Logfile of HijackThis v1.99.1 Scan saved at 9:27:35 PM, on 4/24/2006
HJT is here: C:\Documents and Settings\nett\Local Settings\Temporary Internet Files\Content.IE5\O3RJY8L1\hijackthis[1]\HijackThis.exe
it is running two antivirus programs at the same time and that is not good:
http://service1.symantec.com/SUPPORT/nav.n...000031316555206
and it has a vundo infection.

Please explain to me exactly what is going on here before I will proceed at all.

Thanks
MS-MVP Windows Security 2007-08
Proud Member ASAP
UNITE Member 2006




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users