• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
Sign in to follow this  
Followers 0
xtaci

MALWARE CHECK PLS

2 posts in this topic

Please help I think I have roings ?????

 

 

 

 

Logfile of HijackThis v1.97.7

Scan saved at 7:28:01 PM, on 12/09/2003

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe

C:\PROGRA~1\Iomega\System32\AppServices.exe

C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe

C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE

C:\Program Files\Omniquad MyPrivacy\MyPrivacy\mpsvc.exe

D:\Program Files\InCD.exe

C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe

C:\Program Files\Norton AntiVirus\SAVScan.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE

C:\WINDOWS\System32\ScsiAccess.EXE

C:\WINDOWS\System32\svchost.exe

C:\PROGRA~1\Nokia\NOKIAP~2\TRAYAP~1.EXE

C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe

C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

C:\Program Files\ISTsvc\istsvc.exe

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE

C:\Program Files\Internet Optimizer\optimize.exe

C:\WINDOWS\System32\lujkit.exe

C:\Program Files\dvd43\dvd43_tray.exe

C:\WINDOWS\System32\ctfmon.exe

C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Norton AntiVirus\navapsvc.exe

C:\Program Files\Adobe\Acrobat 6.0\Reader\AcroRd32.exe

C:\WINDOWS\System32\WISPTIS.EXE

D:\PROGRA~1\DAP\DAP.EXE

C:\Documents and Settings\chris markovski\Desktop\HJT FOLDER\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ninemsn.com.au/

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.ninemsn.com.au/

R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)

O2 - BHO: (no name) - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - C:\WINDOWS\nem219.dll

O2 - BHO: (no name) - {000020DD-C72E-4113-AF77-DD56626C6C42} - (no file)

O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {8F4E5661-F99E-4B3E-8D85-0EA71C0748E4} - C:\WINDOWS\wsem218.dll

O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O2 - BHO: (no name) - {F7F808F0-6F7D-442C-93E3-4A4827C2E4C8} - C:\WINDOWS\nem218.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll

O4 - HKLM\..\Run: [inCD] D:\Program Files\InCD.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe

O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL

O4 - HKLM\..\Run: [ashMaiSv] d:\PROGRA~1\ALWILS~1\Avast4\ashmaisv.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [DataLayer] C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE

O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~2\TRAYAP~1.EXE

O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe

O4 - HKLM\..\Run: [iST Service] C:\Program Files\ISTsvc\istsvc.exe

O4 - HKLM\..\Run: [internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe"

O4 - HKLM\..\Run: [baekuika] C:\WINDOWS\System32\lujkit.exe

O4 - HKLM\..\Run: [dvd43] C:\Program Files\dvd43\dvd43_tray.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe

O8 - Extra context menu item: &Download with &DAP - D:\PROGRA~1\DAP\dapextie.htm

O8 - Extra context menu item: Download &all with DAP - D:\PROGRA~1\DAP\dapextie2.htm

O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000

O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwa...director/sw.cab

O16 - DPF: {638AF6A2-81A1-4655-9FFA-9FC09CDE22CF} (CScanner Object) - http://www.pestscan.com/scanner/ppctlcab.cab

O16 - DPF: {75D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin.SecureControl) - http://secure2.comned.com/signuptemplates/ActiveSecurity.cab

O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/...7918.9049189815

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwa...ash/swflash.cab

O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/hpdj/en/check/qdiagh.cab?315

O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...363/mcfscan.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{5B4BEDFB-39C8-47E3-AF9E-D0F2BB8481AE}: NameServer = 202.162.77.160 202.162.77.161

Share this post


Link to post
Share on other sites

I will be glad to help you with this issue. Before we get started, please let me know if you have posted this same problem on another page, in another forum, or on another website.

That way we can avoid duplicate posts and replies.

 

#1. Please download AdAware, a good anti-spyware program from http://www.computercops.biz/downloads-file-292.html

Install by double-clicking on the downloaded file.

After installing but before running, update Ad-aware by using its Globe icon.

After updating, shutdown and restart Ad-aware.

Ad-aware is ready to scan and clean your system following these steps:

 

Under Ad-aware 6 > Settings (Gear at the top) > Tweaks > Scanning Engine:

"Unload recognized processes during scanning."

Under Ad-aware 6 > Settings (Gear at the top) > Tweaks > Cleaning Engine:

"Let Windows remove files in use after reboot."

Press "Scan Now"

Check option "Use Custom scanning options"

Check option "Activate In-Depth Scan"

Press "Select drives\folders to scan"

Select the active partition which is usually C:

Press "Next" to let Ad-aware scan your drives...

If it finds "bad" files and registry keys, press "Next" again

Right-click in that pane and choose "Select All"

Press "Next"

When it asks to remove all checked items, Press "OK"

Close Ad-aware, reboot your computer and go on to Step 2 below.

 

#2. Please download Spybot: Search and Destroy from http://www.computercops.biz/downloads-file-108.html

Install by double-clicking on the downloaded file.

Run Spybot S&D from desktop icon or Start menu.

Press "Search for updates" button to get list of updates available.

Press "Download updates" button.

Close all IE windows and close & restart Spybot S&D.

Press "Check for Problems" button.

Have SpyBot remove all it marks in RED by pressing "Fix Selected Problems".

Close Spybot S&D, reboot your computer.

 

#3. Perform an online virus scan at:

Trend Micro HouseCall:

http://housecall.antivirus.com/pc_housecall/

 

Let them clean what they find.

Reboot.

Run HJT and please post a fresh log. Thanks.

 

Then we will see what else we can clean up.

Share this post


Link to post
Share on other sites
Sign in to follow this  
Followers 0