| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 62511 | 2005-10-10 05:17:00 | help outlook express wont download emails!!! | lisamarie01 (6731) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 394916 | 2005-10-10 21:25:00 | thanks, oh i should mention that i also have my hotmail hooked up in outlook express and that downloads no problem. so is settings for xtra im thinking . | lisamarie01 (6731) | ||
| 394917 | 2005-10-10 21:26:00 | and another thing it keeps doing is closing down outlook i keep getting a message outlook express has encountered a problem and needs to close. | lisamarie01 (6731) | ||
| 394918 | 2005-10-10 21:49:00 | Post a hijackthis log here. See if something is screwing it up. Unzip the main HJT file first, then run it / scan / copy and paste a log here. |
Speedy Gonzales (78) | ||
| 394919 | 2005-10-11 00:38:00 | ok where do i get hijackthis? | lisamarie01 (6731) | ||
| 394920 | 2005-10-11 01:28:00 | From here www.spywareinfo.com www.merijn.org |
Speedy Gonzales (78) | ||
| 394921 | 2005-10-11 02:59:00 | ok where do i get hijackthis? Remember those wise words,Google is your friend. |
Cicero (40) | ||
| 394922 | 2005-10-12 03:29:00 | ok i have downloaded hijack this and run the program its long but here is the log file it produced. Logfile of HijackThis v1.99.1 Scan saved at 4:23:11 PM, on 12/10/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\Program Files\Common Files\Symantec Shared\ccProxy.exe C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe C:\WINDOWS\System32\GEARSec.exe C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton SystemWorks\Norton Ghost\Agent\PQV2iSvc.exe C:\PROGRA~1\NORTON~1\NORTON~3\NPROTECT.EXE C:\PROGRA~1\NORTON~1\NORTON~3\SPEEDD~1\NOPDB.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe C:\WINDOWS\Explorer.EXE C:\hp\drivers\keyboard\PS2.EXE C:\WINDOWS\System32\taskswitch.exe C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE C:\PROGRA~1\rqrppxux\bcgFCcBN.exe C:\PROGRA~1\rqrppxux\NBcCFgcb.exe C:\WINDOWS\system32\sysxp.exe C:\Program Files\Common Files\Totem Shared\Uninstall0001\upd.exe C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe C:\Program Files\Media Access\MediaAccK.exe C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe C:\Program Files\Media Access\MediaAccess.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\lrdsvr.exe C:\WINDOWS\system32\intdrv.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\PROGRA~1\NETSCAPE\NETSCA~1\NETSCAPE.EXE C:\Program Files\Outlook Express\msimn.exe C:\PROGRA~1\WINZIP\winzip32.exe C:\Documents and Settings\Owner\Local Settings\Temp\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = web.dqvisdknkjngwbusmlu.com duupxQ6EifYm0i.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.****-portal.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.trademe.co.nz R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = http=localhost:4098 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = localhost R3 - URLSearchHook: (no name) - {0199DF25-9820-4bd5-9FEE-5A765AB4371E} - (no file) N3 - Netscape 7: user_pref("browser.startup.homepage", "www.trademe.co.nz"); (C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\iict9w0q.slt\prefs.j s) N3 - Netscape 7: user_pref("browser.search.defaultengine", ""); (C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\iict9w0q.slt\prefs.j s) O1 - Hosts: 205.238.40.2 www.winmx.com O1 - Hosts: 205.238.40.2 err.winmx.com O1 - Hosts: 205.238.40.2 c3310.z1301.winmx.com O1 - Hosts: 67.18.233.36 c3311.z1301.winmx.com O1 - Hosts: 82.43.224.20 c3312.z1301.winmx.com O1 - Hosts: 209.67.209.50 c3313.z1301.winmx.com O1 - Hosts: 212.227.64.159 c3314.z1301.winmx.com O1 - Hosts: 205.238.40.2 c3315.z1301.winmx.com O1 - Hosts: 67.18.233.36 c3316.z1301.winmx.com O1 - Hosts: 82.43.224.20 c3317.z1301.winmx.com O1 - Hosts: 209.67.209.50 c3318.z1301.winmx.com O1 - Hosts: 212.227.64.159 c3319.z1301.winmx.com O1 - Hosts: 205.238.40.2 c3310.z1302.winmx.com O1 - Hosts: 67.18.233.36 c3311.z1302.winmx.com O1 - Hosts: 82.43.224.20 c3312.z1302.winmx.com O1 - Hosts: 209.67.209.50 c3313.z1302.winmx.com O1 - Hosts: 212.227.64.159 c3314.z1302.winmx.com O1 - Hosts: 205.238.40.2 c3315.z1302.winmx.com O1 - Hosts: 67.18.233.36 c3316.z1302.winmx.com O1 - Hosts: 82.43.224.20 c3317.z1302.winmx.com O1 - Hosts: 209.67.209.50 c3318.z1302.winmx.com O1 - Hosts: 212.227.64.159 c3319.z1302.winmx.com O1 - Hosts: 82.43.224.20 c3310.z1303.winmx.com O1 - Hosts: 67.18.233.36 c3311.z1303.winmx.com O1 - Hosts: 205.238.40.2 c3312.z1303.winmx.com O1 - Hosts: 209.67.209.50 c3313.z1303.winmx.com O1 - Hosts: 212.227.64.159 c3314.z1303.winmx.com O1 - Hosts: 82.43.224.20 c3315.z1303.winmx.com O1 - Hosts: 67.18.233.36 c3316.z1303.winmx.com O1 - Hosts: 205.238.40.2 c3317.z1303.winmx.com O1 - Hosts: 209.67.209.50 c3318.z1303.winmx.com O1 - Hosts: 212.227.64.159 c3319.z1303.winmx.com O1 - Hosts: 205.238.40.2 c3310.z1304.winmx.com O1 - Hosts: 67.18.233.36 c3311.z1304.winmx.com O1 - Hosts: 82.43.224.20 c3312.z1304.winmx.com O1 - Hosts: 209.67.209.50 c3313.z1304.winmx.com O1 - Hosts: 212.227.64.159 c3314.z1304.winmx.com O1 - Hosts: 205.238.40.2 c3315.z1304.winmx.com O1 - Hosts: 67.18.233.36 c3316.z1304.winmx.com O1 - Hosts: 82.43.224.20 c3317.z1304.winmx.com O1 - Hosts: 209.67.209.50 c3318.z1304.winmx.com O1 - Hosts: 212.227.64.159 c3319.z1304.winmx.com O1 - Hosts: 205.238.40.2 c3310.z1305.winmx.com O1 - Hosts: 67.18.233.36 c3311.z1305.winmx.com O1 - Hosts: 82.43.224.20 c3312.z1305.winmx.com O1 - Hosts: 209.67.209.50 c3313.z1305.winmx.com O1 - Hosts: 212.227.64.159 c3314.z1305.winmx.com O1 - Hosts: 205.238.40.2 c3315.z1305.winmx.com O1 - Hosts: 67.18.233.36 c3316.z1305.winmx.com O1 - Hosts: 82.43.224.20 c3317.z1305.winmx.com O1 - Hosts: 209.67.209.50 c3318.z1305.winmx.com O1 - Hosts: 212.227.64.159 c3319.z1305.winmx.com O1 - Hosts: 205.238.40.2 c3310.z1306.winmx.com O1 - Hosts: 67.18.233.36 c3311.z1306.winmx.com O1 - Hosts: 82.43.224.20 c3312.z1306.winmx.com O1 - Hosts: 209.67.209.50 c3313.z1306.winmx.com O1 - Hosts: 212.227.64.159 c3314.z1306.winmx.com O1 - Hosts: 205.238.40.2 c3315.z1306.winmx.com O1 - Hosts: 67.18.233.36 c3316.z1306.winmx.com O1 - Hosts: 82.43.224.20 c3317.z1306.winmx.com O1 - Hosts: 209.67.209.50 c3318.z1306.winmx.com O1 - Hosts: 212.227.64.159 c3319.z1306.winmx.com O1 - Hosts: 205.238.40.2 c3520.z1301.winmx.com O1 - Hosts: 67.18.233.36 c3521.z1301.winmx.com O1 - Hosts: 82.43.224.20 c3522.z1301.winmx.com O1 - Hosts: 209.67.209.50 c3523.z1301.winmx.com O1 - Hosts: 212.227.64.159 c3524.z1301.winmx.com O1 - Hosts: 205.238.40.2 c3525.z1301.winmx.com O1 - Hosts: 67.18.233.36 c3526.z1301.winmx.com O1 - Hosts: 82.43.224.20 c3527.z1301.winmx.com O1 - Hosts: 209.67.209.50 c3528.z1301.winmx.com O1 - Hosts: 212.227.64.159 c3529.z1301.winmx.com O1 - Hosts: 205.238.40.2 c3520.z1302.winmx.com O1 - Hosts: 67.18.233.36 c3521.z1302.winmx.com O1 - Hosts: 82.43.224.20 c3522.z1302.winmx.com O1 - Hosts: 209.67.209.50 c3523.z1302.winmx.com O1 - Hosts: 212.227.64.159 c3524.z1302.winmx.com O1 - Hosts: 205.238.40.2 c3525.z1302.winmx.com O1 - Hosts: 67.18.233.36 c3526.z1302.winmx.com O1 - Hosts: 82.43.224.20 c3527.z1302.winmx.com O1 - Hosts: 209.67.209.50 c3528.z1302.winmx.com O1 - Hosts: 212.227.64.159 c3529.z1302.winmx.com O1 - Hosts: 205.238.40.2 c3520.z1303.winmx.com O1 - Hosts: 67.18.233.36 c3521.z1303.winmx.com O1 - Hosts: 82.43.224.20 c3522.z1303.winmx.com O1 - Hosts: 209.67.209.50 c3523.z1303.winmx.com O1 - Hosts: 212.227.64.159 c3524.z1303.winmx.com O1 - Hosts: 205.238.40.2 c3525.z1303.winmx.com O1 - Hosts: 67.18.233.36 c3526.z1303.winmx.com O1 - Hosts: 82.43.224.20 c3527.z1303.winmx.com O1 - Hosts: 209.67.209.50 c3528.z1303.winmx.com O1 - Hosts: 212.227.64.159 c3529.z1303.winmx.com O1 - Hosts: 205.238.40.2 c3520.z1304.winmx.com O1 - Hosts: 67.18.233.36 c3521.z1304.winmx.com O1 - Hosts: 82.43.224.20 c3522.z1304.winmx.com O1 - Hosts: 209.67.209.50 c3523.z1304.winmx.com O1 - Hosts: 212.227.64.159 c3524.z1304.winmx.com O1 - Hosts: 205.238.40.2 c3525.z1304.winmx.com O1 - Hosts: 67.18.233.36 c3526.z1304.winmx.com O1 - Hosts: 82.43.224.20 c3527.z1304.winmx.com O1 - Hosts: 209.67.209.50 c3528.z1304.winmx.com O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {2804285D-3F45-5390-9BFD-525402CC2176} - (no file) O2 - BHO: (no name) - {8AAC67CA-1232-BEBA-B639-0BDD546C5B33} - (no file) O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll O2 - BHO: (no name) - {CDEEC43D-3572-4E95-A2A5-F519D29F00C0} - (no file) O2 - BHO: (no name) - {D80C4E21-C346-4E21-8E64-20746AA20AEB} - (no file) O2 - BHO: (no name) - {E14DCE67-8FB7-4721-8149-179BAA4D792C} - (no file) O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe O4 - HKLM\..\Run: [PS2] C:\hp\drivers\keyboard\PS2.EXE O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\System32\taskswitch.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security Professional\UrlLstCk.exe O4 - HKLM\..\Run: [Camera Detector] C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE -autorun O4 - HKLM\..\Run: [LogonStudio] "C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide O4 - HKCU\..\Run: [svcSystem] C:\WINDOWS\system32\lrdsvr.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm O8 - Extra context menu item: &Search - bar.mywebsearch.com O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O12 - Plugin for .exe: C:\Program Files\Netscape\Netscape Browser\PLUGINS\npfd.dll O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O12 - Plugin for .xml: C:\Program Files\Netscape\Netscape Browser\PLUGINS\npTrident.dll O12 - Plugin for .z01: C:\Program Files\Netscape\Netscape Browser\PLUGINS\npfd.dll O12 - Plugin for .z02: C:\Program Files\Netscape\Netscape Browser\PLUGINS\npfd.dll O14 - IERESET.INF: START_PAGE_URL=http://www.xtra.co.nz O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - messenger.zone.msn.com O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} (SupportSoft SmartIssue) - www.symantec.com O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) - www.symantec.com O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - go.microsoft.com O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - www.symantec.com O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - messenger.zone.msn.com O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} - www.ysbweb.com O16 - DPF: {50F65670-1729-11D2-A51F-0020AFE5D502} (ForumChat) - forumchat.compuserve.com O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - software-dl.real.com O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - messenger.zone.msn.com O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} - www.napster.com O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - messenger.msn.com O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - zone.msn.com O16 - DPF: {C6E43B37-19DF-4F36-AA7F-55B46032588C} (FotopostWeb.CustomerUploader) - fotopost.co.nz O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - www.symantec.com O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - anu.popcap.com O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - chat.msn.com O16 - DPF: {F5C90925-ABBF-4475-88F5-8622B452BA9E} (Compaq System Data Class) - h20179.www2.hp.com O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - messenger.zone.msn.com O16 - DPF: {F9043C85-F6F2-101A-A3C9-08002B2F49FB} (Microsoft Common Dialog Control, version 6.0) - activex.microsoft.com O16 - DPF: {FFFF0003-0001-101A-A3C9-08002B23E0CC} - direct.data-line.us O17 - HKLM\System\CCS\Services\Tcpip\..\{8CE0ACB4-98DC-490C-87A9-D78F60E15DD3}: NameServer = 202.27.158.40 202.27.156.72 O17 - HKLM\System\CCS\Services\Tcpip\..\{ED8F58E6-E875-49D4-AF88-CAE9DF886C1D}: NameServer = 192.168.1.200 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dl l O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: FGKEY - Unknown owner - C:\MYSHAR~1\FOLDER~1.3_S\FGKEY.EXE (file missing) O23 - Service: GBPoll - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Ghost\Agent\PQV2iSvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~3\NPROTECT.EXE O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~3\SPEEDD~1\NOPDB.EXE O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe |
lisamarie01 (6731) | ||
| 394923 | 2005-10-12 03:53:00 | I'm not as expert as Speedy on analysing Hijackthis data, but it seems you're using Netscape as your browser... have you considered trying Netscape Messenger as your email programme? It's far better than Outlook Express, and may just solve the issues. | Greg (193) | ||
| 394924 | 2005-10-12 03:56:00 | You apear to know a little so will just post the link see if you can work through it hjt.iamnotageek.com ####+ ####+ ##+++++ just proves how shi††ie Nortons is. ####+ ####+ |
Rob99 (151) | ||
| 394925 | 2005-10-12 04:30:00 | Tick these. Close browsers. Tick fix checked. Reboot. You've got a few nasties in that log C:\WINDOWS\system32\sysxp.exe C:\Program Files\Common Files\Totem Shared\Uninstall0001\upd.exe C:\Program Files\Media Access\MediaAccK.exe C:\Program Files\Media Access\MediaAccess.exe securityresponse.symantec.com R3 - URLSearchHook: (no name) - {0199DF25-9820-4bd5-9FEE-5A765AB4371E} - (no file O1 - Hosts: 205.238.40.2 www.winmx.com Tick ALL of the entries with www.winmx.com in it. O2 - BHO: (no name) - {2804285D-3F45-5390-9BFD-525402CC2176} - (no file) O2 - BHO: (no name) - {8AAC67CA-1232-BEBA-B639-0BDD546C5B33} - (no file) O2 - BHO: (no name) - {CDEEC43D-3572-4E95-A2A5-F519D29F00C0} - (no file) O2 - BHO: (no name) - {D80C4E21-C346-4E21-8E64-20746AA20AEB} - (no file) O2 - BHO: (no name) - {E14DCE67-8FB7-4721-8149-179BAA4D792C} - (no file) O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm O8 - Extra context menu item: &Search - bar.mywebsearch.com O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} - www.ysbweb.com O16 - DPF: {FFFF0003-0001-101A-A3C9-08002B23E0CC} - direct.data-line.us O23 - Service: FGKEY - Unknown owner - C:\MYSHAR~1\FOLDER~1.3_S\FGKEY.EXE (file missing) C:\PROGRA~1\rqrppxux\bcgFCcBN.exe C:\PROGRA~1\rqrppxux\NBcCFgcb.exe I would also try this www.simplysup.com Download it, install it, run and scan. Also select utilities menu, and select each option. The 3rd - 7th option. And these C:\WINDOWS\system32\lrdsvr.exe C:\WINDOWS\system32\intdrv.exe Are a bit suss. Tick the above ones, and reboot. |
Speedy Gonzales (78) | ||
| 1 2 3 4 5 6 | |||||