I was browsing in hopes of trying to fix this problem and happened on this site. I am using Win XP, sorry I don't know what service pack.

I have lots of new weird stuff on my computer. I have gathered from my few short minutes on this site that I should post a Hijack this log, but I don't know what that is. If that would help, could someone advise me on how to obtain it and post a log.

The aforementioned weird stuff comes up on my windows task manager when I hit ctrl+alt+delete, I have also found weird stuff(sorry, I am not too technical with the termage) by going to Run and typing msconfig. It's not really doing anything other than deleting my google tool bar and opening up strange search windows, but it still gives me a not so good feeling. The programs are: kdzpvpfw.exe, zvokiqis.exe, and winfavorites.exe. I just updated my adaware in hopes of getting rid on comwiz.exe(I think I did). But I can't figure out how to get rid of this other stuff. I am going to guess that there is other stuff on this computer that I just haven't noticed yet.

Nothing comes up when I google the programs that is easy to understand.

Can someone please help me?

Ok you have trojans/viruses.

Now you need to get rid of them. Do you have a Anti`Virus scanner?

this is what i get when i google hijackthis

http://www.google.com/search?sourcei...8&q=hijackthis

The best single page I have found: HijackThis Quick Start Page. It includes a download link and the most basic instructions.

According to the evidence in your post, you have both hijackers and viruses. Grisoft AVG is one of the best anti-virus programs, and free for personal use.

You should use Spybot Search & Destroy and/or Ad-Aware spyware/adware tools, as well. You can find links to both on my Malware Information page, along with more detailed information. I know it's a lot of information, but as long as you continue to use Internet Explorer and Outlook instead of Mozilla you are forced to become an expert on malware of every type.

Please Download hijackthis from

http://www.merijn.org/files/hijackthis.zip

Unzip, doubleclick HijackThis.exe, and hit "Scan".

After the scan has finished the "scan" button will turn into a "save log" button

save the log file and paste it here

Do not delete anything yet, as most things hijackthis finds are harmless and needed.

steam

I can't post my hijackthis log, I have tried about ten times and it keeps telling me the page is down. Any suggestions?

are you trying to attach it as a file! just copy paste it into your reply

Nope, I am not trying to attach a file. I have tried in both Netsacape and IE. IE gives me a Page can't not be displayed error, Netscape tells me the document is empty. The text shows up here, so I don't know what the deal is.


I just tried again, No go.

Logfile of HijackThis v1.96.1
Scan saved at 8:23:37 AM, on 1/9/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\winlogon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\hijackthis\HijackThis.exe
C:\Program Files\Messenger\msmsgs.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.eastlink.ca/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.eastlink.ca
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/s...ctor/swdir.cab
O16 - DPF: {17D72920-7A15-11D4-921E-0080C8DA7A5E} (AimSp32 Class) - http://makeover.substance.com/save/makeover.cab
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) - http://office.microsoft.com/officeup...ntent/opuc.cab
O16 - DPF: {5B27C20D-FFB6-4054-BA78-DE4A059BC75A} (Microsoft Office Template Downloader) - http://office.microsoft.com/ca/Templ...lery/msotd.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...tatsClient.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.co...7992.612349537
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://active.macromedia.com/flash2/cabs/swflash.cab

ok the above is mine ,i just ran hijack and the scan button turns into a copy button ,hit it and when asked to save hit sAVE when note pad opens copy the text from there and past it here .