Ad:

Viruses, Spyware and other Nasties Discussion Thread
Unsolved
Views: 1280

Permalink

Mar 17th, 2006

messed up computer

Expand Post »

Similar Threads

New ram installed computer wont start in Windows NT / 2000 / XP
Help On Reformat, Computer Wont Start in Windows NT / 2000 / XP
My hard drive and cd drive are messed up in Storage
Computer will connect to Internet...just not MY connection in Windows NT / 2000 / XP
Computer repeatedly crashing in Windows NT / 2000 / XP

llavarocks

Reputation Points: 10

Solved Threads: 0

Newbie Poster

Offline

5 posts
since Mar 2006

Permalink

Mar 17th, 2006

Re: messed up computer

You did, but oculdnt you have just added on to the other threads you made. Now you have 3 threads with the same title

.

Any ways, scan with HJT again, and check the following.

O2 - BHO: (no name) - {F736EFCA-786C-7C51-6EE0-0CFF9B1F763E} - (no file)

O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

And if you reconize the IP's of these leave em'. If you dont check them.

O17 - HKLM\System\CCS\Services\Tcpip\..\{1014D7BD-5CCA-455F-8185-1B39C432A932}: NameServer = 205.188.146.145

O17 - HKLM\System\CS1\Services\Tcpip\..\{1014D7BD-5CCA-455F-8185-1B39C432A932}: NameServer = 205.188.146.145

Then download ewido - http://www.ewido.net/en/ - Install it. Update it. Scan. Let iit remove what it finds.

Post a new log, and the ewido log.

tayspen

Team Colleague

Reputation Points: 84

Solved Threads: 99

Offline

1,542 posts
since Jul 2005

Permalink

Mar 18th, 2006

Re: messed up computer

Logfile of HijackThis v1.99.1
Scan saved at 6:29:45 PM, on 3/16/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
C:\WINDOWS\BCMSMMSG.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\Chameleon Clock\ChamClock.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Netscape Internet Service\dialer_org.exe
C:\Program Files\Netscape Internet Service\css.exe
C:\Program Files\MSN\MSNCoreFiles\msn6.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\WinAce\WinAce.exe
C:\Documents and Settings\Gary Hagerman\Desktop\hi2\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nytimes.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PBlockHelper Class - {4115122B-85FF-4DD3-9515-F075BEDE5EB5} - C:\PROGRA~1\NETSCA~1\NETSCA~1\pbhelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {F736EFCA-786C-7C51-6EE0-0CFF9B1F763E} - (no file)
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [diagent] "C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [AVG7_CC] "C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" /STARTUP
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [HomeAlarm] C:\Program Files\Chameleon Clock\ChamClock.exe
O4 - HKCU\..\Run: [Startup Guru] "C:\Documents and Settings\Gary Hagerman\Desktop\Spyware &Virus Control\startupguru.exe" /B
O4 - HKCU\..\Run: [FUIClearHis] C:\Program Files\FreshDevices\FreshUI\freshui.exe 15 17
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/sh...1/mcinsctl.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1138348766281
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/sh...26/mcgdmgr.cab
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite...ITDetector.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1014D7BD-5CCA-455F-8185-1B39C432A932}: NameServer = 205.188.146.145
O17 - HKLM\System\CS1\Services\Tcpip\..\{1014D7BD-5CCA-455F-8185-1B39C432A932}: NameServer = 205.188.146.145
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Netscape Update Service (NCUpdateSvc) - Unknown owner - C:\Program Files\Netscape Internet Service\ncupdatesvc.exe (file missing)
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
+ Created on: 10:39:24 AM, 3/18/2006
+ Report-Checksum: 24CD8982

+ Scan result:

:mozilla.6:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.26:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.27:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.28:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.29:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.30:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.54:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.55:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.56:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.57:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.66:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.71:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.72:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.73:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.81:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.82:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.83:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.100:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Dbbsrv : Cleaned with backup
:mozilla.118:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Dbbsrv : Cleaned with backup
C:\Documents and Settings\Gary Hagerman\Cookies\gary hagerman@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup
C:\Documents and Settings\Gary Hagerman\Cookies\gary hagerman@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\Gary Hagerman\Cookies\gary hagerman@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned with backup
C:\Documents and Settings\Gary Hagerman\Cookies\gary hagerman@microsofteup.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Gary Hagerman\Cookies\gary hagerman@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned with backup

+ Created on: 10:39:24 AM, 3/18/2006
+ Report-Checksum: 24CD8982

+ Scan result:

:mozilla.6:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.26:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.27:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.28:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.29:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.30:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.54:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.55:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.56:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.57:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.66:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.71:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.72:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.73:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.81:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.82:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.83:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Aavalue : Cleaned with backup
:mozilla.100:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Dbbsrv : Cleaned with backup
:mozilla.118:C:\Documents and Settings\Gary Hagerman\Application Data\Mozilla\Firefox\Profiles\1iy5hv44.default\cookies.txt -> TrackingCookie.Dbbsrv : Cleaned with backup
C:\Documents and Settings\Gary Hagerman\Cookies\gary hagerman@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup
C:\Documents and Settings\Gary Hagerman\Cookies\gary hagerman@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\Gary Hagerman\Cookies\gary hagerman@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned with backup
C:\Documents and Settings\Gary Hagerman\Cookies\gary hagerman@microsofteup.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Gary Hagerman\Cookies\gary hagerman@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned with backup

::Report End
::Report End
here is the new scans i tried to rid the system of the last registry entry,zonelabs because i got rid of that firewall but it will not leave

llavarocks

Reputation Points: 10

Solved Threads: 0

Newbie Poster

Offline

5 posts
since Mar 2006

Permalink

Mar 18th, 2006

Re: messed up computer

Ok, Scan again with HJT, and put a ceck next to the following.

O2 - BHO: (no name) - {F736EFCA-786C-7C51-6EE0-0CFF9B1F763E} - (no file)

O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

O23 - Service: Netscape Update Service (NCUpdateSvc) - Unknown owner - C:\Program Files\Netscape Internet Service\ncupdatesvc.exe (file missing)

Did you decide that the 017 entries were related to your ISP, if so and you did not remove them, thats fine. If you did remove them there back. and we need to take action against them.

tayspen

Team Colleague

Reputation Points: 84

Solved Threads: 99

Offline

1,542 posts
since Jul 2005

Permalink

Mar 18th, 2006

Re: messed up computer

Do you use Netscape? If so - may not hurt to verify that file is indeed missing
O23 - Service: Netscape Update Service (NCUpdateSvc) - Unknown owner - C:\Program Files\Netscape Internet Service\ncupdatesvc.exe (file missing)

If not, I would leave it be.

Also - you will need to update your Java, and uninstall the old version thru Add/Remove Programs...

D3m3nt3d

Reputation Points: 11

Solved Threads: 14

Posting Whiz in Training

Offline

245 posts
since Feb 2006

Permalink

Mar 19th, 2006

Re: messed up computer

Logfile of HijackThis v1.99.1
Scan saved at 11:35:54 AM, on 3/19/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
C:\WINDOWS\BCMSMMSG.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\Chameleon Clock\ChamClock.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Gary Hagerman\Desktop\hi2\HijackThis.exe
C:\WINDOWS\system32\wuauclt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nytimes.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PBlockHelper Class - {4115122B-85FF-4DD3-9515-F075BEDE5EB5} - C:\PROGRA~1\NETSCA~1\NETSCA~1\pbhelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [diagent] "C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [AVG7_CC] "C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" /STARTUP
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Registry Toolkit] C:\Program Files\Registry Toolkit\RegToolkit.exe /scan
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [HomeAlarm] C:\Program Files\Chameleon Clock\ChamClock.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/sh...1/mcinsctl.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1138348766281
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/sh...26/mcgdmgr.cab
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite...ITDetector.cab
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Netscape Update Service (NCUpdateSvc) - Unknown owner - C:\Program Files\Netscape Internet Service\ncupdatesvc.exe (file missing)
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Unknown owner - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe (file missing)

i keep on being timed out but firefox is back

llavarocks

Reputation Points: 10

Solved Threads: 0

Newbie Poster

Offline

5 posts
since Mar 2006

Permalink

Mar 27th, 2006

Re: messed up computer

Fix the following:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

After fixing that, do ya have any more problems?

Thanks.

'Stein

Team Colleague

Reputation Points: 222

Solved Threads: 105

Lapsed Skeptic

Offline

1,605 posts
since Jan 2006

This thread is more than three months old

No one has posted to this discussion for at least three months. Please let old threads die and do not reply to them unless you feel you have something new and valuable to contribute that absolutely must be added to make the discussion complete. Otherwise, please start a new thread in this forum instead.

Previous Thread in Viruses, Spyware and other Nasties Forum Timeline: trojan.cachecache

Next Thread in Viruses, Spyware and other Nasties Forum Timeline: My Computer Is Running Too Slow

DaniWeb Message

Cancel Changes

User Name
Password