0

Hello, new to this forum but saw all the great help from some very knoleagable people so I decided to sign on.

And of coarse I have some problems to work out as well.

My Netzero mail account will only let me recieve mail and open the mail.I can't delete,forward or report junk at all.

My MSN mail won't even load the new mail, it is just stuck on the mail in the box from a week or so ago.

My web browser ,IE, on some web sites won't let me move on to the next page.

And if I try to edit a post it just sends me back to the opening web page.

I can't down load any web based virus scans, or updates.It just sends me back to the home page, or will time out .


I have done spybot,adware,NortonATV,NortonIS, and even some trojin scanning shareware from the sites recamended on this web site but it still doesn't help.

I am assuming I have a bug of some kind and it is locking me out , how can I get a comprehensive scan with out the bug locking me out?

Is there a way to reload the sections of IE that the bug has locked me out of?

Thanks,Benny

3
Contributors
12
Replies
13
Views
12 Years
Discussion Span
Last Post by dlh6213
0

Hi Benny591, welcome to DaniWeb :D

Since you suspect a 'bug' I've move your thread to the Virus forum (for the time being anyway).

In order for us to see what you have running on your system, I suggest you get the self-extracting version of HijackThis from here (in line 2):
http://www.malwareremoval.com/downloads.html

Then close any open browser windows, 'Scan and Save Log' with hijackthis, copy the log, and paste it here in this thread.

0

Well here is the log file, I tried every thing I know and all the scans I can do but nothing shows up.

I still can't get MSN mail to work at all, NetZero will let me open mail but do nothing else with it.My favorite web site will load but I can not thumb through the pages.

If I go to Microsoft update page I get a message about "Thank you for your intrest in Microsoft, but site is unavailable"Yet I can get there on another PC I have now setr up to surf on till I get this HP fixed,

Thanks,Benny


Logfile of HijackThis v1.99.1
Scan saved at 5:27:50 AM, on 6/5/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Norton Internet Security\NISUM.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\Program Files\Norton Internet Security\ccPxySvc.exe
C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe
C:\PROGRA~1\NORTON~3\NORTON~2\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe
C:\PROGRA~1\NORTON~3\NORTON~2\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-us\msnappau.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\WINDOWS\LTMSG.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\gcasServ.exe
C:\Program Files\gcasDtServ.exe
C:\Program Files\CallWave\IAM.exe
C:\Program Files\Nikon\NkView6\NkvMon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN\MSNCoreFiles\msn6.exe
C:\DOCUME~1\Owner\LOCALS~1\Temp\Temporary Directory 1 for WinsockFix.zip\WinsockFix.exe
C:\Documents and Settings\Owner\My Documents\Trojan Remover\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://my.netzero.net/s/sp?r=al&cf=sp&mem=benstackle&login=0ab77cd20071c96d374fbd1edf26b041/benstackle:netzero.net/1117660622/30/sss.9.59190/&ts=429e25ce&A=439365780000159&B=1077177600000&C=1076400000000&D=1076400000000&I=8.NH2&N=&O=A&UT=
R3 - URLSearchHook: URLSearchHook Class - {37D2CDBF-2AF4-44AA-8113-BD0D2DA3C2B8} - C:\Program Files\NZSearch\SearchEnh2.dll
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {BCDF83DD-AE56-4C7F-FEC3-FE7DFCAF30C3} - (no file)
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O2 - BHO: PosHelp - {CDEEC43D-3572-4E95-A2A5-F519D29F00C0} - C:\PROGRA~1\ADVANC~1\ADVANC~1.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: ZeroBar - {F5735C15-1FB2-41FE-BA12-242757E69DDE} - C:\Program Files\NetZero\Toolbar.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O3 - Toolbar: ZeroBar - {F0F8ECBE-D460-4B34-B007-56A92E8F84A7} - C:\Program Files\NetZero\Toolbar.dll
O3 - Toolbar: Advanced Searchbar - {57F02779-3D88-4958-8AD3-83C12D86ADC7} - C:\PROGRA~1\ADVANC~1\advancedsearchbar.dll
O4 - HKLM\..\Run: [TrojanScanner] C:\Documents and Settings\Owner\My Documents\Trojan Remover\Trjscan.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [PreloadApp] c:\hp\drivers\printers\photosmart\hphprld.exe c:\hp\drivers\printers\photosmart\setup.exe -d
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-us\msnappau.exe"
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [LTMSG] LTMSG.exe 7
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [checktime] c:\program files\HPSelect\Frontend\ct.exe
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [AcctMgr] C:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe /startup
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\gcasServ.exe"
O4 - HKCU\..\Run: [spc_w] "C:\Program Files\NZSearch\nzspc.exe" -w
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - HKCU\..\Run: [NetZero_uoltray] C:\Program Files\NetZero\exec.exe regrun
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe"
O4 - Global Startup: Internet Answering Machine.lnk = C:\Program Files\CallWave\IAM.exe
O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe
O4 - Global Startup: SpySubtract.lnk = C:\Program Files\interMute\SpySubtract\CWSInstall.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Send Image to Photo Library - file://C:\Documents and Settings\Owner\Application Data\MGI\PhotoSuite4\Temp\MGI00000.html
O8 - Extra context menu item: Si&milar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: AnyWho - {0264505A-6793-44E0-AC75-9DCE3B13185C} - C:\Program Files\AT&T\WnClient\Programs\AnyWho.exe
O9 - Extra button: MktBrowser - {17A27031-71FC-11d4-815C-005004D0F1FA} - C:\Program Files\MarketBrowser\lmt\MarketBrowser_Launch.xpy
O9 - Extra 'Tools' menuitem: MarketBrowser - {17A27031-71FC-11d4-815C-005004D0F1FA} - C:\Program Files\MarketBrowser\lmt\MarketBrowser_Launch.xpy
O9 - Extra button: Advanced Searchbar - {57F02779-3D88-4958-8AD3-83C12D86ADC7} - C:\PROGRA~1\ADVANC~1\advancedsearchbar.dll
O9 - Extra 'Tools' menuitem: Advanced Searchbar - {57F02779-3D88-4958-8AD3-83C12D86ADC7} - C:\PROGRA~1\ADVANC~1\advancedsearchbar.dll
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - c:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .mp3: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin4.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: http://firehotquotes.bolt.com
O16 - DPF: Aces Up! by pogo - http://game1.pogo.com/applet-6.1.1.21/aces/aces-ob-assets.cab
O16 - DPF: Ali Baba Slots TM by pogo - http://game1.pogo.com/applet-6.1.1.29/slots/alibaba-ob-assets.cab
O16 - DPF: Backgammon by pogo - http://game1.pogo.com/applet-6.1.2.25/backgammon/backgammon-ob-assets.cab
O16 - DPF: Buckaroo Blackjack TM by pogo - http://vbjack.pogo.com/applet/videoblackjack/videoblackjack-ob-assets.cab
O16 - DPF: Checkers by pogo - http://game1.pogo.com/applet-6.1.3.21/checkers2/checkers-ob-assets.cab
O16 - DPF: Dice Derby by pogo - http://game1.pogo.com/applet-6.1.1.21/checkeredflag/checkeredflag-ob-assets.cab
O16 - DPF: Double Deuce Poker by pogo - http://doublebonus.pogo.com/applet/videopoker2/doubledeuce-ob-assets.cab
O16 - DPF: Euchre by pogo - http://euchre.pogo.com/applet-6.1.1.21/euchre/euchre-ob-assets.cab
O16 - DPF: EZ Win Bingo by pogo - http://bingoe.pogo.com/applet/bingo/bingoe-ob-assets.cab
O16 - DPF: Fortune Bingo by pogo - http://game1.pogo.com/applet-6.1.2.25/superbingo/superbingo-ob-assets.cab
O16 - DPF: Hearts by pogo - http://hearts.pogo.com/applet-5.8.5.21/hearts/hearts-ob-assets.cab
O16 - DPF: High Stakes Pool by pogo - http://game4.pogo.com/applet-6.1.1.21/pool2/pool-ob-assets.cab
O16 - DPF: Jungle Gin by pogo - http://gin.pogo.com/applet/gin/gin-ob-assets.cab
O16 - DPF: Keno by pogo - http://keno.pogo.com/applet/keno/keno-ob-assets.cab
O16 - DPF: Mah Jong Garden by pogo - http://game4.pogo.com/applet-6.1.1.29/mahjong/mahjong-ob-assets.cab
O16 - DPF: Payday FreeCell by pogo - http://game1.pogo.com/applet-6.1.3.21/freecell/freecell-ob-assets.cab
O16 - DPF: Perfect Pair Solitaire by pogo - http://waterwheel.pogo.com/applet-6.1.1.21/waterwheel/waterwheel-ob-assets.cab
O16 - DPF: Phlinx by pogo - http://flinger.pogo.com/applet-5.8.6.20/flinger/flinger-ob-assets.cab
O16 - DPF: Pinochle by pogo - http://game4.pogo.com/applet-6.1.1.21/pinochle/pinochle-ob-assets.cab
O16 - DPF: Pirate's Gold by pogo - http://swashbucks12.pogo.com/applet/piratesgold/piratesgold-ob-assets.cab
O16 - DPF: Pop Fu by pogo - http://game1.pogo.com/applet-6.1.1.29/popfu/popfu-ob-assets.cab
O16 - DPF: Poppit TM by pogo - http://game5.pogo.com/applet-6.1.1.29/poppit/poppit-ob-assets.cab
O16 - DPF: Showbiz Slots 2 by pogo - http://showbiz2.pogo.com/applet/slots/showbiz2-ob-assets.cab
O16 - DPF: Showbiz Slots by pogo - http://showbiz.pogo.com/applet-5.8.1.28/slots/showbiz-ob-assets.cab
O16 - DPF: Spades by pogo - http://spades.pogo.com/applet-5.8.4.24/spades/spades-ob-assets.cab
O16 - DPF: Squelchies by pogo - http://squelchies.pogo.com/applet/squelchies/squelchies-ob-assets.cab
O16 - DPF: Sweet Tooth TM by pogo - http://sweet09.pogo.com/applet-5.8.4.18/sweettooth/sweettooth-ob-assets.cab
O16 - DPF: Texas Hold'em Poker by pogo - http://holdem2.pogo.com/applet-5.8.3.20/holdem/holdem-ob-assets.cab
O16 - DPF: Top Down Baseball by pogo - http://topdown01.pogo.com/applet/topdown/topdown-ob-assets.cab
O16 - DPF: Tri-Peaks by pogo - http://game4.pogo.com/applet-6.1.1.21/peaks/peaks-ob-assets.cab
O16 - DPF: Turbo 21 TM by pogo - http://turbo15.pogo.com/applet/turbo21/turbo21-ob-assets.cab
O16 - DPF: Word Whomp by pogo - http://game5.pogo.com/applet-6.1.1.21/wordwhomp/wordwhomp-ob-assets.cab
O16 - DPF: Word Whomp Whackdown by pogo - http://game1.pogo.com/applet-6.1.1.29/whackdown/whackdown-ob-assets.cab
O16 - DPF: World Class Solitaire by pogo - http://klondike.pogo.com/applet-5.8.4.18/worldclass/worldclass-ob-assets.cab
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab34120.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab
O16 - DPF: {33E54F7F-561C-49E6-929B-D7E76D3AFEB1} (Pool Control) - http://mirror.worldwinner.com/games/v44/pool/pool.cab
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (ZoneBuddy Class) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab32846.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10/ZPAChat.cab32846.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6BB594E2-6E4D-4CC9-98B0-931C323F9165} (DepHlp Control) - http://mirror.worldwinner.com/games/shared/dephlp.cab
O16 - DPF: {6F750200-1362-4815-A476-88533DE61D0C} (Ofoto Upload Manager Class) - http://www.ofoto.com/downloads/BUM/BUM_WIN_IE_1/axofupld.cab
O16 - DPF: {8C279F4E-917E-4CD2-8DF0-D9C73C0CE763} (ZPA_WheelOfFortune Object) - http://zone.msn.com/bingame/zpagames/zpa_wof.cab34501.cab
O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {C738EA53-97C2-441B-AC52-DFBC597BCBE5} (Chess Control) - http://mirror.worldwinner.com/games/v45/chess/chess.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/activedata/SymAData.cab
O16 - DPF: {D81CA86B-EF63-42AF-BEE3-4502D9A03C2D} (MMRadioHostX Class) - http://wwws.musicmatch.com/graphics/WebPlayer/MMLRadio.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (StadiumProxy Class) - http://zone.msn.com/binframework/v10/StProxy.cab34035.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/techsupp/activedata/ActiveData.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Proxy Service (ccPxySvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPxySvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe
O23 - Service: Norton Internet Security Accounts Manager (NISUM) - Symantec Corporation - C:\Program Files\Norton Internet Security\NISUM.EXE
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~3\NORTON~2\NPROTECT.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~3\NORTON~2\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

0

You have a few things there that need removing...

===============

Run HiJackThis then:

1. Click "Open the Misc Tools Section"
2. Click "Open Process manager"

-

Next, while holding down the CTRL key, locate (if present) and click on (highlight) each of the following:

C:\Program Files\gcasServ.exe
C:\Program Files\gcasDtServ.exe

Now double-check and make sure that only those item(s) above are highlighted, then click "Kill process". Now, click "Refresh", check again, and repeat this step if any remain.

===============

Still in HiJackThis, click "Scan", then check(tick) the following, if present:


O2 - BHO: (no name) - {BCDF83DD-AE56-4C7F-FEC3-FE7DFCAF30C3} - (no file)

O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\gcasServ.exe"

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
...(Unless you've set these with a anti-spyware program like SpyBot's Immunize feature, have HiJackThis fix this.)

O9 - Extra button: MktBrowser - {17A27031-71FC-11d4-815C-005004D0F1FA} - C:\Program Files\MarketBrowser\lmt\MarketBrowser_Launch.xpy
O9 - Extra 'Tools' menuitem: MarketBrowser - {17A27031-71FC-11d4-815C-005004D0F1FA} - C:\Program Files\MarketBrowser\lmt\MarketBrowser_Launch.xpy


Now, with all windows closed except HiJackThis, click "Fix checked".

===============

Locate and delete the following item(s), if present. Make sure your able to view system and hidden files/ folders:

files...

C:\Program Files\gcasServ.exe
C:\Program Files\gcasDtServ.exe

folders...

C:\Program Files\MarketBrowser

-

Note that some of these file(s)/folder(s) may or may not be present. If present, and cannot be deleted because they're 'in use', try deleting them in "Safe Mode".

-

Reboot.

===============

After rebooting, rescan with hijackthis and post back a new log. Let me know how everything goes.

0

Here is the scan afterI removed the lines as you said.

Logfile of HijackThis v1.99.1
Scan saved at 5:35:13 PM, on 6/5/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\NISUM.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\Program Files\Norton Internet Security\ccPxySvc.exe
C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe
C:\PROGRA~1\NORTON~3\NORTON~2\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe
C:\PROGRA~1\NORTON~3\NORTON~2\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-us\msnappau.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\WINDOWS\LTMSG.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe
C:\Program Files\NZSearch\nzspc.exe
C:\Program Files\NetZero\exec.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\CallWave\IAM.exe
C:\Program Files\NetZero\exec.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Nikon\NkView6\NkvMon.exe
C:\Documents and Settings\Owner\My Documents\Trojan Remover\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://my.netzero.net/s/sp?r=al&cf=sp&mem=benstackle&login=0ab77cd20071c96d374fbd1edf26b041/benstackle:netzero.net/1117660622/30/sss.9.59190/&ts=429e25ce&A=439365780000159&B=1077177600000&C=1076400000000&D=1076400000000&I=8.NH2&N=&O=A&UT=
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http://proxy:8080
R3 - URLSearchHook: URLSearchHook Class - {37D2CDBF-2AF4-44AA-8113-BD0D2DA3C2B8} - C:\Program Files\NZSearch\SearchEnh2.dll
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O2 - BHO: PosHelp - {CDEEC43D-3572-4E95-A2A5-F519D29F00C0} - C:\PROGRA~1\ADVANC~1\ADVANC~1.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: ZeroBar - {F5735C15-1FB2-41FE-BA12-242757E69DDE} - C:\Program Files\NetZero\Toolbar.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O3 - Toolbar: ZeroBar - {F0F8ECBE-D460-4B34-B007-56A92E8F84A7} - C:\Program Files\NetZero\Toolbar.dll
O3 - Toolbar: Advanced Searchbar - {57F02779-3D88-4958-8AD3-83C12D86ADC7} - C:\PROGRA~1\ADVANC~1\advancedsearchbar.dll
O4 - HKLM\..\Run: [TrojanScanner] C:\Documents and Settings\Owner\My Documents\Trojan Remover\Trjscan.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [PreloadApp] c:\hp\drivers\printers\photosmart\hphprld.exe c:\hp\drivers\printers\photosmart\setup.exe -d
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-us\msnappau.exe"
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [LTMSG] LTMSG.exe 7
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [checktime] c:\program files\HPSelect\Frontend\ct.exe
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [AcctMgr] C:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe /startup
O4 - HKCU\..\Run: [spc_w] "C:\Program Files\NZSearch\nzspc.exe" -w
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
O4 - HKCU\..\Run: [NetZero_uoltray] C:\Program Files\NetZero\exec.exe regrun
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe"
O4 - Global Startup: Internet Answering Machine.lnk = C:\Program Files\CallWave\IAM.exe
O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe
O4 - Global Startup: SpySubtract.lnk = C:\Program Files\interMute\SpySubtract\CWSInstall.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Send Image to Photo Library - file://C:\Documents and Settings\Owner\Application Data\MGI\PhotoSuite4\Temp\MGI00000.html
O8 - Extra context menu item: Si&milar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: AnyWho - {0264505A-6793-44E0-AC75-9DCE3B13185C} - C:\Program Files\AT&T\WnClient\Programs\AnyWho.exe
O9 - Extra button: Advanced Searchbar - {57F02779-3D88-4958-8AD3-83C12D86ADC7} - C:\PROGRA~1\ADVANC~1\advancedsearchbar.dll
O9 - Extra 'Tools' menuitem: Advanced Searchbar - {57F02779-3D88-4958-8AD3-83C12D86ADC7} - C:\PROGRA~1\ADVANC~1\advancedsearchbar.dll
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - c:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .mp3: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin4.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: http://firehotquotes.bolt.com
O16 - DPF: Aces Up! by pogo - http://game1.pogo.com/applet-6.1.1.21/aces/aces-ob-assets.cab
O16 - DPF: Ali Baba Slots TM by pogo - http://game1.pogo.com/applet-6.1.1.29/slots/alibaba-ob-assets.cab
O16 - DPF: Backgammon by pogo - http://game1.pogo.com/applet-6.1.2.25/backgammon/backgammon-ob-assets.cab
O16 - DPF: Buckaroo Blackjack TM by pogo - http://vbjack.pogo.com/applet/videoblackjack/videoblackjack-ob-assets.cab
O16 - DPF: Checkers by pogo - http://game1.pogo.com/applet-6.1.3.21/checkers2/checkers-ob-assets.cab
O16 - DPF: Dice Derby by pogo - http://game1.pogo.com/applet-6.1.1.21/checkeredflag/checkeredflag-ob-assets.cab
O16 - DPF: Double Deuce Poker by pogo - http://doublebonus.pogo.com/applet/videopoker2/doubledeuce-ob-assets.cab
O16 - DPF: Euchre by pogo - http://euchre.pogo.com/applet-6.1.1.21/euchre/euchre-ob-assets.cab
O16 - DPF: EZ Win Bingo by pogo - http://bingoe.pogo.com/applet/bingo/bingoe-ob-assets.cab
O16 - DPF: Fortune Bingo by pogo - http://game1.pogo.com/applet-6.1.2.25/superbingo/superbingo-ob-assets.cab
O16 - DPF: Hearts by pogo - http://hearts.pogo.com/applet-5.8.5.21/hearts/hearts-ob-assets.cab
O16 - DPF: High Stakes Pool by pogo - http://game4.pogo.com/applet-6.1.1.21/pool2/pool-ob-assets.cab
O16 - DPF: Jungle Gin by pogo - http://gin.pogo.com/applet/gin/gin-ob-assets.cab
O16 - DPF: Keno by pogo - http://keno.pogo.com/applet/keno/keno-ob-assets.cab
O16 - DPF: Mah Jong Garden by pogo - http://game4.pogo.com/applet-6.1.1.29/mahjong/mahjong-ob-assets.cab
O16 - DPF: Payday FreeCell by pogo - http://game1.pogo.com/applet-6.1.3.21/freecell/freecell-ob-assets.cab
O16 - DPF: Perfect Pair Solitaire by pogo - http://waterwheel.pogo.com/applet-6.1.1.21/waterwheel/waterwheel-ob-assets.cab
O16 - DPF: Phlinx by pogo - http://flinger.pogo.com/applet-5.8.6.20/flinger/flinger-ob-assets.cab
O16 - DPF: Pinochle by pogo - http://game4.pogo.com/applet-6.1.1.21/pinochle/pinochle-ob-assets.cab
O16 - DPF: Pirate's Gold by pogo - http://swashbucks12.pogo.com/applet/piratesgold/piratesgold-ob-assets.cab
O16 - DPF: Pop Fu by pogo - http://game1.pogo.com/applet-6.1.1.29/popfu/popfu-ob-assets.cab
O16 - DPF: Poppit TM by pogo - http://game5.pogo.com/applet-6.1.1.29/poppit/poppit-ob-assets.cab
O16 - DPF: Showbiz Slots 2 by pogo - http://showbiz2.pogo.com/applet/slots/showbiz2-ob-assets.cab
O16 - DPF: Showbiz Slots by pogo - http://showbiz.pogo.com/applet-5.8.1.28/slots/showbiz-ob-assets.cab
O16 - DPF: Spades by pogo - http://spades.pogo.com/applet-5.8.4.24/spades/spades-ob-assets.cab
O16 - DPF: Squelchies by pogo - http://squelchies.pogo.com/applet/squelchies/squelchies-ob-assets.cab
O16 - DPF: Sweet Tooth TM by pogo - http://sweet09.pogo.com/applet-5.8.4.18/sweettooth/sweettooth-ob-assets.cab
O16 - DPF: Texas Hold'em Poker by pogo - http://holdem2.pogo.com/applet-5.8.3.20/holdem/holdem-ob-assets.cab
O16 - DPF: Top Down Baseball by pogo - http://topdown01.pogo.com/applet/topdown/topdown-ob-assets.cab
O16 - DPF: Tri-Peaks by pogo - http://game4.pogo.com/applet-6.1.1.21/peaks/peaks-ob-assets.cab
O16 - DPF: Turbo 21 TM by pogo - http://turbo15.pogo.com/applet/turbo21/turbo21-ob-assets.cab
O16 - DPF: Word Whomp by pogo - http://game5.pogo.com/applet-6.1.1.21/wordwhomp/wordwhomp-ob-assets.cab
O16 - DPF: Word Whomp Whackdown by pogo - http://game1.pogo.com/applet-6.1.1.29/whackdown/whackdown-ob-assets.cab
O16 - DPF: World Class Solitaire by pogo - http://klondike.pogo.com/applet-5.8.4.18/worldclass/worldclass-ob-assets.cab
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab34120.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab
O16 - DPF: {33E54F7F-561C-49E6-929B-D7E76D3AFEB1} (Pool Control) - http://mirror.worldwinner.com/games/v44/pool/pool.cab
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (ZoneBuddy Class) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab32846.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10/ZPAChat.cab32846.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6BB594E2-6E4D-4CC9-98B0-931C323F9165} (DepHlp Control) - http://mirror.worldwinner.com/games/shared/dephlp.cab
O16 - DPF: {6F750200-1362-4815-A476-88533DE61D0C} (Ofoto Upload Manager Class) - http://www.ofoto.com/downloads/BUM/BUM_WIN_IE_1/axofupld.cab
O16 - DPF: {8C279F4E-917E-4CD2-8DF0-D9C73C0CE763} (ZPA_WheelOfFortune Object) - http://zone.msn.com/bingame/zpagames/zpa_wof.cab34501.cab
O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {C738EA53-97C2-441B-AC52-DFBC597BCBE5} (Chess Control) - http://mirror.worldwinner.com/games/v45/chess/chess.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/activedata/SymAData.cab
O16 - DPF: {D81CA86B-EF63-42AF-BEE3-4502D9A03C2D} (MMRadioHostX Class) - http://wwws.musicmatch.com/graphics/WebPlayer/MMLRadio.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (StadiumProxy Class) - http://zone.msn.com/binframework/v10/StProxy.cab34035.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/techsupp/activedata/ActiveData.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Proxy Service (ccPxySvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPxySvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe
O23 - Service: Norton Internet Security Accounts Manager (NISUM) - Symantec Corporation - C:\Program Files\Norton Internet Security\NISUM.EXE
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~3\NORTON~2\NPROTECT.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~3\NORTON~2\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

0

Congratulations! Your log looks clean - good work!

===============

Now that your PC is clean you need to follow these easy steps to keeping it this way:

Secure your Internet Explorer by going here and following the instructions there.

Better yet, use an alternative browser! Download FireFox and give it a run. It is far more secure than Internet Explorer. Or, you can get Opera which in my opinion, is better still.

Use a firewall to help prevent your PC's control being usurped by undesireables. There is a link to a good, free firewall in my signature.

Install and keep updated, Ad-Aware SE, and Spybot S&D.
Run them both on a regular basis, following the manufacturer's recommendations.

Install an anti-virus. There are some good, free AV's available today. Make sure that it is updated regularly and have it scan your system often.

Check for Windows Updates. Microsoft regularly post updates for your systems safe running. Make sure to take advantage of this. Reboot when installed and return to make sure there are no others.

Clear your Temp folders.
Clear out your Temporary internet files and other temp files.
Go to Start > Settings > Control Panel >Internet Options.

Under the General tab click the Delete temporary internet files,
delete all Offline content as well. Clear out Cookies.

Also, go to Start > Find/search > Files or folders > in the named box, type: *.tmp and choose Edit > select all -> File > delete.

Empty/delete the entire contents of the C:\Windows\temp folder and C:\temp folder, if you have one. (Contents but not the folder itself.)

C:\Documents and Settings\username\Local Settings\Temp\

In order to view these files you may have to select 'show hidden files/folders.' Instructions on how to here.

Empty the Recycle Bin.

===============

If you have any more problems, post back.

-

Happy surfing,

crunchie.

0

Well I still can't do any thing with my mail at Netzero, MSN won't load the mail at all a nd when I go to windows update or any microsoft wib site and try to move around at the site the following messages pop up.


Thank you for your interest in Windows Update

Windows Update is the online extension of Windows that helps you get the most out of your computer.

You must be running a Microsoft Windows operating system in order to use Windows Update.

This is what comes up in the little search box as to the web site it went too.

http://v4.windowsupdate.microsoft.com/en/thanks.asp?


When in my Netzero mail I can read the mail and close it but I can't go to the next page to retrieve more mail or delete any thing.It just send me back to the first mail page.

When I go to my credit card site (Bank of America) it won't show the green square goto sign so I can't get into my account either.

I plan on calling a local PC repair guy tomorrow as I can't loose any more down time with this problem.

But I do want to fix it my self for next time it happens.

I also don't know how to locate any hidden files that you were refering to so maybe I missed some thing earlier.

P.S. This all seemed to start when my girlfriend left the PC online signed into American Idol site while we went out shopping.I came back to a frozen computor and it had timed out of MSN.

Thanks,Benny

0

Have you tried downloading a different browser and try to access those accounts?

Try running IEFIX.htm which will repair IE and run a System File Check.

0

Well that didn't work either, still won't do any thing and still won't allow access to Win up date.

I'm about to go medeval on it!!!!

It goes into the shop tomorrow, will post what they find out about it.

Thanks for your help.

Benny

0

Well I got the PC back this past Friday, the shop said that IE was framented real bad.And that some how I lost several reg files that can't be replaced unless I do a complete reinstall of XP.

A few adware and spyware were found and a few viruses that were not activated or not active.

I can't open my user profiles but at least I can access the PC and the web again.

Thanks for the help.

Benny

0

Man I better use spell check,can't spell worth a hoot!

The guy did a repair using the XP disk, but it still would not load the missing regestry keys.

They claim that some one removed them after I used HJT, or some thing I took out per the instruction given was needed for the keys to work???

I don't know PC's well enough to know how some one could have done it by remote, and if they were some thing that I removed per the feed back then I wouldn't know that either.

I think it was a comination of a freeze up and a virus that caused the freeze up.

That is how it got started,I came home after some shopping to find the PC froze up on American Idol site.MSN has timed out and disconected but I had to hard boot to get the PC back.

It works fine for now, if I have any more problems I will have the guy up grade the PC and reformat the drives.

Thanks,Benny

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.