Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - curiocity

Pages: [1]

Tech Clinic / Cant access Secure sites

« on: January 16, 2006, 01:20:07 AM »

Im guessing that did the trick... everything seems to work well now. but heres what u requested.
Logfile of HijackThis v1.99.1
Scan saved at 12:14:46 AM, on 1/16/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
c:\Program Files\Norton Internet Security\ISSVC.exe
c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Broderbund\Mavis Beacon Teaches Typing 12 Standard\MiniMavis.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&t...arm1=seconduser
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [URLLSTCK.exe] c:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: MiniMavis.lnk = C:\Program Files\Broderbund\Mavis Beacon Teaches Typing 12 Standard\MiniMavis.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU)
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - c:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

---------------------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on:         11:54:27 PM, 1/15/2006
+ Report-Checksum:      B19DD7ED

+ Scan result:

   C:\Documents and Settings\Chalmer\Complete\#1 DVD Ripper 2.1.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\3D World Studio 5.31.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\A-Ha - Take On Me (1985) - mpeg.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\ACDSee Pro 8.0.67.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Ace Video Workshop 1.4.29.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Acronis Disk Director Suite 9.0.534.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Acronis Privacy Expert Suite 8.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Adobe After Effects 6.5.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Adobe Audition 1.5.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Adobe Dimensions 3.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Ahead Nero Burning ROM 6.6.0.8a.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\AllWebMenus Pro 4.1.626.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\AnyDVD 4.6.1.2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Apollo DVD Label Maker 1.5.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Ashampoo Privacy Protector Plus 1.041.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Bandwidth Controller 0.31b.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Batch It! Ultra 3.91.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\BatchRename 2 2.61.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Battle Castles 1.0a.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Battlefield 2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Battlefield.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Beach Head 2002.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Black ICE PC Protection.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Blaze Media Pro 6.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\BlazeDVD 3 Professional TSZ.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\BlazeDVD 3.5 Pro.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Britannica 2006 Ultimate Reference.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Burn Baby BurnAiO 11 DvD Programs.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Clipboard Box 2.3.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Codename Panzers Phase Two.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Corel Painter 9.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Corel Paintshop Pro Premium.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Counter Strike Source.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Crazy Frog Racer.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\CUBIX -Robots For Everyone.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Dance Dance Revolution.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Darkened Skye.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Day Of Tentacle.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Dire Straits - Money For Nothing- mpeg.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\DiskMonitor 2.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\DrWeb 4.33.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\DSL Speed 2.05.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Easy DVD CD Burner 3.0.65.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Fable The Lost Chapters.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\FairStars Audio Converter 1.45.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Falcon 4.0 Allied Force.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Flashget Super Pack 3.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\FlashOnTV 2.5.5.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Fussball Manager060.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Genie Soft Backup Manager Pro 5.0.25.1288.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Ghost Recon -Island Thunder.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Goofy Skateboarding.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\HitSWallpaper.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\IZoomMouse 1.01.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\JSPMaker 1.0.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Kerio WinRoute Firewall 6.1.4.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Knights Of The Old Republic 2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Lemonade Tycoon 2 New York City.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Lotr The Retun Of The King.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Madonna - Vogue (1999) - mpeg.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\McAfee Anti-Spyware Enterprise 8.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\MDaemon Pro 8.13.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Memory Washer 4.2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\METASTOCK Professional 8.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Mexican Motor Mafia.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Michael Jackson - Billie Jean - mpeg.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Microsoft Office Enterprise 2003.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Microsoft Office Pro 12 Beta 1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Midtown Madness.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\MixMeister Pro 6.0.7.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\MP3Doctor 5.11.018.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Music DVD Creator 1.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Music Editing Master 4.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Nero 7 Plugins Pack Pro 2006.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\NeroMIX 1.4.0.23.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\NOX.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Paint Shop Pro 9.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\PC-cillin Internet Security 2006.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\PDFF Creators.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Photoplorer 2.02e.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Plato DVD Ripper 1.2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Prince of Persia The Two Thrones.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Program Plus 1.0.9.5.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\QuarkXPress Passport 6.5.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Raduga 3.1.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Reallusion FaceFilter Studio 1.0.518.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\RiPast Crazi Video for iPod 1.4.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Rome Total War.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Run DMC - Walk This Way - mpeg.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Sarah Connor - Christmas in My Heart.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\SecuritySupervisor 1.2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Serpengo 1.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Silent Hill 4 The Room.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Smart Protector Internet Eraser 4.8.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Soldier Of Fortune 2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Sony Sound Forge 7.0b.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Splinter Cell - Chaos Theory + DVD Cra.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\SpyRemo2.49.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Stealth (2005).zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Style XP 3.02.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Syberia 2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Task Force 121.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\The Bat! 3.0.1.33 Professional.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Tilt.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Ulead CD & DVD PictureShow 3 Deluxe.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Virtual CD 7.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Virtually Jenna 1.7.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Webroot Window Washer 6.0.1.40.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\WM Recorder 10.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\World Championship Poker 2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\WWW File Share Pro 3.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\X-Files -The.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Z.A.R.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\Zan Image Printer 4.0.9.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
   C:\Documents and Settings\Chalmer\Complete\ZoneAlarm Wireless Security 5.5.080.zip/Setup.exe -> Worm.VB.an : Cleaned with backup

::Report End

Thanks

Tech Clinic / Cant access Secure sites

« on: January 14, 2006, 07:45:05 AM »

Sorry i didn't start a new thread to speak about this topic... and that is extremely sincere. But i still have a lingering effect on my computer. My internet will not access https. Not for anything. And it really brings down my ability to use it effectively. Help would be nice. And please except my apology on the spysherriff issue. Here's my Hijack this log

Logfile of HijackThis v1.99.1
Scan saved at 6:43:54 AM, on 1/14/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
c:\Program Files\Norton Internet Security\ISSVC.exe
c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\winupdates\winupdates.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Broderbund\Mavis Beacon Teaches Typing 12 Standard\MiniMavis.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&t...arm1=seconduser
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [URLLSTCK.exe] c:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [winupdates] C:\Program Files\winupdates\winupdates.exe /auto
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: MiniMavis.lnk = C:\Program Files\Broderbund\Mavis Beacon Teaches Typing 12 Standard\MiniMavis.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU)
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - c:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

Tech Clinic / Help with Spy Sherriff please

« on: January 14, 2006, 12:28:49 AM »

Yeah just still awaiting a little help on this issue.

Tech Clinic / Help with Spy Sherriff please

« on: January 12, 2006, 05:47:08 PM »

Im sorry it took so long but here is what you requested.... I have another problem that wasn't solved... My computer wond allow me to log in to my yahoo mail... it keeps saying that the server is disconnected... It forces me to go through many loopholes just to log in... Can you help me with that?
Without further adew.

boutBuster 6.0
Scan started on [1/12/2006] at [4:16:59 PM]
-------------------------------------------------------------
Internet Explorer Instances Terminated!
HomeSearch Service stopped if present
-------------------------------------------------------------
Removed Stream! C:\WINDOWS\KB901214.log:kkevcl
Removed Stream! C:\WINDOWS\KB905414.log:clpaew
Removed Stream! C:\WINDOWS\KB905749.log:ajybgh
Removed Stream! C:\WINDOWS\kidsssg.ini:tkqgjk
Removed Stream! C:\WINDOWS\_default.pif:wmmezh
-------------------------------------------------------------
Removed File! : C:\WINDOWS\system32\amchq.dat
-------------------------------------------------------------
Removed Temp Files
Internet Explorer Settings Reset!
-------------------------------------------------------------
Scan was COMPLETED SUCCESSFULLY at 4:19:30 PM

AboutBuster 6.0
Scan started on [1/12/2006] at [4:29:48 PM]
-------------------------------------------------------------
Internet Explorer Instances Terminated!
HomeSearch Service stopped if present
-------------------------------------------------------------
No Ads Found!
-------------------------------------------------------------
No Files Found!
-------------------------------------------------------------
Scan was COMPLETED SUCCESSFULLY at 4:31:56 PM

AboutBuster 6.0
Scan started on [1/12/2006] at [4:32:17 PM]
-------------------------------------------------------------
Internet Explorer Instances Terminated!
HomeSearch Service stopped if present
-------------------------------------------------------------
No Ads Found!
-------------------------------------------------------------
No Files Found!
-------------------------------------------------------------
Scan was COMPLETED SUCCESSFULLY at 4:34:20 PM

Tech Clinic / Help with Spy Sherriff please

« on: January 02, 2006, 04:11:53 PM »

Alright... I appreciate the help very much. here is everything you requested... first the fresh hijackthis log.

Logfile of HijackThis v1.99.1
Scan saved at 3:08:34 PM, on 1/2/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
c:\Program Files\Norton Internet Security\ISSVC.exe
c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\Explorer.EXE
c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Broderbund\Mavis Beacon Teaches Typing 12 Standard\MiniMavis.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\HJT\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&t...arm1=seconduser
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&t...arm1=seconduser
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&t...arm1=seconduser
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [URLLSTCK.exe] c:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: MiniMavis.lnk = C:\Program Files\Broderbund\Mavis Beacon Teaches Typing 12 Standard\MiniMavis.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU)
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - c:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

-----------------------------------------------------------------------------------------------------------------------------
next is the contents ofthe ewido report

ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on:         2:36:56 PM, 1/2/2006
+ Report-Checksum:      719C0AC1

+ Scan result:

   HKLM\SOFTWARE\TimeSink, Inc. -> Spyware.TimeSink : Cleaned with backup
   HKLM\SOFTWARE\TimeSink, Inc.\AdGateway -> Spyware.TimeSink : Cleaned with backup
   HKLM\SOFTWARE\TimeSink, Inc.\AdGateway\Channels -> Spyware.TimeSink : Cleaned with backup
   HKLM\SOFTWARE\TimeSink, Inc.\AdGateway\Channels\ba104051 -> Spyware.TimeSink : Cleaned with backup
   HKLM\SOFTWARE\TimeSink, Inc.\AdGateway\Channels\fa104051 -> Spyware.TimeSink : Cleaned with backup
   HKLM\SOFTWARE\TimeSink, Inc.\TSAdBot -> Spyware.TimeSink : Cleaned with backup
   C:\Program Files\Yahoo!\YPSR\Quarantine\ppq19.tmp\Uninstall.exe -> Adware.SpySheriff : Cleaned with backup
   C:\Program Files\Yahoo!\YPSR\Quarantine\ppq1A.tmp -> Spyware.Cookie.Doubleclick : Cleaned with backup
   C:\WINDOWS\atlxl32.exe -> Trojan.Agent.bi : Cleaned with backup
   C:\WINDOWS\KB899591.log:zkmii -> Downloader.Agent.bc : Cleaned with backup
   C:\WINDOWS\Santa Fe Stucco.bmp:xcvse -> Downloader.Agent.td : Cleaned with backup
   C:\WINDOWS\wt\wtupdates\Webd\4.1.1\files\wtvh.dll -> Spyware.WildTangent : Cleaned with backup
   C:\WINDOWS\wt\wtvh.dll -> Spyware.WildTangent : Cleaned with backup

::Report End
-----------------------------------------------------------------------------------------------------------------------------

finally here is the whole log from smit rem

smitRem © log file
version 2.8

by noahdfear

Microsoft Windows XP [Version 5.1.2600]
The current date is: Mon 01/02/2006
The current time is: 13:49:09.75

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

checking for ShudderLTD key

ShudderLTD key not present!

checking for PSGuard.com key

PSGuard.com key not present!

checking for WinHound.com key

WinHound.com key not present!

spyaxe uninstaller NOT present
Winhound uninstaller NOT present
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Existing Pre-run Files

~~~ Program Files ~~~

~~~ Shortcuts ~~~

Install.dat

~~~ Favorites ~~~

~~~ system32 folder ~~~

~~~ Icons in System32 ~~~

~~~ Windows directory ~~~

desktop.html

~~~ Drive root ~~~

winstall.exe

~~~ Miscellaneous Files/folders ~~~

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright© 2002-2003 [email protected]
Killing PID 752 'explorer.exe'
Killing PID 752 'explorer.exe'

Starting registry repairs

Deleting files

Remaining Post-run Files

~~~ Program Files ~~~

~~~ Shortcuts ~~~

~~~ Favorites ~~~

~~~ system32 folder ~~~

~~~ Icons in System32 ~~~

~~~ Windows directory ~~~

~~~ Drive root ~~~

~~~ Miscellaneous Files/folders ~~~

~~~ Wininet.dll ~~~

CLEAN!

http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/smile.gif\' class=\'bbc_emoticon\' alt=\'

\' />

thanks for everything...
Curiocity

Tech Clinic / Help with Spy Sherriff please

« on: January 02, 2006, 01:41:15 PM »

my bad i forgot another anti spyware.. i got spy subtract on here also.

Tech Clinic / Help with Spy Sherriff please

« on: January 02, 2006, 12:41:45 PM »

i was able to reinstall ewido security suite... the only other spyware removal thing i have is yahoo anti spyware. If i need to get some other things ican get them.

Tech Clinic / Help with Spy Sherriff please

« on: January 02, 2006, 02:18:20 AM »

No i do not have Ewido still installed...
here is the hijackthis log

Logfile of HijackThis v1.99.1
Scan saved at 1:15:15 AM, on 1/2/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
c:\Program Files\Norton Internet Security\ISSVC.exe
c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\WildTangent\Apps\GameChannel.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Broderbund\Mavis Beacon Teaches Typing 12 Standard\MiniMavis.exe
C:\Program Files\WildTangent\Apps\CDA\GameDrvr.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\WINZIP\winzip32.exe
C:\Documents and Settings\Chalmer\Local Settings\Temp\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&t...arm1=seconduser
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&t...arm1=seconduser
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&t...arm1=seconduser
R3 - Default URLSearchHook is missing
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [URLLSTCK.exe] c:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [WT GameChannel] C:\Program Files\WildTangent\Apps\GameChannel.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [23.tmp] C:\DOCUME~1\Chalmer\LOCALS~1\Temp\23.tmp.exe
O4 - HKLM\..\Run: [23.tmp.exe] C:\DOCUME~1\Chalmer\LOCALS~1\Temp\23.tmp.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: MiniMavis.lnk = C:\Program Files\Broderbund\Mavis Beacon Teaches Typing 12 Standard\MiniMavis.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU)
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - c:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

Tech Clinic / Help with Spy Sherriff please

« on: January 01, 2006, 10:16:40 PM »

Sorry to disturb all but i decided to seek help because i really do not want to mess up my brand new computer... I let my buddy play on the computer and he says he inadvertently clicked on something and this thing shows up saying system infection and many other things. I didn't like the fact that this spysherrif was there so i deleted it right of the bat in the control panel. I then use some spyware removal programs which deletes some of the problems.. like the constant changing of the web browser. I thought that i was done but it just so happens that the background becomes completely white. I still can't change it. How do I rid myself of this menace? I tried to install ewido security suite but it wont update itself. Someone told me to download this registry thing called (smitfraud), also cleanup, and hijackthis. I have those programs but i want to be completely sold on what to do. Please help... THis will be greatly appreciated.

Pages: [1]

TheTechGuide Forum

News:

Show Posts

Messages - curiocity

Tech Clinic / Cant access Secure sites

Tech Clinic / Cant access Secure sites

Tech Clinic / Help with Spy Sherriff please

Tech Clinic / Help with Spy Sherriff please

Tech Clinic / Help with Spy Sherriff please

Tech Clinic / Help with Spy Sherriff please

Tech Clinic / Help with Spy Sherriff please

Tech Clinic / Help with Spy Sherriff please

Tech Clinic / Help with Spy Sherriff please