Newbie with a couple of problem

Discussion in 'Windows - Virus and spyware problems' started by NOS911, Sep 5, 2006.

  1. NOS911

    NOS911 Member

    Joined:
    Sep 5, 2006
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    11
    I am new to the forum and have a couple of problems im hoping someone will be able to help me with.2 of my mates have been encountering problems with virus's,spyware and malware that has embedded itself into there machine and tehy cannot get rid of it.I have there Hijackthis logs any help would be very much appreciated.

    First one

    Logfile of HijackThis v1.99.1
    Scan saved at 20:57:01, on 05/09/2006
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\UAService7.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\WINDOWS\System32\RUNDLL32.EXE
    C:\Program Files\PCI Audio Applications\Bin\EchoCtrl.exe
    C:\WINDOWS\Mixer.exe
    C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
    C:\windows\system32\stonedrv.exe
    C:\Program Files\Java\jre1.5.0_03\bin\jucheck.exe
    C:\Program Files\Visualware Security Suite\desktopicon.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Messenger\msmsgs.exe
    F:\WINNT\symsetup.exe
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\Norton Internet Security\ccEmFlSv.exe
    C:\WINDOWS\System32\wuauclt.exe
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    F:\WINNT\SymSetup.EXE
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    F:\WINNT\SymSetup.EXE
    F:\WINNT\SymSetup.EXE
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\Program Files\Common Files\Symantec Shared\SymSetup\{A93C9E60-29B6-49da-BA21-F70AC6AADE20}.exe
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    E:\WINNT\symsetup.exe
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    E:\WINNT\symsetup.exe
    E:\WINNT\symsetup.exe
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    E:\WINNT\SymSetup.EXE
    E:\WINNT\SymSetup.EXE
    E:\WINNT\SymSetup.EXE
    E:\WINNT\SymSetup.EXE
    E:\WINNT\SymSetup.EXE
    E:\WINNT\SymSetup.EXE
    E:\WINNT\SymSetup.EXE
    E:\WINNT\SymSetup.EXE
    E:\WINNT\SymSetup.EXE
    E:\WINNT\SymSetup.EXE
    E:\WINNT\SymSetup.EXE
    E:\WINNT\Setup\ISCommon\ccEmFlSv.exe
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\Program Files\Norton Internet Security\HNetWiz.exe
    C:\Program Files\Norton Internet Security\AlertAst.exe
    C:\Program Files\Norton Internet Security\Norton AntiVirus\ccIMScn.exe
    C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVStub.exe
    C:\Program Files\Norton Internet Security\Norton AntiVirus\Navwnt.exe
    C:\Program Files\Norton Internet Security\Norton AntiVirus\Navw32.exe
    C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    E:\WINNT\SymSetup.EXE
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    C:\Program Files\Norton Internet Security\WebReg.exe
    E:\WINNT\SymSetup.EXE
    E:\WINNT\SymSetup.EXE
    E:\WINNT\SymSetup.EXE
    E:\WINNT\SymSetup.EXE
    E:\WINNT\SymSetup.EXE
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    E:\WINNT\symsetup.exe
    E:\WINNT\symsetup.exe
    E:\WINNT\symsetup.exe
    E:\WINNT\symsetup.exe
    E:\WINNT\symsetup.exe
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    E:\WINNT\symsetup.exe
    E:\WINNT\symsetup.exe
    E:\WINNT\symsetup.exe
    E:\WINNT\symsetup.exe
    E:\WINNT\symsetup.exe
    E:\WINNT\symsetup.exe
    E:\WINNT\symsetup.exe
    E:\WINNT\symsetup.exe
    E:\WINNT\symsetup.exe
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Windows Media Player\wmplayer.exe
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\WINDOWS\System32\msiexec.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\WinRAR\WinRAR.exe
    C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\7JXFZP0O\hijackthis[1]\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 80.77.130.218:80
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: VIPTToolbarManager Class - {1A2641AE-2C42-4C51-A05F-8ECEC3FDC94D} - C:\Program Files\Visual IP Trace\VisualIPTraceIE.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
    O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
    O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: Visual IP Trace - {E70C26AE-DFF1-40A8-8D37-19180F56F0AA} - C:\Program Files\Visual IP Trace\VisualIPTraceIE.dll
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [SSC_UserPrompt] "C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [C-Media Echo Control] C:\Program Files\PCI Audio Applications\Bin\EchoCtrl.exe
    O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
    O4 - HKLM\..\Run: [stonedrv] c:\windows\system32\stonedrv.exe
    O4 - HKLM\..\Run: [Visualware Security Suite] "C:\Program Files\Visualware Security Suite\tscore.exe" -autostartup
    O4 - HKLM\..\Run: [DesktopIcon] C:\Program Files\Visualware Security Suite\desktopicon.exe
    O4 - HKLM\..\Run: [NvVideoCenter] C:\WINDOWS\System32\NvVid.exe
    O4 - HKLM\..\RunServices: [stonedrv] c:\windows\system32\stonedrv.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [Steam] "C:\Program Files\Valve\Steam\Steam.exe" -silent
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [stonedrv] c:\windows\system32\stonedrv.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
    O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
    O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.2.2.89.cab
    O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eB...l_v1-0-3-48.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O21 - SSODL: SysTray.Exbr - {6368D1FC-6F5C-4f1b-B164-E67214F678E9} - C:\WINDOWS\System32\digjgjnn.dll (file missing)
    O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
    O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
    O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\System32\UAService7.exe

    Please help.
     
    Last edited: Sep 5, 2006
    NOS911, Sep 5, 2006
    #1
  2. Niobis

    Niobis Active member

    Joined:
    Jan 30, 2005
    Messages:
    2,326
    Likes Received:
    0
    Trophy Points:
    66
    Please copy and paste the second log into a new thread and edit it out of this post. They are very different and will be very confusing trying to clean both at one time. I'll look over the first one and get back to you.
     
    Niobis, Sep 5, 2006
    #2
  3. NOS911

    NOS911 Member

    Joined:
    Sep 5, 2006
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    11
    **edited**

    moving second log to a new thread as instructed
     
    Last edited: Sep 5, 2006
    NOS911, Sep 5, 2006
    #3
  4. Niobis

    Niobis Active member

    Joined:
    Jan 30, 2005
    Messages:
    2,326
    Likes Received:
    0
    Trophy Points:
    66
    lol, no I meant make a new thread. :) It will be much less confusing on you and us.

    Ok, with the first log. Go here and download Ewido.

    Install and update.
    Restart your computer in safe mode(press F8 upon boot, select "Safe Mode" from menu).
    Open Ewdio and run a "Complete System Scan".
    When it finishes scanning, set all items to "Delete".
    Click "Apply All Actions".
    Then, click "Save Report".
    Restart in normal mode.
     
    Niobis, Sep 5, 2006
    #4
  5. NOS911

    NOS911 Member

    Joined:
    Sep 5, 2006
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    11
    Appologies again it has been a long day.

    I will instruct the first one to do what you have suggested.

    Thanks
     
    NOS911, Sep 5, 2006
    #5
  6. Niobis

    Niobis Active member

    Joined:
    Jan 30, 2005
    Messages:
    2,326
    Likes Received:
    0
    Trophy Points:
    66
    That's ok. ;)

    Opps, I didn't finish my post.

    After scanning with Ewido in safe mode. Restart in normal mode and give HijackThis it's own folder on the desktop. Then post the Ewdio log and a new HijackThis log.
     
    Niobis, Sep 5, 2006
    #6

Share This Page