hi all, hereunder are my system specs: and a hijack this report. I would like if you would look at these and give your opinions. Operating System Microsoft Windows XP Home Edition OS Service Pack Service Pack 2 Internet Explorer 6.0.2900.2180 CPU Type Intel Pentium 4A, 2533 MHz (4.75 x 533) Windows Firewall Virus: Norman Anti virus software Adware: spybot-Ewido -SpywareDoctor Motherboard: Motherboard Name MSI 648 Max (MS-6585) (6 PCI, 1 AGP, 3 DIMM, Audio) Motherboard Chipset SiS 648 System Memory 256 MB (PC2700 DDR SDRAM) BIOS Type AMI (01/28/03) Display: Video Adapter RADEON 9200 SE SEC (128 MB) Video Adapter RADEON 9200 SE (128 MB) 3D Accelerator ATI Radeon 9200 (RV280) Monitor Plug and Play Monitor [NoDB] (YEGH013463) Multimedia: Audio Adapter SiS 7012 Audio Device Storage: Floppy Drive Floppy disk drive Disk Drive Maxtor 33073H3 M (30 GB, 5400 RPM, Ultra-ATA/100) Disk Drive Maxtor 6Y080L0 (80 GB, 7200 RPM, Ultra-ATA/133) Optical Drive CyberDrv CW089D CD-R/RW (48x/16x/48x CD-RW) Optical Drive HL-DT-ST DVD-ROM GDR8162B (16x/48x DVD-ROM) Optical Drive MagicISO Virtual DVD-ROM0000 Network Adapter Realtek RTL8139/810x Family Fast Ethernet NIC (192.168.1.2) Peripherals: Printer HP DeskJet 840C/841C/842C/843C Printer Microsoft Office Document Image Writer USB Device USB Printing Support Broadband: 2048/256 (kbps)eircom HIjack this Report: Logfile of HijackThis v1.99.1 Scan saved at 15:53:19, on 26/08/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\ewido anti-malware\ewidoguard.exe C:\Norman\bin\ZANDA.EXE C:\Program Files\Spyware Doctor\sdhelp.exe C:\WINDOWS\System32\snmp.exe C:\NORMAN\Nvc\BIN\nvcoas.exe C:\Norman\bin\NJEEVES.EXE C:\Norman\Nvc\BIN\nipsvc.exe C:\NORMAN\Nvc\BIN\NVCSCHED.EXE C:\WINDOWS\System32\alg.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Norman\bin\ZLH.EXE C:\Program Files\QuickTime\qttask.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\BBC News alerts\skinkers.exe C:\Program Files\CNN News Alert\CNNNewsAlert.exe C:\Program Files\Sky Alerts\skinker.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Tottenham Hotspur News Alerts\spursnewsalerts.exe C:\Norman\Nvc\BIN\NIP.EXE C:\Norman\Nvc\bin\cclaw.exe C:\PROGRA~1\SPYWAR~3\swdoctor.exe C:\Program Files\DAP\DAP.EXE C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Common Files\Real\Update_OB\RealOneMessageCenter.exe C:\Documents and Settings\kevin\My Documents\Adware Removal\hijackthis\HijackThis.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\Norman\bin\niu.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.ie/ O2 - BHO: DAPHelper Class - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - C:\Program Files\DAP\DAPBHO.DLL O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~3\tools\iesdsg.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~3\tools\iesdpb.dll O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\bin\ZLH.EXE /LOAD /SPLASH O4 - HKLM\..\Run: [OSSelectorReinstall] C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [BBC News alerts] C:\Program Files\BBC News alerts\skinkers.exe O4 - HKCU\..\Run: [CNN News Alert] "C:\Program Files\CNN News Alert\CNNNewsAlert.exe" O4 - HKCU\..\Run: [Sky Alerts] "C:\Program Files\Sky Alerts\skinker.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Tottenham Hotspur News Alerts] "C:\Program Files\Tottenham Hotspur News Alerts\spursnewsalerts.exe" O4 - HKCU\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t O4 - Startup: Sky Alerts.lnk = C:\Program Files\Sky Alerts\skinker.exe O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - AutorunsDisabled - (no file) O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~3\tools\iesdpb.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - AutorunsDisabled - (no file) (HKCU) O15 - Trusted Zone: http://*.isohunt.com O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=48835 O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - https://scan.safety.live.com/resource/download/scanner/en-us/wlscbase3401.cab O16 - DPF: {EF58E341-49C3-4156-A3C4-5FFCA7C1EAB7} (EURAS_Portal.Gateway) - http://www.euras.com/euras/activex2/euras.CAB O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by18fd.bay18.hotmail.msn.com/activex/HMAtchmt.ocx O17 - HKLM\System\CCS\Services\Tcpip\..\{81EB3C6D-CEE4-4943-A074-B940639A91E7}: NameServer = 213.94.190.194,213.94.190.236 O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\Norman\Nvc\BIN\nipsvc.exe O23 - Service: Norman NJeeves - Unknown owner - C:\Norman\bin\NJEEVES.EXE O23 - Service: Norman ZANDA - Unknown owner - C:\Norman\bin\ZANDA.EXE O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\NORMAN\Nvc\BIN\nvcoas.exe O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman Data Defense Systems - C:\NORMAN\Nvc\BIN\NVCSCHED.EXE O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe looking forward to your reply kevin4344
i cannot personally find anything wrong with it at all dude. are you worried that there is spyware or a virus installed? all i can see and recommend from there is that you uninstall nero INCD it is not a very good piece of software, (other members correct me if i am wrong) but INCD is a packet writing software that can cause problems and conflicts with certain other software programs. but otherwsie i cant find anything
Your Java is out of date. Go here and download [bold]Java Runtime Environment 5.0 Update 8[/bold]. Uninstall any previous versions of Java and install the latest. As Phantom69 said, there is nothing bad here but, these can be fixed as they are only "left overs" from uninstalled software. Run a scan only with HijackThis, check to fix these. [bold]O9 - Extra button: (no name) - AutorunsDisabled - (no file) O9 - Extra button: (no name) - AutorunsDisabled - (no file) (HKCU)[/bold] Close all windows except HijackThis and click Fix Checked.
