Ok about 3 days ago I got booted from the internet. It just disconnected. So I turned my modem off and turned it back on. But then the only lights that were on, were POWER, ADSL and LAN and the others stayed off and it remained like that for about 20 minutes. So I scanned the computer with Spybot S&E and it came up with this: Company: Product: Windows Security Center.FirewallBypass Threat: SecurityRisk Description This will be shown if applications are set to be authorized by the Windowsfirewall. For instance the Jupilites trojan authorizes the explorer to be allowed to bypass the Windowsfirewall, normally you don't want your explorer to enter the internet. If you set this manually or this has been done by your administrator you can ignore this. But just to let you know I have been making FTP connections into my xbox and stuff and turning the firewall off. But this has never happened before. I also have XBconnect and I have set that program as an exception. I just want to know what program is doing this. Oh and the first time it happened I cleaned it up and fixed it and since then I have been making FTP connections and playing through xbconnect and then the same thing happened the internet couldn't connect so I scanned the comp again and I got that message again. This is my HIJACKTHIS LOG: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:20:07 PM, on 1/19/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Symantec AntiVirus\DefWatch.exe C:\Program Files\Microsoft LifeCam\MSCamSvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Symantec AntiVirus\Rtvscan.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\PROGRA~1\SYMANT~1\VPTray.exe C:\WINDOWS\vVX3000.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe" O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1196616430796 O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe -- End of file - 5760 bytes Now this is my Spybot S&E Log: --- Search result list --- Microsoft.WindowsSecurityCenter.FirewallBypass: [SBI $D80580B5] Settings (Registry value, nothing done) HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\C:\WINDOWS\explorer.exe Microsoft.WindowsSecurityCenter.FirewallBypass: [SBI $B067B5B7] Settings (Registry value, nothing done) HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\C:\WINDOWS\explorer.exe --- Spybot - Search & Destroy version: 1.5 (build: 20070830) --- 2007-08-31 blindman.exe (1.0.0.6) 2007-08-31 SDMain.exe (1.0.0.4) 2007-08-31 SDUpdate.exe (1.0.6.4) 2007-08-31 SDWinSec.exe (1.0.0.8) 2007-08-31 SpybotSD.exe (1.5.1.15) 2007-08-31 TeaTimer.exe (1.5.0.9) 2007-12-02 unins000.exe (51.46.0.0) 2007-08-31 Update.exe (1.4.0.5) 2007-08-31 advcheck.dll (1.5.3.0) 2007-04-02 aports.dll (2.1.0.0) 2007-04-02 DelZip179.dll (1.79.5.3) 2007-08-31 SDHelper.dll (1.5.0.8) 2007-08-31 Tools.dll (2.1.2.0) 2008-01-16 Includes\Cookies.sbi (*) 2007-12-26 Includes\Dialer.sbi (*) 2008-01-16 Includes\DialerC.sbi (*) 2008-01-16 Includes\HeavyDuty.sbi (*) 2007-12-26 Includes\Hijackers.sbi (*) 2008-01-16 Includes\HijackersC.sbi (*) 2007-10-04 Includes\Keyloggers.sbi (*) 2008-01-16 Includes\KeyloggersC.sbi (*) 2004-11-29 Includes\LSP.sbi (*) 2008-01-16 Includes\Malware.sbi (*) 2008-01-16 Includes\MalwareC.sbi (*) 2007-10-24 Includes\PUPS.sbi (*) 2008-01-16 Includes\PUPSC.sbi (*) 2008-01-16 Includes\Revision.sbi (*) 2008-01-09 Includes\Security.sbi (*) 2008-01-16 Includes\SecurityC.sbi (*) 2007-11-07 Includes\Spybots.sbi (*) 2008-01-16 Includes\SpybotsC.sbi (*) 2007-11-06 Includes\Tracks.uti 2008-01-16 Includes\Trojans.sbi (*) 2008-01-16 Includes\TrojansC.sbi (*) 2008-12-24 Plugins\TCPIPAddress.dll --- System information --- Windows XP (Build: 2600) Service Pack 2 (5.1.2600) / Microsoft .NET Framework 2.0: This Security Update is for Microsoft .NET Framework 2.0. \n If you later install a more recent service pack, this Security Update will be uninstalled automatically. \n For more information, visit http://support.microsoft.com/kb/928365 / Windows Media Player 6.4: Security Update for Windows Media Player 6.4 (KB925398) / Windows Media Player 9: Security Update for Windows Media Player 9 (KB936782) / Windows XP: Security Update for Windows XP (KB923689) / Windows XP: Security Update for Windows XP (KB941569) / Windows XP / SP3: Windows XP Hotfix - KB873339 / Windows XP / SP3: Windows XP Hotfix - KB885835 / Windows XP / SP3: Windows XP Hotfix - KB885836 / Windows XP / SP3: Windows XP Hotfix - KB886185 / Windows XP / SP3: Windows XP Hotfix - KB887472 / Windows XP / SP3: Windows XP Hotfix - KB888302 / Windows XP / SP3: Security Update for Windows XP (KB890046) / Windows XP / SP3: Windows XP Hotfix - KB890859 / Windows XP / SP3: Windows XP Hotfix - KB891781 / Windows XP / SP3: Security Update for Windows XP (KB893756) / Windows XP / SP3: Windows Installer 3.1 (KB893803) / Windows XP / SP3: Update for Windows XP (KB894391) / Windows XP / SP3: Security Update for Windows XP (KB896358) / Windows XP / SP3: Security Update for Windows XP (KB896423) / Windows XP / SP3: Security Update for Windows XP (KB896428) / Windows XP / SP3: Update for Windows XP (KB898461) / Windows XP / SP3: Security Update for Windows XP (KB899587) / Windows XP / SP3: Security Update for Windows XP (KB899591) / Windows XP / SP3: Update for Windows XP (KB900485) / Windows XP / SP3: Security Update for Windows XP (KB900725) / Windows XP / SP3: Security Update for Windows XP (KB901017) / Windows XP / SP3: Security Update for Windows XP (KB901214) / Windows XP / SP3: Security Update for Windows XP (KB902400) / Windows XP / SP3: Security Update for Windows XP (KB904706) / Windows XP / SP3: Security Update for Windows XP (KB905414) / Windows XP / SP3: Security Update for Windows XP (KB905749) / Windows XP / SP3: Security Update for Windows XP (KB908519) / Windows XP / SP3: Update for Windows XP (KB908531) / Windows XP / SP3: Update for Windows XP (KB910437) / Windows XP / SP3: Update for Windows XP (KB911280) / Windows XP / SP3: Security Update for Windows XP (KB911562) / Windows XP / SP3: Security Update for Windows XP (KB911927) / Windows XP / SP3: Security Update for Windows XP (KB913580) / Windows XP / SP3: Security Update for Windows XP (KB914388) / Windows XP / SP3: Security Update for Windows XP (KB914389) / Windows XP / SP3: Update for Windows XP (KB916595) / Windows XP / SP3: Security Update for Windows XP (KB917344) / Windows XP / SP3: Security Update for Windows XP (KB917953) / Windows XP / SP3: Security Update for Windows XP (KB918118) / Windows XP / SP3: Security Update for Windows XP (KB918439) / Windows XP / SP3: Security Update for Windows XP (KB919007) / Windows XP / SP3: Security Update for Windows XP (KB920213) / Windows XP / SP3: Security Update for Windows XP (KB920670) / Windows XP / SP3: Security Update for Windows XP (KB920683) / Windows XP / SP3: Security Update for Windows XP (KB920685) / Windows XP / SP3: Update for Windows XP (KB920872) / Windows XP / SP3: Security Update for Windows XP (KB921503) / Windows XP / SP3: Update for Windows XP (KB922582) / Windows XP / SP3: Security Update for Windows XP (KB922819) / Windows XP / SP3: Security Update for Windows XP (KB923191) / Windows XP / SP3: Security Update for Windows XP (KB923414) / Windows XP / SP3: Security Update for Windows XP (KB923980) / Windows XP / SP3: Security Update for Windows XP (KB924270) / Windows XP / SP3: Security Update for Windows XP (KB924496) / Windows XP / SP3: Security Update for Windows XP (KB924667) / Windows XP / SP3: Security Update for Windows XP (KB925902) / Windows XP / SP3: Security Update for Windows XP (KB926255) / Windows XP / SP3: Security Update for Windows XP (KB926436) / Windows XP / SP3: Security Update for Windows XP (KB927779) / Windows XP / SP3: Security Update for Windows XP (KB927802) / Windows XP / SP3: Update for Windows XP (KB927891) / Windows XP / SP3: Security Update for Windows XP (KB928255) / Windows XP / SP3: Security Update for Windows XP (KB928843) / Windows XP / SP3: Security Update for Windows XP (KB929123) / Windows XP / SP3: Security Update for Windows XP (KB930178) / Windows XP / SP3: Update for Windows XP (KB930916) / Windows XP / SP3: Security Update for Windows XP (KB931261) / Windows XP / SP3: Security Update for Windows XP (KB931784) / Windows XP / SP3: Security Update for Windows XP (KB932168) / Windows XP / SP3: Update for Windows XP (KB933360) / Windows XP / SP3: Security Update for Windows XP (KB933729) / Windows XP / SP3: Security Update for Windows XP (KB935839) / Windows XP / SP3: Security Update for Windows XP (KB935840) / Windows XP / SP3: Security Update for Windows XP (KB936021) / Windows XP / SP3: Update for Windows XP (KB936357) / Windows XP / SP3: Security Update for Windows XP (KB938127) / Windows XP / SP3: Update for Windows XP (KB938828) / Windows XP / SP3: Security Update for Windows XP (KB938829) / Windows XP / SP3: Security Update for Windows XP (KB939653) / Windows XP / SP3: Security Update for Windows XP (KB941202) / Windows XP / SP3: Security Update for Windows XP (KB941568) / Windows XP / SP3: Security Update for Windows XP (KB941644) / Windows XP / SP3: Security Update for Windows XP (KB942615) / Windows XP / SP3: Update for Windows XP (KB942763) / Windows XP / SP3: Update for Windows XP (KB942840) / Windows XP / SP3: Security Update for Windows XP (KB943460) / Windows XP / SP3: Security Update for Windows XP (KB943485) / Windows XP / SP3: Security Update for Windows XP (KB944653) / Windows XP / SP3: Update for Windows XP (KB946627) --- Startup entries list --- Located: HK_LM:Run, Adobe Reader Speed Launcher command: "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" file: C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe size: 39792 MD5: E28D00EC675F5F5A5A0555E7A4523A6E Located: HK_LM:Run, ccApp command: "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" file: C:\Program Files\Common Files\Symantec Shared\ccApp.exe size: 48752 MD5: 696F43558EA1C4BFF475A4B8ECC5CAC4 Located: HK_LM:Run, iTunesHelper command: "C:\Program Files\iTunes\iTunesHelper.exe" file: C:\Program Files\iTunes\iTunesHelper.exe size: 267048 MD5: 29ABA5DBAF0ADBFF426E7229412D6411 Located: HK_LM:Run, LifeCam command: "C:\Program Files\Microsoft LifeCam\LifeExp.exe" file: C:\Program Files\Microsoft LifeCam\LifeExp.exe size: 269104 MD5: E020C21E3B921E43F1477489E5DC66B7 Located: HK_LM:Run, OpwareSE2 command: "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" file: C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe size: 49152 MD5: 882539219B40107D5BC0557E0088DD79 Located: HK_LM:Run, QuickTime Task command: "C:\Program Files\QuickTime\QTTask.exe" -atboottime file: C:\Program Files\QuickTime\QTTask.exe size: 286720 MD5: 45E5DB49800F1BF5BD39BDB8CC501E66 Located: HK_LM:Run, SunJavaUpdateSched command: "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" file: C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe size: 132496 MD5: 896E712A34D654A337C8CBB9DEB07200 Located: HK_LM:Run, vptray command: C:\PROGRA~1\SYMANT~1\VPTray.exe file: C:\PROGRA~1\SYMANT~1\VPTray.exe size: 85184 MD5: 1B5036466136A1451BDBA17B6AEBECB3 Located: HK_LM:Run, VX3000 command: C:\WINDOWS\vVX3000.exe file: C:\WINDOWS\vVX3000.exe size: 707376 MD5: 45844D314A62EACA768A8916ABF616F2 Located: HK_CU:RunOnce, RunNarrator where: .DEFAULT... command: Narrator.exe file: C:\WINDOWS\system32\Narrator.exe size: 53760 MD5: 797B56BB7F031926FC540D8F6CFFAD50 Located: HK_CU:Run, SpybotSD TeaTimer where: S-1-5-21-746137067-764733703-682003330-1004... command: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe file: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe size: 1460560 MD5: B7D4586BFC0DD6C3BE7DCCC252A3E97E Located: HK_CU:RunOnce, RunNarrator where: S-1-5-18... command: Narrator.exe file: C:\WINDOWS\system32\Narrator.exe size: 53760 MD5: 797B56BB7F031926FC540D8F6CFFAD50 Located: WinLogon, crypt32chain command: crypt32.dll file: crypt32.dll size: 0 MD5: D41D8CD98F00B204E9800998ECF8427E Warning: if the file is actually larger than 0 bytes, the checksum could not be properly calculated! Located: WinLogon, cryptnet command: cryptnet.dll file: cryptnet.dll size: 0 MD5: D41D8CD98F00B204E9800998ECF8427E Warning: if the file is actually larger than 0 bytes, the checksum could not be properly calculated! Located: WinLogon, cscdll command: cscdll.dll file: cscdll.dll size: 0 MD5: D41D8CD98F00B204E9800998ECF8427E Warning: if the file is actually larger than 0 bytes, the checksum could not be properly calculated! Located: WinLogon, NavLogon command: C:\WINDOWS\system32\NavLogon.dll file: C:\WINDOWS\system32\NavLogon.dll size: 0 MD5: D41D8CD98F00B204E9800998ECF8427E Warning: if the file is actually larger than 0 bytes, the checksum could not be properly calculated! Located: WinLogon, ScCertProp command: wlnotify.dll file: wlnotify.dll size: 0 MD5: D41D8CD98F00B204E9800998ECF8427E Warning: if the file is actually larger than 0 bytes, the checksum could not be properly calculated! Located: WinLogon, Schedule command: wlnotify.dll file: wlnotify.dll size: 0 MD5: D41D8CD98F00B204E9800998ECF8427E Warning: if the file is actually larger than 0 bytes, the checksum could not be properly calculated! Located: WinLogon, sclgntfy command: sclgntfy.dll file: sclgntfy.dll size: 0 MD5: D41D8CD98F00B204E9800998ECF8427E Warning: if the file is actually larger than 0 bytes, the checksum could not be properly calculated! Located: WinLogon, SensLogn command: WlNotify.dll file: WlNotify.dll size: 0 MD5: D41D8CD98F00B204E9800998ECF8427E Warning: if the file is actually larger than 0 bytes, the checksum could not be properly calculated! Located: WinLogon, termsrv command: wlnotify.dll file: wlnotify.dll size: 0 MD5: D41D8CD98F00B204E9800998ECF8427E Warning: if the file is actually larger than 0 bytes, the checksum could not be properly calculated! Located: WinLogon, wlballoon command: wlnotify.dll file: wlnotify.dll size: 0 MD5: D41D8CD98F00B204E9800998ECF8427E Warning: if the file is actually larger than 0 bytes, the checksum could not be properly calculated! --- Browser helper object list --- {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader Link Helper) location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ BHO name: CLSID name: Adobe PDF Reader Link Helper description: Adobe Acrobat reader classification: Legitimate known filename: AcroIEhelper.ocx<br>AcroIEhelper.dll info link: http://www.adobe.com/products/acrobat/readstep2.html info source: TonyKlein Path: C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\ Long name: AcroIEHelper.dll Short name: ACROIE~1.DLL Date (created): 10/22/2006 11:08:42 PM Date (last access): 1/19/2008 12:08:26 PM Date (last write): 10/22/2006 11:08:42 PM Filesize: 62080 Attributes: archive MD5: C11F6A1F61481E24BE3FDC06EA6F7D2A CRC32: E388508F Version: 8.0.0.456 {53707962-6F74-2D53-2644-206D7942484F} (Spybot-S&D IE Protection) location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ BHO name: CLSID name: Spybot-S&D IE Protection description: Spybot-S&D IE Browser plugin classification: Legitimate known filename: SDhelper.dll info link: http://spybot.eon.net.au/ info source: Patrick M. Kolla Path: C:\PROGRA~1\SPYBOT~1\ Long name: SDHelper.dll Short name: Date (created): 12/2/2007 8:03:32 AM Date (last access): 1/19/2008 12:34:14 PM Date (last write): 8/31/2007 4:46:14 PM Filesize: 1122128 Attributes: archive MD5: B8958471DAA4481E93B03DF8F991DD6E CRC32: 35E35F14 Version: 1.5.0.8 {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class) location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ BHO name: CLSID name: SSVHelper Class Path: C:\Program Files\Java\jre1.6.0_02\bin\ Long name: ssv.dll Short name: Date (created): 12/8/2007 11:23:34 AM Date (last access): 1/19/2008 9:16:06 AM Date (last write): 7/12/2007 4:00:36 AM Filesize: 501136 Attributes: archive MD5: D6137540BDF0F9F9B9055C60ADD8007A CRC32: 29E910AF Version: 6.0.20.6 {7E853D72-626A-48EC-A868-BA8D5E23E045} () location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ BHO name: CLSID name: --- ActiveX list --- {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) DPF name: CLSID name: MUWebControl Class Installer: C:\WINDOWS\Downloaded Program Files\muweb.inf Codebase: http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1196616430796 description: classification: Legitimate known filename: muweb.dll info link: info source: Safer Networking Ltd. Path: C:\WINDOWS\system32\ Long name: muweb.dll Short name: Date (created): 7/30/2007 7:18:34 PM Date (last access): 1/19/2008 11:42:20 AM Date (last write): 7/30/2007 7:18:34 PM Filesize: 207736 Attributes: archive MD5: 8038B166CE79E58E193566150CE26465 CRC32: 9137D395 Version: 7.0.6000.381 {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) DPF name: Java Runtime Environment 1.6.0 CLSID name: Java Plug-in 1.6.0_02 Installer: Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab description: Sun Java classification: Legitimate known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll info link: info source: Patrick M. Kolla Path: C:\Program Files\Java\jre1.6.0_02\bin\ Long name: npjpi160_02.dll Short name: NPJPI1~1.DLL Date (created): 7/12/2007 2:22:38 AM Date (last access): 1/9/2008 7:58:30 PM Date (last write): 7/12/2007 4:00:36 AM Filesize: 132496 Attributes: archive MD5: E3811F1A1C5063C941EC0E2766C3EA39 CRC32: AEFD3747 Version: 6.0.20.6 {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0) DPF name: Java Runtime Environment 1.6.0 CLSID name: Java Plug-in 1.6.0_02 Installer: Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab description: classification: Legitimate known filename: npjpi160_02.dll info link: info source: Safer Networking Ltd. Path: C:\Program Files\Java\jre1.6.0_02\bin\ Long name: npjpi160_02.dll Short name: NPJPI1~1.DLL Date (created): 7/12/2007 2:22:38 AM Date (last access): 1/19/2008 12:35:20 PM Date (last write): 7/12/2007 4:00:36 AM Filesize: 132496 Attributes: archive MD5: E3811F1A1C5063C941EC0E2766C3EA39 CRC32: AEFD3747 Version: 6.0.20.6 {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0) DPF name: Java Runtime Environment 1.6.0 CLSID name: Java Plug-in 1.6.0_02 Installer: Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab description: classification: Legitimate known filename: npjpi150_06.dll info link: info source: Safer Networking Ltd. Path: C:\Program Files\Java\jre1.6.0_02\bin\ Long name: npjpi160_02.dll Short name: NPJPI1~1.DLL Date (created): 7/12/2007 2:22:38 AM Date (last access): 1/19/2008 12:35:20 PM Date (last write): 7/12/2007 4:00:36 AM Filesize: 132496 Attributes: archive MD5: E3811F1A1C5063C941EC0E2766C3EA39 CRC32: AEFD3747 Version: 6.0.20.6 --- Process list --- PID: 0 ( 0) [System] PID: 844 ( 0) \SystemRoot\System32\smss.exe size: 50688 PID: 892 ( 0) \??\C:\WINDOWS\system32\csrss.exe size: 6144 PID: 916 ( 0) \??\C:\WINDOWS\system32\winlogon.exe size: 502272 PID: 960 ( 0) C:\WINDOWS\system32\services.exe size: 108032 MD5: C6CE6EEC82F187615D1002BB3BB50ED4 PID: 972 ( 0) C:\WINDOWS\system32\lsass.exe size: 13312 MD5: 84885F9B82F4D55C6146EBF6065D75D2 PID: 1128 ( 0) C:\WINDOWS\system32\svchost.exe size: 14336 MD5: 8F078AE4ED187AAABC0A305146DE6716 PID: 1228 ( 0) C:\WINDOWS\system32\svchost.exe size: 14336 MD5: 8F078AE4ED187AAABC0A305146DE6716 PID: 1384 ( 0) C:\WINDOWS\System32\svchost.exe size: 14336 MD5: 8F078AE4ED187AAABC0A305146DE6716 PID: 1508 ( 0) C:\WINDOWS\system32\svchost.exe size: 14336 MD5: 8F078AE4ED187AAABC0A305146DE6716 PID: 1608 ( 0) C:\WINDOWS\system32\svchost.exe size: 14336 MD5: 8F078AE4ED187AAABC0A305146DE6716 PID: 1752 ( 0) C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe size: 161392 MD5: 2013A368106F5EB9AA6F492369F8063C PID: 292 ( 0) C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe size: 185968 MD5: 83053D67F40CD00D5FB3BAA2C4D6F9EC PID: 452 ( 0) C:\WINDOWS\system32\spoolsv.exe size: 57856 MD5: DA81EC57ACD4CDC3D4C51CF3D409AF9F PID: 708 ( 0) C:\WINDOWS\Explorer.EXE size: 1033216 MD5: 97BD6515465659FF8F3B7BE375B2EA87 PID: 868 ( 0) C:\Program Files\Symantec AntiVirus\DefWatch.exe size: 19648 MD5: 955924C3532EFB803B0661B6AA516126 PID: 936 ( 0) C:\Program Files\Microsoft LifeCam\MSCamSvc.exe size: 187184 MD5: 825DDD8DDD89EDE56B52C71CE8BB4E73 PID: 1192 ( 0) C:\WINDOWS\system32\svchost.exe size: 14336 MD5: 8F078AE4ED187AAABC0A305146DE6716 PID: 1376 ( 0) C:\Program Files\Symantec AntiVirus\Rtvscan.exe size: 1706176 MD5: BC59BC3B68D45EB1716CC95E567A3B69 PID: 1492 ( 0) C:\Program Files\Common Files\Symantec Shared\ccApp.exe size: 48752 MD5: 696F43558EA1C4BFF475A4B8ECC5CAC4 PID: 1568 ( 0) C:\PROGRA~1\SYMANT~1\VPTray.exe size: 85184 MD5: 1B5036466136A1451BDBA17B6AEBECB3 PID: 1600 ( 0) C:\WINDOWS\vVX3000.exe size: 707376 MD5: 45844D314A62EACA768A8916ABF616F2 PID: 1764 ( 0) C:\WINDOWS\system32\wdfmgr.exe size: 38912 MD5: AB0A7CA90D9E3D6A193905DC1715DED0 PID: 2008 ( 0) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe size: 1460560 MD5: B7D4586BFC0DD6C3BE7DCCC252A3E97E PID: 2536 ( 0) C:\WINDOWS\System32\alg.exe size: 44544 MD5: F1958FBF86D5C004CF19A5951A9514B7 PID: 3916 ( 0) C:\Program Files\Windows Live\Messenger\usnsvc.exe size: 98328 MD5: 9D19B042A4FD5C02195071EA2FE0C821 PID: 864 ( 0) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe size: 4943184 MD5: C92780F50B8BB7A89E919585916494A9 PID: 2268 ( 0) C:\Program Files\Mozilla Firefox\firefox.exe size: 7650416 MD5: 15637C95A67A2C09B3CC5004BE595CCA PID: 2636 ( 0) C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe size: 110592 MD5: 69DA2BB73AC426CDEEBDACC68438BA3D --- Browser start & search pages list --- Spybot - Search & Destroy browser pages report, 1/19/2008 12:35:21 PM HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page C:\WINDOWS\system32\blank.htm HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page http://go.microsoft.com/fwlink/?LinkId=69157 HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\SearchAssistant http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\CustomizeSearch http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\@ http://home.microsoft.com/access/autosearch.asp?p=%s HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page %SystemRoot%\system32\blank.htm HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm --- Winsock Layered Service Provider list --- Protocol 0: MSAFD Tcpip [TCP/IP] GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192} Filename: %SystemRoot%\system32\mswsock.dll Description: Microsoft Windows NT/2k/XP IP protocol DB filename: %SystemRoot%\system32\mswsock.dll DB protocol: MSAFD Tcpip [*] Protocol 1: MSAFD Tcpip [UDP/IP] GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192} Filename: %SystemRoot%\system32\mswsock.dll Description: Microsoft Windows NT/2k/XP IP protocol DB filename: %SystemRoot%\system32\mswsock.dll DB protocol: MSAFD Tcpip [*] Protocol 2: MSAFD Tcpip [RAW/IP] GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192} Filename: %SystemRoot%\system32\mswsock.dll Description: Microsoft Windows NT/2k/XP IP protocol DB filename: %SystemRoot%\system32\mswsock.dll DB protocol: MSAFD Tcpip [*] Protocol 3: RSVP UDP Service Provider GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A} Filename: %SystemRoot%\system32\rsvpsp.dll Description: Microsoft Windows NT/2k/XP RVSP DB filename: %SystemRoot%\system32\rsvpsp.dll DB protocol: RSVP * Service Provider Protocol 4: RSVP TCP Service Provider GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A} Filename: %SystemRoot%\system32\rsvpsp.dll Description: Microsoft Windows NT/2k/XP RVSP DB filename: %SystemRoot%\system32\rsvpsp.dll DB protocol: RSVP * Service Provider Protocol 5: MSAFD NetBIOS [\Device\NetBT_Tcpip_{8489A970-8A5A-4342-9022-4A5E6152D4AB}] SEQPACKET 4 GUID: {8D5F1830-C273-11CF-95C8-00805F48A192} Filename: %SystemRoot%\system32\mswsock.dll Description: Microsoft Windows NT/2k/XP NetBios protocol DB filename: %SystemRoot%\system32\mswsock.dll DB protocol: MSAFD NetBIOS * Protocol 6: MSAFD NetBIOS [\Device\NetBT_Tcpip_{8489A970-8A5A-4342-9022-4A5E6152D4AB}] DATAGRAM 4 GUID: {8D5F1830-C273-11CF-95C8-00805F48A192} Filename: %SystemRoot%\system32\mswsock.dll Description: Microsoft Windows NT/2k/XP NetBios protocol DB filename: %SystemRoot%\system32\mswsock.dll DB protocol: MSAFD NetBIOS * Protocol 7: MSAFD NetBIOS [\Device\NetBT_Tcpip_{6A9EECD1-7C1F-4BF9-8506-063F2240A3FC}] SEQPACKET 3 GUID: {8D5F1830-C273-11CF-95C8-00805F48A192} Filename: %SystemRoot%\system32\mswsock.dll Description: Microsoft Windows NT/2k/XP NetBios protocol DB filename: %SystemRoot%\system32\mswsock.dll DB protocol: MSAFD NetBIOS * Protocol 8: MSAFD NetBIOS [\Device\NetBT_Tcpip_{6A9EECD1-7C1F-4BF9-8506-063F2240A3FC}] DATAGRAM 3 GUID: {8D5F1830-C273-11CF-95C8-00805F48A192} Filename: %SystemRoot%\system32\mswsock.dll Description: Microsoft Windows NT/2k/XP NetBios protocol DB filename: %SystemRoot%\system32\mswsock.dll DB protocol: MSAFD NetBIOS * Protocol 9: MSAFD NetBIOS [\Device\NetBT_Tcpip_{A0675A4E-D052-40AB-B9B8-8D803FD5056F}] SEQPACKET 0 GUID: {8D5F1830-C273-11CF-95C8-00805F48A192} Filename: %SystemRoot%\system32\mswsock.dll Description: Microsoft Windows NT/2k/XP NetBios protocol DB filename: %SystemRoot%\system32\mswsock.dll DB protocol: MSAFD NetBIOS * Protocol 10: MSAFD NetBIOS [\Device\NetBT_Tcpip_{A0675A4E-D052-40AB-B9B8-8D803FD5056F}] DATAGRAM 0 GUID: {8D5F1830-C273-11CF-95C8-00805F48A192} Filename: %SystemRoot%\system32\mswsock.dll Description: Microsoft Windows NT/2k/XP NetBios protocol DB filename: %SystemRoot%\system32\mswsock.dll DB protocol: MSAFD NetBIOS * Protocol 11: MSAFD NetBIOS [\Device\NetBT_Tcpip_{27B3F3F6-E077-4E1A-91C2-E72E6D180ADA}] SEQPACKET 1 GUID: {8D5F1830-C273-11CF-95C8-00805F48A192} Filename: %SystemRoot%\system32\mswsock.dll Description: Microsoft Windows NT/2k/XP NetBios protocol DB filename: %SystemRoot%\system32\mswsock.dll DB protocol: MSAFD NetBIOS * Protocol 12: MSAFD NetBIOS [\Device\NetBT_Tcpip_{27B3F3F6-E077-4E1A-91C2-E72E6D180ADA}] DATAGRAM 1 GUID: {8D5F1830-C273-11CF-95C8-00805F48A192} Filename: %SystemRoot%\system32\mswsock.dll Description: Microsoft Windows NT/2k/XP NetBios protocol DB filename: %SystemRoot%\system32\mswsock.dll DB protocol: MSAFD NetBIOS * Protocol 13: MSAFD NetBIOS [\Device\NetBT_Tcpip_{9DD1C3AA-02BB-4A95-B75B-09E1B97861F4}] SEQPACKET 2 GUID: {8D5F1830-C273-11CF-95C8-00805F48A192} Filename: %SystemRoot%\system32\mswsock.dll Description: Microsoft Windows NT/2k/XP NetBios protocol DB filename: %SystemRoot%\system32\mswsock.dll DB protocol: MSAFD NetBIOS * Protocol 14: MSAFD NetBIOS [\Device\NetBT_Tcpip_{9DD1C3AA-02BB-4A95-B75B-09E1B97861F4}] DATAGRAM 2 GUID: {8D5F1830-C273-11CF-95C8-00805F48A192} Filename: %SystemRoot%\system32\mswsock.dll Description: Microsoft Windows NT/2k/XP NetBios protocol DB filename: %SystemRoot%\system32\mswsock.dll DB protocol: MSAFD NetBIOS * Namespace Provider 0: Tcpip GUID: {22059D40-7E9E-11CF-AE5A-00AA00A7112B} Filename: %SystemRoot%\System32\mswsock.dll Description: Microsoft Windows NT/2k/XP TCP/IP name space provider DB filename: %SystemRoot%\system32\mswsock.dll DB protocol: TCP/IP Namespace Provider 1: NTDS GUID: {3B2637EE-E580-11CF-A555-00C04FD8D4AC} Filename: %SystemRoot%\System32\winrnr.dll Description: Microsoft Windows NT/2k/XP name space provider DB filename: %SystemRoot%\system32\winrnr.dll DB protocol: NTDS Namespace Provider 2: Network Location Awareness (NLA) Namespace GUID: {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83} Filename: %SystemRoot%\System32\mswsock.dll Description: Microsoft Windows NT/2k/XP name space provider DB filename: %SystemRoot%\system32\mswsock.dll DB protocol: NLA-Namespace Any help will greatly be appreciated Thank you Max Kreeger
Sounds like your ISP had some server problems and went down for a short time. Next time, this happens just call and ask. I have Comcast high speed Internet and experience the same issues with my modem lights. This just means your not connected if all the lights are not on. Your HJK log is clean.
Hey it happened again. Seems to happen a lot. Like when I'm on windows live messenger it just boots me and the internet crashes and when I can with spybot I get the same message. Also sometimes I have to troubleshoot WLM and it says something about the hosts file. So yeah. Thank you for the reply Max K.
Hey, I really need your help in another thread: http://forums.afterdawn.com/thread_view.cfm/622925 I found a dangerous process please check it out ypdtevam.exe
