JoeSand2005
asked on
about blank installed by an Unknow site
Hi Guys,
Thanks in advance for your help. I need to fix my computer. some unknow site install a program in my computer and they set this site ( http://www.securitysafeguards.net/ ) as a " about:blank " in my internet explorer page. Every time I open up my browser I got this site as a defoult and I tryed to deleted by going to tool/options/ and remove that site but I didn't get any luck. This site is what they said in their stie:
Your private info is collected by W32.Sinnaka.A@mm
Your IP address: 69.203.89.243
Your Country: US, United States
They know you're using: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; InfoPath.1; .NET CLR 2.0.50727; .NET CLR 1.1.4322)
Operation System: OS Windows
Risk status for futher investigation: VERY HIGH RISK
Time of investigation: Mon Mar 27 19:29:14 PST 2006
What can I do to remove this site from my system. I appreciate your help.
Thanks again!
Thanks in advance for your help. I need to fix my computer. some unknow site install a program in my computer and they set this site ( http://www.securitysafeguards.net/ ) as a " about:blank " in my internet explorer page. Every time I open up my browser I got this site as a defoult and I tryed to deleted by going to tool/options/ and remove that site but I didn't get any luck. This site is what they said in their stie:
Your private info is collected by W32.Sinnaka.A@mm
Your IP address: 69.203.89.243
Your Country: US, United States
They know you're using: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; InfoPath.1; .NET CLR 2.0.50727; .NET CLR 1.1.4322)
Operation System: OS Windows
Risk status for futher investigation: VERY HIGH RISK
Time of investigation: Mon Mar 27 19:29:14 PST 2006
What can I do to remove this site from my system. I appreciate your help.
Thanks again!
http://www.majorgeeks.com/HijackThis_d3155.html
download and install.. post the report here.
got Anti - Virus software/spyware running?
download and install.. post the report here.
got Anti - Virus software/spyware running?
ASKER
Hi rpggamergirl,
How can I get the logfile? and what do you mean by "Just upload the logfile created?
Thanks!
Joe
How can I get the logfile? and what do you mean by "Just upload the logfile created?
Thanks!
Joe
run hijack this.. and follow the directions on displaying the report..
copy and paste into this question.. SUBMIT.. so that we can see.
copy and paste into this question.. SUBMIT.. so that we can see.
What I meant is, you can upload the log file in those sites and only post the link to the log here.
EE doesn't recommend Hijackthis logs posted in the topic, but we do need to see the log in order to help you, so we suggest uploading the log somewhere else and only post the url here.
EE doesn't recommend Hijackthis logs posted in the topic, but we do need to see the log in order to help you, so we suggest uploading the log somewhere else and only post the url here.
I prefer to see the log posted right in the topic, BUT EE has its rules that Hijackthis logs should not be posted in the topic.
Sorry, if that is not convenient I do understand.
Sorry, if that is not convenient I do understand.
ASKER
This is what I got from the scan and save from Hijackthis and what I got is a text file with many paths. This is the path highlighted by the text file
C:\WINDOWS\system32\VTTime r.exe
I don't know how to save a log file can you explain please?
C:\WINDOWS\system32\VTTime
I don't know how to save a log file can you explain please?
ASKER
Hi rpggamergirl,
How can I know about the logfiel that would be paste on this site ( http://www.rafb.net/paste/ )
Thank you so much!
Joe
How can I know about the logfiel that would be paste on this site ( http://www.rafb.net/paste/ )
Thank you so much!
Joe
When you run Hijackthis, there should be an option where you can click, something like:
"scan and save a logfile" then after it finishes scanning, a notepad will open, you can then copy the entire contents of the notepad and paste that in those sites,
or just paste it here on this topic.
Surely EE can be lenient on this once :)
If you need further assistance I will run my Hijackthis and type a step by step instructions for you.
"scan and save a logfile" then after it finishes scanning, a notepad will open, you can then copy the entire contents of the notepad and paste that in those sites,
or just paste it here on this topic.
Surely EE can be lenient on this once :)
If you need further assistance I will run my Hijackthis and type a step by step instructions for you.
@rpggamergirl...what wrong with posting hijack this here? I've solve several hundred Questions with hijackthis here at EE.
You need to scan yous pc with Hijackthis first, then after scanning a notepad will open full of entries,
that notepad contents is the one you will paste at:
http://www.hijackthis.de/
and click "Analyse", "Save". Post a link to the saved list here.
OK, it will be easier, if you paste the Hijackthis log file here on this topic.
that notepad contents is the one you will paste at:
http://www.hijackthis.de/
and click "Analyse", "Save". Post a link to the saved list here.
OK, it will be easier, if you paste the Hijackthis log file here on this topic.
irwinpks,
I would really love it, if Askers will just post the Hijackthis logs here in the topic, but I've been told off by some other experts. And then I've read it in EE rules that they don't welcome Hijackthis logs.
I also help at another forum and it is so great just to look at the Hijackthis log right there in the topic. But here at EE has different rules.
I would really love it, if Askers will just post the Hijackthis logs here in the topic, but I've been told off by some other experts. And then I've read it in EE rules that they don't welcome Hijackthis logs.
I also help at another forum and it is so great just to look at the Hijackthis log right there in the topic. But here at EE has different rules.
ASKER
Hi rpggamergirl,
if I paste the notepad file here, It will be open to the public then I would be in a deeper trouble. what do you think?
if I paste the notepad file here, It will be open to the public then I would be in a deeper trouble. what do you think?
ASKER
I got the notepad file but I dont know what's the name of the exe fiel I need to delete.
Thanks!
Thanks!
JoeSand2005,
Just post the contents of the notepad here.
If you use your pc in a company network, then just remove all the 017 entries and post the rest here.
Just post the contents of the notepad here.
If you use your pc in a company network, then just remove all the 017 entries and post the rest here.
ASKER
Here it goes, I hope I won't put my computer in risk.
Logfile of HijackThis v1.99.1
Scan saved at 10:57:35 PM, on 3/27/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.e xe
C:\WINDOWS\system32\winlog on.exe
C:\WINDOWS\system32\servic es.exe
C:\WINDOWS\system32\lsass. exe
C:\WINDOWS\system32\svchos t.exe
C:\WINDOWS\System32\svchos t.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spools v.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aol tsmon.exe
c:\Program Files\Microsoft SQL Server\MSSQL.3\MSSQL\Binn\ sqlservr.e xe
C:\Program Files\Microsoft SQL Server\MSSQL.4\OLAP\bin\ms mdsrv.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\system32\svchos t.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.ex e
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\nvctrl .exe
C:\WINDOWS\system32\VTTime r.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\ACD Systems\EN\DevDetect.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\CyberLink\PowerDVD\P DVDServ.ex e
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\WINDOWS\System32\spool\ DRIVERS\W3 2X86\3\E_S 0EIC1.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Common Files\AOL\1132461502\ee\AO LHostManag er.exe
C:\Program Files\Common Files\AOL\1132461502\ee\AO LServiceHo st.exe
C:\Program Files\VIA\RAID\raid_tool.e xe
C:\Program Files\Yahoo!\Messenger\yms gr_tray.ex e
c:\program files\common files\aol\1132461502\ee\se rvices\ant iSpywareAp p\ver2_0_7 \AOLSP Scheduler.exe
C:\Program Files\Common Files\AOL\1132461502\ee\AO LServiceHo st.exe
C:\Program Files\America Online 9.0\waol.exe
C:\Program Files\America Online 9.0\shellmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\HijackThis 1.99.1\HijackThis.exe
O2 - BHO: (no name) - {4da4616d-7e6e-4fd9-a2d5-b 6c535733e2 2} - C:\WINDOWS\system32\hp9F24 .tmp
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B 7027CAE2F1 A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (file missing)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7 859DF00B1D 6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B 5B5E98D167 C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C 6B60AAEBA6 D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0 090271D4F8 8} - C:\Program Files\Yahoo!\Companion\Ins talls\cpn\ yt.dll (file missing)
O3 - Toolbar: SecurityToolbar - {736b5468-bdad-41be-92d0-2 2ae2ddf7bc b} - C:\Program Files\Security Toolbar\Security Toolbar.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCh eck.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\P DVDServ.ex e"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMo n.exe /Consumer
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1132461502\ee\AO LHostManag er.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo 820 Series] C:\WINDOWS\System32\spool\ DRIVERS\W3 2X86\3\E_S 0EIC1.EXE /P29 "EPSON Stylus Photo 820 Series" /O6 "USB001" /M "Stylus Photo 820"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe " /background
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypa ger.exe -quiet
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0\AOL.EXE" -b
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Ad obe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.e xe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH .HTML
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch .htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2 \OFFICE11\ EXCEL.EXE/ 3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict .htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap. htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms. htm
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B 5B5E98D167 C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B 5B5E98D167 C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2 FC0DE4A789 7} - C:\Program Files\Yahoo!\Common\yiesrv c.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3 C9C571A826 3} - C:\PROGRA~1\MICROS~2\OFFIC E11\REFIEB AR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-0 0C04F79568 3} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-0 0C04F79568 3} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-f a1d4f56a2a b} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsth elper.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8 E305202313 F} - "C:\PROGRA~1\MSNMES~1\msgr app.dll" (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc. exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aol tsmon.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\ sqlservr.e xe" -sSQLEXPRESS (file missing)
O23 - Service: SQL Server (MSSQLSERVER) (MSSQLSERVER) - Unknown owner - c:\Program Files\Microsoft SQL Server\MSSQL.3\MSSQL\Binn\ sqlservr.e xe" -sMSSQLSERVER (file missing)
O23 - Service: SQL Server Analysis Services (MSSQLSERVER) (MSSQLServerOLAPService) - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL.4\OLAP\bin\ms mdsrv.exe" -s "C:\Program Files\Microsoft SQL Server\MSSQL.4\OLAP\Config (file missing)
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMAN T~1\SCRIPT ~1\SBServ. exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.ex e
Thanks!
Logfile of HijackThis v1.99.1
Scan saved at 10:57:35 PM, on 3/27/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.e
C:\WINDOWS\system32\winlog
C:\WINDOWS\system32\servic
C:\WINDOWS\system32\lsass.
C:\WINDOWS\system32\svchos
C:\WINDOWS\System32\svchos
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spools
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aol
c:\Program Files\Microsoft SQL Server\MSSQL.3\MSSQL\Binn\
C:\Program Files\Microsoft SQL Server\MSSQL.4\OLAP\bin\ms
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\system32\svchos
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.ex
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\nvctrl
C:\WINDOWS\system32\VTTime
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\ACD Systems\EN\DevDetect.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\CyberLink\PowerDVD\P
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\WINDOWS\System32\spool\
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Common Files\AOL\1132461502\ee\AO
C:\Program Files\Common Files\AOL\1132461502\ee\AO
C:\Program Files\VIA\RAID\raid_tool.e
C:\Program Files\Yahoo!\Messenger\yms
c:\program files\common files\aol\1132461502\ee\se
C:\Program Files\Common Files\AOL\1132461502\ee\AO
C:\Program Files\America Online 9.0\waol.exe
C:\Program Files\America Online 9.0\shellmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\HijackThis 1.99.1\HijackThis.exe
O2 - BHO: (no name) - {4da4616d-7e6e-4fd9-a2d5-b
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0
O3 - Toolbar: SecurityToolbar - {736b5468-bdad-41be-92d0-2
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCh
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\P
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMo
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1132461502\ee\AO
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo 820 Series] C:\WINDOWS\System32\spool\
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypa
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0\AOL.EXE" -b
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Ad
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.e
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-0
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-0
O16 - DPF: {30528230-99f7-4bb4-88d8-f
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aol
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\
O23 - Service: SQL Server (MSSQLSERVER) (MSSQLSERVER) - Unknown owner - c:\Program Files\Microsoft SQL Server\MSSQL.3\MSSQL\Binn\
O23 - Service: SQL Server Analysis Services (MSSQLSERVER) (MSSQLServerOLAPService) - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL.4\OLAP\bin\ms
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMAN
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.ex
Thanks!
As well as the information provided here.
Please also download and install " Microsoft AntiSpyware"
Located here: http://www.microsoft.com/athome/security/spyware/software/default.mspx
After it is installed run the program, accept [yes] on all. (the community is up to you, the last option)
Then run the scan, and follow the instructions given.
Good Luck
Please also download and install " Microsoft AntiSpyware"
Located here: http://www.microsoft.com/athome/security/spyware/software/default.mspx
After it is installed run the program, accept [yes] on all. (the community is up to you, the last option)
Then run the scan, and follow the instructions given.
Good Luck
ASKER CERTIFIED SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
here's one..
how about uninstalling AOL.. is that possible? can you access via WEBmail instead?
how about uninstalling AOL.. is that possible? can you access via WEBmail instead?
ASKER
Hi rpggamergirl,
Thanks so much for your help! The SmiTrem method was the only one that works for my case. I got everything back to normal in my pc. I appreciate your time.
Thanks!
Joe
Thanks so much for your help! The SmiTrem method was the only one that works for my case. I got everything back to normal in my pc. I appreciate your time.
Thanks!
Joe
JoeSand2005,
You're welcome! glad to hear that problem is gone.
Thank you for the points with "A" grade! :)
>>Here it goes, I hope I won't put my computer in risk.<<
Rest assured that there is nothing in your Hijackthis log that would compromise your pc's security.
As you can see, all those entries only relate to programs you have installed in your pc just like everyone else. You have nothing to worry about. :)
You might like to check Tony Klein's article "How Did I Get Infected in the First Place?"
http://www.geekstogo.com/forum/index.php?autocom=custom&page=How_did_I
Happy computing!
Best wishes!
You're welcome! glad to hear that problem is gone.
Thank you for the points with "A" grade! :)
>>Here it goes, I hope I won't put my computer in risk.<<
Rest assured that there is nothing in your Hijackthis log that would compromise your pc's security.
As you can see, all those entries only relate to programs you have installed in your pc just like everyone else. You have nothing to worry about. :)
You might like to check Tony Klein's article "How Did I Get Infected in the First Place?"
http://www.geekstogo.com/forum/index.php?autocom=custom&page=How_did_I
Happy computing!
Best wishes!
Download and install the free version of Ewido anti-malware.
http://www.ewido.net/en/download/
Update first then scan in safe mode.
Or:
download HijackThis 1.99.1
http://www.cyberanswers.org/forum/uploads/HijackThis1991.exe
Open Hijackthis, click "scan and save a logfile" don't fix anything yet, just upload the logfile created, go here and paste your Hijackthis log, http://www.rafb.net/paste/
then at the bottom left corner click "paste"
Copy the address/url and post it here:
Or copy and paste the log at;
http://www.hijackthis.de/
and click "Analyse", "Save". Post a link to the saved list here.