Help!!!!11111

[Babyphat]

hey liz..nice to meet you..thank u sooo much.....dang ur good...thank u


i did all what u told me

here's the new log

ogfile of HijackThis v1.98.2
Scan saved at 12:41:48 AM, on 12/9/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe
C:\PROGRA~1\LEXMAR~1\LXBRKsk.exe
C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
C:\Program Files\Yahoo!\Messenger\ypager.exe
C:\Program Files\AOL Companion\companion.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\Lexmark 3100 Series\lxbrbmon.exe
C:\Program Files\Lexmark 3100 Series\lxbrcmon.exe
C:\Program Files\America Online 9.0\waol.exe
C:\Program Files\America Online 9.0\shellmon.exe
C:\Program Files\America Online 9.0\aolwbspd.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Documents and Settings\Owner\My Documents\hijackers\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cus.../*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cus.../*http://www.yahoo.com/ext/search/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/ymsgr6/*http://www.yahoo.com
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [AutoTKit] C:\hp\bin\AUTOTKIT.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [QuickFinder Scheduler] "c:\Program Files\WordPerfect Office 11\Programs\QFSCHD110.EXE"
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [Lexmark 3100 Series] "C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe"
O4 - HKLM\..\Run: [LXBRKsk] C:\PROGRA~1\LEXMAR~1\LXBRKsk.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - Startup: wkcalrem.LNK = C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O4 - Global Startup: AOL Companion.lnk = C:\Program Files\AOL Companion\companion.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .wav: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin2.dll
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst20040510.cab
O16 - DPF: {89D75D39-5531-47BA-9E4F-B346BA9C362C} (CWDL_DownLoadControl Class) - http://www.callwave.com/include/cab/CWDL_DownLoad.CAB
O16 - DPF: {A587DAFF-DE03-4721-90CD-44BA8F047A03} (Snapfish File Upload ActiveX Control) - http://www.yorkphoto.com/YorkUpload.cab
O16 - DPF: {AED98630-0251-4E83-917D-43A23D66D507} (WebHandler Class) - http://activex.microgaming.com/DLhelper/version6/dlhelper.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab
O16 - DPF: {BAC01377-73DD-4796-854D-2A8997E3D68A} - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/ydropper/ydropper1_3us.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{5549E4B6-04E5-443C-943A-E6A5A5519BA1}: NameServer = 205.188.146.146

 

[Elite Bullet]

k dont trust me totaly but i think you have to get rid of
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto

So go with southern's when she tells you.

 

[Babyphat]

aight..

 

[Elite Bullet]

Cause this is my first try at anizily the log

 

[southernlady]

Actually, that ones ok. I had to google it instead of using PacMan's Startup List tho. Ended up here: http://www.windowsstartup.com/wso/detail.php?id=3652 from here: http://www.windowsstartup.com/wso/browse.php?l=13&start=200&end=225

Babyphat , I'll get the rest of your log read tomorrow. It's getting way past my bedtime. Liz

 

[Babyphat]

lol.well this is ma first time knowing there's someting call log..i aint familia with the PC like that

 

[Babyphat]

thanks liz..goontnite

 

[southernlady]

You log is CLEAN!!!!

Now, to keep that way, I want you to follw this advice:

Normal maintenance

Run regular maintenance on your PC...just as you would keep your house clean, your PC runs better when it's organized as well.

1) Use Disk Clean up and get rid of unneeded files. Compress old ones

2) Go thru your Add/Remove program and get rid of anything you haven't used lately, esp if you have the disk for it and can reinstall it or download it at a later date should you decide you want it again. Just letting it sit on your hard drive taking up space is ridiculous if you aren't using it.

3) Run the Disk Defrag on a periodic basis. If you have Norton Systemworks, set it up so that you can see how degragged your computer is and let it tell you when to defrag.

4) Remember to do a drive check every so often. You do this going to MY COMPUTER then SELECT YOUR DRIVE(C) right click it and go down to PROPERTIES on the pop up box select the second tab along TOOLS and click the top box CHECK ERRORS NOW.

And then ALWAYS. ALWAYS download and install any Critical Updates that Windows lets you know about. If you don't have your configuration set so that it will tell you and you aren't in the habit of checking periodically (like every other day) then set it so that
Windows WILL let you know there is a Critical Update. This step is an absolute necessity. SP2 is the exception to the rule, I still haven't done that one.

Then go and download these FREE programs:

1) Ad-aware http://www.majorgeeks.com/download506.html (removes all adverts and ad self launch programs,feed up with pop ups get it)

2) Spy-bot http://www.majorgeeks.com/download2471.html (same as ad-aware but always better two have two in this case because they'll double check everything)

3) AVG free http://www.majorgeeks.com/download886.html (ok for basic scan but know not to detect major viruses) or Avast Home Edition: http://www.majorgeeks.com/download1968.html

4) Zone Alarms http://www.majorgeeks.com/download388.html (has a free and a paid version)

5) Sygate http://www.majorgeeks.com/download3356.html (Has a free and a paid version or see the other firewall option

6) A Popup Blocker if your ISP doesnÂ’t come with one:
http://lists.gpick.com/pages/Ad~PopUp_Tools.htm


This one has been recommended by a number of people here on this web site: Google Toolbar http://www.google.com (Can only be used with IE tho)

And this one, I have personal experience with and is excellent. It can be used with ANY browser:

POW http://www.analogx.com.

Then you should download:

1) An Antivirus program:

Avast Home Edition: http://www.majorgeeks.com/download1968.html

AVG free http://www.majorgeeks.com/download886.html

Norton 2004 or 2005 http://www.norton.com (a good professional antivirus,always as up to date virus definitions)

Panda Titanium http://www.pandasoftware.com (another good one but slightly slows down computer applications etc)

AVG 7 pro http://www.grisoft.com/us/us_index.php (again its ok but i found that it takes slightly longer for virus definitions to come out)

2) There are two other Firewall options:

Norton firewall http://www.norton.com (good again stops a lot of unwanted internet activity but does become annoying if your have Bearshare, Kazaa etc installed)

Kerio http://www.kerio.com/kpf_home.html

3) For making copies of your hard drive (good if you need to transfer your hard drive contents or if your hard drive keeps crashing.:

Norton Ghost: http://www.norton.com

Drive image http://www.r-tt.com (a software program that makes a up to date recovery point separate from system restore,good if you know your computer keeps crashing)

4) For fixing Registry and disk problems:

PC Bug Doctor http://www.pcbugdoctor.com (corrects many problem but not deep registry ones)

PC Doctor Oncall http://www.pcdocrx.net/cgi-bin/view...2004/index.html (does full system check fixes almost any problems)

Ashampoo WinOptimizer Platinum Suite 2
http://www.ashampoo.com/ (Drive Cleaner, Registry Cleaner, Internet Cleaner, DLL Cleaner,

Internet Tuner, StartUp Tuner, File Wiper, and File Associator. Free up valuable space on your hard drive. Speed up general system performance.)

Norton Systemworks 2003 or 2004: http://www.norton.com

For a good listing of all this, go to: http://www.wilders.org/

I hope this list helps.

And this thread: http://www.techist.com/showthread.php?s=&threadid=35181 Liz

 

[Babyphat]

thanks gur...imma keep it clean