Mobile/PDA About Us Advertise here
User User name Password  
  Not registered yet? Register here.
Lost your password? Click here. 		 
  Home   News   Guides   Downloads   Glossary   Hardware   Profiles   Forums   v4  
 Advertise at AfterDawn.com     Link to us!     Private messages     Compose a private message     List of all updated threads     Threads without replies     Search messages
Thursday 6.3.2025 / 19:36
Search AfterDawn Forums:        In English   Suomeksi   På svenska
afterdawn.com > forums > software, operating systems and more > windows - virus and spyware problems > some advise needed
Show topics
 
Forums
Forums
some advise needed
  Jump to:
 
Posted Message
KEVIN4344
Junior Member
_ 		26. August 2006 @ 06:54 _ Link to this message    Send private message to this user   
hi all,

hereunder are my system specs: and a hijack this report. I would like if you would look at these and give your opinions.


Operating System Microsoft Windows XP Home Edition
OS Service Pack Service Pack 2
Internet Explorer 6.0.2900.2180
CPU Type Intel Pentium 4A, 2533 MHz (4.75 x 533)

Windows firewall
Virus: Norman Anti virus software
Adware: Spybot-Ewido -SpywareDoctor

Motherboard:
Motherboard Name MSI 648 Max (MS-6585) (6 PCI, 1 AGP, 3 DIMM, Audio)
Motherboard Chipset SiS 648
System Memory 256 MB (PC2700 DDR SDRAM)
BIOS Type AMI (01/28/03)
Display:
Video Adapter RADEON 9200 SE SEC (128 MB)
Video Adapter RADEON 9200 SE (128 MB)
3D Accelerator ATI Radeon 9200 (RV280)
Monitor Plug and Play Monitor [NoDB] (YEGH013463)

Multimedia:
Audio Adapter SiS 7012 Audio Device

Storage:
Floppy Drive Floppy disk drive
Disk Drive Maxtor 33073H3 M (30 GB, 5400 RPM, Ultra-ATA/100)
Disk Drive Maxtor 6Y080L0 (80 GB, 7200 RPM, Ultra-ATA/133)
Optical Drive CyberDrv CW089D CD-R/RW (48x/16x/48x CD-RW)
Optical Drive HL-DT-ST DVD-ROM GDR8162B (16x/48x DVD-ROM)
Optical Drive MagicISO Virtual DVD-ROM0000
Network Adapter Realtek RTL8139/810x Family Fast Ethernet NIC (192.168.1.2)


Peripherals:
Printer HP DeskJet 840C/841C/842C/843C
Printer Microsoft Office Document Image Writer
USB Device USB Printing Support

Broadband:
2048/256 (kbps)eircom



HIjack this Report:
Logfile of HijackThis v1.99.1
Scan saved at 15:53:19, on 26/08/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Norman\bin\ZANDA.EXE
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\WINDOWS\System32\snmp.exe
C:\NORMAN\Nvc\BIN\nvcoas.exe
C:\Norman\bin\NJEEVES.EXE
C:\Norman\Nvc\BIN\nipsvc.exe
C:\NORMAN\Nvc\BIN\NVCSCHED.EXE
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Norman\bin\ZLH.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\BBC News alerts\skinkers.exe
C:\Program Files\CNN News Alert\CNNNewsAlert.exe
C:\Program Files\Sky Alerts\skinker.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Tottenham Hotspur News Alerts\spursnewsalerts.exe
C:\Norman\Nvc\BIN\NIP.EXE
C:\Norman\Nvc\bin\cclaw.exe
C:\PROGRA~1\SPYWAR~3\swdoctor.exe
C:\Program Files\DAP\DAP.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Real\Update_OB\RealOneMessageCenter.exe
C:\Documents and Settings\kevin\My Documents\Adware Removal\hijackthis\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Norman\bin\niu.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.ie/
O2 - BHO: DAPHelper Class - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - C:\Program Files\DAP\DAPBHO.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~3\tools\iesdsg.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~3\tools\iesdpb.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\bin\ZLH.EXE /LOAD /SPLASH
O4 - HKLM\..\Run: [OSSelectorReinstall] C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [BBC News alerts] C:\Program Files\BBC News alerts\skinkers.exe
O4 - HKCU\..\Run: [CNN News Alert] "C:\Program Files\CNN News Alert\CNNNewsAlert.exe"
O4 - HKCU\..\Run: [Sky Alerts] "C:\Program Files\Sky Alerts\skinker.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Tottenham Hotspur News Alerts] "C:\Program Files\Tottenham Hotspur News Alerts\spursnewsalerts.exe"
O4 - HKCU\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t
O4 - Startup: Sky Alerts.lnk = C:\Program Files\Sky Alerts\skinker.exe
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - AutorunsDisabled - (no file)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~3\tools\iesdpb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - AutorunsDisabled - (no file) (HKCU)
O15 - Trusted Zone: http://*.isohunt.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=48835
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - https://scan.safety.live.com/resource/download/scanner/en-us/wlscbase3401.cab
O16 - DPF: {EF58E341-49C3-4156-A3C4-5FFCA7C1EAB7} (EURAS_Portal.Gateway) - http://www.euras.com/euras/activex2/euras.CAB
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by18fd.bay18.hotmail.msn.com/activex/HMAtchmt.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{81EB3C6D-CEE4-4943-A074-B940639A91E7}: NameServer = 213.94.190.194,213.94.190.236
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\Norman\Nvc\BIN\nipsvc.exe
O23 - Service: Norman NJeeves - Unknown owner - C:\Norman\bin\NJEEVES.EXE
O23 - Service: Norman ZANDA - Unknown owner - C:\Norman\bin\ZANDA.EXE
O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\NORMAN\Nvc\BIN\nvcoas.exe
O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman Data Defense Systems - C:\NORMAN\Nvc\BIN\NVCSCHED.EXE
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe

looking forward to your reply
kevin4344
[ + quote]
Phantom69
Senior Member

3 product reviews
_ 		3. September 2006 @ 23:26 _ Link to this message    Send private message to this user   
i cannot personally find anything wrong with it at all dude. are you worried that there is spyware or a virus installed?


all i can see and recommend from there is that you uninstall Nero INCD it is not a very good piece of software, (other members correct me if i am wrong) but INCD is a packet writing software that can cause problems and conflicts with certain other software programs.

but otherwsie i cant find anything
[ + quote]




"Its so hard to try to be different..."-Apocalypse Hoboken
Niobis
Senior Member
_ 		3. September 2006 @ 23:50 _ Link to this message    Send private message to this user   
Your Java is out of date. Go here and download Java Runtime Environment 5.0 Update 8.

Uninstall any previous versions of Java and install the latest.

As Phantom69 said, there is nothing bad here but, these can be fixed as they are only "left overs" from uninstalled software.

Run a scan only with HijackThis, check to fix these.

O9 - Extra button: (no name) - AutorunsDisabled - (no file)

O9 - Extra button: (no name) - AutorunsDisabled - (no file) (HKCU)

Close all windows except HijackThis and click Fix Checked.
[ + quote]
Don't be fooled any longer.
http://www.youtube.com/watch?v=BUtbGYgsIu4&feature=related

This message has been edited since posting. Last time this message was edited on 3. September 2006 @ 23:52
Advertisement
_ 		__
 
_
KEVIN4344
Junior Member
_ 		14. September 2006 @ 02:06 _ Link to this message    Send private message to this user   
Thanks to all for your replies
nice to know everything allright
best regards
kevin4344
[ + quote]
afterdawn.com > forums > software, operating systems and more > windows - virus and spyware problems > some advise needed
 

Digital video: AfterDawn.com | AfterDawn Forums
Music: MP3Lizard.com
Gaming: Blasteroids.com | Blasteroids Forums | Compare game prices
Software: Software downloads
Blogs: User profile pages
RSS feeds: AfterDawn.com News | Software updates | AfterDawn Forums
International: AfterDawn in Finnish | AfterDawn in Swedish | AfterDawn in Norwegian | download.fi
Navigate: Search | Site map
About us: About AfterDawn Ltd | Advertise on our sites | Rules, Restrictions, Legal disclaimer & Privacy policy
Contact us: Send feedback | Contact our media sales team
 
  © 1999-2025 by AfterDawn Ltd.

  IDG TechNetwork