Bite me......I think i got a virus

[ben88]

Im downloading service pack 2 now, i swear i've downloaded it before though.

[Severn Wolf]

I loved the start of the thread, Ben, you missed the point by miles dude. It was very fuuny

[ben88]

I got the point exactly, its just i expected it and it was predictable....implieing that i was hearing thisgs becasue i was on drugs.

 

 

Newt i've installed the latest updates and re-run hijack this.

 

this is the new log file.

 

Logfile of HijackThis v1.99.1

Scan saved at 14:46:40, on 18/10/2005

Platform: Windows XP (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 (6.00.2600.0000)

 

Running processes:

C:WINDOWSSystem32smss.exe

C:WINDOWSsystem32winlogon.exe

C:WINDOWSsystem32services.exe

C:WINDOWSsystem32lsass.exe

C:WINDOWSsystem32svchost.exe

C:WINDOWSSystem32svchost.exe

C:WINDOWSsystem32spoolsv.exe

C:PROGRA~1GrisoftAVGFRE~1avgamsvr.exe

C:PROGRA~1GrisoftAVGFRE~1avgupsvc.exe

C:WINDOWSSystem32CTSvcCDA.EXE

C:WINDOWSSystem32nvsvc32.exe

C:WINDOWSSystem32svchost.exe

C:WINDOWSSystem32MsPMSPSv.exe

C:WINDOWSSystem32wuauclt.exe

C:WINDOWSExplorer.EXE

C:PROGRA~1GrisoftAVGFRE~1avgcc.exe

C:PROGRA~1GrisoftAVGFRE~1avgemc.exe

C:Program FilesJavajre1.5.0_04binjusched.exe

C:Program FilesiTunesiTunesHelper.exe

C:Program FilesMSN MessengerMsnMsgr.Exe

C:Program FilesiPodbiniPodService.exe

C:Documents and SettingsBenDesktopNew FolderHijackThis.exe

 

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.google.co.uk/

R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = 127.0.0.1

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 5.0ReaderActiveXAcroIEHelper.ocx

O2 - BHO: ohb - {285B5CCD-C3F0-4EB6-9632-7D0A3C3AF824} - C:WINDOWSSystem32hsrb.dll (file missing)

O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:PROGRA~1SPYWAR~1toolsiesdsg.dll (file missing)

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:program filesgooglegoogletoolbar1.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSystem32msdxm.ocx

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:program filesgooglegoogletoolbar1.dll

O4 - HKLM..Run: [siSUSBRG] C:WINDOWSSiSUSBrg.exe

O4 - HKLM..Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd

O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSSystem32NvCpl.dll,NvStartup

O4 - HKLM..Run: [nwiz] nwiz.exe /install

O4 - HKLM..Run: [AVG7_CC] C:PROGRA~1GrisoftAVGFRE~1avgcc.exe /STARTUP

O4 - HKLM..Run: [AVG7_EMC] C:PROGRA~1GrisoftAVGFRE~1avgemc.exe

O4 - HKLM..Run: [sunJavaUpdateSched] C:Program FilesJavajre1.5.0_04binjusched.exe

O4 - HKLM..Run: [Openwares LiveUpdate] C:Program FilesLiveUpdateLiveUpdate.exe

O4 - HKLM..Run: [DSLAGENTEXE] C:Program FilesBT Voyager 205 ADSL RouterAdsldslagent.exe

O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe" -atboottime

O4 - HKLM..Run: [iTunesHelper] "C:Program FilesiTunesiTunesHelper.exe"

O4 - HKLM..Run: [WinampAgent] C:Program FilesWinampwinampa.exe

O4 - HKCU..Run: [MsnMsgr] "C:Program FilesMSN MessengerMsnMsgr.Exe" /background

O4 - Startup: Check For Dope Wars Updates.lnk = C:Program FilesDopewarsWiseUpdt.exe

O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe

O4 - Global Startup: BT Broadband Help.lnk = C:Program FilesBT BroadbandHelpbinmatcli.exe

O8 - Extra context menu item: &Google Search - res://c:program filesgoogleGoogleToolbar1.dll/cmsearch.html

O8 - Extra context menu item: &Translate English Word - res://c:program filesgoogleGoogleToolbar1.dll/cmwordtrans.html

O8 - Extra context menu item: Backward Links - res://c:program filesgoogleGoogleToolbar1.dll/cmbacklinks.html

O8 - Extra context menu item: Cached Snapshot of Page - res://c:program filesgoogleGoogleToolbar1.dll/cmcache.html

O8 - Extra context menu item: Similar Pages - res://c:program filesgoogleGoogleToolbar1.dll/cmsimilar.html

O8 - Extra context menu item: Translate Page into English - res://c:program filesgoogleGoogleToolbar1.dll/cmtrans.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_04binnpjpi150_04.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_04binnpjpi150_04.dll

O9 - Extra button: (no name) - {F756A28D-DCD5-46be-BCAB-17C088D07227} - (no file)

O12 - Plugin for .spop: C:Program FilesInternet ExplorerPluginsNPDocBox.dll

O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/MediaAcc...e/bridge-c9.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1129642234063

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1129642220043

O16 - DPF: {85D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin class) - http://secure2.comned.com/signuptemplates/...login-devel.cab

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntr...ro.cab32846.cab

O16 - DPF: {DE910060-8EFB-44B9-B492-75180696643F} (iiittt Class) - http://www.hotsearchbar.com/toolbar30/hsrb.cab

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:PROGRA~1MSNMES~1msgrapp.dll" (file missing)

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:PROGRA~1GrisoftAVGFRE~1avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:PROGRA~1GrisoftAVGFRE~1avgupsvc.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:WINDOWSSystem32CTSvcCDA.EXE

O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:Program FilesiPodbiniPodService.exe

O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:WINDOWSSystem32nvsvc32.exe

[n4lly]

Snore ZZZZZ

 

[ 18. October 2005, 07:25 PM: Message edited by: n4lly ]

[Newt]

http://www.windowsbbs.com/showthread.php?p...2351#post262351 is the thread which would probably put n4lly into a coma rather than just a light snooze but should help ben88 quite a bit.

[Guest jay_con]

Im eagerly awaiting a reply. What do you think the answer is NEWT?

[ben88]

Cheers newt.

[Newt]

@AUTUMN@:

What do you think the answer is NEWT?

I think the answer will be seventeen, green, Thursday, or raining. Not really sure which one though.

[argyll]

A while back I posted about the sound of a cuckoo which appeared from nowhere at random intervals. Tried all of the suggestions but it only went away when I deleted all of the p2p programmes that I'd loaded. Yours might be a different sound but the same source.

[Guest jay_con]

Newt:

Newt:

What do you think the answer is NEWT?

I think the answer will be seventeen, green, Thursday, or raining. Not really sure which one though.

Have you had a bump on the head recently?