[thetollies]

Sorry but I'm very computer naive, so if any one replies please speak in English to me! I have an error message every time I start my system. I have run hijackthis and my log is below. Please can someone help me get rid of it and anything else that needs to go . Thank you

Logfile of HijackThis v1.99.1
Scan saved at 09:14:29, on 23/03/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Creative\ShareDLL\CtNotify.exe
C:\Program Files\Java\j2re1.4.2_01\bin\jusched.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-us\msnappau.exe
C:\documents and settings\lynne\local settings\temp\t4qd.exe
C:\Program Files\iPod\iTunesHelper.exe
C:\windows\system32\bxiigo.exe
C:\Program Files\Creative\SBAudigy\Taskbar\CTLTray.exe
C:\Program Files\Creative\SBAudigy\Taskbar\CTLTask.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Creative\ShareDLL\MediaDet.Exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Samsung\Digimax Viewer 2.1\STImgBrowser.exe
C:\Program Files\Hewlett-Packard\HP OfficeJet T Series\Bin\HPOstr05.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\windows\system32\calc.exe
C:\Program Files\Hewlett-Packard\HP OfficeJet T Series\bin\HPOVDX05.EXE
C:\WINDOWS\System32\hpoipm07.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\DOCUMENTS AND SETTINGS\LYNNE\DESKTOP\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =

http://www.yahoo.com/search/ie.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

http://www.web--search.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

http://freeola.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =

http://red.clientapp...aults/su/*http:

//www.yahoo.com
R3 - URLSearchHook: (no name) - {30192F8D-0958-44E6-B54D-331FD39AC959}

- (no file)
O2 - BHO: CeresObj Class - {00000049-8F91-4D9C-9573-F016E7626484} -

C:\WINDOWS\ceres.dll
O2 - BHO: (no name) - {008DB894-99ED-445D-8547-0E7C9808898D} -

C:\WINDOWS\mslagent\4b_1,0,1,2_mslagent.dll (file missing)
O2 - BHO: MyWebSearch Search Assistant BHO -

{00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program

Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O2 - BHO: (no name) - {016235BE-59D4-4CEB-ADD5-E2378282A1D9} -

C:\Program Files\CxtPls\plg0\cxtpls.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}

- C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} -

C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 - BHO: (no name) - {30192F8D-0958-44E6-B54D-331FD39AC959} - (no

file)
O2 - BHO: Band Class - {8272B062-BD4D-4EAD-A149-45B3CE3F5CDA} -

C:\WINDOWS\GPalm.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program

Files\MSN Apps\ST\01.02.3000.1002\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper -

{AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program

files\google\googletoolbar2.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} -

C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program

Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O3 - Toolbar: Band Class - {8272B062-BD4D-4EAD-A149-45B3CE3F5CDA} -

C:\WINDOWS\GPalm.dll
O3 - Toolbar: (no name) - {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} - (no

file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -

c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -

C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: My &Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} -

C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE

C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Disc Detector] C:\Program

Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash

Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [Jet Detection] C:\Program

Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program

Files\Java\j2re1.4.2_01\bin\jusched.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program

Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [PCDRealtime] C:\WINDOWS\realtime.exe
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN

Apps\Updater\01.02.3000.1001\en-us\msnappau.exe"
O4 - HKLM\..\Run: [t4qd] C:\documents and settings\lynne\local

settings\temp\t4qd.exe
O4 - HKLM\..\Run: [AutoUpdater] "C:\Program

Files\AutoUpdate\AutoUpdate.exe"
O4 - HKLM\..\Run: [GreasyPalmUpdate] C:\WINDOWS\GreasyPalmUpdate.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iPod\iTunesHelper.exe
O4 - HKLM\..\Run: [bxiigo] c:\windows\system32\bxiigo.exe
O4 - HKLM\..\Run: [farmmext] C:\WINDOWS\farmmext.exe
O4 - HKLM\..\Run: [039U36h] plumig32.exe
O4 - HKLM\..\Run: [Nero] C:\WINDOWS\shch.exe /i
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\gcasServ.exe /i
O4 - HKLM\..\Run: [supernews12] C:\WINDOWS\newsd32.exe
O4 - HKLM\..\Run: [ynisgbqecz] c:\windows\system32\ynisgbqecz.exe

-start
O4 - HKCU\..\Run: [TaskTray] C:\Program

Files\Creative\SBAudigy\Taskbar\CTLTray.exe
O4 - HKCU\..\Run: [Taskbar] C:\Program

Files\Creative\SBAudigy\Taskbar\CTLTask.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN

Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Instant Access] rundll32.exe

p2esocks_1019.dll,InstantAccess
O4 - HKCU\..\Run: [H0q8RWNEh] pinsockx.exe
O4 - Global Startup: Digimax Viewer 2.1.lnk = ?
O4 - Global Startup: HP OfficeJet T Series Startup.lnk = C:\Program

Files\Hewlett-Packard\HP OfficeJet T Series\Bin\HPOstr05.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program

Files\WinZip\WZQKPICK.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions

present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel

present
O8 - Extra context menu item: &Google Search - res://c:\program

files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program

files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page -

res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program

files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program

files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: iOpus Internet Macros -

{0483894E-2422-45E0-8384-021AFF1AF3CD} -

C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -

C:\Program Files\Java\j2re1.4.2_01\bin\npjpi142_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console -

{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program

Files\Java\j2re1.4.2_01\bin\npjpi142_01.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -

C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger -

{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program

Files\Messenger\MSMSGS.EXE
O12 - Plugin for .spop: C:\Program Files\Internet

Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://freeola.com
O16 - DPF: RaptisoftGameLoader -

http://www.miniclip....tgameloader.cab
O16 - DPF: {0594AF7E-573B-40DF-8165-E47AB2EAEFE8} (EGEGAUTH Class) -

http://akamai.downlo..._1019_EN_XP.cab
O16 - DPF: {1671869C-25B3-4C80-9446-8AE6111F8765} (MaxisHotDateTeleX

Control) -

http://thesims.ea.co...otDateTeleX.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -

http://imgfarm.com/i...entralInitialSe

tup1.0.0.6.cab
O16 - DPF: {1E89F686-B78D-4C85-9EFC-3474516E3FE2} -

http://directplugin....ugin/113345.exe
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540000} (CInstall Class) -

http://www.spywarest...es2/Install.cab
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F98} (CR64Loader Object) -

http://www.miniclip....ro64_loader.dll
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags

Class) - http://messenger.zon...er.cab31267.cab
O16 - DPF: {469C7080-8EC8-43A6-AD97-45848113743C} -

http://akamai.downlo...thv32_EN_XP.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl

Class) -

http://tools.ebayimg...ol_v1-0-3-9.cab
O16 - DPF: {4D561B31-49A0-4E2C-8AFF-353468EC669B}

(GreasyPalmInstallHelper Class) -

http://www.greasypal.../GreasyPalm.cab
O16 - DPF: {8629CFEB-C31A-4429-9BB0-8765A8A24FDA}

(MaxisUnleashedLotTeleX Control) -

http://thesims.ea.co...hedLotTeleX.cab
O16 - DPF: {88D758A3-D33B-45FD-91E3-67749B4057FA} (Sinstaller Class) -

http://dm.screensave.../sinstaller.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient

Class) -

http://messenger.zon...nt.cab31267.cab
O16 - DPF: {8EB3FF4E-86A1-4717-884D-7BA2D38272CB} (F-Secure Online

Scanner) - file://E:\ols\connect\fscax.cab
O16 - DPF: {9E1089BC-1AE8-4685-8D77-6721E5C318A8} -

http://217.73.66.16/comload.dll
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object)

- http://utu.popcap.co...aploader_v5.cab
O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl

Class) - http://tools.ebayimg...ol_v1-0-3-0.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj

Class) - http://h30043.www3.h.../qdiagh.cab?316
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} -

http://us.dl1.yimg.c...oolbar/yiebio5_

1_6_0.cab
O16 - DPF: {EFB22865-F3BC-4309-ADFA-C8E078A7F762} -

http://www.sponsorad...sWebTelecom.cab
O16 - DPF: {F7A05BAC-9778-410A-9CDE-BFBD4D5D2B7F} (iPIX Media Send

Class) - http://216.249.24.60...geWell-ipix.cab
O16 - DPF: {FF65677A-8977-48CA-916A-DFF81B037DF3} (WMService Class) -

http://download.over...ildAppNonUS.cab
O17 -

HKLM\System\CCS\Services\Tcpip\..\{094293A9-D25D-4EDD-9CEF-24FDFA89E919

}: NameServer = 80.225.252.58 80.225.252.50
O17 -

HKLM\System\CS1\Services\Tcpip\..\{094293A9-D25D-4EDD-9CEF-24FDFA89E919

}: NameServer = 80.225.252.58 80.225.252.50
O18 - Filter: text/html - {3C14C592-AE80-4510-8881-8D4974E5A0EB} -

C:\Documents and Settings\LYNNE\Local Settings\Application

Data\microsoft\internet explorer\V0.26.dat
O23 - Service: C-DillaSrv - C-Dilla Ltd -

C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
O23 - Service: Creative Service for CDROM Access - Creative Technology

Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. -

C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA

Corporation - C:\WINDOWS\System32\nvsvc32.exe

[Advertisements]

Hello and welcome to GTG!
We are sorry for the late reply,
If you’re still looking to resolve this issue, please run through the steps outlined in this Topic.

Post back a fresh HijackThis log when done.

If you have resolved this issue please let us know,
Thank you and again sorry for the late reply.

Note: Please enable word wrap in notepad...select Format>check Word Wrap. This eliminates the double spaces between lines, which makes it easier to read.

[njustice]

Hello and welcome to GTG!
We are sorry for the late reply,
If you’re still looking to resolve this issue, please run through the steps outlined in this Topic.

Post back a fresh HijackThis log when done.

If you have resolved this issue please let us know,
Thank you and again sorry for the late reply.

Note: Please enable word wrap in notepad...select Format>check Word Wrap. This eliminates the double spaces between lines, which makes it easier to read.