[coachwife6]

Please don't do the bottom half of your log in wraparound. Why was it normal and then started to format that way.

Here is the note from my co-geek

[quote]Yes, I would appreciate it if you have him upload a copy of wininet to thespykiller. Have him label the topic '2000 SP4 wininet'. The new beta should work just fine on that too. thumbsup.gif

http://www.thespykiller.co.uk/forum/

[Advertisements]

Hi,
I'm not sure why the log was like that. I changed it so that the text wrapped and then CTRL A & CTRL C and then CTRL V in my post, but I am not sure why it cut off portions of the log.

I will upload that wininet file for him as soon as possible.
My question is, will I have access to that file to upload it, if it is infected?
Norton comes up with 'access to the file is denied'.

Anyway, I will try it later and see how it goes.

Do you want me to re-post the HJT log?

Thank you,

BV

[BlackVinyl]

Hi,
I'm not sure why the log was like that. I changed it so that the text wrapped and then CTRL A & CTRL C and then CTRL V in my post, but I am not sure why it cut off portions of the log.

I will upload that wininet file for him as soon as possible.
My question is, will I have access to that file to upload it, if it is infected?
Norton comes up with 'access to the file is denied'.

Anyway, I will try it later and see how it goes.

Do you want me to re-post the HJT log?

Thank you,

BV

[coachwife6]

Yes, repost the log.

[noahdfear]

Hi BV!

Uploading that file shouldn't be a problem. Just go to the Uploads section and start a new topic, click the browse button and navigate to and select the file, then add subject and a link to this topic and post.

Thanks!

[BlackVinyl]

OK, here's that HJT log again.Logfile of HijackThis v1.99.1
Scan saved at 11:56:50 PM, on 7/07/2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v5.00 SP4 (5.00.2920.0000)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\csrss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\wuauclt.exe
C:\WINNT\Explorer.EXE
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\Program Files\SpySweeperV3.2.0.147\SpySweeper.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\trojfix\HJT\HijackThis.exe

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\SpySweeperV3.2.0.147\SpySweeper.exe" /0
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft.../as5/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{5B6D28B5-5136-4712-B297-27953F1D9DEC}: NameServer = 192.189.54.17 203.8.183.1
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Net Functions Library (Netlib) - Unknown owner - C:\WINNT\system32\Netlib.exe (file missing)
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe


Awaiting your instructions.

BV

[coachwife6]

Looks fine. How is it running?

[BlackVinyl]

Hi,
Well, it has that virus that Norton is picking up, but I have successfully uploaded the file in question to the other forum, so I am waiting on that reply.

The pc in general is much better than it was in my original post, however, it seems to be running very sluggish and in addition to that, what I mentioned in post #30 is still happening...and when the pc has been connected to the internet for about 15-20 mins, I get disconnected.

From post #30...

Ooh! and something else which I may not have mentioned.
Everytime I connect to the net ( I have du connection), the modem does not stop RX & TX information. The 2 little pc icons in the system tray remain on without flashing until I disconnect.

On the flipside, the system alerts seem to have disappeared
and the smitfraud prob seems to have gone...woo hoo

If we can just get rid of the other issues I metnioned above, that would be great!

Thank you.

BV

[coachwife6]

Ooh! and something else which I may not have mentioned.
Everytime I connect to the net ( I have du connection), the modem does not stop RX & TX information. The 2 little pc icons in the system tray remain on without flashing until I disconnect.

If you've been using cracked programs and even though you've taken it off your system, there's no telling the damage it has done. I have taken it as far as I can go. I have reread our forum guidelines and I feel a strong need to close this topic because of the use - even though it has been in the past, of cracked software.

Good luck.