[mcfart01]

here his my log file tell me if its ok



Logfile of HijackThis v1.99.1
Scan saved at 1:16:04 PM, on 07/23/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\McAfee\McAfee VirusScan\Avsynmgr.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\WINDOWS\System32\sesinetd.exe
C:\WINDOWS\System32\hserver.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\McAfee\McAfee VirusScan\VsStat.exe
C:\Program Files\McAfee\McAfee VirusScan\Vshwin32.exe
C:\Program Files\McAfee\McAfee VirusScan\Avconsol.exe
C:\Program Files\McAfee\McAfee VirusScan\Webscanx.exe
C:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe
C:\Program Files\Hijackthis\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant

= http://www.weepee.com/?s=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}

- C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: MPEG Support Dll - {57A70350-87D9-4EA2-B3AC-C1C1B5296035} -

C:\WINDOWS\system32\mpegcore.dll
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no

file)
O4 - HKCU\..\Run: [Spyware Cleaner] "C:\Program Files\Spyware

Cleaner\SpywareCleaner.Exe" /boot
O8 - Extra context menu item: &ieSpell Options - res://C:\Program

Files\ieSpell\iespell.dll/SPELLOPTION.HTM
O8 - Extra context menu item: Check &Spelling - res://C:\Program

Files\ieSpell\iespell.dll/SPELLCHECK.HTM
O8 - Extra context menu item: E&xport to Microsoft Excel -

res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501}

- C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Sun Java Console -

{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program

Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7}

- C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell Options -

{1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program

Files\ieSpell\iespell.dll
O9 - Extra button: PopupPopper Control Panel -

{3E94F358-9537-4BBA-8D12-D7F8A0136973} - C:\Program

Files\PopupPopper\SiteList.exe
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} -

C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683}

- C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -

{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program

Files\Messenger\msmsgs.exe
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control)

-

http://a840.g.akamai....trendmicro.com

/housecall/xscan53.cab
O16 - DPF: {82F2D6B2-6C58-4404-A930-9DB0FD90D4B1}

(Driver_Detective_v43_Non_Member.DD_v43) -

http://www.drivershq..._Non_Member.CAB
O17 -

HKLM\System\CCS\Services\Tcpip\..\{942147B2-A04C-4017-A974-B600F32CB8E

8}: NameServer = 151.202.0.84 151.203.0.84
O23 - Service: Ati HotKey Poller - Unknown owner -

C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVSync Manager (AvSynMgr) - Networks Associates

Technologies, Inc. - C:\Program Files\McAfee\McAfee

VirusScan\Avsynmgr.exe
O23 - Service: Diskeeper - Executive Software International, Inc. -

C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: Houdini License Server (HoudiniLicenseServer) - Side

Effects Software Inc. - C:\WINDOWS\System32\sesinetd.exe
O23 - Service: Houdini License Client (HoudiniServer) - Side Effects

Software Inc. - C:\WINDOWS\System32\hserver.exe
O23 - Service: McAfee Firewall - Unknown owner - C:\Program

Files\McAfee\McAfee Firewall\CPD.EXE" /SERVICE (file missing)
O23 - Service: McShield - Unknown owner - C:\Program Files\Common

Files\Network Associates\McShield\Mcshield.exe
O23 - Service: SpywareCleanerService - Unknown owner - C:\Program

Files\Spyware Cleaner\SCService.exe (file missing)
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) -

America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

[Advertisements]

Howdy:

If you had read the very top of every page in this site, you would have known that HJT logs don't go here !!

Please go to the malware forum in my signature and follow the instructions at the top....Especially the CLICK HERE .

That will give you several steps that will help you clean up 70 percent of all problems by yourself. If at the end of the process you are still having difficulty--and you may not be-- then post a hijackthis log in THAT forum.

Murray

[Murray S.]

Howdy:

If you had read the very top of every page in this site, you would have known that HJT logs don't go here !!

Please go to the malware forum in my signature and follow the instructions at the top....Especially the CLICK HERE .

That will give you several steps that will help you clean up 70 percent of all problems by yourself. If at the end of the process you are still having difficulty--and you may not be-- then post a hijackthis log in THAT forum.

Murray

[mcfart01]

sorry thanks for the help

[Murray S.]

Not a problem.. Just that you will get help way faster posting that in the appropriate forum !!

Murray