For example, I cannot go to symantec.com (makers of Norton AV) for tech support. Perhaps on a related note, something is blocking my ability to get a live update of AV protection from the net. Does my AV software have a virus?
I have ran Adaware and Spybot SD several times but there is still malware that I can't get rid of. My "unupdated" Norton AV says I'm clean.
Attached is my logfile. Any help you can give would be GREATLY appreciated!
Logfile of HijackThis v1.98.2
Scan saved at 6:29:41 PM, on 12/1/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS2\System32\smss.exe
C:\WINDOWS2\system32\winlogon.exe
C:\WINDOWS2\system32\services.exe
C:\WINDOWS2\system32\lsass.exe
C:\WINDOWS2\system32\svchost.exe
C:\WINDOWS2\System32\svchost.exe
C:\WINDOWS2\system32\spoolsv.exe
C:\WINDOWS2\System32\GEARSEC.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS2\System32\svchost.exe
C:\WINDOWS2\Explorer.EXE
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\WINDOWS2\system32\uu.exe
C:\Program Files\Yahoo!\browser\ybrwicon.exe
C:\Program Files\2Wire\2PortalMon.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS2\SM1BG.EXE
C:\WINDOWS2\system32\ctfmon.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\WINDOWS2\system32\ZoneLabs\vsmon.exe
C:\HJK\HijackThis.exe
C:\WINDOWS2\system32\wuauclt.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapp.../search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapp...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://yahoo.sbc.com/dsl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapp...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapp.../search/ie.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapp...//www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapp...//www.yahoo.com
O1 - Hosts: .zestyfind.com
O1 - Hosts: .zestyfind.com
O1 - Hosts: ww.zestyfind.com
O1 - Hosts: ww.zestyfind.com
O1 - Hosts: 12
O1 - Hosts: m
O1 - Hosts: com
O1 - Hosts: r.com
O2 - BHO: CATLEvents Object - {3EC8E271-FAB9-418a-8A8E-65AEB4029E64} - C:\DOCUME~1\Everett\LOCALS~1\Temp\pabv.dat
O2 - BHO: CATLEvents Object - {8109AF33-6949-4833-8881-43DCC232B7B2} - C:\DOCUME~1\Everett\LOCALS~1\Temp\pabv.dat
O2 - BHO: CATLEvents Object - {ED5ABC42-8E4F-4C39-9972-F0CF619D672F} - C:\DOCUME~1\Everett\LOCALS~1\Temp\cbd.dat
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\common\ycomp5_1_6_0.dll
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [scvhost.exe] scvhost.exe
O4 - HKLM\..\Run: [yx] uu.exe
O4 - HKLM\..\Run: [5FBF5205] C:\WINDOWS2\System32\bveyzmvcpz.exe
O4 - HKLM\..\Run: [YBrowser] C:\Program Files\Yahoo!\browser\ybrwicon.exe
O4 - HKLM\..\Run: [2wSysTray] C:\Program Files\2Wire\2PortalMon.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [*srvfont] C:\WINDOWS2\Cursors\srvfont.exe
O4 - HKLM\..\Run: [basac] C:\WINDOWS2\security\Database\basac.exe
O4 - HKLM\..\Run: [*basac] C:\WINDOWS2\security\Database\basac.exe
O4 - HKLM\..\Run: [*dvdnet] C:\WINDOWS2\Tasks\dvdnet.exe
O4 - HKLM\..\Run: [*libiis] C:\WINDOWS2\repair\libiis.exe
O4 - HKLM\..\Run: [*dbc] C:\WINDOWS2\system\dbc.exe
O4 - HKLM\..\Run: [SM1BG] C:\WINDOWS2\SM1BG.EXE
O4 - HKLM\..\Run: [IPInSightMonitor 01] "C:\Program Files\SBC Yahoo!\Connection Manager\IP InSight\IPMon32.exe"
O4 - HKLM\..\Run: [diskw] C:\WINDOWS2\diskw.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS2\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\RunServices: [scvhost.exe] scvhost.exe
O4 - HKLM\..\RunServices: [yx] uu.exe
O4 - HKLM\..\RunServices: [68B0A5BB] C:\WINDOWS2\System32\bveyzmvcpz.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS2\system32\ctfmon.exe
O4 - Startup: PowerReg Scheduler V3.exe
O8 - Extra context menu item: &Search - http://bar.mywebsear...html?p=ZRxdm199
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\common\ylogin.dll
O9 - Extra 'Tools' menuitem: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files\Yahoo!\common\ylogin.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll
O9 - Extra button: (no name) - {91663649-416A-42A5-8E54-B63C1ECA0548} - C:\Program Files\mathies.com\PopThis!\PopThis.dll
O9 - Extra 'Tools' menuitem: PopThis! Options... - {91663649-416A-42A5-8E54-B63C1ECA0548} - C:\Program Files\mathies.com\PopThis!\PopThis.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ub...s/GSManager.cab
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.napster.c...ient/isetup.cab
O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} (ZoneAxRcMgr Class) - http://zone.msn.com/...me/ZAxRcMgr.cab
O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/z...s/heartbeat.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.s...ta/SymAData.dll
O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} (PhotosCtrl Class) - http://photos.yahoo....plorer1_9us.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/...aploader_v5.cab
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.s.../ActiveData.cab