hi jack this log pls help

daver · September 1, 2005

Logfile of HijackThis v1.99.1

Scan saved at 11:55:37 AM, on 9/1/2005

Platform: Windows 2000 SP4 (WinNT 5.00.2195)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:

C:\WINNT\System32\smss[Caution: ExecutableFile]

C:\WINNT\system32\winlogon[Caution: ExecutableFile]

C:\WINNT\system32\services[Caution: ExecutableFile]

C:\WINNT\system32\lsass[Caution: ExecutableFile]

C:\WINNT\system32\svchost[Caution: ExecutableFile]

C:\WINNT\system32\spoolsv[Caution: ExecutableFile]

C:\WINNT\System32\svchost[Caution: ExecutableFile]

C:\WINNT\system32\hidserv[Caution: ExecutableFile]

C:\Program Files\Eset\nod32krn[Caution: ExecutableFile]

C:\WINNT\system32\nvsvc32[Caution: ExecutableFile]

C:\WINNT\system32\pctspk[Caution: ExecutableFile]

C:\WINNT\system32\regsvc[Caution: ExecutableFile]

C:\WINNT\system32\MSTask[Caution: ExecutableFile]

C:\WINNT\system32\stisvc[Caution: ExecutableFile]

C:\WINNT\System32\WBEM\WinMgmt[Caution: ExecutableFile]

C:\WINNT\system32\svchost[Caution: ExecutableFile]

C:\WINNT\System32\svchost[Caution: ExecutableFile]

C:\WINNT\Explorer[Caution: ExecutableFile]

C:\PROGRA~1\VERIZO~1\SUPPOR~1\SMARTB~1\MotiveSB[Caution: ExecutableFile]

C:\Program Files\Verizon Online\Visual IP InSight\IPClient[Caution: ExecutableFile]

C:\Program Files\Verizon Online\Visual IP InSight\IPMon32[Caution: ExecutableFile]

C:\Program Files\Java\jre1.5.0_02\bin\jusched[Caution: ExecutableFile]

C:\Program Files\Eset\nod32kui[Caution: ExecutableFile]

C:\WINNT\system32\RUNDLL32[Caution: ExecutableFile]

C:\Documents and Settings\Administrator\Desktop\Runescape[Caution: ExecutableFile]

C:\Program Files\Common Files\Real\Update_OB\realsched[Caution: ExecutableFile]

C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.863\HijackThis[Caution: ExecutableFile]

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Verizon Online

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1

O2 - BHO: Band Class - {00F1D395-4744-40f0-A611-980F61AE2C59} - C:\WINNT\dsr.dll (file missing)

O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_5_7_0.dll

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: MSN Toolbar BHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.00.0001.1203\en-us\msntb.dll

O2 - BHO: - {D87E3AD9-60C0-4ED8-B328-98EF9F923965} - C:\WINNT\system32\l.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx

O3 - Toolbar: (no name) - {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - (no file)

O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll

O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.00.0001.1203\en-us\msntb.dll

O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_5_7_0.dll

O4 - HKLM\..\Run: [synchronization Manager] mobsync[Caution: ExecutableFile] /logon

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32[Caution: ExecutableFile] C:\WINNT\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz[Caution: ExecutableFile] /install

O4 - HKLM\..\Run: [CountrySelection] pctptt[Caution: ExecutableFile]

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask[Caution: ExecutableFile]" -atboottime

O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VERIZO~1\SUPPOR~1\SMARTB~1\MotiveSB[Caution: ExecutableFile]

O4 - HKLM\..\Run: [iPInSightLAN 01] "C:\Program Files\Verizon Online\Visual IP InSight\IPClient[Caution: ExecutableFile]" -l

O4 - HKLM\..\Run: [iPInSightMonitor 01] "C:\Program Files\Verizon Online\Visual IP InSight\IPMon32[Caution: ExecutableFile]"

O4 - HKLM\..\Run: [MediaFace Integration] C:\Program Files\Fellowes\MediaFACE 4.0\SetHook[Caution: ExecutableFile]

O4 - HKLM\..\Run: [MF_Autorun] D:\setup[Caution: ExecutableFile] 3423Rerun

O4 - HKLM\..\Run: [ntvdscm] C:\WINNT\system32\ntvdscm[Caution: ExecutableFile]

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched[Caution: ExecutableFile]" -osboot

O4 - HKLM\..\Run: [RunDLL] rundll32[Caution: ExecutableFile] "C:\WINNT\Downloaded Program Files\bridge.dll",Load

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched[Caution: ExecutableFile]

O4 - HKLM\..\Run: [sSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt[Caution: ExecutableFile]

O4 - HKLM\..\Run: [EbatesMoeMoneyMaker0] "C:\Program Files\Ebates_MoeMoneyMaker\EbatesMoeMoneyMaker0[Caution: ExecutableFile]"

O4 - HKLM\..\Run: [Dinst] C:\WINNT\dinst[Caution: ExecutableFile]

O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui[Caution: ExecutableFile]" /WAITSERVICE

O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32[Caution: ExecutableFile] C:\WINNT\system32\NVMCTRAY.DLL,NvTaskbarInit

O4 - HKCU\..\Run: [MyPopupKiller] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.993\mpk[Caution: ExecutableFile]

O4 - HKCU\..\Run: [spyKiller] C:\Program Files\SpyKiller\spykiller[Caution: ExecutableFile] /startup

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9[Caution: ExecutableFile]

O4 - Global Startup: MSN Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.00.0001.1203\en-us\bin\msnlAdmin[Caution: ExecutableFile]

O4 - Global Startup: Verizon Online Support Center.lnk = C:\Program Files\Verizon Online\SupportCenter\bin\matcli[Caution: ExecutableFile]

O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm

O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.00.0001.1203\en-us\msntb.dll/search.htm

O8 - Extra context menu item: &NeoTrace It! - C:\PROGRA~1\NEOTRA~1\NTXcontext.htm

O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.h ... xmk21951US

O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm

O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm

O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll

O9 - Extra button: Control Pad - {28D44DAD-D1FC-4d4f-BB1B-ADF037C8DDBC} - C:\Program Files\Verizon Online\Verizon Online Control Pad\VerizonControlPad[Caution: ExecutableFile]

O9 - Extra 'Tools' menuitem: Control Pad - {28D44DAD-D1FC-4d4f-BB1B-ADF037C8DDBC} - C:\Program Files\Verizon Online\Verizon Online Control Pad\VerizonControlPad[Caution: ExecutableFile]

O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim[Caution: ExecutableFile]

O9 - Extra button: Ebates - {6685509E-B47B-4f47-8E16-9A5F3A62F683} - file://C:\Program Files\Ebates_MoeMoneyMaker\Sy350\Tp350\scri350a.htm (HKCU)

O9 - Extra button: NeoTrace It! - {9885224C-1217-4c5f-83C2-00002E6CEF2B} - C:\PROGRA~1\NEOTRA~1\NTXtoolbar.htm (file missing) (HKCU)

O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather[Caution: ExecutableFile] (file missing) (HKCU)

O12 - Plugin for .dll: C:\Program Files\Netscape\Netscape Browser\PLUGINS\npTrident.dll

O15 - Trusted Zone: *.musicmatch.com

O15 - Trusted Zone: *.musicmatch.com (HKLM)

O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packa ... anager.cab

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll

O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/0193c318c96 ... xIE601.cab

O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} - http://chat.yahoo.com/cab/yacsui.cab

O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.installengine.com/engine/isetup.cab

O16 - DPF: {AB29A544-D6B4-4E36-A1F8-D3E34FC7B00A} (WTHoster Class) - http://install.wildtangent.com/bgn/part ... nstall.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZI ... b34246.cab

O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/zuma/defaul ... der_v6.cab

O16 - DPF: {FA3662C3-B8E8-11D6-A667-0010B556D978} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/_media/dalaillama/ampx.cab

O20 - Winlogon Notify: ntvdscm - ntvdscm.dll (file missing)

O20 - Winlogon Notify: sysfrcx - sysfrcx.dll (file missing)

O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin[Caution: ExecutableFile]

O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn[Caution: ExecutableFile]

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32[Caution: ExecutableFile]

O23 - Service: W2K PCtel speaker phone (Pctspk) - PCtel, Inc. - C:\WINNT\system32\pctspk[Caution: ExecutableFile]

O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC[Caution: ExecutableFile]

Mercifull · September 1, 2005