ComputerBB

Okay, first of all, Windows XP hides everything. >_>;; I need to know how I can get to my startup registry, because I have all these unwanted programs starting up and I can't change it from anywhere else. I remember the last time I found the startup registry, my father said "Windows XP hides everything you need.", which is one of the very few times I've found myself able to agree with him Secondly, is there any way that I can switch my installation of Windows from my tiny 12.1gb disk to my 82gb disk without reinstalling? I can't reinstall... For many reasons... My computer is just very silly. So is there ANY way at all that I can do this? I thought of the total obvious, copy + pasting the WINDOWS dir to the other drive but I know that will not work If only life were so simple... The reason why I need to know about these things? The Sims 2... It gives me the error message "The application has crashed. The application will now terminate." whenever I try to run it--and the weird thing is, it was working about 20 minutes ago, no restarts in between or anything, I just quit it for a few minutes to download some new eyes and clothes and then it didn't work anymore >_>;; I also tried deleting the new things I had downloaded, but that didn't work ^.^;; ~~sooo~~ if you have any info about how to fix the error message then that would be great too~ ^_^ Thanks a lot for reading and your help would be greatly appreciated! ^_^

Ok as far as hidden folders, do this right click, go to explore, tools, folder options, view, and look in advanced options, check the show all. The registry you don't want to get into inless you know what you are doing. You may be thinking of "msconfig", you can type this in the run command box. From here you go to start up and uncheck the programs you don't want to startup. If you have a problem with what you disable you can reverse it the same way. Can you switch drives maybe with Norton Ghost, but I have not done this personally. The best way is to reinstall on the new dive with the CD. Have you done a current virus scan? are the signatures up to date? Have you run AdAware? Have you trid deleting the Sims and reloading it? You could use you're other hard drive as a slave too. Still have problems download HiJack This install in a folder, then post the log here.

Holy crap... Can I just let you know that I love you? XD I have so many hidden folders!!!! Thanks for telling me how to see them. Thank you sooooo much for helping me find the msconfig thing! ^.^ I know about master and slave etc.. and my new (80GB) HDD is set as slave. You can switch drives with Norton Ghost? I actually downloaded Norton ghost (trial) a few days ago and I didn't know it did that XD I'll try it. My Windows won't recognize the Windows disk while in Windows.... >_>;; It recognizes it when booting from DOS (it's bootable) but then during the setup at some point it stops recognizing it... AdAware has never done anything for me. >_>; ever.. I've not done a recent virus scan but the last time I tried to install Norton and/or Mcaffee, neither of them will install, and all of the small business antiviruses either won't install, or just don't do anything. I've tried using a Norton 2005 disk I have and the computer refuses to recognize it. Quite perplexing huh? Also.. I believe you about "HiJack This" and whatever it does, but when I went to hijack-this.net, which on google claims to be the official website, and it looks like a website for one of those fake spyware removers that actually give you more to me. The website is really crappy and it doesn't say "HiJack This" anywhere on the site.

Ok lets start on step one go to this site and download HiJack This http://www.spywareinfo.com/~merijn/downloads.html Now make a folder called Hijack This and install it into it. Now run the program and save the log,, post it here so we can look at it. Now boot up in safe mode with networking, go to this site and get virus software and do a scan. http://free.grisoft.com/doc/1 Safe mode can be started by tapping F8 as you reboot. Let us know how this part goes, I will check back later tonight

This is the log file...... Logfile of HijackThis v1.99.1 Scan saved at 8:33:04 PM, on 1/5/2006 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\svchost.exe c:\progra~1\intern~1\iexplore.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\D-Tools\daemon.exe C:\WINDOWS\explorer.exe C:\Program Files\Common Files\WinTools\WToolsS.exe C:\PROGRA~1\COMMON~1\WinTools\WToolsA.exe C:\Program Files\Opera\Opera.exe C:\Program Files\Common Files\WinTools\WSup.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Winamp\winamp.exe C:\Program Files\mIRC\mirc.exe C:\Program Files\BullsEye Network\bin\bargains.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Shareaza\Shareaza.exe C:\Program Files\WinRAR\WinRAR.exe C:\DOCUME~1\Sam\LOCALS~1\Temp\Rar$EX00.467\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.websearch.com/ie.aspx?tb_id=50245 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.drsnsrch.com/sidesearch.cgi?id= R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bmkaxrluddzfddebnc.com/4k7ky ... rVQrdE.php R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.websearch.com/ie.aspx?tb_id=50245 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.websearch.com/ie.aspx?tb_id=50245 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = websearch.drsnsrch.com/q.cgi?q= R3 - URLSearchHook: (no name) - {CA0E28FA-1AFD-4C21-A8DC-70EB5BE2F076} - C:\Program Files\SurfSideKick 2\SskBho.dll R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe O1 - Hosts: (null) onlineaccounts2.abbeynational.co.uk O1 - Hosts: (null) www3.aibgbonline.co.uk O1 - Hosts: (null) http://www.bank.alliance-leicester.co.uk O1 - Hosts: (null) login.iblogin.com O1 - Hosts: (null) ww2.bankofscotlandhalifax-online.co.uk O1 - Hosts: (null) inet.barclays.co.uk O1 - Hosts: (null) iibank.barclays.co.uk O1 - Hosts: (null) iibank.cahoot.com O1 - Hosts: (null) www3.coventrybuildingsociety.co.uk O1 - Hosts: (null) ww.hsbc.co.uk O1 - Hosts: (null) login.ebank.offshore.hsbc.co.je O1 - Hosts: (null) ww3.online-offshore.lloydstsb.com O1 - Hosts: (null) ww3.online-business.lloydstsb.co.uk O1 - Hosts: (null) ww3.online.lloydstsb.co.uk O1 - Hosts: (null) ww3.online.lloydstsb.co.uk O1 - Hosts: (null) ww3.online-business.lloydstsb.co.uk O1 - Hosts: (null) ob2.nationet.com O1 - Hosts: (null) ww3.onlinebanking.natwestoffshore.com O1 - Hosts: (null) ww1.nwolb.com O1 - Hosts: (null) ww1.onlinebanking.iombank.com O1 - Hosts: (null) ww1.www.rbsdigital.com O1 - Hosts: (null) welcome.smile.co.uk O1 - Hosts: (null) login.365online.com O1 - Hosts: (null) wvw.citizensbankonline.com O1 - Hosts: (null) esecure.regionsnet.com O1 - Hosts: (null) rollb.associatedbank.com O1 - Hosts: (null) upb.unionplanters.com O1 - Hosts: (null) http://www.onlinebanking.huntington.com O1 - Hosts: (null) inet.southtrustonlinebanking.com O1 - Hosts: (null) logon.personal.wamu.com O1 - Hosts: (null) login.compassweb.com O1 - Hosts: (null) logon.firstmeritib.com O1 - Hosts: (null) login.ccfcuonline.org O1 - Hosts: (null) ww3.etimebanker.bankofthewest.com O1 - Hosts: (null) ww2.onlinebanking.lasallebank.com O1 - Hosts: (null) wvw.totallyfreebanking.com O1 - Hosts: (null) http://www.online.wellsfargo.com O1 - Hosts: (null) http://www.onlinebanking.bankofoklahoma.com O1 - Hosts: (null) accounts4.keybank.com O1 - Hosts: (null) logon.bankone.com O1 - Hosts: (null) http://www.secure.tdbanknorth.com O1 - Hosts: (null) http://www.secure.mvnt4.com O1 - Hosts: (null) ww.mynfbonline.com O1 - Hosts: (null) login.forumcuonline.com O1 - Hosts: (null) http://www.eds.usersonlnet.com O1 - Hosts: (null) http://www.onlineid.bankofamerica.com O1 - Hosts: (null) wvw.e-gold.com O1 - Hosts: (null) pcbs.peoples.com O1 - Hosts: (null) http://www.global1.onlinebank.com O1 - Hosts: (null) ww2.mybranch.lafcu.com O1 - Hosts: (null) login.webbanking.comerica.com O1 - Hosts: (null) web.banking.firsttennessee.com O1 - Hosts: (null) logon.members1st.org O1 - Hosts: (null) http://www.cib.ibanking-services.com O1 - Hosts: (null) http://www.miwebbusbank.ebanking-services.com O1 - Hosts: (null) wvw.paypal.com O1 - Hosts: (null) http://www.signin.ebay.com O1 - Hosts: (null) wvw.etrade.com O1 - Hosts: (null) ww4.fleethomelink.fleet.com O1 - Hosts: (null) ww3.connect.skyfi.com O1 - Hosts: (null) www6.usbank.com O1 - Hosts: (null) http://www.bvi.bancodevalencia.es O1 - Hosts: (null) extrant.banesto.es O1 - Hosts: (null) banesnt.banesto.es O1 - Hosts: (null) activia.caixagalicia.es O1 - Hosts: (null) http://www.bancae.caixapenedes.com O1 - Hosts: (null) login.caixasabadell.net O1 - Hosts: (null) oii.cajamadrid.es O1 - Hosts: (null) login.cajamar.es O1 - Hosts: (null) login.ccm.es O1 - Hosts: (null) ww.unicaja.es O1 - Hosts: (null) www5.bancopopular.es O1 - Hosts: (null) ww3.bbvanet.com O1 - Hosts: (null) ww.bayernlb.de O1 - Hosts: (null) ww2.berliner-volksbank.de O1 - Hosts: (null) ww7.homebanking-berlin.de O1 - Hosts: (null) portal09.commerzbanking.de O1 - Hosts: (null) http://www.meine.deutsche-bank.de O1 - Hosts: (null) ww2.dresdner-privat.de O1 - Hosts: (null) ww.e-banking.helaba.de O1 - Hosts: (null) ww.hsh-nordbank.de O1 - Hosts: (null) http://www.my.hypovereinsbank.de O1 - Hosts: (null) ww3.homebanking-berlin.de O1 - Hosts: (null) ww3.homebanking-berlin.de O1 - Hosts: (null) http://www.banking.lbbw.de O1 - Hosts: (null) lrp.sparkasse-banking.de O1 - Hosts: (null) ww3.homebanking-niedersachsen.de O1 - Hosts: (null) http://www.onlinebanking.norisbank.de O1 - Hosts: (null) http://www.banking.postbank.de O1 - Hosts: (null) wvw.internetbanking.gad.de O1 - Hosts: (null) ww1.portal.izb.de O1 - Hosts: (null) wvw.kunden-service.lbs.de O1 - Hosts: (null) ibanking.seb.de O1 - Hosts: (null) bw7.sparkasse-banking.de O1 - Hosts: (null) ww2.homebanking-sparkasse.de O1 - Hosts: (null) ww2.vr-networld-ebanking.de O1 - Hosts: (null) ww.bics.fr O1 - Hosts: (null) http://www.co.caixabank.fr O1 - Hosts: (null) ww.creditmutuel.fr O1 - Hosts: (null) internetbank.intesabci.it O1 - Hosts: (null) ww.extensive.bancalombarda.it O2 - BHO: BHObj Class - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - C:\WINDOWS\nem220.dll O2 - BHO: Band Class - {00F1D395-4744-40f0-A611-980F61AE2C59} - C:\WINDOWS\dsr.dll O2 - BHO: CSABHO Object - {21B4ACC4-8874-4AEC-AEAC-F567A249B4D4} - c:\program files\180searchassistant\saaphook.dll O2 - BHO: COMMUNICATOR - {4E7BD74F-2B8D-469E-8DBC-A42EB79CB428} - C:\WINDOWS\system32\communicator.dll O2 - BHO: (no name) - {6ADBFBB4-3D59-6AF7-2B70-3BB60F3EF4EA} - C:\WINDOWS\System32\rfzcdyo.dll O2 - BHO: UpdateCache Class - {6E28339B-7A2A-47B6-AEB2-46BA53782378} - C:\WINDOWS\System32\dllcache\explorer.dll O2 - BHO: Msxml32DOMDocument Class - {6E28339B-7A2A-47B6-AEB2-46BA53782379} - C:\WINDOWS\System32\dllcache\msxml32.dll O2 - BHO: Google Desktop Search Capture - {7c1ce531-09e9-4fc5-9803-1c2956615786} - C:\Program Files\Google\Google Desktop Search\GoogleDesktopIE.dll O2 - BHO: (no name) - {87766247-311C-43B4-8499-3D5FEC94A183} - C:\PROGRA~1\COMMON~1\WinTools\WToolsB.dll O2 - BHO: (no name) - {8952A998-1E7E-4716-B23D-3DBE03910972} - C:\PROGRA~1\Toolbar\toolbar.dll O2 - BHO: LinkTracker Class - {8B6DA27E-7F64-4694-8F8F-DC87AB8C6B22} - C:\WINDOWS\System32\qlink32.dll O2 - BHO: (no name) - {8C9986AF-0041-BDD8-1C78-92C6C051E76E} - (no file) O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: Related Page - {9A9C9B69-F908-4AAB-8D0C-10EA8997F37E} - C:\WINDOWS\System32\WinNB57.dll O2 - BHO: (no name) - {A3FDD654-A057-4971-9844-4ED8E67DBBB8} - (no file) O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll O2 - BHO: NLS UrlCatcher Class - {AEECBFDA-12FA-4881-BDCE-8C3E1CE4B344} - C:\WINDOWS\System32\nvms.dll O2 - BHO: (no name) - {BCAA9C06-FEEA-3B32-B72C-9907BD3AA70A} - C:\DOCUME~1\Loser\APPLIC~1\BEEPNU~1\pingbash.exe O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\ja\msntb.dll O2 - BHO: Band Class - {C5183ABC-EB6E-4E05-B8C9-500A16B6CF94} - C:\Program Files\SEP\sep.dll O2 - BHO: Band Class - {CC378B83-9577-44D0-B4F8-0DD965E176FC} - C:\Program Files\eSyndicate\esyn.dll (file missing) O2 - BHO: (no name) - {D285D375-459E-156A-E1DA-146402FD4CB1} - C:\WINDOWS\System32\fgyamuwl.dll (file missing) O2 - BHO: (no name) - {D922520A-7B9A-CB78-6296-02D8585AF58C} - (no file) O2 - BHO: PEDEV_IEListener Class - {E1412445-4FF8-410e-8D24-F2CF86B171A4} - C:\Program Files\PeDevice\PeDev.dll O2 - BHO: ADP UrlCatcher Class - {F4E04583-354E-4076-BE7D-ED6A80FD66DA} - C:\WINDOWS\System32\msbe.dll O2 - BHO: BestOffers Shopping BHO - {F5DE8ADB-4A69-4e56-96AB-823171C8E9D8} - C:\Program Files\TBONAS\TBONlchr.dll (file missing) O2 - BHO: (no name) - {FD5694DF-0C62-08C0-4345-5D50D22260B3} - C:\WINDOWS\System32\ktnygfb.dll O3 - Toolbar: Band Class - {C5183ABC-EB6E-4E05-B8C9-500A16B6CF94} - C:\Program Files\SEP\sep.dll O3 - Toolbar: &Search Toolbar - {339BB23F-A864-48C0-A59F-29EA915965EC} - C:\PROGRA~1\Toolbar\toolbar.dll O3 - Toolbar: (no name) - {86227D9C-0EFE-4f8a-AA55-30386A3F5686} - (no file) O3 - Toolbar: (no name) - {FAA356E4-D317-42a6-AB41-A3021C6E7D52} - (no file) O3 - Toolbar: Related Page - {9A9C9B68-F908-4AAB-8D0C-10EA8997F37E} - C:\WINDOWS\System32\WinNB57.dll O3 - Toolbar: COMMUNICATOR - {4E7BD74F-2B8D-469E-8DBC-A42EB79CB428} - C:\WINDOWS\system32\communicator.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\ja\msntb.dll O3 - Toolbar: BestOffers Shopping v1.20 - {7FD44536-9DF0-4034-939F-5BD4D98E3187} - C:\Program Files\TBONAS\TBONlchr.dll (file missing) O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKLM\..\Run: [WinTools] C:\PROGRA~1\COMMON~1\WinTools\WToolsA.exe O4 - HKLM\..\Run: [stanpry] C:\WINDOWS\System32\eenqbhk.exe r O4 - HKLM\..\RunServices: [Windows Update 64] nbupd64.exe O4 - HKLM\..\RunOnce: [WinTools] C:\PROGRA~1\COMMON~1\WinTools\WToolsA.exe /boot O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\RunServices: [M_S DVD DirectX Dll Drivers] msxdl.exe O4 - HKCU\..\RunServices: [Compaq Service Drivers] systeminfos.exe O4 - HKCU\..\RunOnce: [Windows Update 64] nbupd64.exe O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra button: Yahoo!ƒÃ‚ƒbƒZƒ“ƒWƒƒÃ‚[ - {CEBF73C0-BA2E-11d4-A73A-00508B33FB82} - C:\PROGRA~1\Yahoo!J\MESSEN~1\YPagerj.exe O9 - Extra 'Tools' menuitem: Yahoo!ƒÃ‚ƒbƒZƒ“ƒWƒƒÃ‚[ - {CEBF73C0-BA2E-11d4-A73A-00508B33FB82} - C:\PROGRA~1\Yahoo!J\MESSEN~1\YPagerj.exe O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing) O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing) O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O15 - Trusted Zone: *.media-motor.net O15 - Trusted Zone: *.popuppers.com O15 - Trusted Zone: http://click.getmirar.com (HKLM) O15 - Trusted Zone: http://click.mirarsearch.com (HKLM) O15 - Trusted Zone: http://redirect.mirarsearch.com (HKLM) O15 - Trusted Zone: http://awbeta.net-nucleus.com (HKLM) O16 - DPF: v3cab - http://searchmiracle.com/cab/v3cab.cab O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/62479 ... e-c139.cab O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} - ms-its:mhtml:file://c:\nesunex.mht!http://adextension.com/ext1/ysa.chm::/ysb_regular.cab O16 - DPF: {8A0DCBDB-6E20-489C-9041-C1E8A0352E75} (Mirar_Dummy_ATS1 Class) - http://awbeta.net-nucleus.com/FIX/WinATS.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b31267.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{3C9B02A8-39C9-42B8-B74D-1EC49462ACF6}: NameServer = 206.47.244.60 206.47.244.104 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O18 - Protocol: tpro - {FF76A5DA-6158-4439-99FF-EDC1B3FE100C} - C:\PROGRA~1\Toolbar\toolbar.dll O18 - Filter: text/html - {DFAA31C8-A356-4313-9D95-5EDAB46C5070} - C:\WINDOWS\System32\qlink32.dll O20 - Winlogon Notify: WBSrv - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll O23 - Service: WinTools for IE service (WinToolsSvc) - Unknown owner - C:\Program Files\Common Files\WinTools\WToolsS.exe ....What does this all mean? Weirdness....

Where you able to download and run the virus scan? You are infested with virus, you don't have any virus software and you don't have a firewall. You really need to do this. You must do a scan with the virus software, when this is done re run hijack this and post a new log

Norton Antivirus fixed my problem for the very first time. All I did was install it and all my problems are fixed. I'll post the new log.. Logfile of HijackThis v1.99.1 Scan saved at 10:40:45 PM, on 1/6/2006 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\WINDOWS\system32\spoolsv.exe D:\Program Files\Norton AntiVirus\navapsvc.exe D:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\WinTools\WToolsS.exe C:\WINDOWS\System32\nbupd64.exe C:\WINDOWS\System32\glamkk.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\System32\ctfmon.exe C:\WINDOWS\Explorer.exe C:\PROGRA~1\COMMON~1\WinTools\WToolsA.exe C:\Program Files\Common Files\WinTools\WSup.exe C:\Program Files\Shareaza\Shareaza.exe C:\Program Files\mIRC\mirc.exe D:\Program Files\Winamp\winamp.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\PROGRA~1\MSNMES~1\msnmsgr.exe C:\WINDOWS\System32\wisptis.exe C:\DOCUME~1\Loser\LOCALS~1\Temp\Rar$EX00.877\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.websearch.com/ie.aspx?tb_id=50245 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.drsnsrch.com/sidesearch.cgi?id= R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.zynsobhhgtoo.us/vO/m9lg7EemM ... L08Wk.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.websearch.com/ie.aspx?tb_id=50245 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drsnsrch.com/sidesearch.cgi?id= R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.drsnsrch.com/sidesearch.cgi?id= R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.websearch.com/ie.aspx?tb_id=50245 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = websearch.drsnsrch.com/q.cgi?q= R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://loginnet.passport.com/ppsecure/ ... rf?lc=1033 R3 - URLSearchHook: (no name) - {CA0E28FA-1AFD-4C21-A8DC-70EB5BE2F076} - C:\Program Files\SurfSideKick 2\SskBho.dll F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe O1 - Hosts: (null) onlineaccounts2.abbeynational.co.uk O1 - Hosts: (null) www3.aibgbonline.co.uk O1 - Hosts: (null) http://www.bank.alliance-leicester.co.uk O1 - Hosts: (null) login.iblogin.com O1 - Hosts: (null) ww2.bankofscotlandhalifax-online.co.uk O1 - Hosts: (null) inet.barclays.co.uk O1 - Hosts: (null) iibank.barclays.co.uk O1 - Hosts: (null) iibank.cahoot.com O1 - Hosts: (null) www3.coventrybuildingsociety.co.uk O1 - Hosts: (null) ww.hsbc.co.uk O1 - Hosts: (null) login.ebank.offshore.hsbc.co.je O1 - Hosts: (null) ww3.online-offshore.lloydstsb.com O1 - Hosts: (null) ww3.online-business.lloydstsb.co.uk O1 - Hosts: (null) ww3.online.lloydstsb.co.uk O1 - Hosts: (null) ww3.online.lloydstsb.co.uk O1 - Hosts: (null) ww3.online-business.lloydstsb.co.uk O1 - Hosts: (null) ob2.nationet.com O1 - Hosts: (null) ww3.onlinebanking.natwestoffshore.com O1 - Hosts: (null) ww1.nwolb.com O1 - Hosts: (null) ww1.onlinebanking.iombank.com O1 - Hosts: (null) ww1.www.rbsdigital.com O1 - Hosts: (null) welcome.smile.co.uk O1 - Hosts: (null) login.365online.com O1 - Hosts: (null) wvw.citizensbankonline.com O1 - Hosts: (null) esecure.regionsnet.com O1 - Hosts: (null) rollb.associatedbank.com O1 - Hosts: (null) upb.unionplanters.com O1 - Hosts: (null) http://www.onlinebanking.huntington.com O1 - Hosts: (null) inet.southtrustonlinebanking.com O1 - Hosts: (null) logon.personal.wamu.com O1 - Hosts: (null) login.compassweb.com O1 - Hosts: (null) logon.firstmeritib.com O1 - Hosts: (null) login.ccfcuonline.org O1 - Hosts: (null) ww3.etimebanker.bankofthewest.com O1 - Hosts: (null) ww2.onlinebanking.lasallebank.com O1 - Hosts: (null) wvw.totallyfreebanking.com O1 - Hosts: (null) http://www.online.wellsfargo.com O1 - Hosts: (null) http://www.onlinebanking.bankofoklahoma.com O1 - Hosts: (null) accounts4.keybank.com O1 - Hosts: (null) logon.bankone.com O1 - Hosts: (null) http://www.secure.tdbanknorth.com O1 - Hosts: (null) http://www.secure.mvnt4.com O1 - Hosts: (null) ww.mynfbonline.com O1 - Hosts: (null) login.forumcuonline.com O1 - Hosts: (null) http://www.eds.usersonlnet.com O1 - Hosts: (null) http://www.onlineid.bankofamerica.com O1 - Hosts: (null) wvw.e-gold.com O1 - Hosts: (null) pcbs.peoples.com O1 - Hosts: (null) http://www.global1.onlinebank.com O1 - Hosts: (null) ww2.mybranch.lafcu.com O1 - Hosts: (null) login.webbanking.comerica.com O1 - Hosts: (null) web.banking.firsttennessee.com O1 - Hosts: (null) logon.members1st.org O1 - Hosts: (null) http://www.cib.ibanking-services.com O1 - Hosts: (null) http://www.miwebbusbank.ebanking-services.com O1 - Hosts: (null) wvw.paypal.com O1 - Hosts: (null) http://www.signin.ebay.com O1 - Hosts: (null) wvw.etrade.com O1 - Hosts: (null) ww4.fleethomelink.fleet.com O1 - Hosts: (null) ww3.connect.skyfi.com O1 - Hosts: (null) www6.usbank.com O1 - Hosts: (null) http://www.bvi.bancodevalencia.es O1 - Hosts: (null) extrant.banesto.es O1 - Hosts: (null) banesnt.banesto.es O1 - Hosts: (null) activia.caixagalicia.es O1 - Hosts: (null) http://www.bancae.caixapenedes.com O1 - Hosts: (null) login.caixasabadell.net O1 - Hosts: (null) oii.cajamadrid.es O1 - Hosts: (null) login.cajamar.es O1 - Hosts: (null) login.ccm.es O1 - Hosts: (null) ww.unicaja.es O1 - Hosts: (null) www5.bancopopular.es O1 - Hosts: (null) ww3.bbvanet.com O1 - Hosts: (null) ww.bayernlb.de O1 - Hosts: (null) ww2.berliner-volksbank.de O1 - Hosts: (null) ww7.homebanking-berlin.de O1 - Hosts: (null) portal09.commerzbanking.de O1 - Hosts: (null) http://www.meine.deutsche-bank.de O1 - Hosts: (null) ww2.dresdner-privat.de O1 - Hosts: (null) ww.e-banking.helaba.de O1 - Hosts: (null) ww.hsh-nordbank.de O1 - Hosts: (null) http://www.my.hypovereinsbank.de O1 - Hosts: (null) ww3.homebanking-berlin.de O1 - Hosts: (null) ww3.homebanking-berlin.de O1 - Hosts: (null) http://www.banking.lbbw.de O1 - Hosts: (null) lrp.sparkasse-banking.de O1 - Hosts: (null) ww3.homebanking-niedersachsen.de O1 - Hosts: (null) http://www.onlinebanking.norisbank.de O1 - Hosts: (null) http://www.banking.postbank.de O1 - Hosts: (null) wvw.internetbanking.gad.de O1 - Hosts: (null) ww1.portal.izb.de O1 - Hosts: (null) wvw.kunden-service.lbs.de O1 - Hosts: (null) ibanking.seb.de O1 - Hosts: (null) bw7.sparkasse-banking.de O1 - Hosts: (null) ww2.homebanking-sparkasse.de O1 - Hosts: (null) ww2.vr-networld-ebanking.de O1 - Hosts: (null) ww.bics.fr O1 - Hosts: (null) http://www.co.caixabank.fr O1 - Hosts: (null) ww.creditmutuel.fr O1 - Hosts: (null) internetbank.intesabci.it O1 - Hosts: (null) ww.extensive.bancalombarda.it O2 - BHO: BHObj Class - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - C:\WINDOWS\nem220.dll O2 - BHO: Band Class - {00F1D395-4744-40f0-A611-980F61AE2C59} - C:\WINDOWS\dsr.dll O2 - BHO: CSABHO Object - {21B4ACC4-8874-4AEC-AEAC-F567A249B4D4} - c:\program files\180searchassistant\saaphook.dll O2 - BHO: COMMUNICATOR - {4E7BD74F-2B8D-469E-8DBC-A42EB79CB428} - C:\WINDOWS\system32\communicator.dll O2 - BHO: (no name) - {6ADBFBB4-3D59-6AF7-2B70-3BB60F3EF4EA} - C:\WINDOWS\System32\rfzcdyo.dll O2 - BHO: UpdateCache Class - {6E28339B-7A2A-47B6-AEB2-46BA53782378} - C:\WINDOWS\System32\dllcache\explorer.dll (file missing) O2 - BHO: Msxml32DOMDocument Class - {6E28339B-7A2A-47B6-AEB2-46BA53782379} - C:\WINDOWS\System32\dllcache\msxml32.dll (file missing) O2 - BHO: Google Desktop Search Capture - {7c1ce531-09e9-4fc5-9803-1c2956615786} - C:\Program Files\Google\Google Desktop Search\GoogleDesktopIE.dll O2 - BHO: (no name) - {87766247-311C-43B4-8499-3D5FEC94A183} - C:\PROGRA~1\COMMON~1\WinTools\WToolsB.dll O2 - BHO: (no name) - {8952A998-1E7E-4716-B23D-3DBE03910972} - C:\PROGRA~1\Toolbar\toolbar.dll O2 - BHO: LinkTracker Class - {8B6DA27E-7F64-4694-8F8F-DC87AB8C6B22} - C:\WINDOWS\System32\qlink32.dll O2 - BHO: (no name) - {8C9986AF-0041-BDD8-1C78-92C6C051E76E} - (no file) O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: Related Page - {9A9C9B69-F908-4AAB-8D0C-10EA8997F37E} - C:\WINDOWS\System32\WinNB57.dll O2 - BHO: (no name) - {A3FDD654-A057-4971-9844-4ED8E67DBBB8} - (no file) O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - D:\Program Files\Norton AntiVirus\NavShExt.dll O2 - BHO: NLS UrlCatcher Class - {AEECBFDA-12FA-4881-BDCE-8C3E1CE4B344} - C:\WINDOWS\System32\nvms.dll O2 - BHO: (no name) - {BCAA9C06-FEEA-3B32-B72C-9907BD3AA70A} - C:\DOCUME~1\Loser\APPLIC~1\BEEPNU~1\pingbash.exe O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\ja\msntb.dll O2 - BHO: Band Class - {C5183ABC-EB6E-4E05-B8C9-500A16B6CF94} - C:\Program Files\SEP\sep.dll O2 - BHO: Band Class - {CC378B83-9577-44D0-B4F8-0DD965E176FC} - C:\Program Files\eSyndicate\esyn.dll (file missing) O2 - BHO: (no name) - {D285D375-459E-156A-E1DA-146402FD4CB1} - C:\WINDOWS\System32\fgyamuwl.dll (file missing) O2 - BHO: (no name) - {D922520A-7B9A-CB78-6296-02D8585AF58C} - (no file) O2 - BHO: PEDEV_IEListener Class - {E1412445-4FF8-410e-8D24-F2CF86B171A4} - C:\Program Files\PeDevice\PeDev.dll O2 - BHO: ADP UrlCatcher Class - {F4E04583-354E-4076-BE7D-ED6A80FD66DA} - C:\WINDOWS\System32\msbe.dll O2 - BHO: BestOffers Shopping BHO - {F5DE8ADB-4A69-4e56-96AB-823171C8E9D8} - C:\Program Files\TBONAS\TBONlchr.dll (file missing) O2 - BHO: (no name) - {FD5694DF-0C62-08C0-4345-5D50D22260B3} - C:\WINDOWS\System32\ktnygfb.dll O3 - Toolbar: Band Class - {C5183ABC-EB6E-4E05-B8C9-500A16B6CF94} - C:\Program Files\SEP\sep.dll O3 - Toolbar: &Search Toolbar - {339BB23F-A864-48C0-A59F-29EA915965EC} - C:\PROGRA~1\Toolbar\toolbar.dll O3 - Toolbar: (no name) - {86227D9C-0EFE-4f8a-AA55-30386A3F5686} - (no file) O3 - Toolbar: (no name) - {FAA356E4-D317-42a6-AB41-A3021C6E7D52} - (no file) O3 - Toolbar: Related Page - {9A9C9B68-F908-4AAB-8D0C-10EA8997F37E} - C:\WINDOWS\System32\WinNB57.dll O3 - Toolbar: COMMUNICATOR - {4E7BD74F-2B8D-469E-8DBC-A42EB79CB428} - C:\WINDOWS\system32\communicator.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\ja\msntb.dll O3 - Toolbar: BestOffers Shopping v1.20 - {7FD44536-9DF0-4034-939F-5BD4D98E3187} - C:\Program Files\TBONAS\TBONlchr.dll (file missing) O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - D:\Program Files\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKLM\..\Run: [WinTools] C:\PROGRA~1\COMMON~1\WinTools\WToolsA.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [SSC_UserPrompt] "C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe" O4 - HKLM\..\Run: [NAV CfgWiz] "D:\Program Files\Norton AntiVirus\CfgWiz.exe" /GUID {0D7956A2-5A08-4ec2-A72C-DF8495A66016} /MODE CfgWiz /CMDLINE "REBOOT" O4 - HKLM\..\Run: [Windows Update 64] nbupd64.exe O4 - HKLM\..\Run: [mboqeg] C:\WINDOWS\System32\glamkk.exe r O4 - HKLM\..\Run: [WinampAgent] D:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\RunServices: [Windows Update 64] nbupd64.exe O4 - HKLM\..\RunOnce: [WinTools] C:\PROGRA~1\COMMON~1\WinTools\WToolsA.exe /boot O4 - HKCU\..\Run: [SurfSideKick 2] C:\Program Files\SurfSideKick 2\Ssk.exe O4 - HKCU\..\Run: [Microsoft Update Machine] MSOICONS.EXE O4 - HKCU\..\Run: [Windows SP4] directCC.exe O4 - HKCU\..\Run: [Microsoft Updates 2 USB] wgafixer.exe O4 - HKCU\..\Run: [Microsoft Update] msconfg.exe O4 - HKCU\..\Run: [Compaq Service Drivers] systeminfos.exe O4 - HKCU\..\Run: [VID INTERNET WEB DRIVERS FOR WIN32] phqghu.exe O4 - HKCU\..\Run: [M_S DVD DirectX Dll Drivers] msxdl.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray O4 - HKCU\..\Run: [Windows Update 64] nbupd64.exe O4 - HKCU\..\Run: [msnmsgr] "C:\program files\msn messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [PopUpStopperProfessional] "C:\Program Files\Panicware\Pop-Up Stopper Professional\PopUpStopperProfessional.exe" O4 - HKCU\..\Run: [FreeRAM XP] "C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe -quiet O4 - HKCU\..\Run: [body peak] C:\DOCUME~1\Loser\APPLIC~1\64real\onceglue.exe O4 - HKCU\..\Run: [Cacheman] D:\PROGRA~1\Cacheman\Cacheman.exe O4 - HKCU\..\RunServices: [Compaq Service Drivers] systeminfos.exe O4 - HKCU\..\RunServices: [M_S DVD DirectX Dll Drivers] msxdl.exe O4 - HKCU\..\RunOnce: [Windows Update 64] nbupd64.exe O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra button: Yahoo!ƒƒbÆ’ZÆ’“Æ’Wƒƒ[ - {CEBF73C0-BA2E-11d4-A73A-00508B33FB82} - C:\PROGRA~1\Yahoo!J\MESSEN~1\YPagerj.exe O9 - Extra 'Tools' menuitem: Yahoo!ƒƒbÆ’ZÆ’“Æ’Wƒƒ[ - {CEBF73C0-BA2E-11d4-A73A-00508B33FB82} - C:\PROGRA~1\Yahoo!J\MESSEN~1\YPagerj.exe O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing) O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing) O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O15 - Trusted Zone: http://click.getmirar.com (HKLM) O15 - Trusted Zone: http://click.mirarsearch.com (HKLM) O15 - Trusted Zone: http://redirect.mirarsearch.com (HKLM) O15 - Trusted Zone: http://awbeta.net-nucleus.com (HKLM) O16 - DPF: v3cab - http://searchmiracle.com/cab/v3cab.cab O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/62479 ... e-c139.cab O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} - ms-its:mhtml:file://c:\nesunex.mht!http://adextension.com/ext1/ysa.chm::/ysb_regular.cab O16 - DPF: {8A0DCBDB-6E20-489C-9041-C1E8A0352E75} (Mirar_Dummy_ATS1 Class) - http://awbeta.net-nucleus.com/FIX/WinATS.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b31267.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{3C9B02A8-39C9-42B8-B74D-1EC49462ACF6}: NameServer = 206.47.244.60 206.47.244.104 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O18 - Protocol: tpro - {FF76A5DA-6158-4439-99FF-EDC1B3FE100C} - C:\PROGRA~1\Toolbar\toolbar.dll O18 - Filter: text/html - {DFAA31C8-A356-4313-9D95-5EDAB46C5070} - C:\WINDOWS\System32\qlink32.dll O20 - Winlogon Notify: WBSrv - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - D:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - D:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - D:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: System Startup Service (SvcProc) - Unknown owner - c:\windows\SvcProc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: WinTools for IE service (WinToolsSvc) - Unknown owner - C:\Program Files\Common Files\WinTools\WToolsS.exe

Go to add remove programs and remove 180searchassistant, and Wintools I want you to get and install Ad Aware, you have alot of spywear to get rid of, I see a "nail" trogan that has to taken care of, and many other bad things in the log, so lets try and fix some. http://www.lavasoftusa.com/software/adaware/ Download this get the updates, and run it. then repost a new HiJack this log, OK What are the bank entries? Do you do some online gambeling?

One more thing do a update, and new scan with the virus software before posting a new log. I know this will be a lot of work, but this will be the only way to get the computer running right. The other way would be to put the other hard drive in as master and format and install Windows.

richh0323 wrote:One more thing do a update, and new scan with the virus software before posting a new log. I know this will be a lot of work, but this will be the only way to get the computer running right. The other way would be to put the other hard drive in as master and format and install Windows.

my norton software is on my other HDD (which is currently not working), I don't have sufficent space on my main HDD to fit it, and AVG won't install. I have also tried reinstalling windows and I get disk problems.... Also, I DID do a virus scan before I posted a new log.. >_>

Ok this with the other post should be combinied . You have alot of bad stuff on you're computer, if you want to get and Idea copy and paste the log to this site, mind you not all are bad that show up you have know what is what. http://www.hijackthis.de/index.php My advice to you, put the new drive in as a master, use the software that came with the hard drive, partition with "Fdisk" if you need to becuse of you're computer BIOS make 2 32 gig and one 18 gig partitions. Format as NTFS. If you have the OEM driver disk you will need them, Update to SP2 and get Norton on first thing.

richh0323 wrote:Ok this with the other post should be combinied . You have alot of bad stuff on you're computer, if you want to get and Idea copy and paste the log to this site, mind you not all are bad that show up you have know what is what. http://www.hijackthis.de/index.php My advice to you, put the new drive in as a master, use the software that came with the hard drive, partition with "Fdisk" if you need to becuse of you're computer BIOS make 2 32 gig and one 18 gig partitions. Format as NTFS. If you have the OEM driver disk you will need them, Update to SP2 and get Norton on first thing.

HAHAHAH. I can't do this because.. 1. My drive did not come with software. 2. I am not interested in creating a new partition at all. I have a lot of unnattainable data on the disk that isn't working right now. 3. What the hell is an OEM driver disk? ON ANOTHER NOTE, This is not the same post as the other... This is not a duplicate, this post was made for a totally different problem.