Command Service & Other Adwares! Help!! [Archive]

View Full Version : Command Service & Other Adwares! Help!!

trig_gerhippie

2006-04-17, 10:47

Hi!

I need your help in getting rid of all of the above!

Here's my HijackThis log:

Logfile of HijackThis v1.99.1
Scan saved at 3:49:59 PM, on 4/17/2006
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v5.00 SP4 (5.00.2920.0000)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\csrss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\hidserv.exe
C:\WINNT\zaber.exe
C:\WINNT\system32\nvsvc32.exe
C:\WINDOWS\dll\rundll32.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\svcss.exe
C:\WINNT\sychost32.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\Program Files\WinPoET Broadband Connection\WrOS.EXE
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\RUNDLL32.EXE
C:\WINNT\system32\lssas.exe
C:\Documents and Settings\Rina Johari\Desktop\MSN Messenger\msnmsgr.exe
C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe
C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Aware.exe
C:\WINNT\system32\cmd.exe
C:\WINNT\system32\ftp.exe
c:\windows\mdrive\mediam.exe
c:\windows\mdrive\elitem.exe
c:\windows\mdrive\mediam.exe
c:\windows\mdrive\yaz.exe
c:\windows\mdrive\elitem.exe
c:\windows\mdrive\yaz.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINNT\explorer.exe
C:\Documents and Settings\Rina Johari\Desktop\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: 255.255.255.255 ar.atwola.com atdmt.com avp.ch avp.com avp.ru awaps.net ca.com dispatch.mcafee.com download.mcafee.com download.microsoft.com downloads.microsoft.com engine.awaps.net f-secure.com ftp.f-secure.com ftp.sophos.com go.microsoft.com liveupdate.symantec.com mast.mcafee.com mcafee.com msdn.microsoft.com my-etrust.com nai.com networkassociates.com office.microsoft.com phx.corporate-ir.net secure.nai.com securityresponse.symantec.com service1.symantec.com sophos.com spd.atdmt.com support.microsoft.com symantec.com update.symantec.com updates.symantec.com us.mcafee.com vil.nai.com viruslist.ru windowsupdate.microsoft.com www.avp.ch www.avp.com www.avp.ru www.awaps.net www.ca.com www.f-secure.com www.kaspersky.ru www.mcafee.com www.my-etrust.com www.nai.com www.networkassociates.com www.sophos.com www.symantec.com www.trendmicro.com www.viruslist.com www.viruslist.ru www3.ca.com
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [a-winpoet-service] "C:\Program Files\WinPoET Broadband Connection\winpppoverethernet.exe"
O4 - HKLM\..\Run: [Local Security Authority Service] C:\WINNT\system32\lssas.exe
O4 - HKLM\..\Run: [Microsoft (R) Windows DLL Loader] C:\WINDOWS\dll\rundll32.exe
O4 - HKLM\..\Run: [newname] c:\windows\newname11.exe
O4 - HKLM\..\Run: [keyboard] c:\windows\keyboard11.exe
O4 - HKLM\..\Run: [mousepad] C:\windows\mousepad11.exe
O4 - HKLM\..\Run: [XaNWK^X_YKZLVMVSWZ^] C:\WINNT\system32\orkcdjhmbyjsd.exe
O4 - HKLM\..\RunOnce: [AAW] "C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Aware.exe" "+b1"
O4 - HKCU\..\Run: [msnmsgr] "C:\Documents and Settings\Rina Johari\Desktop\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [AWMON] "C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe"
O16 - DPF: {B1826A9F-4AA0-4510-BA77-9013E74E4B9B} - http://www.trendmicro.com/spyware-scan/as4web.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{8019D870-C8DD-427B-AAD0-4C7578C2E97F}: NameServer = 165.21.100.88 165.21.83.88
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINNT\UmluYSBKb2hhcmk\command.exe (file missing)
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe
O23 - Service: Prevx Agent (PREVXAgent) - Unknown owner - C:\Program Files\Prevx1\PXAgent.exe" -f (file missing)
O23 - Service: Windows DLL Loader (RunDll32) - Unknown owner - C:\WINDOWS\dll\rundll32.exe
O23 - Service: winconfig.exe - Unknown owner - C:\WINNT\svcss.exe
O23 - Service: Windows System Host - Unknown owner - C:\WINNT\sychost32.exe
O23 - Service: WinPPPoverEthernet - iVasion, a Routerware Company - C:\Program Files\WinPoET Broadband Connection\WrOS.EXE

Please help!

trig_gerhippie

2006-04-20, 10:02

Hi I need HELP w cmdservice in my computer!

This is my HijackThis log:

Logfile of HijackThis v1.99.1
Scan saved at 3:03:55 PM, on 4/20/2006
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v5.00 SP4 (5.00.2920.0000)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\csrss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\UmluYSBKb2hhcmk\command.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\hidserv.exe
C:\WINNT\zaber.exe
C:\WINNT\system32\nvsvc32.exe
C:\WINNT\system32\spooler.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\svcss.exe
C:\Program Files\WinPoET Broadband Connection\WrOS.EXE
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\RUNDLL32.EXE
C:\Program Files\WinPoET Broadband Connection\winpppoverethernet.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Documents and Settings\Rina Johari\Desktop\MSN Messenger\msnmsgr.exe
C:\WINNT\regedit.exe
C:\WINNT\system32\cmd.exe
C:\WINNT\system32\rundll32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\WINZIP\winzip32.exe
C:\Documents and Settings\Rina Johari\Local Settings\Temp\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.findthewebsiteyouneed.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com
F2 - REG:system.ini: UserInit=
O1 - Hosts: 255.255.255.255 ar.atwola.com atdmt.com avp.ch avp.com avp.ru awaps.net ca.com dispatch.mcafee.com download.mcafee.com download.microsoft.com downloads.microsoft.com engine.awaps.net f-secure.com ftp.f-secure.com ftp.sophos.com go.microsoft.com liveupdate.symantec.com mast.mcafee.com mcafee.com msdn.microsoft.com my-etrust.com nai.com networkassociates.com office.microsoft.com phx.corporate-ir.net secure.nai.com securityresponse.symantec.com service1.symantec.com sophos.com spd.atdmt.com support.microsoft.com symantec.com update.symantec.com updates.symantec.com us.mcafee.com vil.nai.com viruslist.ru windowsupdate.microsoft.com www.avp.ch (http://www.avp.ch) www.avp.com (http://www.avp.com) www.avp.ru (http://www.avp.ru) www.awaps.net (http://www.awaps.net) www.ca.com (http://www.ca.com) www.f-secure.com (http://www.f-secure.com) www.kaspersky.ru (http://www.kaspersky.ru) www.mcafee.com (http://www.mcafee.com) www.my-etrust.com (http://www.my-etrust.com) www.nai.com (http://www.nai.com) www.networkassociates.com (http://www.networkassociates.com) www.sophos.com (http://www.sophos.com) www.symantec.com (http://www.symantec.com) www.trendmicro.com (http://www.trendmicro.com) www.viruslist.com (http://www.viruslist.com) www.viruslist.ru (http://www.viruslist.ru) www3.ca.com
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [a-winpoet-service] "C:\Program Files\WinPoET Broadband Connection\winpppoverethernet.exe"
O4 - HKLM\..\Run: [Configuration Loader] scvhost.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Windows Network Firewall] C:\WINNT\system32\firewall.exe
O4 - HKLM\..\RunServices: [Configuration Loader] scvhost.exe
O4 - HKLM\..\RunServices: [fjgtpaOfdcqhrhKvlb] C:\WINNT\system32\kujxfz.exe
O4 - HKLM\..\RunServices: [nfh] C:\WINNT\system32\cqggzpqf.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Documents and Settings\Rina Johari\Desktop\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\RunOnce: [ntdll.dll] C:\Program Files\Mozilla Firefox\xpicleanup.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{615694D8-D9BA-499D-995C-16536C370227}: NameServer = 165.21.100.88 165.21.83.88
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Microsoft Windows System32 - Unknown owner - C:\WINNT\zaber.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe
O23 - Service: Print Spool Handler (Print Spooler) - Unknown owner - C:\WINNT\system32\spooler.exe
O23 - Service: winconfig.exe - Unknown owner - C:\WINNT\svcss.exe
O23 - Service: WinPPPoverEthernet - iVasion, a Routerware Company - C:\Program Files\WinPoET Broadband Connection\WrOS.EXE

Please get back to me soonest!

Thanks!

LonnyRJones

2006-04-20, 12:00

Welcome
What version of SpyBot is it you have and when was it last updated ?
Same for Ad-aware ?

Why dont we see an antivirus in your logs ?

Install update then run Ewido and a antivirus programs while the PC is in safe mode >
http://www.ewido.net/en/download/

free programs
Install atleast a free anti virus
Dont make the common mistake of installing more than one
AVG Anti-Virus-Free: http://www.grisoft.com/us/us_dwnl_free.php
AntiVir Personal Edition: http://www.free-av.com/
avast! 4 Home - Free antivirus software :
http://www.asw.cz/eng/free_virus_protectio.html

How to Start into safe mode
http://www.microsoft.com/windows2000/techinfo/administration/management/safemode.asp

tashi

2006-04-27, 01:28

This topic is closed due to lack of a response.
If you need it re-opened please send me a pm and provide a link to the thread.

tashi

2006-04-27, 17:41

Hello.
I re-opened this topic yesterday at your request and you gave me the link to it so I am not sure why you are lost. :scratch:

Please "Post Reply" to this topic instead of starting new threads.

This is your latest post and I have pmed Lonny to let him know you are back.

Hi,

I started a new thread as I couldnt find my previous one!

To ans to Lonny on why ther's no antivirus in my pc is bcos i jus reformatted my pc. tat's wat's been puzzling me. I jus reformatted and yet all tis spywares stil exist!

cant seem to get rid of command service & drsmartload & network monitor, jus to name a few of wat's in e pc.

anyway, here's e latest HijackThis log:

Logfile of HijackThis v1.99.1
Scan saved at 9:10:02 PM, on 4/27/2006
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v5.00 SP4 (5.00.2920.0000)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\hidserv.exe
C:\WINNT\system32\nvsvc32.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\systay.exe
C:\Program Files\WinPoET Broadband Connection\WrOS.EXE
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\msdtc.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\RUNDLL32.EXE
C:\Program Files\WinPoET Broadband Connection\winpppoverethernet.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINNT\system32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\WINNT\system32\systry3x.exe
C:\WINNT\system32\rundll32.exe
C:\WINNT\system32\spoolsvc.exe
C:\WINNT\system32\logon.exe
C:\WINNT\system32\algs.exe
C:\Documents and Settings\Rina Johari\Desktop\MSN Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINNT\system32\cmd.exe
C:\WINNT\system32\rundll32.exe
C:\WINNT\system32\explorer.exe
C:\Documents and Settings\Rina Johari\Local Settings\Temp\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hotmail.com
O1 - Hosts: 255.255.255.255 ar.atwola.com atdmt.com avp.ch avp.com avp.ru awaps.net ca.com dispatch.mcafee.com download.mcafee.com download.microsoft.com downloads.microsoft.com engine.awaps.net f-secure.com ftp.f-secure.com ftp.sophos.com go.microsoft.com liveupdate.symantec.com mast.mcafee.com mcafee.com msdn.microsoft.com my-etrust.com nai.com networkassociates.com office.microsoft.com phx.corporate-ir.net secure.nai.com securityresponse.symantec.com service1.symantec.com sophos.com spd.atdmt.com support.microsoft.com symantec.com update.symantec.com updates.symantec.com us.mcafee.com vil.nai.com viruslist.ru windowsupdate.microsoft.com www.avp.ch www.avp.com www.avp.ru www.awaps.net www.ca.com www.f-secure.com www.kaspersky.ru www.mcafee.com www.my-etrust.com www.nai.com www.networkassociates.com www.sophos.com www.symantec.com www.trendmicro.com www.viruslist.com www.viruslist.ru www3.ca.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {6001CDF7-6F45-471b-A203-0225615E35A7} - C:\WINNT\DH.dll (file missing)
O2 - BHO: (no name) - {6243B577-993F-4650-B894-182C9A4EB4A4} - \
O2 - BHO: (no name) - {F2FA09FB-EE7A-46d8-9145-A1EEF7850052} - C:\WINNT\system32\khfcy.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [a-winpoet-service] "C:\Program Files\WinPoET Broadband Connection\winpppoverethernet.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Windows Network Firewall] C:\WINNT\system32\firewall.exe
O4 - HKLM\..\Run: [EPSON Stylus C43 Series] C:\WINNT\system32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C43 Series" /O6 "USB001" /M "Stylus C43"
O4 - HKLM\..\Run: [Microsoft Anti-Virus] systry3x.exe
O4 - HKLM\..\Run: [zxwin] rundll32.exe C:\WINNT\system32\zxwin.dll,start
O4 - HKLM\..\Run: [nfh] C:\WINNT\system32\bdwflducgod.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [idx32] rundll32.exe C:\WINNT\system32\idx32.dll,start
O4 - HKLM\..\Run: [newname] c:\windows\newname14.exe
O4 - HKLM\..\Run: [mousepad] c:\windows\mousepad14.exe
O4 - HKLM\..\Run: [keyboard] c:\windows\keyboard14.exe
O4 - HKLM\..\Run: [fjgtpaOfdcqhrhKvlb] C:\WINNT\system32\kuookilxrpoqw.exe
O4 - HKLM\..\Run: [Spooler SubSystem App] C:\WINNT\system32\spoolsvc.exe
O4 - HKLM\..\Run: [Windows Logon Application] C:\WINNT\system32\logon.exe
O4 - HKLM\..\Run: [Application Layer Gateway Service] C:\WINNT\system32\algs.exe
O4 - HKLM\..\Run: [Windows Explorer] C:\WINNT\system32\explorer.exe
O4 - HKLM\..\RunServices: [Microsoft Anti-Virus] systry3x.exe
O4 - HKLM\..\RunServices: [nfh] C:\WINNT\system32\bdwflducgod.exe
O4 - HKLM\..\RunServices: [fjgtpaOfdcqhrhKvlb] C:\WINNT\system32\kuookilxrpoqw.exe
O4 - HKLM\..\RunOnce: [MigrateMMDrivers] rundll32.exe mmsys.cpl,mmseRunOnce
O4 - HKCU\..\Run: [msnmsgr] "C:\Documents and Settings\Rina Johari\Desktop\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O17 - HKLM\System\CCS\Services\Tcpip\..\{615694D8-D9BA-499D-995C-16536C370227}: NameServer = 165.21.100.88 165.21.83.88
O20 - Winlogon Notify: khfcy - C:\WINNT\SYSTEM32\khfcy.dll
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINNT\UmluYSBKb2hhcmk\command.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: netconf32 - Unknown owner - C:\WINNT\netconf32.exe (file missing)
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe
O23 - Service: Print Spool Handler (Print Spooler) - Unknown owner - C:\WINNT\system32\spooler.exe (file missing)
O23 - Service: winconfig.exe - Unknown owner - C:\WINNT\svcss.exe (file missing)
O23 - Service: Windows System Tray - Unknown owner - C:\WINNT\systay.exe
O23 - Service: WinPPPoverEthernet - iVasion, a Routerware Company - C:\Program Files\WinPoET Broadband Connection\WrOS.EXE

LonnyRJones

2006-04-30, 12:03

Hello

First Make a new folder, example C:\AntiSpyWare
and download/Save HijackThis, to that new folder.
This is necessary to ensure you have backups should anything go wrong
http://www.merijn.org/files/HijackThis.exe

post back with another log

tashi

2006-05-04, 23:33

This topic is now closed to prevent others with similar issues posting in it.
If you need it re-opened please send LonnyRJones a pm and provide a link to the thread.