hey im new to this forum and i would like someone to help me on this issue of mine. My computer was working fine till suddenly it was really slow so i checked my 'WINDOWS TASK MANAGER' to see what proccess were running and their where two 'IEXPLORE.EXE' running using most of my memory. I think it's some kind of spyware but i can't get rid of it, i even used spybot and norton to search but it didn't make a difference.
Here is my HIJACK LOG
THANK YOU FOR YOUR TIME
Logfile of HijackThis v1.99.1
Scan saved at 14:39:53, on 14/06/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesCommon FilesSymantec SharedccSetMgr.exe
C:Program FilesCommon FilesSymantec SharedccEvtMgr.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSExplorer.EXE
C:Program FilesAdobePhotoshop Album Starter Edition3.0Appsapdproxy.exe
C:Program FilesiTunesiTunesHelper.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesSpyware Doctorswdoctor.exe
C:Program FilesSony EricssonMobileaudevicemgr.exe
C:Program FilesV-Stream MultimediaTV713X UtilitiesP3XRCtl.exe
C:PROGRA~1SONYER~1MobileCONNEC~1CONNMN~1.EXE
c:Program FilesIntuwave LtdSharedmRouterRunTimemRouterRuntime.exe
C:WINDOWSsystem32Xtermdll32.exe
C:NVIDIANetworkAccessManagerApache GroupApache2binapache.exe
C:Program FilesSymantecNorton Ghost 2003GhostStartService.exe
C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE
C:Program FilesNorton AntiVirusnavapsvc.exe
C:NVIDIANetworkAccessManagerApache GroupApache2binapache.exe
C:Program FilesNorton AntiVirusAdvToolsNPROTECT.EXE
C:NVIDIANetworkAccessManagerbinnSvcIp.exe
C:NVIDIANetworkAccessManagerbinnSvcLog.exe
C:Program FilesNorton AntiVirusSAVScan.exe
C:Program FilesSpyware Doctorsdhelp.exe
C:Program FilesAlcohol SoftAlcohol 120StarWindStarWindService.exe
C:Program FilesCommon FilesSymantec SharedCCPD-LCsymlcsvc.exe
C:Program FilesiPodbiniPodService.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32wscntfy.exe
c:progra~1intern~1iexplore.exe
C:Program FilesAzureusAzureus.exe
C:WINDOWSsystem32notepad.exe
C:Documents and SettingsJiteshDesktopHijackThis.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://www.google.co.uk/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = about:blank
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = about:blank
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page = C:WINDOWSabout.htm
R1 - HKCUSoftwareMicrosoftInternet Connection Wizard,ShellNext =
http://localhost:3476/cgi-bin/ncgir.exe?menu/index.html
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:PROGRA~1SPYWAR~1toolsiesdsg.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:PROGRA~1SPYWAR~1toolsiesdpb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:program filesgooglegoogletoolbar2.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:Program FilesNorton AntiVirusNavShExt.dll
O3 - Toolbar: &Save Flash - {4064EA35-578D-4073-A834-C96D82CBCF40} - C:Program FilesSave FlashSaveFlash.dll
O4 - HKLM..Run: [NeroCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [Adobe Photo Downloader] "C:Program FilesAdobePhotoshop Album Starter Edition3.0Appsapdproxy.exe"
O4 - HKLM..Run: [iTunesHelper] "C:Program FilesiTunesiTunesHelper.exe"
O4 - HKLM..Run: [WinampAgent] C:Program FilesWinampwinampa.exe
O4 - HKLM..Run: [FileThirdTeamName] C:Documents and SettingsAll UsersApplication Databone pile file thirdMAGS DALE.exe
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [Spyware Doctor] "C:Program FilesSpyware Doctorswdoctor.exe" /Q
O4 - HKCU..Run: [Win32 Update] C:WINDOWSsystem32dl32.exe
O4 - HKCU..Run: [MsnMsgr] "C:Program FilesMSN MessengerMsnMsgr.Exe" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:Program FilesAdobeAcrobat 7.0Readerreader_sl.exe
O4 - Global Startup: Phone Connection Monitor.lnk = ?
O4 - Global Startup: TV713X Remote Control.lnk = C:Program FilesV-Stream MultimediaTV713X UtilitiesP3XRCtl.exe
O8 - Extra context menu item: &Google Search -
res://c:program filesgoogleGoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word -
res://c:program filesgoogleGoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links -
res://c:program filesgoogleGoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page -
res://c:program filesgoogleGoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages -
res://c:program filesgoogleGoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English -
res://c:program filesgoogleGoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:WINDOWSsystem32msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:WINDOWSsystem32msjava.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:PROGRA~1SPYWAR~1toolsiesdpb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O15 - Trusted Zone:
http://www.desitorrents.com
O15 - Trusted Zone:
http://www.lanspirit.com
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:PROGRA~1MSNMES~1msgrapp.dll" (file missing)
O20 - Winlogon Notify: App Management - C:WINDOWSsystem32en88l1lu1.dll (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:WINDOWSsystem32Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:WINDOWSsystem32ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccSetMgr.exe
O23 - Service: FireDaemon Service: dll32 (dll32) - Unknown owner - C:WINDOWSsystem32XtermFireDaemon.EXE
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:NVIDIANetworkAccessManagerApache GroupApache2binapache.exe" -k runservice (file missing)
O23 - Service: GhostStartService - Symantec Corporation - C:Program FilesSymantecNorton Ghost 2003GhostStartService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:Program FilesiPodbiniPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:Program FilesNorton AntiVirusnavapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:Program FilesNorton AntiVirusAdvToolsNPROTECT.EXE
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:NVIDIANetworkAccessManagerbinnSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - Unknown owner - C:NVIDIANetworkAccessManagerbinnSvcLog.exe
O23 - Service: SAVScan - Symantec Corporation - C:Program FilesNorton AntiVirusSAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:PROGRA~1COMMON~1SYMANT~1SCRIPT~1SBServ.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:Program FilesSpyware Doctorsdhelp.exe
O23 - Service: FireDaemon Service: smcss (smcss) - Unknown owner - C:WINDOWSsystem32XtermFireDaemon.EXE
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:Program FilesAlcohol SoftAlcohol 120StarWindStarWindService.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedCCPD-LCsymlcsvc.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:Program FilesRealVNCVNC4WinVNC4.exe" -service (file missing)
General