ok i have some weird ass internet optimizer thing downloaded somehow and its sending me to other sites by itself and i also have a couple of trojan horses that just came up to from this

ad aware doesnt work and neither does AVG


here is my log thingy......what can i get rid of?

Logfile of HijackThis v1.98.2
Scan saved at 12:38:57 AM, on 9/3/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\EarthLink 5.0\ConMgr.exe
C:\Program Files\EarthLink 5.0\updatemgr.exe
C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe
C:\PROGRAM FILES\STOMPSOFT\VIRUS X-TERMINATOR\Nvc\BIN\ZLH.EXE
C:\WINDOWS\SYSCFG16.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\System32\pctspk.exe
C:\WINDOWS\System32\RUNDLL32.exe
C:\WINDOWS\System32\aimsgr.exe
C:\WINDOWS\System32\Atievxx.exe
C:\Program Files\Winad Client\Winad.exe
C:\Program Files\Winad Client\WinClt.exe
C:\program files\instant messenger\aim.exe
C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
C:\Program Files\StompSoft\Virus X-terminator\NVC\BIN\Zanda.exe
C:\WINDOWS\System32\mrtMngr.EXE
C:\PROGRAM FILES\STOMPSOFT\VIRUS X-TERMINATOR\Nvc\BIN\NYMSE.EXE
C:\PROGRAM FILES\STOMPSOFT\VIRUS X-TERMINATOR\Nvc\BIN\NIP.EXE
C:\Program Files\Web_Rebates\WebRebates1.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRAM FILES\STOMPSOFT\VIRUS X-TERMINATOR\Nvc\BIN\NJEEVES.EXE
C:\PROGRAM FILES\STOMPSOFT\VIRUS X-TERMINATOR\Nvc\BIN\NVCSCHED.EXE
C:\PROGRAM FILES\STOMPSOFT\VIRUS X-TERMINATOR\Nvc\BIN\nvcoas.exe
C:\PROGRAM FILES\STOMPSOFT\VIRUS X-TERMINATOR\Nvc\BIN\nipsvc.exe
C:\PROGRAM FILES\STOMPSOFT\VIRUS X-TERMINATOR\Nvc\BIN\cclaw.exe
C:\Documents and Settings\Trey cauley\Application Data\ttuh.exe
C:\WINDOWS\System32\zssw.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-aware.exe
C:\Program Files\Web_Rebates\WebRebates0.exe
C:\Documents and Settings\Trey cauley\Local Settings\Temporary Internet Files\Content.IE5\QNUB25U3\hijackthis[1].exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.earthlink.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.earthlink.net/partner/mor...on/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.earthlink.net/partner/mor...on/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.earthlink.net/partner/mor...on/search.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.honda-acura.net/forums
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.earthlink.net/partner/mor...on/search.html
O2 - BHO: (no name) - {3CDA3E2A-941C-2B96-D673-605505DB2035} - C:\WINDOWS\System32\bih.dll
O2 - BHO: EarthLink Popup Blocker - {4B5F2E08-6F39-479a-B547-B2026E4C7EDF} - C:\Program Files\EarthLink Toolbar\Pnel.dll
O2 - BHO: NLS UrlCatcher Class - {AEECBFDA-12FA-4881-BDCE-8C3E1CE4B344} - C:\WINDOWS\System32\nvms.dll
O2 - BHO: CB UrlCatcher Class - {CE188402-6EE7-4022-8868-AB25173A3E14} - C:\WINDOWS\System32\mscb.dll
O2 - BHO: ADP UrlCatcher Class - {F4E04583-354E-4076-BE7D-ED6A80FD66DA} - C:\WINDOWS\System32\msbe.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: EarthLink Toolbar - {D7F30B62-8269-41AF-9539-B2697FA7D77E} - C:\Program Files\EarthLink Toolbar\Pnel.dll
O4 - HKLM\..\Run: [ConMgr.exe] "C:\Program Files\EarthLink 5.0\ConMgr.exe"
O4 - HKLM\..\Run: [UpdateMgr.exe] "C:\Program Files\EarthLink 5.0\updatemgr.exe" /NOCM
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RunDLL] rundll32.exe "C:\WINDOWS\System32\bridge.dll",Load
O4 - HKLM\..\Run: [stcinstaller] c:\installer\id53.exe
O4 - HKLM\..\Run: [Win32 USB2 Driver] svchosting.exe
O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe /STARTUP
O4 - HKLM\..\Run: [Norman ZANDA] C:\PROGRAM FILES\STOMPSOFT\VIRUS X-TERMINATOR\Nvc\BIN\ZLH.EXE /LOAD /SPLASH
O4 - HKLM\..\Run: [Windows System Configuration] C:\WINDOWS\SYSCFG16.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Windows DLL Loader] C:\WINDOWS\SYSCFG16.EXE
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaE ngineMain
O4 - HKLM\..\Run: [AOL Instant Messenger] aimsgr.exe
O4 - HKLM\..\Run: [Winad Client] C:\Program Files\Winad Client\Winad.exe
O4 - HKLM\..\Run: [WebRebates0] "C:\Program Files\Web_Rebates\WebRebates0.exe"
O4 - HKLM\..\RunServices: [Win32 USB2 Driver] svchosting.exe
O4 - HKLM\..\RunServices: [AOL Instant Messenger] aimsgr.exe
O4 - HKLM\..\RunOnce: [djtopr1150.exe] "C:\DOCUME~1\TREYCA~1\LOCALS~1\Temp\djtopr1150.exe "
O4 - HKLM\..\RunOnce: [Ad-aware] "C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-aware.exe" "+b1"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [IM] c:\program files\instant messenger\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [AIM] C:\program files\instant messenger\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [WinMX] C:\Progra~1\WinMX\WinMX.exe -m
O4 - HKCU\..\Run: [Win32 USB2 Driver] svchosting.exe
O4 - HKCU\..\Run: [Aida] C:\Documents and Settings\Trey cauley\Application Data\ttuh.exe
O4 - HKCU\..\Run: [Ntgl] C:\WINDOWS\System32\zssw.exe
O4 - Global Startup: EarthLink ToolBar 5.0.lnk = C:\Program Files\EarthLink 5.0\etoolbar.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Web Rebates - file://C:\Program Files\Web_Rebates\Sy1150\Tp1150\scri1150a.htm
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\program files\instant messenger\aim.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O16 - DPF: Yahoo! Blackjack - http://download.games.yahoo.com/game...ts/y/jt0_x.cab
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/game...s/y/potd_x.cab
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/get_fi...45bc6f8b5fbb1c
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab
O16 - DPF: {9EB320CE-BE1D-4304-A081-4B4665414BEF} (MediaTicketsInstaller Control) - http://www.mt-download.com/MediaTicketsInstaller.cab





i greatly appreciate it

 

anyone?

 

is that it? C:\WINDOWS\System32\zssw.exe

 

try opening windows in safemode and running those items it may help because in safemode nothing opens except windows...but possible virii

 

When in doubt, FFR.


FDISK, FORMAT, RELOAD

 

:werd: thats about it. sometimes its jsut easier.

 

yeah last week I was having all kinds of computer problems and I just deleted everything and re installed windows xp.. computer works great now..

 

C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe
C:\PROGRAM FILES\STOMPSOFT\VIRUS X-TERMINATOR\Nvc\BIN\ZLH.EXE

2 antivirus programs? :eh:

Get rid of that stompsoft crap for sure. That alone is probably making your pc slow as crap with all those processes.

 

PS. you are loaded with adware there even though I see you have adaware goin.

Go actually redownload the newest version of ad-aware and reinstall it and then update it. Scan and let it remove ANYTHING it finds.

 

I was almost as bad as you, to the point of where i seldomly went to websites because i would have to deal with tons of pop ups, but i went to C-Net, and downloaded Spyware Doctor, no more pop ups, it got all but 3 instances of spyware/adware/trojans (the 3 get deleted when i reboot, im lazy..). Try that? Im assuming your ad-aware program is outdated.