//some 3rd party need geo

Hijack log

  Thomo1 18:49 08 Jan 05
Locked

Hi quite probbo Nellie2 or Mark2.

I have just ran the microsoft spyware beta and it found what it says is a severe piece of spyware: c2.Lop.
My webroot spysweeper has missed this.

For piece of mind if i posted a hijack this log could 1 of you please check it over??
I think im protected but whats to say that Norton aint doing its job either??
Id much appreciate it!

Thanks

Ps, could some1 also pleaspost the link for H-T and the link for posting insructions.

Many thanks.

  mark2 18:54 08 Jan 05

A video for HT here click here
courtesy of powerless.
Hijackthis you can find on my webspace click here

  Thomo1 22:45 08 Jan 05

Logfile of HijackThis v1.99.0
Scan saved at 22:36:52, on 08/01/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Symantec
Shared\ccProxy.exe

C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

C:\Program Files\Norton Internet Security\ISSVC.exe

C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe

C:\WINDOWS\system32\slserv.exe

C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

C:\WINDOWS\system32\wdfmgr.exe

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\WINDOWS\System32\alg.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe

C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

C:\wanadoo\wanadooconnectionkit\atdialler1.exe

C:\Program Files\Microsoft
AntiSpyware\gcasDtServ.exe

C:\Program Files\Microsoft AntiSpyware\gcasServ.exe

C:\Program Files\SpeedTouch\Dr SpeedTouch\drst.exe

C:\Program Files\Internet Explorer\iexplore.exe
C:\Internet Protection\HijackThis.exe

  Thomo1 22:48 08 Jan 05

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = click here

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = click here

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = click here

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = click here

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = click here

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Wanadoo

O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll

O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: Wanadoo - {8B68564D-53FD-4293-B80C-993A9F3988EE} - C:\PROGRA~1\Wanadoo\WSBar\WSBar.dll

O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe

O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon

O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0

O4 - HKCU\..\Run: [STManager] "C:\Program Files\SpeedTouch\Dr SpeedTouch\drst.exe" -b

O4 - Global Startup: Wanadoo Connection Kit.lnk = C:\wanadoo\wanadooconnectionkit\atdialler1.exe

O8 - Extra context menu item: Search with Freeserve - res://C:\PROGRA~1\FREESE~1\FSBar\FSBar.dll/VSearch.htm

O8 - Extra context menu item: Search with Wanadoo - res://C:\PROGRA~1\Wanadoo\WSBar\WSBar.dll/VSearch.htm

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=click here

O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - click here

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - click here

O17 - HKLM\System\CCS\Services\Tcpip\..\{7E7523F3-1790-4821-8FD5-16BE15D10A1A}: NameServer = 195.92.195.94 195.92.195.95

O23 - Service: Symantec Event Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Network Proxy - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe

O23 - Service: Symantec Password Validation - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe

O23 - Service: Symantec Settings Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

O23 - Service: ISSvc - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe

O23 - Service: Norton AntiVirus Auto-Protect Service - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe

O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe

O23 - Service: ScriptBlocking Service - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe

O23 - Service: SmartLinkService - Unknown - slserv.exe (file missing)

O23 - Service: Symantec Network Drivers Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

O23 - Service: Symantec SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

  Thomo1 22:49 08 Jan 05

thanks in advance to whoever takes the time out to check it out.

Its much appreciated.

  Dan the Confused 22:55 08 Jan 05

Have a look at click here

  Thomo1 23:08 08 Jan 05

my phone bill is fine!!!

the spyware was found in the default freeserve games link that i have never used!!

it did not say that it found a c2.lop dialer just said it was spyware.

  Dan the Confused 00:53 09 Jan 05

I think AntiSpyware is just being a bit paranoid (or maybe I'm just tired), try running Ad-aware and see if that finds anything.

  Thomo1 01:28 09 Jan 05

bin running adaware, a2 and spysweeper for about 2 months and its never come up with what the microsfotscanner found.

so one of um is telling lies!!!!! lol

i tend to go with 3 against 1 but..........

  Dan the Confused 01:55 09 Jan 05

I can't see much wrong but maybe give it a day for someone else to spot something. If they don't then it's probably ok to ignore it and treat it as a false positive.

  john-232317 07:54 09 Jan 05

This link was posted on one of my threads by graham, interesting reading ;-)

click here

This thread is now locked and can not be replied to.

What is Google Allo? What is Google Duo? Google Allo UK release date rumours and features: Google…

1995-2015: How technology has changed the world in 20 years

These clever designs help visualise a complex intelligence tool

iOS 10 troubleshooting tips: Simple fixes for the most common iOS 10 problems, from network…