I'm trying to post my hijackthis log but it kept saying that there were URL's in my message...no crap they're part of the log. Even after I deleted the URL's it still said I had some in the message...what's up with this?

How to post your Hijackthis log-files

Do us and yourself a favour, look around this forum first before you ask silly questions.
This has been brought up UMPTEEN times...

Could someone check over my log? I would greatly appreciate it. And I apologize for asking "silly" questions blackstuff i'll do more research in the future. I attached the log as a txt file to this message. Thanks for your help!

Attached Files

hijackthis.txt (8.2 KB, 2 views)

Run HJT in safe mode, on its own, and let it "fix":

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://red.clientapps.yahoo.com/cust...//my.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = guardian.oru.edu:8080
R3 - URLSearchHook: (no name) - {D6DFF6D8-B94B-4720-B730-1C38C7065C3B} - (no file)
O2 - BHO: C:\WINDOWS\lbbho.dll - {C7DD1DE5-AF66-4198-A7CA-220FD13DA42E} - C:\WINDOWS\lbbho.dll
O3 - Toolbar: (no name) - {8E4C16F3-45C8-4B24-99E6-F55082B7C4F1} - (no file)
O3 - Toolbar: (no name) - {57E69D5A-6539-4d7d-9637-775DE8A385B4} - (no file)
O8 - Extra context menu item: Power Search - res://C:\PROGRA~1\COMMON~1\MSIETS\msielink.dll//iemenu
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/game...s/y/pote_x.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/...eInstaller.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1095818176906
O16 - DPF: {7A32634B-029C-4836-A023-528983982A49} - http://fdl.msn.com/public/chat/msnchat42.cab
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yaho...ymmapi_416.dll
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yaho...tocomplete.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} (&Yahoo! Companion) - http://us.dl1.yimg.com/download.yaho...bio5_1_4_0.cab
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = oru.edu
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = oru.edu
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = oru.edu
O18 - Protocol: relatedlinks - {CD8D1CAA-FE4A-45DF-A06C-028AAF1821DE} - (no file)

Delete the bold files. When a directory is also bold, delete everything in it, including that directory itself.

I really appreciate your help blackstuff, and I'm sorry to bother you again. I have Norton Internet Security and Norton Antivirus, and every couple of hours I get a notification that a virus has been detected and deleted. It keeps happening (for about a week now) and I've been searching google for help on the issue but can't find much about it besides what it is and what happens if the file is opened. Do I have reason to be concerned? Here are the 2 viruses:

Object Name C:\WINDOWS\system 32\ftpupd.exe
Virus Name W32.Korgo.W

Object Name C:\WINDOWS\system 32\QuicktimeMngr.exe
Virus Name W32.spybot.worm

ftpupd.exe
See removal-instructions here:
http://www.globalhauri.com/html/supp...ode=WOW3000599

QuicktimeMngr.exe
Boot in Safe Mode, in Taskmanager (Ctrl/Alt/Del) try to STOP the process. Then delete the file if you can.
Click Start/Run and type in msconfig and hit Enter.
See if it is mentioned in a startup-section. If in the Registry, delete that entry using Regedit. If in Startup, delete it from there.

Check if you have a file c:\windows\system32\c.bat. If so, delete it
Then make sure you have your Windoze FULLY updated with ALL the security patches.
Let us know how you get on.