ADAWARE LOGFILE AND HIJACKTHIS FILE...PLEASE ADVISE

Discussion in 'adware, spyware & hijack cleaning' started by coly, Jul 6, 2004.

Thread Status:
Not open for further replies.
  1. coly

    coly Registered Member

    Joined:
    Jul 2, 2004
    Posts:
    3
    Lavasoft Ad-aware Personal Build 6.181
    Logfile created on :Tuesday, July 06, 2004 12:01:12 PM
    Created with Ad-aware Personal, free for private use.
    Using reference-file :01R327 05.07.2004
    ______________________________________________________

    Reffile status:
    =========================
    Reference file loaded:
    Reference Number : 01R327 05.07.2004
    Internal build : 259
    File location : C:\Ad_aware\Ad-aware 6\reflist.ref
    Total size : 1285261 Bytes
    Signature data size : 1264682 Bytes
    Reference data size : 20515 Bytes
    Signatures total : 28089
    Target categories : 10
    Target families : 509

    Memory + processor status:
    ==========================
    Number of processors : 1
    Processor architecture : Intel Pentium IV
    Memory available:32 %
    Total physical memory:392204 kb
    Available physical memory:123488 kb
    Total page file size:548420 kb
    Available on page file:326084 kb
    Total virtual memory:2097024 kb
    Available virtual memory:2048860 kb
    OS:

    Ad-aware Settings
    =========================
    Set : Activate in-depth scan (Recommended)
    Set : Safe mode (always request confirmation)
    Set : Scan active processes
    Set : Scan registry
    Set : Deep scan registry
    Set : Scan my IE Favorites for banned URLs
    Set : Scan within archives
    Set : Scan my Hosts file

    Extended Ad-aware Settings
    =========================
    Set : Unload recognized processes during scanning
    Set : Include basic Ad-aware settings in logfile
    Set : Include additional Ad-aware settings in logfile
    Set : Let windows remove files in use at next reboot
    Set : Delete quarantined objects after restoring
    Set : Always back up reference file, before updating
    Set : Play sound if scan produced a result


    7-6-2004 12:01:12 PM - Scan started. (Custom mode)

    Listing running processes
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    #:1 [smss.exe]
    FilePath : \SystemRoot\System32\
    ThreadCreationTime : 7-6-2004 4:25:12 PM
    BasePriority : Normal


    #:2 [winlogon.exe]
    FilePath : \??\C:\WINDOWS\system32\
    ThreadCreationTime : 7-6-2004 4:25:15 PM
    BasePriority : High


    #:3 [services.exe]
    FilePath : C:\WINDOWS\system32\
    ThreadCreationTime : 7-6-2004 4:25:15 PM
    BasePriority : Normal
    FileSize : 99 KB
    FileVersion : 5.1.2600.0 (xpclient.010817-114:cool:
    ProductVersion : 5.1.2600.0
    CompanyName : Microsoft Corporation
    FileDescription : Services and Controller app
    InternalName : services.exe
    OriginalFilename : services.exe
    ProductName : Microsoft
    Created on : 8/18/2001 11:00:00 AM
    Last accessed : 7/6/2004 4:25:09 PM
    Last modified : 8/18/2001 11:00:00 AM

    #:4 [lsass.exe]
    FilePath : C:\WINDOWS\system32\
    ThreadCreationTime : 7-6-2004 4:25:15 PM
    BasePriority : Normal
    FileSize : 11 KB
    FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
    ProductVersion : 5.1.2600.1106
    CompanyName : Microsoft Corporation
    FileDescription : LSA Shell (Export Version)
    InternalName : lsass.exe
    OriginalFilename : lsass.exe
    ProductName : Microsoft
    Created on : 8/18/2001 11:00:00 AM
    Last accessed : 7/6/2004 4:25:09 PM
    Last modified : 8/29/2002 10:41:26 AM

    #:5 [svchost.exe]
    FilePath : C:\WINDOWS\system32\
    ThreadCreationTime : 7-6-2004 4:25:16 PM
    BasePriority : Normal
    FileSize : 12 KB
    FileVersion : 5.1.2600.0 (xpclient.010817-114:cool:
    ProductVersion : 5.1.2600.0
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    OriginalFilename : svchost.exe
    ProductName : Microsoft
    Created on : 8/18/2001 11:00:00 AM
    Last accessed : 7/6/2004 4:25:09 PM
    Last modified : 8/18/2001 11:00:00 AM

    #:6 [svchost.exe]
    FilePath : C:\WINDOWS\System32\
    ThreadCreationTime : 7-6-2004 4:25:17 PM
    BasePriority : Normal
    FileSize : 12 KB
    FileVersion : 5.1.2600.0 (xpclient.010817-114:cool:
    ProductVersion : 5.1.2600.0
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    OriginalFilename : svchost.exe
    ProductName : Microsoft
    Created on : 8/18/2001 11:00:00 AM
    Last accessed : 7/6/2004 4:25:09 PM
    Last modified : 8/18/2001 11:00:00 AM

    #:7 [spoolsv.exe]
    FilePath : C:\WINDOWS\system32\
    ThreadCreationTime : 7-6-2004 4:25:19 PM
    BasePriority : Normal
    FileSize : 50 KB
    FileVersion : 5.1.2600.0 (XPClient.010817-114:cool:
    ProductVersion : 5.1.2600.0
    CompanyName : Microsoft Corporation
    FileDescription : Spooler SubSystem App
    InternalName : spoolsv.exe
    OriginalFilename : spoolsv.exe
    ProductName : Microsoft
    Created on : 8/18/2001 11:00:00 AM
    Last accessed : 7/6/2004 4:25:09 PM
    Last modified : 8/18/2001 11:00:00 AM

    #:8 [ccevtmgr.exe]
    FilePath : C:\Program Files\Common Files\Symantec Shared\
    ThreadCreationTime : 7-6-2004 4:25:19 PM
    BasePriority : Normal
    FileSize : 309 KB
    FileVersion : 1.03.4
    ProductVersion : 1.03.4
    Copyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved.
    CompanyName : Symantec Corporation
    FileDescription : Event Manager Service
    InternalName : ccEvtMgr
    OriginalFilename : ccEvtMgr.exe
    ProductName : Event Manager
    Created on : 11/13/2002 9:44:02 PM
    Last accessed : 7/6/2004 4:25:09 PM
    Last modified : 11/13/2002 9:44:02 PM

    #:9 [nisum.exe]
    FilePath : C:\Program Files\Norton Internet Security\
    ThreadCreationTime : 7-6-2004 4:25:19 PM
    BasePriority : Normal
    FileSize : 137 KB
    FileVersion : 6.02.2003
    ProductVersion : 6.02.2003
    Copyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved.
    CompanyName : Symantec Corporation
    FileDescription : Norton Internet Security NISUM
    InternalName : NISUM
    OriginalFilename : NISUM.exe
    ProductName : Norton Internet Security
    Created on : 10/4/2003 1:54:59 PM
    Last accessed : 7/6/2004 4:25:09 PM
    Last modified : 3/3/2003 6:06:36 PM

    #:10 [explorer.exe]
    FilePath : C:\WINDOWS\
    ThreadCreationTime : 7-6-2004 4:25:24 PM
    BasePriority : Normal
    FileSize : 973 KB
    FileVersion : 6.00.2800.1221 (xpsp2.030511-1403)
    ProductVersion : 6.00.2800.1221
    CompanyName : Microsoft Corporation
    FileDescription : Windows Explorer
    InternalName : explorer
    OriginalFilename : EXPLORER.EXE
    ProductName : Microsoft
    Created on : 5/12/2003 2:12:10 AM
    Last accessed : 7/6/2004 4:52:48 PM
    Last modified : 5/12/2003 2:12:10 AM

    #:11 [mptbox.exe]
    FilePath : C:\PROGRA~1\Canon\MULTIP~1\
    ThreadCreationTime : 7-6-2004 4:25:30 PM
    BasePriority : Normal
    FileSize : 148 KB
    FileVersion : 4.00
    ProductVersion : 4.00
    Copyright : Copyright
    CompanyName : Canon Inc
    FileDescription : MultiPASS Toolbar
    OriginalFilename : MPTBox.EXE
    ProductName : Canon MultiPASS
    Created on : 4/7/2002 1:19:08 PM
    Last accessed : 7/6/2004 4:25:30 PM
    Last modified : 8/21/2001 10:52:12 PM

    #:12 [monitr32.exe]
    FilePath : C:\Program Files\Canon\MultiPASS4\
    ThreadCreationTime : 7-6-2004 4:25:30 PM
    BasePriority : Normal
    FileSize : 304 KB
    FileVersion : 4.00
    ProductVersion : 4.00
    Copyright : Copyright
    CompanyName : Canon Inc
    FileDescription : Status Monitor
    OriginalFilename : monitr32.exe
    ProductName : Canon MultiPASS
    Created on : 4/7/2002 1:19:08 PM
    Last accessed : 7/6/2004 4:34:48 PM
    Last modified : 8/21/2001 10:52:34 PM

    #:13 [mm_tray.exe]
    FilePath : C:\Program Files\MusicMatch\MusicMatch Jukebox\
    ThreadCreationTime : 7-6-2004 4:25:30 PM
    BasePriority : Normal
    FileSize : 140 KB
    FileVersion : 7.50.3102
    ProductVersion : 7.50.3102
    Copyright : Copyright
    CompanyName : MUSICMATCH, Inc.
    FileDescription : mm_tray
    InternalName : mm_tray
    OriginalFilename : mm_tray.exe
    ProductName : MUSICMATCH JUKEBOX
    Created on : 12/1/2001 2:22:09 PM
    Last accessed : 7/6/2004 4:25:30 PM
    Last modified : 3/28/2003 10:20:38 PM

    #:14 [dellmmkb.exe]
    FilePath : C:\WINDOWS\
    ThreadCreationTime : 7-6-2004 4:25:31 PM
    BasePriority : Normal
    FileSize : 160 KB
    FileVersion : 2.0.0
    ProductVersion : 2.0.0
    Copyright : Copyright
    CompanyName : Netropa Corp.
    FileDescription : Netropa(tm) Hot Key
    InternalName : Netropa Hot Key
    OriginalFilename : nhk.exe
    ProductName : Netropa Hot Key
    Created on : 12/1/2001 2:17:41 PM
    Last accessed : 7/6/2004 4:25:31 PM
    Last modified : 9/23/2001 1:14:48 PM

    #:15 [ccapp.exe]
    FilePath : C:\Program Files\Common Files\Symantec Shared\
    ThreadCreationTime : 7-6-2004 4:25:31 PM
    BasePriority : Normal
    FileSize : 53 KB
    FileVersion : 1.0.10.006
    ProductVersion : 1.0.10.006
    Copyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved.
    CompanyName : Symantec Corporation
    FileDescription : Common Client CC App
    InternalName : ccApp
    OriginalFilename : ccApp.exe
    ProductName : Common Client
    Created on : 1/1/2004 5:20:14 PM
    Last accessed : 7/6/2004 4:25:31 PM
    Last modified : 12/2/2003 10:11:04 PM

    #:16 [directcd.exe]
    FilePath : C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\
    ThreadCreationTime : 7-6-2004 4:25:32 PM
    BasePriority : Normal
    FileSize : 640 KB
    FileVersion : 5.10 (105)
    ProductVersion : 5.10 (105)
    Copyright : Copyright
    CompanyName : Roxio
    FileDescription : DirectCD Application
    InternalName : DirectCD
    OriginalFilename : Directcd.exe
    ProductName : DirectCD
    Created on : 9/4/2001 9:31:50 PM
    Last accessed : 7/6/2004 4:25:32 PM
    Last modified : 9/4/2001 9:31:50 PM

    #:17 [osd.exe]
    FilePath : C:\Program Files\Netropa\
    ThreadCreationTime : 7-6-2004 4:25:33 PM
    BasePriority : Normal
    FileSize : 88 KB
    FileVersion : 2.02
    ProductVersion : 2.02
    Copyright : Copyright
    CompanyName : Netropa Corp.
    FileDescription : Netropa(r) Onscreen Display
    InternalName : OSD
    OriginalFilename : osd.exe
    ProductName : Onscreen Display
    Created on : 12/1/2001 2:17:41 PM
    Last accessed : 7/6/2004 4:25:33 PM
    Last modified : 9/22/2001 8:28:38 PM

    #:18 [ctfmon.exe]
    FilePath : C:\WINDOWS\System32\
    ThreadCreationTime : 7-6-2004 4:25:33 PM
    BasePriority : Normal
    FileSize : 13 KB
    FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
    ProductVersion : 5.1.2600.1106
    CompanyName : Microsoft Corporation
    FileDescription : CTF Loader
    InternalName : CTFMON
    OriginalFilename : CTFMON.EXE
    ProductName : Microsoft
    Created on : 11/30/2002 7:56:53 PM
    Last accessed : 7/6/2004 4:25:33 PM
    Last modified : 8/29/2002 10:41:22 AM

    #:19 [msmsgs.exe]
    FilePath : C:\Program Files\Messenger\
    ThreadCreationTime : 7-6-2004 4:25:34 PM
    BasePriority : Normal
    FileSize : 1456 KB
    FileVersion : 4.7.2009
    ProductVersion : Version 4.7
    Copyright : Copyright (c) Microsoft Corporation 1997-2003
    CompanyName : Microsoft Corporation
    FileDescription : Messenger
    InternalName : msmsgs
    OriginalFilename : msmsgs.exe
    ProductName : Messenger
    Created on : 4/15/2003 12:30:14 AM
    Last accessed : 7/6/2004 4:36:25 PM
    Last modified : 4/15/2003 12:30:14 AM

    #:20 [nhksrv.exe]
    FilePath : C:\WINDOWS\
    ThreadCreationTime : 7-6-2004 4:25:53 PM
    BasePriority : Normal
    FileSize : 28 KB
    Created on : 8/6/2001 7:41:48 PM
    Last accessed : 7/6/2004 4:25:09 PM
    Last modified : 8/6/2001 7:41:48 PM

    #:21 [ccpxysvc.exe]
    FilePath : C:\Program Files\Norton Internet Security\
    ThreadCreationTime : 7-6-2004 4:25:53 PM
    BasePriority : Normal
    FileSize : 33 KB
    FileVersion : 6.02.2003
    ProductVersion : 6.02.2003
    Copyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved.
    CompanyName : Symantec Corporation
    FileDescription : Norton Internet Security Proxy Service
    InternalName : ccPxySvc
    OriginalFilename : ccPxySvc.exe
    ProductName : Norton Internet Security
    Created on : 10/4/2003 1:54:54 PM
    Last accessed : 7/6/2004 4:25:09 PM
    Last modified : 3/3/2003 6:05:18 PM

    #:22 [mdm.exe]
    FilePath : C:\Program Files\Common Files\Microsoft Shared\VS7Debug\
    ThreadCreationTime : 7-6-2004 4:25:53 PM
    BasePriority : Normal
    FileSize : 264 KB
    FileVersion : 7.00.9064.9150
    ProductVersion : 7.00.9064.9150
    Copyright : Copyright (C) Microsoft Corp. 1997-2000
    CompanyName : Microsoft Corporation
    FileDescription : Machine Debug Manager
    InternalName : mdm.exe
    OriginalFilename : mdm.exe
    ProductName : Microsoft Development Environment
    Created on : 2/23/2001 4:07:30 PM
    Last accessed : 7/6/2004 4:25:09 PM
    Last modified : 2/23/2001 4:07:30 PM

    #:23 [mpservic.exe]
    FilePath : C:\Program Files\Canon\MultiPASS4\
    ThreadCreationTime : 7-6-2004 4:25:57 PM
    BasePriority : Normal
    FileSize : 48 KB
    FileVersion : 4.00
    ProductVersion : 4.00
    Copyright : Copyright
    CompanyName : Canon Inc
    FileDescription : Implements the NT service that starts the server.
    ProductName : Canon MultiPASS
    Created on : 4/7/2002 1:19:16 PM
    Last accessed : 7/6/2004 4:25:09 PM
    Last modified : 8/21/2001 10:42:48 PM

    #:24 [navapsvc.exe]
    FilePath : C:\Program Files\Norton AntiVirus\
    ThreadCreationTime : 7-6-2004 4:25:57 PM
    BasePriority : Normal
    FileSize : 113 KB
    FileVersion : 9.05.1015
    ProductVersion : 9.05.1015
    Copyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved.
    CompanyName : Symantec Corporation
    FileDescription : Norton AntiVirus Auto-Protect Service
    InternalName : NAVAPSVC
    OriginalFilename : NAVAPSVC.EXE
    ProductName : Norton AntiVirus
    Created on : 11/15/2002 12:41:26 AM
    Last accessed : 7/6/2004 4:24:11 PM
    Last modified : 11/15/2002 12:41:26 AM

    #:25 [nvsvc32.exe]
    FilePath : C:\WINDOWS\System32\
    ThreadCreationTime : 7-6-2004 4:25:57 PM
    BasePriority : Normal
    FileSize : 108 KB
    FileVersion : 6.14.10.5672
    ProductVersion : 6.14.10.5672
    Copyright : (C) NVIDIA Corporation. All rights reserved.
    CompanyName : NVIDIA Corporation
    FileDescription : NVIDIA Driver Helper Service, Version 56.72
    InternalName : NVSVC
    OriginalFilename : nvsvc32.exe
    ProductName : NVIDIA Driver Helper Service, Version 56.72
    Created on : 3/24/2004 3:04:00 PM
    Last accessed : 7/6/2004 4:25:09 PM
    Last modified : 3/24/2004 3:04:00 PM

    #:26 [outlook.exe]
    FilePath : C:\Program Files\Microsoft Office\Office10\
    ThreadCreationTime : 7-6-2004 4:27:20 PM
    BasePriority : Normal
    FileSize : 46 KB
    FileVersion : 10.0.3416
    ProductVersion : 10.0.3416
    Copyright : Copyright
    CompanyName : Microsoft Corporation
    FileDescription : Microsoft Outlook
    InternalName : Outlook
    OriginalFilename : Outlook.exe
    ProductName : Microsoft Outlook
    Created on : 3/7/2001 2:15:54 PM
    Last accessed : 7/6/2004 4:52:50 PM
    Last modified : 10/18/2001 8:38:23 PM

    #:27 [winword.exe]
    FilePath : C:\Program Files\Microsoft Office\Office10\
    ThreadCreationTime : 7-6-2004 4:27:27 PM
    BasePriority : Normal
    FileSize : 10334 KB
    FileVersion : 10.0.3416
    ProductVersion : 10.0.3416
    Copyright : Copyright
    CompanyName : Microsoft Corporation
    FileDescription : Microsoft Word
    InternalName : WinWord
    OriginalFilename : WinWord.exe
    ProductName : Microsoft Office XP
    Created on : 3/7/2001 4:11:12 PM
    Last accessed : 7/6/2004 4:31:27 PM
    Last modified : 10/18/2001 8:38:30 PM

    #:28 [iexplore.exe]
    FilePath : C:\Program Files\Internet Explorer\
    ThreadCreationTime : 7-6-2004 4:41:47 PM
    BasePriority : Normal
    FileSize : 89 KB
    FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
    ProductVersion : 6.00.2800.1106
    CompanyName : Microsoft Corporation
    FileDescription : Internet Explorer
    InternalName : iexplore
    OriginalFilename : IEXPLORE.EXE
    ProductName : Microsoft
    Created on : 11/30/2002 7:58:31 PM
    Last accessed : 7/6/2004 4:41:48 PM
    Last modified : 8/29/2002 10:41:26 AM

    #:29 [ad-aware.exe]
    FilePath : C:\Ad_aware\Ad-aware 6\
    ThreadCreationTime : 7-6-2004 4:52:35 PM
    BasePriority : Normal
    FileSize : 668 KB
    FileVersion : 6.0.1.181
    ProductVersion : 6.0.0.0
    Copyright : Copyright
    CompanyName : Lavasoft Sweden
    FileDescription : Ad-aware 6 core application
    InternalName : Ad-aware.exe
    OriginalFilename : Ad-aware.exe
    ProductName : Lavasoft Ad-aware Plus
    Created on : 4/24/2004 1:10:08 PM
    Last accessed : 7/6/2004 4:52:35 PM
    Last modified : 7/13/2003 2:00:20 AM

    Memory scan result :
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    New objects : 0
    Objects found so far: 0


    Started registry scan
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    Registry scan result :
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    New objects : 0
    Objects found so far: 0


    Started deep registry scan
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    Deep registry scan result :
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    New objects : 0
    Objects found so far: 0


    Deep scanning and examining files (A:)
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    Disk scan result for A:\
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    New objects : 0
    Objects found so far: 0


    Deep scanning and examining files (C:)
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    NetRatings Object recognized!
    Type : File
    Data : nmtracer.dll
    Category : Data Miner
    Comment :
    Object : C:\Documents and Settings\Marty\Local Settings\Temp\Net1.tmp\
    FileSize : 428 KB
    FileVersion : 4.52.30.0r
    ProductVersion : 4.52.30.0r
    Copyright : Copyright (c) 2003 NetRatings, Inc.
    CompanyName : NetRatings, Inc.
    FileDescription : NetMeter
    OriginalFilename : nmtracer.dll
    ProductName : NetMeter
    Created on : 9/24/2003 4:05:10 AM
    Last accessed : 7/6/2004 5:04:30 PM
    Last modified : 9/24/2003 4:05:10 AM



    NetRatings Object recognized!
    Type : File
    Data : a0082085.dll
    Category : Data Miner
    Comment :
    Object : C:\System Volume Information\_restore{31414675-6CBE-4639-8F67-8C2E395D7683}\RP821\
    FileSize : 428 KB
    FileVersion : 4.52.30.0r
    ProductVersion : 4.52.30.0r
    Copyright : Copyright (c) 2003 NetRatings, Inc.
    CompanyName : NetRatings, Inc.
    FileDescription : NetMeter
    OriginalFilename : nmtracer.dll
    ProductName : NetMeter
    Created on : 2/5/2004 9:53:03 PM
    Last accessed : 7/6/2004 5:14:42 PM
    Last modified : 9/24/2003 4:05:10 AM



    Disk scan result for C:\
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    New objects : 0
    Objects found so far: 2


    Deep scanning and examining files (D:)
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    Disk scan result for D:\
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    New objects : 0
    Objects found so far: 2


    Deep scanning and examining files (E:)
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    Disk scan result for E:\
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    New objects : 0
    Objects found so far: 2


    Scanning Hosts file(C:\WINDOWS\System32\drivers\etc\hosts)
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    Hosts file scan result:
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    1 entries scanned.
    New objects :0
    Objects found so far: 2




    Performing conditional scans..
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    Conditional scan result:
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    New objects : 0
    Objects found so far: 2


    12:25:39 PM Scan complete

    Summary of this scan
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    Total scanning time :00:24:25:344
    Objects scanned :163987
    Objects identified :2
    Objects ignored :0
    New objects :2

    Logfile of HijackThis v1.97.7
    Scan saved at 11:44:00 AM, on 7/6/2004
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\Norton Internet Security\NISUM.EXE
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\Canon\MULTIP~1\MPTBox.exe
    C:\Program Files\Canon\MultiPASS4\monitr32.exe
    C:\Program Files\MusicMatch\MusicMatch Jukebox\mm_tray.exe
    C:\WINDOWS\DELLMMKB.EXE
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
    C:\Program Files\Netropa\OSD.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\WINDOWS\Nhksrv.exe
    C:\Program Files\Norton Internet Security\ccPxySvc.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\Program Files\Microsoft Office\Office10\OUTLOOK.EXE
    C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\Marty\Local Settings\Temporary Internet Files\Content.IE5\TW4FHLO1\HijackThis[1].exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://news.google.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dellnet.com
    O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [MPTBox] C:\PROGRA~1\Canon\MULTIP~1\MPTBox.exe
    O4 - HKLM\..\Run: [monitr32] C:\Program Files\Canon\MultiPASS4\monitr32.exe
    O4 - HKLM\..\Run: [MMTray] C:\Program Files\MusicMatch\MusicMatch Jukebox\mm_tray.exe
    O4 - HKLM\..\Run: [DellTouch] C:\WINDOWS\DELLMMKB.EXE
    O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\Symantec\LIVEUP~1\SNDMon.EXE
    O4 - Global Startup: Camio Viewer 2000.lnk = C:\Program Files\Sierra Imaging\Image Expert 2000\IXApplet.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
    O8 - Extra context menu item: Backward &Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
    O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Si&milar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
    O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
    O9 - Extra button: Messenger (HKLM)
    O9 - Extra 'Tools' menuitem: Messenger (HKLM)
    O12 - Plugin for .mp3: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin4.dll
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/potb_x.cab
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://www.apple.com/qtactivex/qtplugin.cab
    O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    O16 - DPF: {19E28AFC-EAE3-4CE5-AC83-2407B42F57C9} (MSSecurityAdvisor Class) - http://download.microsoft.com/downl...-a3de-373c3e5552fc/msSecAdv.cab?1067354824234
    O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/v43/yacscom.cab
    O16 - DPF: {4620BC29-8B8E-4F4E-9D92-1DB6633D6793} (SurferNETWORK Plugin) - http://rd1.surfernetwork.com/surferplugin.ocx
    O16 - DPF: {4C226336-4032-489F-9674-67E74225979B} (OTXMovie Class) - http://www.otxresearch.com/OTXMedia/OTXMedia.dll
    O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab
    O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab
    O16 - DPF: {8E28B3A9-FE83-45D1-B657-D5426B81A121} (CustomerCtrl Class) - http://cs5b.instantservice.com/jars/customerxsigned30.cab
    O16 - DPF: {92CA8ACC-4E99-4A2A-93F1-B2C5CADC8613} (NMInstall Control) - http://a14.g.akamai.net/f/14/7141/1...tmeter4_5/nminstall_en_4.52.30.0_SILENT_2.cab
    O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37652.2216435185
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {DF6A0F17-0B1E-11D4-829D-00C04F6843FE} (Microsoft Office Tools on the Web Control) - http://dgl.microsoft.com/downloads/outc.cab
    O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - http://tools.ebayimg.com/eps/activex/EPSControl_v1-32.cab
    O16 - DPF: {E87A6788-1D0F-4444-8898-1D25829B6755} - http://fdl.msn.com/public/chat/msnchat4.cab
    O16 - DPF: {ED3CE078-BB89-42C6-A748-2EC19EA004D4} (BoxFrogAX Control) - http://www.boxfrog.com/BoxFrogConvert.cab
    O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - http://us.dl1.yimg.com/download.yahoo.com/dl/toolbar/my/yiebio5_0_2_7.cab

    ANY HELP IS GREATLY APPRECIATED!
     
  2. coly

    coly Registered Member

    Joined:
    Jul 2, 2004
    Posts:
    3
    Noone wants to look at long hjt and aa files so--here's my problem- Please Help:-(

    Can't browse internet. I get kicked off and a page cannot be displayed error. Have run spybot and adaware. If I am able to stay on it runs sooo slow! ISP assures me it isn't a problem with service (satellite).

    I need help desperately. Will try anything. Could someone who knows alot more about computers than I do help me out? :doubt:
     
  3. Taz71498

    Taz71498 Registered Member

    Joined:
    May 27, 2004
    Posts:
    674
    Location:
    USA
    Hello coly,

    Can you tell us what exactly the error is saying?

    I would like you to do this:

    Download CWShredder Click on update, then close all browsers, and then click on Fix, not scan.

    I see you already have Spybot S&D so do this:
    Check for Updates first, download ALL Updates and Do a Scan. When finished, make sure ALL RED items have been ticked, and click the "Fix Selected Problems" Button.

    Reboot the computer.

    Run Hijackthis again and post a fresh log here.

    When you ran Adaware, did you fix everything it found. If not, do so.

    Post a new Hijackthis log here along with what the error that you get says.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.