ADAWARE LOGFILE AND HIJACKTHIS FILE...PLEASE ADVISE

Discussion in 'adware, spyware & hijack cleaning' started by coly, Jul 6, 2004.

Thread Status:
Not open for further replies.
  1. coly

    coly Registered Member

    Joined:
    Jul 2, 2004
    Posts:
    3
    Lavasoft Ad-aware Personal Build 6.181
    Logfile created on :Tuesday, July 06, 2004 12:01:12 PM
    Created with Ad-aware Personal, free for private use.
    Using reference-file :01R327 05.07.2004
    ______________________________________________________

    Reffile status:
    =========================
    Reference file loaded:
    Reference Number : 01R327 05.07.2004
    Internal build : 259
    File location : C:\Ad_aware\Ad-aware 6\reflist.ref
    Total size : 1285261 Bytes
    Signature data size : 1264682 Bytes
    Reference data size : 20515 Bytes
    Signatures total : 28089
    Target categories : 10
    Target families : 509

    Memory + processor status:
    ==========================
    Number of processors : 1
    Processor architecture : Intel Pentium IV
    Memory available:32 %
    Total physical memory:392204 kb
    Available physical memory:123488 kb
    Total page file size:548420 kb
    Available on page file:326084 kb
    Total virtual memory:2097024 kb
    Available virtual memory:2048860 kb
    OS:

    Ad-aware Settings
    =========================
    Set : Activate in-depth scan (Recommended)
    Set : Safe mode (always request confirmation)
    Set : Scan active processes
    Set : Scan registry
    Set : Deep scan registry
    Set : Scan my IE Favorites for banned URLs
    Set : Scan within archives
    Set : Scan my Hosts file

    Extended Ad-aware Settings
    =========================
    Set : Unload recognized processes during scanning
    Set : Include basic Ad-aware settings in logfile
    Set : Include additional Ad-aware settings in logfile
    Set : Let windows remove files in use at next reboot
    Set : Delete quarantined objects after restoring
    Set : Always back up reference file, before updating
    Set : Play sound if scan produced a result


    7-6-2004 12:01:12 PM - Scan started. (Custom mode)

    Listing running processes
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    #:1 [smss.exe]
    FilePath : \SystemRoot\System32\
    ThreadCreationTime : 7-6-2004 4:25:12 PM
    BasePriority : Normal


    #:2 [winlogon.exe]
    FilePath : \??\C:\WINDOWS\system32\
    ThreadCreationTime : 7-6-2004 4:25:15 PM
    BasePriority : High


    #:3 [services.exe]
    FilePath : C:\WINDOWS\system32\
    ThreadCreationTime : 7-6-2004 4:25:15 PM
    BasePriority : Normal
    FileSize : 99 KB
    FileVersion : 5.1.2600.0 (xpclient.010817-114:cool:
    ProductVersion : 5.1.2600.0
    CompanyName : Microsoft Corporation
    FileDescription : Services and Controller app
    InternalName : services.exe
    OriginalFilename : services.exe
    ProductName : Microsoft
    Created on : 8/18/2001 11:00:00 AM
    Last accessed : 7/6/2004 4:25:09 PM
    Last modified : 8/18/2001 11:00:00 AM

    #:4 [lsass.exe]
    FilePath : C:\WINDOWS\system32\
    ThreadCreationTime : 7-6-2004 4:25:15 PM
    BasePriority : Normal
    FileSize : 11 KB
    FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
    ProductVersion : 5.1.2600.1106
    CompanyName : Microsoft Corporation
    FileDescription : LSA Shell (Export Version)
    InternalName : lsass.exe
    OriginalFilename : lsass.exe
    ProductName : Microsoft
    Created on : 8/18/2001 11:00:00 AM
    Last accessed : 7/6/2004 4:25:09 PM
    Last modified : 8/29/2002 10:41:26 AM

    #:5 [svchost.exe]
    FilePath : C:\WINDOWS\system32\
    ThreadCreationTime : 7-6-2004 4:25:16 PM
    BasePriority : Normal
    FileSize : 12 KB
    FileVersion : 5.1.2600.0 (xpclient.010817-114:cool:
    ProductVersion : 5.1.2600.0
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    OriginalFilename : svchost.exe
    ProductName : Microsoft
    Created on : 8/18/2001 11:00:00 AM
    Last accessed : 7/6/2004 4:25:09 PM
    Last modified : 8/18/2001 11:00:00 AM

    #:6 [svchost.exe]
    FilePath : C:\WINDOWS\System32\
    ThreadCreationTime : 7-6-2004 4:25:17 PM
    BasePriority : Normal
    FileSize : 12 KB
    FileVersion : 5.1.2600.0 (xpclient.010817-114:cool:
    ProductVersion : 5.1.2600.0
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    OriginalFilename : svchost.exe
    ProductName : Microsoft
    Created on : 8/18/2001 11:00:00 AM
    Last accessed : 7/6/2004 4:25:09 PM
    Last modified : 8/18/2001 11:00:00 AM

    #:7 [spoolsv.exe]
    FilePath : C:\WINDOWS\system32\
    ThreadCreationTime : 7-6-2004 4:25:19 PM
    BasePriority : Normal
    FileSize : 50 KB
    FileVersion : 5.1.2600.0 (XPClient.010817-114:cool:
    ProductVersion : 5.1.2600.0
    CompanyName : Microsoft Corporation
    FileDescription : Spooler SubSystem App
    InternalName : spoolsv.exe
    OriginalFilename : spoolsv.exe
    ProductName : Microsoft
    Created on : 8/18/2001 11:00:00 AM
    Last accessed : 7/6/2004 4:25:09 PM
    Last modified : 8/18/2001 11:00:00 AM

    #:8 [ccevtmgr.exe]
    FilePath : C:\Program Files\Common Files\Symantec Shared\
    ThreadCreationTime : 7-6-2004 4:25:19 PM
    BasePriority : Normal
    FileSize : 309 KB
    FileVersion : 1.03.4
    ProductVersion : 1.03.4
    Copyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved.
    CompanyName : Symantec Corporation
    FileDescription : Event Manager Service
    InternalName : ccEvtMgr
    OriginalFilename : ccEvtMgr.exe
    ProductName : Event Manager
    Created on : 11/13/2002 9:44:02 PM
    Last accessed : 7/6/2004 4:25:09 PM
    Last modified : 11/13/2002 9:44:02 PM

    #:9 [nisum.exe]
    FilePath : C:\Program Files\Norton Internet Security\
    ThreadCreationTime : 7-6-2004 4:25:19 PM
    BasePriority : Normal
    FileSize : 137 KB
    FileVersion : 6.02.2003
    ProductVersion : 6.02.2003
    Copyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved.
    CompanyName : Symantec Corporation
    FileDescription : Norton Internet Security NISUM
    InternalName : NISUM
    OriginalFilename : NISUM.exe
    ProductName : Norton Internet Security
    Created on : 10/4/2003 1:54:59 PM
    Last accessed : 7/6/2004 4:25:09 PM
    Last modified : 3/3/2003 6:06:36 PM

    #:10 [explorer.exe]
    FilePath : C:\WINDOWS\
    ThreadCreationTime : 7-6-2004 4:25:24 PM
    BasePriority : Normal
    FileSize : 973 KB
    FileVersion : 6.00.2800.1221 (xpsp2.030511-1403)
    ProductVersion : 6.00.2800.1221
    CompanyName : Microsoft Corporation
    FileDescription : Windows Explorer
    InternalName : explorer
    OriginalFilename : EXPLORER.EXE
    ProductName : Microsoft
    Created on : 5/12/2003 2:12:10 AM
    Last accessed : 7/6/2004 4:52:48 PM
    Last modified : 5/12/2003 2:12:10 AM

    #:11 [mptbox.exe]
    FilePath : C:\PROGRA~1\Canon\MULTIP~1\
    ThreadCreationTime : 7-6-2004 4:25:30 PM
    BasePriority : Normal
    FileSize : 148 KB
    FileVersion : 4.00
    ProductVersion : 4.00
    Copyright : Copyright
    CompanyName : Canon Inc
    FileDescription : MultiPASS Toolbar
    OriginalFilename : MPTBox.EXE
    ProductName : Canon MultiPASS
    Created on : 4/7/2002 1:19:08 PM
    Last accessed : 7/6/2004 4:25:30 PM
    Last modified : 8/21/2001 10:52:12 PM

    #:12 [monitr32.exe]
    FilePath : C:\Program Files\Canon\MultiPASS4\
    ThreadCreationTime : 7-6-2004 4:25:30 PM
    BasePriority : Normal
    FileSize : 304 KB
    FileVersion : 4.00
    ProductVersion : 4.00
    Copyright : Copyright
    CompanyName : Canon Inc
    FileDescription : Status Monitor
    OriginalFilename : monitr32.exe
    ProductName : Canon MultiPASS
    Created on : 4/7/2002 1:19:08 PM
    Last accessed : 7/6/2004 4:34:48 PM
    Last modified : 8/21/2001 10:52:34 PM

    #:13 [mm_tray.exe]
    FilePath : C:\Program Files\MusicMatch\MusicMatch Jukebox\
    ThreadCreationTime : 7-6-2004 4:25:30 PM
    BasePriority : Normal
    FileSize : 140 KB
    FileVersion : 7.50.3102
    ProductVersion : 7.50.3102
    Copyright : Copyright
    CompanyName : MUSICMATCH, Inc.
    FileDescription : mm_tray
    InternalName : mm_tray
    OriginalFilename : mm_tray.exe
    ProductName : MUSICMATCH JUKEBOX
    Created on : 12/1/2001 2:22:09 PM
    Last accessed : 7/6/2004 4:25:30 PM
    Last modified : 3/28/2003 10:20:38 PM

    #:14 [dellmmkb.exe]
    FilePath : C:\WINDOWS\
    ThreadCreationTime : 7-6-2004 4:25:31 PM
    BasePriority : Normal
    FileSize : 160 KB
    FileVersion : 2.0.0
    ProductVersion : 2.0.0
    Copyright : Copyright
    CompanyName : Netropa Corp.
    FileDescription : Netropa(tm) Hot Key
    InternalName : Netropa Hot Key
    OriginalFilename : nhk.exe
    ProductName : Netropa Hot Key
    Created on : 12/1/2001 2:17:41 PM
    Last accessed : 7/6/2004 4:25:31 PM
    Last modified : 9/23/2001 1:14:48 PM

    #:15 [ccapp.exe]
    FilePath : C:\Program Files\Common Files\Symantec Shared\
    ThreadCreationTime : 7-6-2004 4:25:31 PM
    BasePriority : Normal
    FileSize : 53 KB
    FileVersion : 1.0.10.006
    ProductVersion : 1.0.10.006
    Copyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved.
    CompanyName : Symantec Corporation
    FileDescription : Common Client CC App
    InternalName : ccApp
    OriginalFilename : ccApp.exe
    ProductName : Common Client
    Created on : 1/1/2004 5:20:14 PM
    Last accessed : 7/6/2004 4:25:31 PM
    Last modified : 12/2/2003 10:11:04 PM

    #:16 [directcd.exe]
    FilePath : C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\
    ThreadCreationTime : 7-6-2004 4:25:32 PM
    BasePriority : Normal
    FileSize : 640 KB
    FileVersion : 5.10 (105)
    ProductVersion : 5.10 (105)
    Copyright : Copyright
    CompanyName : Roxio
    FileDescription : DirectCD Application
    InternalName : DirectCD
    OriginalFilename : Directcd.exe
    ProductName : DirectCD
    Created on : 9/4/2001 9:31:50 PM
    Last accessed : 7/6/2004 4:25:32 PM
    Last modified : 9/4/2001 9:31:50 PM

    #:17 [osd.exe]
    FilePath : C:\Program Files\Netropa\
    ThreadCreationTime : 7-6-2004 4:25:33 PM
    BasePriority : Normal
    FileSize : 88 KB
    FileVersion : 2.02
    ProductVersion : 2.02
    Copyright : Copyright
    CompanyName : Netropa Corp.
    FileDescription : Netropa(r) Onscreen Display
    InternalName : OSD
    OriginalFilename : osd.exe
    ProductName : Onscreen Display
    Created on : 12/1/2001 2:17:41 PM
    Last accessed : 7/6/2004 4:25:33 PM
    Last modified : 9/22/2001 8:28:38 PM

    #:18 [ctfmon.exe]
    FilePath : C:\WINDOWS\System32\
    ThreadCreationTime : 7-6-2004 4:25:33 PM
    BasePriority : Normal
    FileSize : 13 KB
    FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
    ProductVersion : 5.1.2600.1106
    CompanyName : Microsoft Corporation
    FileDescription : CTF Loader
    InternalName : CTFMON
    OriginalFilename : CTFMON.EXE
    ProductName : Microsoft
    Created on : 11/30/2002 7:56:53 PM
    Last accessed : 7/6/2004 4:25:33 PM
    Last modified : 8/29/2002 10:41:22 AM

    #:19 [msmsgs.exe]
    FilePath : C:\Program Files\Messenger\
    ThreadCreationTime : 7-6-2004 4:25:34 PM
    BasePriority : Normal
    FileSize : 1456 KB
    FileVersion : 4.7.2009
    ProductVersion : Version 4.7
    Copyright : Copyright (c) Microsoft Corporation 1997-2003
    CompanyName : Microsoft Corporation
    FileDescription : Messenger
    InternalName : msmsgs
    OriginalFilename : msmsgs.exe
    ProductName : Messenger
    Created on : 4/15/2003 12:30:14 AM
    Last accessed : 7/6/2004 4:36:25 PM
    Last modified : 4/15/2003 12:30:14 AM

    #:20 [nhksrv.exe]
    FilePath : C:\WINDOWS\
    ThreadCreationTime : 7-6-2004 4:25:53 PM
    BasePriority : Normal
    FileSize : 28 KB
    Created on : 8/6/2001 7:41:48 PM
    Last accessed : 7/6/2004 4:25:09 PM
    Last modified : 8/6/2001 7:41:48 PM

    #:21 [ccpxysvc.exe]
    FilePath : C:\Program Files\Norton Internet Security\
    ThreadCreationTime : 7-6-2004 4:25:53 PM
    BasePriority : Normal
    FileSize : 33 KB
    FileVersion : 6.02.2003
    ProductVersion : 6.02.2003
    Copyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved.
    CompanyName : Symantec Corporation
    FileDescription : Norton Internet Security Proxy Service
    InternalName : ccPxySvc
    OriginalFilename : ccPxySvc.exe
    ProductName : Norton Internet Security
    Created on : 10/4/2003 1:54:54 PM
    Last accessed : 7/6/2004 4:25:09 PM
    Last modified : 3/3/2003 6:05:18 PM

    #:22 [mdm.exe]
    FilePath : C:\Program Files\Common Files\Microsoft Shared\VS7Debug\
    ThreadCreationTime : 7-6-2004 4:25:53 PM
    BasePriority : Normal
    FileSize : 264 KB
    FileVersion : 7.00.9064.9150
    ProductVersion : 7.00.9064.9150
    Copyright : Copyright (C) Microsoft Corp. 1997-2000
    CompanyName : Microsoft Corporation
    FileDescription : Machine Debug Manager
    InternalName : mdm.exe
    OriginalFilename : mdm.exe
    ProductName : Microsoft Development Environment
    Created on : 2/23/2001 4:07:30 PM
    Last accessed : 7/6/2004 4:25:09 PM
    Last modified : 2/23/2001 4:07:30 PM

    #:23 [mpservic.exe]
    FilePath : C:\Program Files\Canon\MultiPASS4\
    ThreadCreationTime : 7-6-2004 4:25:57 PM
    BasePriority : Normal
    FileSize : 48 KB
    FileVersion : 4.00
    ProductVersion : 4.00
    Copyright : Copyright
    CompanyName : Canon Inc
    FileDescription : Implements the NT service that starts the server.
    ProductName : Canon MultiPASS
    Created on : 4/7/2002 1:19:16 PM
    Last accessed : 7/6/2004 4:25:09 PM
    Last modified : 8/21/2001 10:42:48 PM

    #:24 [navapsvc.exe]
    FilePath : C:\Program Files\Norton AntiVirus\
    ThreadCreationTime : 7-6-2004 4:25:57 PM
    BasePriority : Normal
    FileSize : 113 KB
    FileVersion : 9.05.1015
    ProductVersion : 9.05.1015
    Copyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved.
    CompanyName : Symantec Corporation
    FileDescription : Norton AntiVirus Auto-Protect Service
    InternalName : NAVAPSVC
    OriginalFilename : NAVAPSVC.EXE
    ProductName : Norton AntiVirus
    Created on : 11/15/2002 12:41:26 AM
    Last accessed : 7/6/2004 4:24:11 PM
    Last modified : 11/15/2002 12:41:26 AM

    #:25 [nvsvc32.exe]
    FilePath : C:\WINDOWS\System32\
    ThreadCreationTime : 7-6-2004 4:25:57 PM
    BasePriority : Normal
    FileSize : 108 KB
    FileVersion : 6.14.10.5672
    ProductVersion : 6.14.10.5672
    Copyright : (C) NVIDIA Corporation. All rights reserved.
    CompanyName : NVIDIA Corporation
    FileDescription : NVIDIA Driver Helper Service, Version 56.72
    InternalName : NVSVC
    OriginalFilename : nvsvc32.exe
    ProductName : NVIDIA Driver Helper Service, Version 56.72
    Created on : 3/24/2004 3:04:00 PM
    Last accessed : 7/6/2004 4:25:09 PM
    Last modified : 3/24/2004 3:04:00 PM

    #:26 [outlook.exe]
    FilePath : C:\Program Files\Microsoft Office\Office10\
    ThreadCreationTime : 7-6-2004 4:27:20 PM
    BasePriority : Normal
    FileSize : 46 KB
    FileVersion : 10.0.3416
    ProductVersion : 10.0.3416
    Copyright : Copyright
    CompanyName : Microsoft Corporation
    FileDescription : Microsoft Outlook
    InternalName : Outlook
    OriginalFilename : Outlook.exe
    ProductName : Microsoft Outlook
    Created on : 3/7/2001 2:15:54 PM
    Last accessed : 7/6/2004 4:52:50 PM
    Last modified : 10/18/2001 8:38:23 PM

    #:27 [winword.exe]
    FilePath : C:\Program Files\Microsoft Office\Office10\
    ThreadCreationTime : 7-6-2004 4:27:27 PM
    BasePriority : Normal
    FileSize : 10334 KB
    FileVersion : 10.0.3416
    ProductVersion : 10.0.3416
    Copyright : Copyright
    CompanyName : Microsoft Corporation
    FileDescription : Microsoft Word
    InternalName : WinWord
    OriginalFilename : WinWord.exe
    ProductName : Microsoft Office XP
    Created on : 3/7/2001 4:11:12 PM
    Last accessed : 7/6/2004 4:31:27 PM
    Last modified : 10/18/2001 8:38:30 PM

    #:28 [iexplore.exe]
    FilePath : C:\Program Files\Internet Explorer\
    ThreadCreationTime : 7-6-2004 4:41:47 PM
    BasePriority : Normal
    FileSize : 89 KB
    FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
    ProductVersion : 6.00.2800.1106
    CompanyName : Microsoft Corporation
    FileDescription : Internet Explorer
    InternalName : iexplore
    OriginalFilename : IEXPLORE.EXE
    ProductName : Microsoft
    Created on : 11/30/2002 7:58:31 PM
    Last accessed : 7/6/2004 4:41:48 PM
    Last modified : 8/29/2002 10:41:26 AM

    #:29 [ad-aware.exe]
    FilePath : C:\Ad_aware\Ad-aware 6\
    ThreadCreationTime : 7-6-2004 4:52:35 PM
    BasePriority : Normal
    FileSize : 668 KB
    FileVersion : 6.0.1.181
    ProductVersion : 6.0.0.0
    Copyright : Copyright
    CompanyName : Lavasoft Sweden
    FileDescription : Ad-aware 6 core application
    InternalName : Ad-aware.exe
    OriginalFilename : Ad-aware.exe
    ProductName : Lavasoft Ad-aware Plus
    Created on : 4/24/2004 1:10:08 PM
    Last accessed : 7/6/2004 4:52:35 PM
    Last modified : 7/13/2003 2:00:20 AM

    Memory scan result :
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    New objects : 0
    Objects found so far: 0


    Started registry scan
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    Registry scan result :
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    New objects : 0
    Objects found so far: 0


    Started deep registry scan
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    Deep registry scan result :
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    New objects : 0
    Objects found so far: 0


    Deep scanning and examining files (A:)
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    Disk scan result for A:\
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    New objects : 0
    Objects found so far: 0


    Deep scanning and examining files (C:)
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    NetRatings Object recognized!
    Type : File
    Data : nmtracer.dll
    Category : Data Miner
    Comment :
    Object : C:\Documents and Settings\Marty\Local Settings\Temp\Net1.tmp\
    FileSize : 428 KB
    FileVersion : 4.52.30.0r
    ProductVersion : 4.52.30.0r
    Copyright : Copyright (c) 2003 NetRatings, Inc.
    CompanyName : NetRatings, Inc.
    FileDescription : NetMeter
    OriginalFilename : nmtracer.dll
    ProductName : NetMeter
    Created on : 9/24/2003 4:05:10 AM
    Last accessed : 7/6/2004 5:04:30 PM
    Last modified : 9/24/2003 4:05:10 AM



    NetRatings Object recognized!
    Type : File
    Data : a0082085.dll
    Category : Data Miner
    Comment :
    Object : C:\System Volume Information\_restore{31414675-6CBE-4639-8F67-8C2E395D7683}\RP821\
    FileSize : 428 KB
    FileVersion : 4.52.30.0r
    ProductVersion : 4.52.30.0r
    Copyright : Copyright (c) 2003 NetRatings, Inc.
    CompanyName : NetRatings, Inc.
    FileDescription : NetMeter
    OriginalFilename : nmtracer.dll
    ProductName : NetMeter
    Created on : 2/5/2004 9:53:03 PM
    Last accessed : 7/6/2004 5:14:42 PM
    Last modified : 9/24/2003 4:05:10 AM



    Disk scan result for C:\
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    New objects : 0
    Objects found so far: 2


    Deep scanning and examining files (D:)
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    Disk scan result for D:\
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    New objects : 0
    Objects found so far: 2


    Deep scanning and examining files (E:)
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    Disk scan result for E:\
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    New objects : 0
    Objects found so far: 2


    Scanning Hosts file(C:\WINDOWS\System32\drivers\etc\hosts)
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    Hosts file scan result:
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    1 entries scanned.
    New objects :0
    Objects found so far: 2




    Performing conditional scans..
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    Conditional scan result:
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    New objects : 0
    Objects found so far: 2


    12:25:39 PM Scan complete

    Summary of this scan
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    Total scanning time :00:24:25:344
    Objects scanned :163987
    Objects identified :2
    Objects ignored :0
    New objects :2

    Logfile of HijackThis v1.97.7
    Scan saved at 11:44:00 AM, on 7/6/2004
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\Norton Internet Security\NISUM.EXE
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\Canon\MULTIP~1\MPTBox.exe
    C:\Program Files\Canon\MultiPASS4\monitr32.exe
    C:\Program Files\MusicMatch\MusicMatch Jukebox\mm_tray.exe
    C:\WINDOWS\DELLMMKB.EXE
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
    C:\Program Files\Netropa\OSD.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\WINDOWS\Nhksrv.exe
    C:\Program Files\Norton Internet Security\ccPxySvc.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\Program Files\Microsoft Office\Office10\OUTLOOK.EXE
    C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\Marty\Local Settings\Temporary Internet Files\Content.IE5\TW4FHLO1\HijackThis[1].exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://news.google.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dellnet.com
    O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [MPTBox] C:\PROGRA~1\Canon\MULTIP~1\MPTBox.exe
    O4 - HKLM\..\Run: [monitr32] C:\Program Files\Canon\MultiPASS4\monitr32.exe
    O4 - HKLM\..\Run: [MMTray] C:\Program Files\MusicMatch\MusicMatch Jukebox\mm_tray.exe
    O4 - HKLM\..\Run: [DellTouch] C:\WINDOWS\DELLMMKB.EXE
    O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\Symantec\LIVEUP~1\SNDMon.EXE
    O4 - Global Startup: Camio Viewer 2000.lnk = C:\Program Files\Sierra Imaging\Image Expert 2000\IXApplet.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
    O8 - Extra context menu item: Backward &Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
    O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Si&milar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
    O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
    O9 - Extra button: Messenger (HKLM)
    O9 - Extra 'Tools' menuitem: Messenger (HKLM)
    O12 - Plugin for .mp3: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin4.dll
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/potb_x.cab
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://www.apple.com/qtactivex/qtplugin.cab
    O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    O16 - DPF: {19E28AFC-EAE3-4CE5-AC83-2407B42F57C9} (MSSecurityAdvisor Class) - http://download.microsoft.com/downl...-a3de-373c3e5552fc/msSecAdv.cab?1067354824234
    O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/v43/yacscom.cab
    O16 - DPF: {4620BC29-8B8E-4F4E-9D92-1DB6633D6793} (SurferNETWORK Plugin) - http://rd1.surfernetwork.com/surferplugin.ocx
    O16 - DPF: {4C226336-4032-489F-9674-67E74225979B} (OTXMovie Class) - http://www.otxresearch.com/OTXMedia/OTXMedia.dll
    O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab
    O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab
    O16 - DPF: {8E28B3A9-FE83-45D1-B657-D5426B81A121} (CustomerCtrl Class) - http://cs5b.instantservice.com/jars/customerxsigned30.cab
    O16 - DPF: {92CA8ACC-4E99-4A2A-93F1-B2C5CADC8613} (NMInstall Control) - http://a14.g.akamai.net/f/14/7141/1...tmeter4_5/nminstall_en_4.52.30.0_SILENT_2.cab
    O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37652.2216435185
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {DF6A0F17-0B1E-11D4-829D-00C04F6843FE} (Microsoft Office Tools on the Web Control) - http://dgl.microsoft.com/downloads/outc.cab
    O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - http://tools.ebayimg.com/eps/activex/EPSControl_v1-32.cab
    O16 - DPF: {E87A6788-1D0F-4444-8898-1D25829B6755} - http://fdl.msn.com/public/chat/msnchat4.cab
    O16 - DPF: {ED3CE078-BB89-42C6-A748-2EC19EA004D4} (BoxFrogAX Control) - http://www.boxfrog.com/BoxFrogConvert.cab
    O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - http://us.dl1.yimg.com/download.yahoo.com/dl/toolbar/my/yiebio5_0_2_7.cab

    ANY HELP IS GREATLY APPRECIATED!
     
  2. coly

    coly Registered Member

    Joined:
    Jul 2, 2004
    Posts:
    3
    Noone wants to look at long hjt and aa files so--here's my problem- Please Help:-(

    Can't browse internet. I get kicked off and a page cannot be displayed error. Have run spybot and adaware. If I am able to stay on it runs sooo slow! ISP assures me it isn't a problem with service (satellite).

    I need help desperately. Will try anything. Could someone who knows alot more about computers than I do help me out? :doubt:
     
  3. Taz71498

    Taz71498 Registered Member

    Joined:
    May 27, 2004
    Posts:
    674
    Location:
    USA
    Hello coly,

    Can you tell us what exactly the error is saying?

    I would like you to do this:

    Download CWShredder Click on update, then close all browsers, and then click on Fix, not scan.

    I see you already have Spybot S&D so do this:
    Check for Updates first, download ALL Updates and Do a Scan. When finished, make sure ALL RED items have been ticked, and click the "Fix Selected Problems" Button.

    Reboot the computer.

    Run Hijackthis again and post a fresh log here.

    When you ran Adaware, did you fix everything it found. If not, do so.

    Post a new Hijackthis log here along with what the error that you get says.
     
Thread Status:
Not open for further replies.