Hi Jack This Log

Discussion in 'adware, spyware & hijack cleaning' started by Smiling, Mar 1, 2004.

Thread Status:
Not open for further replies.
  1. Smiling

    Smiling Registered Member

    Joined:
    Feb 3, 2004
    Posts:
    4
    Hello. Please advise on the following Hi Jack this log. FYI, Miriad is an internal database that I use and is safe.

    Thank you in advance!

    Logfile of HijackThis v1.97.7
    Scan saved at 9:32:28 AM, on 3/1/2004
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\soundman.exe
    C:\Program Files\ahead\InCD\InCD.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
    C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Sierra\Planner\PLNRnote.exe
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\PROGRA~1\WINZIP\winzip32.exe
    C:\Documents and Settings\Steve\Local Settings\Temp\HijackThis.exe

    O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar_en_2.0.107-big.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar_en_2.0.107-big.dll
    O4 - HKLM\..\Run: [SoundMan] soundman.exe
    O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [InCD] C:\Program Files\ahead\InCD\InCD.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
    O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
    O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
    O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - Global Startup: Event Planner Reminders Tray Icon.lnk = C:\Program Files\Sierra\Planner\PLNRnote.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar_en_2.0.107-big.dll/cmsearch.html
    O8 - Extra context menu item: Backward &Links - res://c:\program files\google\GoogleToolbar_en_2.0.107-big.dll/cmbacklinks.html
    O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\program files\google\GoogleToolbar_en_2.0.107-big.dll/cmcache.html
    O8 - Extra context menu item: Si&milar Pages - res://c:\program files\google\GoogleToolbar_en_2.0.107-big.dll/cmsimilar.html
    O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar_en_2.0.107-big.dll/cmtrans.html
    O9 - Extra button: Messenger (HKLM)
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
    O9 - Extra button: AIM (HKLM)
    O9 - Extra button: Messenger (HKLM)
    O9 - Extra 'Tools' menuitem: Messenger (HKLM)
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab
    O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} (Microsoft Office Template and Media Control) - http://office.microsoft.com/templates/ieawsdc.cab
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
    O16 - DPF: {02CD12CD-5781-11D6-AD9D-00104B72FF50} (wmcSPM.ctlSPM) - http://miriad.tns-global.com/ClientComponents/Build_97/wmcSPM.CAB
    O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    O16 - DPF: {1B18C187-100B-11D6-AD9D-00104B72FF50} (wmcAllControls.ctlAllControls) - http://miriad.tns-global.com/ClientComponents/Build_97/wmcAllControls.CAB
    O16 - DPF: {20F35AEE-578E-11D6-AD9D-00104B72FF50} (wmcWhatsNewDisplay.WhatsNew) - http://miriad.tns-global.com/ClientComponents/Build_103/wmcWhatsNewDisplay.CAB
    O16 - DPF: {29B3CC0F-D432-11D5-AD9D-00104B72FF50} (wmcTest.ctlTest) - http://miriad.tns-global.com/ClientComponents/wmcTest.CAB
    O16 - DPF: {2ABE700F-CDF2-11D5-AD9D-00104B72FF50} (wmcOptions.ctlOptions) - http://miriad.tns-global.com/ClientComponents/Build_101/wmcOptions.CAB
    O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://download.yahoo.com/dl/installs/yinst.cab
    O16 - DPF: {38833014-BD60-4806-919E-92360CD0564E} (wmcObjectBroker.ObjectBroker) - http://miriad.tns-global.com/ClientComponents/Build_103/wmcObjectBroker.CAB
    O16 - DPF: {39EB6ED5-7BD0-44C1-8C69-7D717335A463} (wmcFormulaPicker.ctlFormulaPicker) - http://miriad.tns-global.com/ClientComponents/Build_101/wmcFormulaPicker.CAB
    O16 - DPF: {5776D9C0-17A3-4B12-8579-D21523F05B8C} (wmcXTabDisplay.tnsXTab1) - http://miriad.tns-global.com/ClientComponents/Build_103/wmcXTabDisplay.CAB
    O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX25.cab
    O16 - DPF: {7E838526-D92A-45A8-8E43-342F187A93E8} (wmcNewXTab.NewXtab) - http://miriad.tns-global.com/ClientComponents/Build_101/wmcNewXTab.CAB
    O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.installengine.com/engine/isetup.cab
    O16 - DPF: {A9C020D2-156C-11D6-AD9D-00104B72FF50} (wmcTrendDisplay.TrendDisplay) - http://miriad.tns-global.com/ClientComponents/Build_103/wmcTrendDisplay.CAB
    O16 - DPF: {AD0E37CE-0A0E-4183-83E9-902CC84A4185} (RootInstaller Class) - https://www.partners.extranet.microsoft.com/Content/launch/rootinst.dll
    O16 - DPF: {C5D69D8D-D921-4C46-8D56-61883F5EEAB7} (wmcPropertyPage.ctlPropertyPage) - http://miriad.tns-global.com/ClientComponents/Build_104/wmcpropertypage.CAB
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://active.macromedia.com/flash2/cabs/swflash.cab
    O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/detection/ITDetector.cab
    O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://tnsintersearch.webex.com/client/latest/webex/ieatgpc.cab
    O16 - DPF: {E25CB3E3-13DB-11D6-AD9D-00104B72FF50} (WebMiriad.clsWebMiriad) - http://miriad.tns-global.com/ClientComponents/Build_103/webmiriad.CAB
    O16 - DPF: {E3FAED09-DD8F-4EBC-8FF9-3351519520D2} (MRDFrameCtrl Class) - http://miriad.tns-global.com/ClientComponents/Build_97/wmcOleContainer.CAB
    O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab
    O16 - DPF: {F55C25D3-D16A-11D3-81DF-00A0C91F5E7D} (Gtek Print Control) - http://www.kiddonet.com/kiddonet/GtekPrt.ocx
    O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab
    O16 - DPF: {FB390F87-37CE-4B0A-A7EB-D235F2664E48} (wmcObjectTree.ctlObjectTree) - http://miriad.tns-global.com/ClientComponents/Build_103/wmcObjectTree.CAB
     
  2. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,331
    Location:
    Netherlands
    Hi Smiling,

    Was it time for your monthly check-up? ;)

    Looking good,

    Pieter
     
  3. Smiling

    Smiling Registered Member

    Joined:
    Feb 3, 2004
    Posts:
    4
    I guess this is a first time for everything Pieter. Have never passed without a hitch until today. :)

    Many thanks for your review.
     
Thread Status:
Not open for further replies.