Hi Jack This Log

Discussion in 'adware, spyware & hijack cleaning' started by Smiling, Mar 1, 2004.

Thread Status:
Not open for further replies.
  1. Smiling

    Smiling Registered Member

    Joined:
    Feb 3, 2004
    Posts:
    4
    Hello. Please advise on the following Hi Jack this log. FYI, Miriad is an internal database that I use and is safe.

    Thank you in advance!

    Logfile of HijackThis v1.97.7
    Scan saved at 9:32:28 AM, on 3/1/2004
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\soundman.exe
    C:\Program Files\ahead\InCD\InCD.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
    C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Sierra\Planner\PLNRnote.exe
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\PROGRA~1\WINZIP\winzip32.exe
    C:\Documents and Settings\Steve\Local Settings\Temp\HijackThis.exe

    O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar_en_2.0.107-big.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar_en_2.0.107-big.dll
    O4 - HKLM\..\Run: [SoundMan] soundman.exe
    O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [InCD] C:\Program Files\ahead\InCD\InCD.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
    O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
    O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
    O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - Global Startup: Event Planner Reminders Tray Icon.lnk = C:\Program Files\Sierra\Planner\PLNRnote.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar_en_2.0.107-big.dll/cmsearch.html
    O8 - Extra context menu item: Backward &Links - res://c:\program files\google\GoogleToolbar_en_2.0.107-big.dll/cmbacklinks.html
    O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\program files\google\GoogleToolbar_en_2.0.107-big.dll/cmcache.html
    O8 - Extra context menu item: Si&milar Pages - res://c:\program files\google\GoogleToolbar_en_2.0.107-big.dll/cmsimilar.html
    O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar_en_2.0.107-big.dll/cmtrans.html
    O9 - Extra button: Messenger (HKLM)
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
    O9 - Extra button: AIM (HKLM)
    O9 - Extra button: Messenger (HKLM)
    O9 - Extra 'Tools' menuitem: Messenger (HKLM)
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab
    O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} (Microsoft Office Template and Media Control) - http://office.microsoft.com/templates/ieawsdc.cab
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
    O16 - DPF: {02CD12CD-5781-11D6-AD9D-00104B72FF50} (wmcSPM.ctlSPM) - http://miriad.tns-global.com/ClientComponents/Build_97/wmcSPM.CAB
    O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    O16 - DPF: {1B18C187-100B-11D6-AD9D-00104B72FF50} (wmcAllControls.ctlAllControls) - http://miriad.tns-global.com/ClientComponents/Build_97/wmcAllControls.CAB
    O16 - DPF: {20F35AEE-578E-11D6-AD9D-00104B72FF50} (wmcWhatsNewDisplay.WhatsNew) - http://miriad.tns-global.com/ClientComponents/Build_103/wmcWhatsNewDisplay.CAB
    O16 - DPF: {29B3CC0F-D432-11D5-AD9D-00104B72FF50} (wmcTest.ctlTest) - http://miriad.tns-global.com/ClientComponents/wmcTest.CAB
    O16 - DPF: {2ABE700F-CDF2-11D5-AD9D-00104B72FF50} (wmcOptions.ctlOptions) - http://miriad.tns-global.com/ClientComponents/Build_101/wmcOptions.CAB
    O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://download.yahoo.com/dl/installs/yinst.cab
    O16 - DPF: {38833014-BD60-4806-919E-92360CD0564E} (wmcObjectBroker.ObjectBroker) - http://miriad.tns-global.com/ClientComponents/Build_103/wmcObjectBroker.CAB
    O16 - DPF: {39EB6ED5-7BD0-44C1-8C69-7D717335A463} (wmcFormulaPicker.ctlFormulaPicker) - http://miriad.tns-global.com/ClientComponents/Build_101/wmcFormulaPicker.CAB
    O16 - DPF: {5776D9C0-17A3-4B12-8579-D21523F05B8C} (wmcXTabDisplay.tnsXTab1) - http://miriad.tns-global.com/ClientComponents/Build_103/wmcXTabDisplay.CAB
    O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX25.cab
    O16 - DPF: {7E838526-D92A-45A8-8E43-342F187A93E8} (wmcNewXTab.NewXtab) - http://miriad.tns-global.com/ClientComponents/Build_101/wmcNewXTab.CAB
    O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.installengine.com/engine/isetup.cab
    O16 - DPF: {A9C020D2-156C-11D6-AD9D-00104B72FF50} (wmcTrendDisplay.TrendDisplay) - http://miriad.tns-global.com/ClientComponents/Build_103/wmcTrendDisplay.CAB
    O16 - DPF: {AD0E37CE-0A0E-4183-83E9-902CC84A4185} (RootInstaller Class) - https://www.partners.extranet.microsoft.com/Content/launch/rootinst.dll
    O16 - DPF: {C5D69D8D-D921-4C46-8D56-61883F5EEAB7} (wmcPropertyPage.ctlPropertyPage) - http://miriad.tns-global.com/ClientComponents/Build_104/wmcpropertypage.CAB
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://active.macromedia.com/flash2/cabs/swflash.cab
    O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/detection/ITDetector.cab
    O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://tnsintersearch.webex.com/client/latest/webex/ieatgpc.cab
    O16 - DPF: {E25CB3E3-13DB-11D6-AD9D-00104B72FF50} (WebMiriad.clsWebMiriad) - http://miriad.tns-global.com/ClientComponents/Build_103/webmiriad.CAB
    O16 - DPF: {E3FAED09-DD8F-4EBC-8FF9-3351519520D2} (MRDFrameCtrl Class) - http://miriad.tns-global.com/ClientComponents/Build_97/wmcOleContainer.CAB
    O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab
    O16 - DPF: {F55C25D3-D16A-11D3-81DF-00A0C91F5E7D} (Gtek Print Control) - http://www.kiddonet.com/kiddonet/GtekPrt.ocx
    O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab
    O16 - DPF: {FB390F87-37CE-4B0A-A7EB-D235F2664E48} (wmcObjectTree.ctlObjectTree) - http://miriad.tns-global.com/ClientComponents/Build_103/wmcObjectTree.CAB
     
  2. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,425
    Location:
    Netherlands
    Hi Smiling,

    Was it time for your monthly check-up? ;)

    Looking good,

    Pieter
     
  3. Smiling

    Smiling Registered Member

    Joined:
    Feb 3, 2004
    Posts:
    4
    I guess this is a first time for everything Pieter. Have never passed without a hitch until today. :)

    Many thanks for your review.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.