New OS & checking out OS

Discussion in 'adware, spyware & hijack cleaning' started by kingtmouse, Apr 11, 2004.

Thread Status:
Not open for further replies.
  1. kingtmouse

    kingtmouse Registered Member

    Joined:
    Mar 10, 2004
    Posts:
    12
    Checking out new OS

    Greetings....
    Here is my log. Could you please look it over and advise me? Thank you.
    Regards

    Logfile of HijackThis v1.97.7
    Scan saved at 9:44:40 AM, on 4/11/2004
    Platform: Windows 2000 SP4 (WinNT 5.00.2195)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    E:\WINNT\System32\smss.exe
    E:\WINNT\system32\winlogon.exe
    E:\WINNT\system32\services.exe
    E:\WINNT\system32\lsass.exe
    E:\WINNT\system32\svchost.exe
    E:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    E:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    E:\WINNT\system32\spoolsv.exe
    E:\WINNT\system32\svchost.exe
    E:\PROGRA~1\Iomega\System32\AppServices.exe
    E:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe
    E:\Program Files\Norton Personal Firewall\NISUM.EXE
    E:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE
    E:\WINNT\Explorer.EXE
    E:\Program Files\Common Files\Symantec Shared\SymTray.exe
    E:\WINNT\system32\regsvc.exe
    E:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe
    E:\WINNT\system32\MSTask.exe
    E:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
    E:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    E:\Program Files\Norton Personal Firewall\SymProxySvc.exe
    E:\WINNT\essspk.exe
    E:\Program Files\Winamp\Winampa.exe
    E:\Program Files\Common Files\Symantec Shared\ccApp.exe
    E:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe
    E:\Program Files\Norton Personal Firewall\IAMAPP.EXE
    E:\WINNT\system32\P2P Networking\P2P Networking.exe
    C:\Program Files\Altnet\Points Manager\Points Manager.exe
    E:\Program Files\Iomega HotBurn Pro\Autolaunch.exe
    E:\WINNT\System32\WBEM\WinMgmt.exe
    C:\PROGRA~1\Altnet\DOWNLO~1\asm.exe
    E:\WINNT\system32\svchost.exe
    E:\Program Files\Norton Personal Firewall\NISSERV.EXE
    E:\Program Files\Norton Personal Firewall\ATRACK.EXE
    E:\WINNT\system32\wuauclt.exe
    E:\WINNT\System32\SCardSvr.exe
    E:\Program Files\AIM\aim.exe
    E:\PROGRA~1\Netscape\Netscape\Netscp.exe
    C:\unzipped\hijackthis\HijackThis.exe

    N3 - Netscape 7: user_pref("browser.startup.homepage", "http://my.yahoo.com/"); (E:\Documents and Settings\KintgTMouse\Application Data\Mozilla\Profiles\default\stg70jjh.slt\prefs.js)
    N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://E%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (E:\Documents and Settings\KintgTMouse\Application Data\Mozilla\Profiles\default\stg70jjh.slt\prefs.js)
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - E:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll
    O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - E:\WINNT\system32\msdxm.ocx
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - E:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll
    O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
    O4 - HKLM\..\Run: [EssSpkPhone] essspk.exe
    O4 - HKLM\..\Run: [WinampAgent] "E:\Program Files\Winamp\Winampa.exe"
    O4 - HKLM\..\Run: [SymTray - Norton SystemWorks] E:\Program Files\Common Files\Symantec Shared\Symtray.exe SetReg
    O4 - HKLM\..\Run: [ccApp] "E:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [AcctMgr] E:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe /startup
    O4 - HKLM\..\Run: [iamapp] E:\Program Files\Norton Personal Firewall\IAMAPP.EXE
    O4 - HKLM\..\Run: [DeadAIM] rundll32.exe "E:\PROGRA~1\AIM\\DeadAIM.ocm",ExportedCheckODLs
    O4 - HKLM\..\Run: [P2P Networking] E:\WINNT\system32\P2P Networking\P2P Networking.exe /AUTOSTART
    O4 - HKLM\..\Run: [AltnetPointsManager] C:\Program Files\Altnet\Points Manager\Points Manager.exe -s
    O4 - HKLM\..\Run: [Drag'n'Drop_Autolaunch] "E:\Program Files\Iomega HotBurn Pro\Autolaunch.exe"
    O4 - HKCU\..\Run: [Mozilla Quick Launch] "E:\Program Files\Netscape\Netscape\Netscp.exe" -turbo
    O4 - HKLM\..\RunOnce: [SymTray - Norton SystemWorks] E:\Program Files\Common Files\Symantec Shared\Symtrdr.exe
    O9 - Extra button: AIM (HKLM)
    O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
    O16 - DPF: {38578BF0-0ABB-11D3-9330-0080C6F796A1} (Create & Print ActiveX Plug-in) - http://www.imgag.com/cp/install/AxCtp.cab
    O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38083.8483217593
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
     
  2. puff-m-d

    puff-m-d Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    4,449
    Location:
    North Carolina, USA
    Re: Checking out new OS

    Hi kingtmouse,

    Welcome to Wilders.

    I would remove the following two items so P2P does not start when you boot up. You can start it when you need it.

    Before you start, please unzip or move HijackThis to a separate folder of its own. The program will make backups to the folder it's in. These easily get lost in a temporary folder or a folder with other programs.

    Check the following items in HijackThis.
    Close all windows except HijackThis and click Fix checked:

    O4 - HKLM\..\Run: [P2P Networking] E:\WINNT\system32\P2P Networking\P2P Networking.exe /AUTOSTART

    O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -

    Reboot.

    I would strongly suggest that you uninstall your P2P networking as it is an open door to infestation.

    Other than the P2P issue, you are clean.

    Regards,
    Kent
     
  3. kingtmouse

    kingtmouse Registered Member

    Joined:
    Mar 10, 2004
    Posts:
    12
    New OS

    Greetings....
    I just installed a new OS (WIN 2k). Would you please take a look at my
    log. Thank you.
     
    Last edited: Apr 12, 2004
  4. dvk01

    dvk01 Global Moderator

    Joined:
    Oct 9, 2003
    Posts:
    3,131
    Location:
    Loughton, Essex. UK
    Re: New OS

    I've combined your 2 threads always reply in the original please. It's less confusing for us that way
     
Thread Status:
Not open for further replies.