Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Has spyware stolen my DVD/CD ROM? [resolved]


  • This topic is locked This topic is locked

#1
garfluver

garfluver

    Member

  • Member
  • PipPipPip
  • 103 posts
I've tried all the spyware/virus scans I know how to do...they show nothing. I've worked with DELL support...they claim it's not my drive...that it's something on my computer. Please help!! My IDE controller "Intel..." and "Primary Channel" are listed twice in the device manager --the "Secondary Channel" is listed once if that means anything??! :tazz:
Thanks, Garfluver

Here's my HJT log:


Logfile of HijackThis v1.99.1
Scan saved at 7:53:54 PM, on 3/22/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Common Files\Dell\EUSW\Support.exe
C:\Program Files\ScreenPrint32 v3\ScreenPrint32.exe
C:\Program Files\Dell\Support\Alert\bin\NotifyAlert.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Downloads\Microsoft Antispyware\gcasServ.exe
C:\Program Files\Microsoft Money\System\mnyexpr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\CallWave\IAM.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\CTsvcCDA.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\system32\svchost.exe
C:\Downloads\Microsoft Antispyware\gcasDtServ.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\HJT\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bhawk.net
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bhawk.net
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = BlackHawk Internet
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\ycomp5_5_7_0.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\ycomp5_5_7_0.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [diagent] "C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [DwlClient] C:\Program Files\Common Files\Dell\EUSW\Support.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [ScreenPrint32] C:\Program Files\ScreenPrint32 v3\ScreenPrint32.exe -startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Downloads\Microsoft Antispyware\gcasServ.exe"
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Internet Answering Machine.lnk = C:\Program Files\CallWave\IAM.exe
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....467&clcid=0x409
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcaf...84/mcinsctl.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {72C23FEC-3AF9-48FC-9597-241A8EBDFE0A} (InstallShield International Setup Player) - http://ftp.hp.com/pu...er/isetupML.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {89D75D39-5531-47BA-9E4F-B346BA9C362C} (CWDL_DownLoadControl Class) - http://www.callwave....DL_DownLoad.CAB
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft.../as5/asinst.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcaf...,21/mcgdmgr.cab
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.app.../ITDetector.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.h.../qdiagh.cab?316
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by2fd.bay2.ho...ex/HMAtchmt.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{3D841BDB-66E7-4061-B5B9-52ECBAA63E69}: NameServer = 12.30.159.195 12.30.159.198
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
  • 0

Advertisements


#2
Michelle

Michelle

    Malware Removal Goddess

  • Retired Staff
  • 8,928 posts
Welcome to Geeks to Go!
Actually, your log appears pretty clean. I just have a few quick questions:
Is your ISP AT&T?
Did you set your homepage to bhawk.net?
And do you actually use the Callwave on your system?

Michelle :tazz:
  • 0

#3
garfluver

garfluver

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 103 posts
Hi Michelle,

bhawk.net is my service provider and yes, I do use callwave service...
my homepage is msn.com

Thanks for taking a look at this...any suggestions? I cannot get CDs (music or games) or DVDs to work in my CD-DVD ROM. They work fine in the burner drive. And Dell tells me there's nothing wrong with the drive...so why won't it work then? :tazz:

Dell suggested I uninstall the drive...I did that and still no change. The only oddity I noticed is that the IEP controller lists the before mentioned Intel & Primary twice. I tried to delete them but they came back on reboot.

Thanks again,
Garfluver
  • 0

#4
Chaze

Chaze

    Member

  • Member
  • PipPipPip
  • 154 posts
Try to Find the exact name or your hardware,.. and then check the web for an updated firmware/software.
Same thing happened to me when I was burning movies left and right.
Did you check device mngr?? Does it say " this device is working properly"??? Mine was Roxio and all I did was check Microsoft.com and I was able to get going from there.
  • 0

#5
Michelle

Michelle

    Malware Removal Goddess

  • Retired Staff
  • 8,928 posts
I'm sorry I don't have any advice as your log is clean, so I have no clue unless a legit program is causing the problem! You might try asking in the hardware forum to see if they may know what the problem is. Sorry!

Michelle :tazz:
  • 0

#6
garfluver

garfluver

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 103 posts
Thought I'd send along an update on my DVD-CD ROM drive...incase anyone else ever has this problem. Hopefully your outcome will be better than mine.

In the past week, I contacted DELL once by phone and 2 times by online chat before trying one last time today. Guess what? Good news...finally got someone who could help me...was told that my drive needs to be replaced. Which was nice to know...finally an answer. The bad news (you knew there'd be some didn't ya?)
...was told that my warranty ran out the 23rd...yep 2 days ago!! ;) So they won't replace it. I have to buy a new drive!! ( I even begged...pleaded! Ü Mentioned that I tried to resolve the problem before the 23rd, but that didn't work either.) I think they will get a friendly letter from me with my opinion of their support services! ;)

So...guess we need to keep pestering them for help until we hear what we want to hear. I'll definitely keep "rechatting" until I get someone who can give me an answer next time! (Although, hopefully there won't be a next time!) :tazz:

-garfluver
  • 0

#7
Michelle

Michelle

    Malware Removal Goddess

  • Retired Staff
  • 8,928 posts

...was told that my warranty ran out the 23rd...yep 2 days ago!!  :tazz: So they won't replace it.  I have to buy a new drive!!

View Post


Ah, man! Yep, that would be the kind of luck I would have too! I'm glad you figured out your problem, but I'm sorry you have to replace the drive, ugh!

Michelle ;)
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP