Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

loadingwebsite.com


  • Please log in to reply

#1
ljow

ljow

    New Member

  • Member
  • Pip
  • 1 posts
I have followed your prior to posting instructions. While it has seemed to help a bit, I still get random popup windows but not to the same degree of frequency as before I installed the recommended ad-aware, spybot, ewido, tds3, spysweeper, spy subtract. Thank you for your help!

Logfile of HijackThis v1.99.1
Scan saved at 3:00:05 PM, on 6/15/2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\winnt\System32\smss.exe
C:\winnt\system32\winlogon.exe
C:\winnt\system32\services.exe
C:\winnt\system32\lsass.exe
C:\winnt\system32\svchost.exe
C:\winnt\System32\svchost.exe
C:\winnt\system32\spoolsv.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\Program Files\HP Web Jetadmin\hpwebjetd.exe
C:\WINNT\System32\NMSSvc.exe
C:\Program Files\Seagate Software\WCS\pageserver.exe
C:\winnt\system32\regsvc.exe
C:\WINNT\system32\r_server.exe
C:\winnt\system32\MSTask.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Seagate Software\WCS\WebCompServer.exe
C:\Program Files\HP Web Jetadmin\hpwebjetd.exe
C:\winnt\System32\WBEM\WinMgmt.exe
C:\winnt\system32\svchost.exe
C:\Program Files\Seagate Software\WCS\cacheserver.exe
C:\Program Files\Seagate Software\Enterprise\x86\CrystalAPS.exe
C:\Program Files\Seagate Software\Enterprise\x86\inputfileserver.exe
C:\Program Files\Seagate Software\Enterprise\x86\outputfileserver.exe
C:\Program Files\Seagate Software\WCS\JobServer.exe
C:\winnt\system32\rundll32.exe
C:\winnt\Explorer.EXE
C:\winnt\system32\NWTRAY.EXE
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\QuickTime\qttask.exe
C:\winnt\system32\PROMon.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\winnt\system32\igfxtray.exe
C:\winnt\system32\hkcmd.exe
C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe
C:\Program Files\Common Files\Adaptec Shared\CreateCD\CreateCD50.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Samsung\Digimax Viewer 1.0\DigimaxViewer.exe
C:\Program Files\InterMute\SpySubtract\SpySub.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\OpenOffice.org 1.9.79\program\soffice.exe
C:\Program Files\Pandion\Pandion.exe
C:\Program Files\OpenOffice.org 1.9.79\program\soffice.BIN
C:\winnt\System32\svchost.exe
C:\Program Files\Microsoft Office\Office\OUTLOOK.EXE
C:\WINNT\msagent\AgentSvr.exe
C:\Program Files\INTERCEPT\BANCWIN.EXE
M:\PUBLIC\WIN32\nwadmn32.exe
C:\Program Files\Radmin\radmin.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\HJT\HijackThis.exe

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NWTRAY] NWTRAY.EXE
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PROMon.exe] PROMon.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\winnt\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [IgfxTray] C:\winnt\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\winnt\system32\hkcmd.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [DrvLsnr] C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe
O4 - HKLM\..\Run: [DeadAIM] rundll32.exe "C:\PROGRA~1\AIM\\DeadAIM.ocm",ExportedCheckODLs
O4 - HKLM\..\Run: [CreateCD50] "C:\Program Files\Common Files\Adaptec Shared\CreateCD\CreateCD50.exe" -r
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - Startup: OpenOffice.org 1.9.79.lnk = OpenOffice.org 1.9.79\program\quickstart.exe
O4 - Startup: Pandion.lnk = Pandion\Pandion.exe
O4 - Global Startup: Digimax Viewer 1.0.lnk = Samsung\Digimax Viewer 1.0\DigimaxViewer.exe
O4 - Global Startup: SpySubtract.lnk = InterMute\SpySubtract\SpySub.exe
O4 - Global Startup: WinZip Quick Pick.lnk = WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {8EDAD21C-3584-4E66-A8AB-EB0E5584767D} - http://toolbar.googl...gleActivate.cab
O16 - DPF: {B8634A6E-38D5-4AAE-8708-3F3DB92FF9D0} (NTR Activex 1.0.8) - https://www.inquiero...ractivex108.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{931A23EC-2BBB-494B-9C48-A52E66C6EB2E}: NameServer = 100.1.1.240
O20 - Winlogon Notify: Nls - C:\winnt\system32\t0r8la9u1d.dll
O23 - Service: pcAnywhere Host Service (awhost32) - Symantec Corporation - C:\Program Files\Symantec\pcAnywhere\awhost32.exe
O23 - Service: Crystal Cache Server (CacheServer) - Unknown owner - C:\Program Files\Seagate Software\WCS\cacheserver.exe" -service -name W2K-SCHLAURA.cacheserver -cache -nops -deleteCache -ns W2K-SCHLAURA -restart (file missing)
O23 - Service: Crystal APS (CrystalAPS) - Unknown owner - C:\Program Files\Seagate Software\Enterprise\x86\CrystalAPS.exe" -service -restart (file missing)
O23 - Service: Crystal Input File Repository Server (CrystalInputFileServer) - Unknown owner - C:\Program Files\Seagate Software\Enterprise\x86\inputfileserver.exe" -service -name Input -ns W2K-SCHLAURA -restart (file missing)
O23 - Service: Crystal Output File Repository Server (CrystalOutputFileServer) - Unknown owner - C:\Program Files\Seagate Software\Enterprise\x86\outputfileserver.exe" -service -name Output -ns W2K-SCHLAURA -restart (file missing)
O23 - Service: Client Update Service for Novell (cusrvc) - Novell, Inc. - C:\WINNT\system32\cusrvc.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\winnt\System32\dmadmin.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: HP Web Jetadmin (HPWebJetadmin) - Unknown owner - C:\Program Files\HP Web Jetadmin\hpwebjetd.exe" -k runservice (file missing)
O23 - Service: Crystal Report Job Server (JobServer_Report) - Unknown owner - C:\Program Files\Seagate Software\WCS\JobServer.exe" -service -name W2K-SCHLAURA.report -ns W2K-SCHLAURA -objectType report -lib procReport -restart (file missing)
O23 - Service: Intel® NMS (NMSSvc) - Intel Corporation - C:\WINNT\System32\NMSSvc.exe
O23 - Service: Crystal Page Server (pageserver) - Unknown owner - C:\Program Files\Seagate Software\WCS\pageserver.exe" -service -name W2K-SCHLAURA.pageserver -ns W2K-SCHLAURA -restart (file missing)
O23 - Service: Remote Administrator Service (r_server) - Unknown owner - C:\WINNT\system32\r_server.exe" /service (file missing)
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Crystal Web Component Server (WebCompServer) - Unknown owner - C:\Program Files\Seagate Software\WCS\WebCompServer.exe" -service -name W2K-SCHLAURA -ns W2K-SCHLAURA (file missing)
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP