Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

loadingwebsite.com

Started by ljow , Jun 15 2005 02:07 PM

  • Please log in to reply

#1
ljow
Posted 15 June 2005 - 02:07 PM

ljow

    New Member

  • Member
  • Pip
  • 1 posts
I have followed your prior to posting instructions. While it has seemed to help a bit, I still get random popup windows but not to the same degree of frequency as before I installed the recommended ad-aware, spybot, ewido, tds3, spysweeper, spy subtract. Thank you for your help!

Logfile of HijackThis v1.99.1
Scan saved at 3:00:05 PM, on 6/15/2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\winnt\System32\smss.exe
C:\winnt\system32\winlogon.exe
C:\winnt\system32\services.exe
C:\winnt\system32\lsass.exe
C:\winnt\system32\svchost.exe
C:\winnt\System32\svchost.exe
C:\winnt\system32\spoolsv.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\Program Files\HP Web Jetadmin\hpwebjetd.exe
C:\WINNT\System32\NMSSvc.exe
C:\Program Files\Seagate Software\WCS\pageserver.exe
C:\winnt\system32\regsvc.exe
C:\WINNT\system32\r_server.exe
C:\winnt\system32\MSTask.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Seagate Software\WCS\WebCompServer.exe
C:\Program Files\HP Web Jetadmin\hpwebjetd.exe
C:\winnt\System32\WBEM\WinMgmt.exe
C:\winnt\system32\svchost.exe
C:\Program Files\Seagate Software\WCS\cacheserver.exe
C:\Program Files\Seagate Software\Enterprise\x86\CrystalAPS.exe
C:\Program Files\Seagate Software\Enterprise\x86\inputfileserver.exe
C:\Program Files\Seagate Software\Enterprise\x86\outputfileserver.exe
C:\Program Files\Seagate Software\WCS\JobServer.exe
C:\winnt\system32\rundll32.exe
C:\winnt\Explorer.EXE
C:\winnt\system32\NWTRAY.EXE
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\QuickTime\qttask.exe
C:\winnt\system32\PROMon.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\winnt\system32\igfxtray.exe
C:\winnt\system32\hkcmd.exe
C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe
C:\Program Files\Common Files\Adaptec Shared\CreateCD\CreateCD50.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Samsung\Digimax Viewer 1.0\DigimaxViewer.exe
C:\Program Files\InterMute\SpySubtract\SpySub.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\OpenOffice.org 1.9.79\program\soffice.exe
C:\Program Files\Pandion\Pandion.exe
C:\Program Files\OpenOffice.org 1.9.79\program\soffice.BIN
C:\winnt\System32\svchost.exe
C:\Program Files\Microsoft Office\Office\OUTLOOK.EXE
C:\WINNT\msagent\AgentSvr.exe
C:\Program Files\INTERCEPT\BANCWIN.EXE
M:\PUBLIC\WIN32\nwadmn32.exe
C:\Program Files\Radmin\radmin.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\HJT\HijackThis.exe

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NWTRAY] NWTRAY.EXE
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PROMon.exe] PROMon.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\winnt\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [IgfxTray] C:\winnt\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\winnt\system32\hkcmd.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [DrvLsnr] C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe
O4 - HKLM\..\Run: [DeadAIM] rundll32.exe "C:\PROGRA~1\AIM\\DeadAIM.ocm",ExportedCheckODLs
O4 - HKLM\..\Run: [CreateCD50] "C:\Program Files\Common Files\Adaptec Shared\CreateCD\CreateCD50.exe" -r
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - Startup: OpenOffice.org 1.9.79.lnk = OpenOffice.org 1.9.79\program\quickstart.exe
O4 - Startup: Pandion.lnk = Pandion\Pandion.exe
O4 - Global Startup: Digimax Viewer 1.0.lnk = Samsung\Digimax Viewer 1.0\DigimaxViewer.exe
O4 - Global Startup: SpySubtract.lnk = InterMute\SpySubtract\SpySub.exe
O4 - Global Startup: WinZip Quick Pick.lnk = WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {8EDAD21C-3584-4E66-A8AB-EB0E5584767D} - http://toolbar.googl...gleActivate.cab
O16 - DPF: {B8634A6E-38D5-4AAE-8708-3F3DB92FF9D0} (NTR Activex 1.0.8) - https://www.inquiero...ractivex108.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{931A23EC-2BBB-494B-9C48-A52E66C6EB2E}: NameServer = 100.1.1.240
O20 - Winlogon Notify: Nls - C:\winnt\system32\t0r8la9u1d.dll
O23 - Service: pcAnywhere Host Service (awhost32) - Symantec Corporation - C:\Program Files\Symantec\pcAnywhere\awhost32.exe
O23 - Service: Crystal Cache Server (CacheServer) - Unknown owner - C:\Program Files\Seagate Software\WCS\cacheserver.exe" -service -name W2K-SCHLAURA.cacheserver -cache -nops -deleteCache -ns W2K-SCHLAURA -restart (file missing)
O23 - Service: Crystal APS (CrystalAPS) - Unknown owner - C:\Program Files\Seagate Software\Enterprise\x86\CrystalAPS.exe" -service -restart (file missing)
O23 - Service: Crystal Input File Repository Server (CrystalInputFileServer) - Unknown owner - C:\Program Files\Seagate Software\Enterprise\x86\inputfileserver.exe" -service -name Input -ns W2K-SCHLAURA -restart (file missing)
O23 - Service: Crystal Output File Repository Server (CrystalOutputFileServer) - Unknown owner - C:\Program Files\Seagate Software\Enterprise\x86\outputfileserver.exe" -service -name Output -ns W2K-SCHLAURA -restart (file missing)
O23 - Service: Client Update Service for Novell (cusrvc) - Novell, Inc. - C:\WINNT\system32\cusrvc.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\winnt\System32\dmadmin.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: HP Web Jetadmin (HPWebJetadmin) - Unknown owner - C:\Program Files\HP Web Jetadmin\hpwebjetd.exe" -k runservice (file missing)
O23 - Service: Crystal Report Job Server (JobServer_Report) - Unknown owner - C:\Program Files\Seagate Software\WCS\JobServer.exe" -service -name W2K-SCHLAURA.report -ns W2K-SCHLAURA -objectType report -lib procReport -restart (file missing)
O23 - Service: Intel® NMS (NMSSvc) - Intel Corporation - C:\WINNT\System32\NMSSvc.exe
O23 - Service: Crystal Page Server (pageserver) - Unknown owner - C:\Program Files\Seagate Software\WCS\pageserver.exe" -service -name W2K-SCHLAURA.pageserver -ns W2K-SCHLAURA -restart (file missing)
O23 - Service: Remote Administrator Service (r_server) - Unknown owner - C:\WINNT\system32\r_server.exe" /service (file missing)
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Crystal Web Component Server (WebCompServer) - Unknown owner - C:\Program Files\Seagate Software\WCS\WebCompServer.exe" -service -name W2K-SCHLAURA -ns W2K-SCHLAURA (file missing)
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP