Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Adaware trouble...

Started by BuzzLightYear , Oct 30 2004 10:32 AM

  • This topic is locked This topic is locked

#1
BuzzLightYear
Posted 30 October 2004 - 10:32 AM

BuzzLightYear

    Member

  • Member
  • PipPip
  • 29 posts
Hi. I have a problem with my Adaware. An error message keeps popping up saying that my reference file has either been corrupted or removed. What do you think of this?

Logfile of HijackThis v1.98.0
Scan saved at 1:28:50 AM, on 10/31/2004
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Ahnlab\Smart Update Utility\Ahnsdsv.exe
C:\WINNT\system32\DRIVERS\CDANTSRV.EXE
C:\WINNT\System32\svchost.exe
C:\Program Files\Roxio\GoBack\GBPoll.exe
C:\PROGRA~1\NORTON~1\NORTON~2\GHOSTS~2.EXE
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\WINNT\system32\nvsvc32.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\Program Files\iVasion\WinPoET\WrOS.EXE
C:\Program Files\Common Files\WinTools\WToolsS.exe
C:\WINNT\system32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\SymTray.exe
C:\Program Files\iVasion\WinPoET\WinPPPoverEthernet.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
C:\WINNT\SOUNDMAN.EXE
C:\WINNT\system32\spool\drivers\w32x86\3\hpztsb07.exe
C:\Program Files\TurboPlayer\TurboAgent.exe
C:\PROGRA~1\COMMON~1\WinTools\WToolsA.exe
C:\Program Files\Common Files\WinTools\WSup.exe
C:\Program Files\Roxio\GoBack\GBTray.exe
C:\Program Files\Norton SystemWorks\Norton CleanSweep\csinsmnt.exe
D:\My Downloads\Highjack\HijackThis.exe
C:\WINNT\system32\ntvdm.exe

O1 - Hosts: Usage Information:
O1 - Hosts: Save Changes - Save any changes you make to hosts file
O1 - Hosts: Reset Default - Will Replace any existing Hosts with a Windows Default one, original file doesn't have to exist
O1 - Hosts: Save Log - Will Save the Hosts as a Text file, Good for Posting
O1 - Hosts: _________________________________________________________________
O1 - Hosts: Enable and Disable - Will Swap Hosts Files On the Fly for those that want to use Hosts, and Temporarily Disable it.
O1 - Hosts: _________________________________________________________________
O1 - Hosts: Scan for Hosts - Will Search your Windows Drive for Hosts Files, useful if Hosts is in wrong location or installed to Alternate location by Trojan.
O1 - Hosts: Delete - Does exactly that, Delete and Hosts File Selected in the Listbox.
O1 - Hosts: _________________________________________________________________
O1 - Hosts: By Option^Explicit, [email protected]
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {87766247-311C-43B4-8499-3D5FEC94A183} - C:\PROGRA~1\COMMON~1\WinTools\WToolsB.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [WinPoET] C:\Program Files\iVasion\WinPoET\WinPPPoverEthernet.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
O4 - HKLM\..\Run: [SymTray - Norton SystemWorks] C:\Program Files\Common Files\Symantec Shared\SymTray.exe SetReg
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINNT\system32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [TurboAgent] C:\Program Files\TurboPlayer\TurboAgent.exe
O4 - HKLM\..\Run: [WinTools] C:\PROGRA~1\COMMON~1\WinTools\WToolsA.exe
O4 - HKLM\..\RunOnce: [SymTray - Norton SystemWorks] C:\Program Files\Common Files\Symantec Shared\Symtrdr.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: GoBack.lnk = C:\Program Files\Roxio\GoBack\GBTray.exe
O4 - Global Startup: CleanSweep Smart Sweep-Internet Sweep.LNK = C:\Program Files\Norton SystemWorks\Norton CleanSweep\csinsmnt.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O15 - Trusted Zone: http://www.pdbox.co.kr
O16 - DPF: ppctlcab - http://www.pestscan....er/ppctlcab.cab
O16 - DPF: WebTycho Chatroom - http://tychousachat1...ts/chatutil.cab
O16 - DPF: {02354DC5-1E5E-401B-8776-C247E94CE1D2} (SQuery Control) - http://web.pagemoa.com/SQuery.cab
O16 - DPF: {12C14EBC-EABE-4919-A33B-D05F762CBC56} (DaumCafeEditor Control) - http://cafefiles2.ha...mCafeEditor.cab
O16 - DPF: {148F17D2-A980-470A-9A49-2C032BF9BCDC} (MarkAny WebSAFER - SBSi) - http://www.sbs.co.kr.../ppv/MAWS05.cab
O16 - DPF: {196300A5-09A2-4C9D-9B67-3A1F5168A025} (DSWC_IEGC Class) - http://www.ktf.co.kr...ndsoft/DSWC.cab
O16 - DPF: {1DE9BB01-B121-401D-8877-BCD5ED5B7EE5} (Tpwin Control) - http://www.crezio.co...On/AlwaysOn.CAB
O16 - DPF: {1F702755-E006-4D20-BC35-783021A94E22} (Nshort Control) - http://www.sazuguide.com/sazuguide.cab
O16 - DPF: {1F831FAB-42FC-11D4-95A6-0080AD30DCE1} (InstaFred) - file://C:\Program Files\AutoCAD 2002\InstFred.ocx
O16 - DPF: {254E97C3-922F-4A12-B8E4-7697A8BF8A34} (Nshort Control) - http://www.gunghapun...gunghapunse.cab
O16 - DPF: {2712EB12-3BD3-4003-8113-D23B30FACC62} (P3BugsLoad Class) - http://player.bugs.c...der20040625.cab
O16 - DPF: {27BCC3E9-D724-493B-A79E-C2E12C03407A} (CfClient Class) - http://www.iloveschool.co.kr/cfcli.cab
O16 - DPF: {27E4B2A9-D554-40DE-B6CD-F11E9B44FBD0} (SimFileControl Control) - http://simfile.chol....ileControl2.cab
O16 - DPF: {2931566C-B8A6-46C5-BF4D-E6AB9251E953} (Nexon Package Manager Control) - http://file.nx.com/a...ic_new/nxpm.cab
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg...v45/yacscom.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cab
O16 - DPF: {2C197E55-080B-42A4-BFD0-9595B3534CF4} (KVPplugin00 Control) - https://www.vpay.co.kr/KVPplugin01.cab
O16 - DPF: {2D341EFF-28C0-4810-BC1E-08B67A1575F9} - http://netmarble-dow...InstallBugs.CAB
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://www.pestscan....r/axscanner.cab
O16 - DPF: {345CA9DC-1600-4CD2-BFCF-7B57DD1A32DA} (NeoworkInstall Control) - http://easyinstall.i...workInstall.cab
O16 - DPF: {3DA11B9D-C8BF-4ADE-A180-159399C536D9} (BtShellDgb20Com Class) - http://dgb.banktown....t/BtCxDgb20.cab
O16 - DPF: {48ECCD73-123C-4C25-A64C-76E8E8A30CAF} (XPayMPIOCX Control) - http://mpi.dacom.net..._XPayMPIOCX.cab
O16 - DPF: {4DED8BE6-C27E-40D2-9BD0-24BE513B4E6F} (TurboIS Control) - http://cdn.naver.com...tms/turbois.cab
O16 - DPF: {55CE0824-B8F3-4E6A-9797-17FDA555A8E5} (KvpTopd Control) - http://www.vpay.co.kr/KvpTPd.cab
O16 - DPF: {5CA5E00D-80A8-475A-BF08-816FD56DBC38} (KTCtrl Class) - http://support.korne...peedNewCtrl.cab
O16 - DPF: {630B5ED1-D6B0-4D31-8AE2-7687DF72BA9D} (Extream Class) - http://wmpdownload.n...oad/CDNExtX.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {662B4974-EE36-426D-BD11-E75122E6BE18} (EasyPlugX Control) - http://info.anycert.com/c.wtz?i=94
O16 - DPF: {66B30EA0-C033-4D4B-9F90-EA0AF07363AF} (BugsMediaPlayer Control) - http://so.bugs.co.kr...sOggPlay_11.CAB
O16 - DPF: {6AD92401-CE2D-452B-AA63-1291D60EC2D2} (AxINIplugin40 Control) - http://www.mycredit....INIplugin40.cab
O16 - DPF: {6F4863C1-482C-4744-8946-4AEA34DF1A16} (FreechalOn Class) - http://login.freecha...on/FcOnCtl8.cab
O16 - DPF: {72ED8878-6E16-4EA1-BDD6-3B21EF676E45} (CVTrace Control) - http://www.seevideo....ace/cvtrace.cab
O16 - DPF: {784B0583-ABC1-4D3B-9564-357AA32D007C} (TURBO PLAYER Setup Control) - http://cdn.naver.com...bs/turbois9.cab
O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (AcDcToday A|¾i) - file://C:\Program Files\AutoCAD 2002\AcDcToday.ocx
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab
O16 - DPF: {7E9FDB80-5316-11D4-B02C-00C04F0CD404} (XecureWeb 4.0 Client Control) - http://download.soft.../xw_install.cab
O16 - DPF: {938527D1-CDB7-4147-998A-B20FCA5CC976} (Cdmcco Class) - http://cafeimg.hanma.../cab8/dmcc2.cab
O16 - DPF: {9699ACAA-934A-4156-A73E-76D004A55B8E} (InlivePlayer Control) - http://home.megapass...ge/ShortCut.cab
O16 - DPF: {97154128-DC4C-4D5B-AF7C-CA7356238EC9} (Hanmail FileUpload Control) - http://wwl468.daum.n..._fileupload.cab
O16 - DPF: {A1CCCFF4-0DF9-4FFC-99A3-A37A0F3D8E18} (p3bgset Class) - http://player.bugs.c...der20040708.cab
O16 - DPF: {A4508A45-F1C4-40F3-99B4-0CA08AC77E3B} (Kdfense8 Control) - http://kings.cachene...06/kdfense8.cab
O16 - DPF: {A977FF0C-8757-4E76-8533-482F91946233} (Pmang & SayClub Login Control) - http://dl.sayclub.co...ayctl/sayax.cab
O16 - DPF: {AE56372B-B4F5-11D4-A415-00108302FDFD} (NOXLATE-BANR) - file://C:\Program Files\AutoCAD 2002\InstBanr.ocx
O16 - DPF: {BF22698D-3BED-4CB0-BA3A-64534FBC32B1} (SVWebPlayer Control) - http://www.seevideo....SVWebPlayer.cab
O16 - DPF: {BF628973-1E86-4D0E-B42C-EDDECFFABDBC} (Bugs AoD Class) - http://player.bugs.c...der20041008.cab
O16 - DPF: {C5493453-7017-485D-8383-41B3679A8FAB} (KCliCom Class) - http://www.conpia.co...onpiaStudio.cab
O16 - DPF: {C838E9DA-1625-4E14-8B37-C6706B43C423} (IBLeaders IBSheet Control) - http://www.bccard.co...eet/IBSheet.CAB
O16 - DPF: {CE1BF8AA-9C9E-4FF2-810A-AE0657F24FFD} (ActiveForm1 Control) - http://plus.dgb.co.kr/down/XICEDEL.cab
O16 - DPF: {CF362BDB-4EA2-11D5-AB47-000102913414} (SetGlb Control) - http://touch.imbc.com/ocx/SetGlb.cab
O16 - DPF: {CFA57DD9-E2E0-11D7-A2C5-000139026F01} (CombuycomPG.frmCombuycom) - https://www.siren24....CombuycomPG.CAB
O16 - DPF: {CFCB7308-782F-11D4-BE27-000102598CE4} (NPX Control) - http://update.nprote...t/daegu/npx.cab
O16 - DPF: {D0E2D4C6-F65D-4967-A22C-BB0C6245A631} (HanafosDN Control) - http://bin.hanafos.c...1/HanafosDN.cab
O16 - DPF: {D40C2C27-C909-497E-A4FF-D46CCB3D9D55} (JoinsX Control) - http://news.joins.co...insShortCut.cab
O16 - DPF: {D837FF65-FE98-44D9-B90A-74E61EB7801B} (SBXPSASW Control) - http://showbox.dis.s...ox/SBXPSASW.cab
O16 - DPF: {D8F001C6-43B1-4CFD-9DAF-C8BEAE0E2B6D} (Touch Control) - http://touch.imbc.com/ocx/Online.cab
O16 - DPF: {D96D2F74-0B74-47D2-964F-B67E9F69F1CD} (CongnamulMap4Asp Control) - http://kr.maps.yahoo...amulMap4Asp.cab
O16 - DPF: {DA4B05A6-83C5-43A3-8DFB-1072C438F05F} (Nshort Control) - http://www.sajuhot.com/sajuhot.cab
O16 - DPF: {DDA887E8-E6E4-4D48-81E4-817DCA66B8FB} (NethardShort Control) - http://icons.com.ne....rt/NetShort.cab
O16 - DPF: {EADBDB84-2341-4AD0-9FAF-4F1F31CF4A46} (LoginForm Class) - http://pointsok.okca...KMPPClient2.cab
O16 - DPF: {ED1EEBEE-F0AA-474B-9829-61C482E72644} (PDBox25 Control) - http://www.pdbox.co....own/PDBox25.cab
O16 - DPF: {F1F07506-6CB4-44AC-8615-66D1234EFD05} (WebCtl Class) - http://www.bccard.co...NISafeWeb50.cab
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (AcPreview Control) - file://C:\Program Files\AutoCAD 2002\AcPreview.ocx
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O16 - DPF: {F684B4EA-0F0A-4AE3-9C7B-EEB60DA575F8} (MPICtl Class) - http://mpi.dacom.net...ate_XPayMPI.cab
O18 - Filter: text/html - {C77F90FA-4E22-4C94-A8B5-80A5B8CE069A} - C:\Documents and Settings\mycom\Local Settings\Application Data\microsoft\internet explorer\V0.26.dat
O20 - AppInit_DLLs: apitrap.dll
  • 0

Advertisements

#2
BuzzLightYear
Posted 01 November 2004 - 08:10 AM

BuzzLightYear

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts
<_<
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP