WinAntiSpyware 2005 / SurfAccuracy [CLOSED]

Here is my HijackThis log. Would like to have WinAntiSpyware 2005, SurfAccuracy and any other spyware/adware files removed from system :tazz:

.

Logfile of HijackThis v1.99.1
Scan saved at 9:03:35 AM, on 9/8/2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\PROGRA~1\NETWOR~1\VIRUSS~2\Avsynmgr.exe
d:\Program Files\Dassault Systemes\B13\intel_a\code\bin\CATSysDemon.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\VERITAS\Backup Exec\RANT\beremote.exe
c:\winnt\system32\domtimec.exe
C:\PROGRA~1\NETWOR~1\VIRUSS~2\VsStat.exe
C:\PROGRA~1\NETWOR~1\VIRUSS~2\Vshwin32.exe
C:\WINNT\Explorer.EXE
C:\PROGRA~1\COMMON~1\NETWOR~1\McShield\Mcshield.exe
C:\PROGRA~1\NETWOR~1\VIRUSS~2\Avconsol.exe
C:\WINNT\system32\DACONFIG.EXE
C:\Program Files\SurfAccuracy\SAcc.exe
C:\WINNT\system32\wuaepl40.exe
C:\Program Files\WinAntiSpyware 2005\was5.exe
C:\Program Files\Bxctqs\Nyyyeqp.exe
D:\Program Files\Microsoft Office\Office\Findfast.exe
D:\Program Files\Microsoft Office\Office\Osa.exe
C:\WINNT\system32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\TEMP\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://home.netscape...nsearch200.html
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O4 - HKLM\..\Run: [COMSMDEXE] comsmd.exe -on
O4 - HKLM\..\Run: [DACONFIGEXE] DACONFIG.EXE R
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [SurfAccuracy] C:\Program Files\SurfAccuracy\SAcc.exe
O4 - HKLM\..\Run: [s79O35g] wuaepl40.exe
O4 - HKLM\..\Run: [WinAntiSpyware 2005] C:\Program Files\WinAntiSpyware 2005\was5.exe
O4 - HKLM\..\Run: [Enknofp] C:\Program Files\Bxctqs\Nyyyeqp.exe
O4 - Global Startup: Microsoft Find Fast.lnk = D:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Global Startup: Office Startup.lnk = D:\Program Files\Microsoft Office\Office\OSA.EXE
O13 - WWW. Prefix: http://
O16 - DPF: {5e2a3510-4371-11d6-b64c-00c04faedb18} (Oracle JInitiator 1.1.8.18) -
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1122581022058
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = ctlaerospace.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{0CE8C589-31A0-47DE-B178-C91A33BF28F2}: Domain = ctlaerospace.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{0CE8C589-31A0-47DE-B178-C91A33BF28F2}: NameServer = 216.68.1.100,216.68.2.100
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = ctlaerospace.com
O17 - HKLM\System\CS1\Services\Tcpip\..\{0CE8C589-31A0-47DE-B178-C91A33BF28F2}: Domain = ctlaerospace.com
O17 - HKLM\System\CS1\Services\Tcpip\..\{0CE8C589-31A0-47DE-B178-C91A33BF28F2}: NameServer = 216.68.1.100,216.68.2.100
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = ctlaerospace.com
O17 - HKLM\System\CS2\Services\Tcpip\..\{0CE8C589-31A0-47DE-B178-C91A33BF28F2}: Domain = ctlaerospace.com
O17 - HKLM\System\CS2\Services\Tcpip\..\{0CE8C589-31A0-47DE-B178-C91A33BF28F2}: NameServer = 216.68.1.100,216.68.2.100
O20 - Winlogon Notify: nwprovau - C:\WINNT\SYSTEM32\nwprovau.dll
O23 - Service: AVSync Manager (AvSynMgr) - Unknown owner - C:\PROGRA~1\NETWOR~1\VIRUSS~2\Avsynmgr.exe
O23 - Service: Backup Exec Remote Agent for Windows NT/2000 (BackupExecAgentAccelerator) - VERITAS Software Corporation - C:\Program Files\VERITAS\Backup Exec\RANT\beremote.exe
O23 - Service: Backbone Service (BBDemon) - Dassault Systemes - d:\Program Files\Dassault Systemes\B13\intel_a\code\bin\CATSysDemon.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Domain Time Client - Greyware Automation Products
Web: http://www.greyware.com
FTP: ftp://ftp.greyware.com
Email: [email protected]
Phone: 972-867-2794 - c:\winnt\system32\domtimec.exe
O23 - Service: IBM Nodelock License Server (IBM LUM NDL) - IBM - C:\IFOR\WIN\BIN\I4LLMD.EXE
O23 - Service: McShield - Network Associates, Inc. - C:\PROGRA~1\COMMON~1\NETWOR~1\McShield\Mcshield.exe
O23 - Service: OracleClientCache80 - Unknown owner - D:\orant\BIN\ONRSD80.EXE

Hi and welcome to GeeksToGo! My name is Sam and I will be helping you. :tazz:

I apologize for the delay getting to your log, the helpers here are very busy.
You are currently using hijackthis from a temp directory. This can cause problems. Please create a directory on your c: drive called c:\hijackthis and download and unzip hijackthis into that directory. Run the program from that directory from now on. It is essential that you follow these steps or certain important features of the program will not function correctly.

Once you have Hijackthis is a permanent folder, run Hijackthis. Click on "Open the Misc Tools section". Next click on "Open uninstall manager".
Press the button 'save list'. It will open a Notepad file. Place the content of that file here in your in your next post.

#1
kansberr

Posted 08 September 2005 - 07:18 AM

Advertisements

#2
Buckeye_Sam

Posted 11 September 2005 - 03:40 PM

#3
Buckeye_Sam

Posted 25 September 2005 - 01:59 PM

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us