Bad things that happened:
-Sometimes I get random internet explorer windows popping up without me clicking on the IE icon. Its weird and scary, and when the window pops up, it immediately gets an error which I have to close.
-Norton AV has had a weird error where the 'enable autoprotect' wouldn't turn on. And the e-mail scanning wouldn't work either.
-I uninstalled Norton AV, but I got a a cctrust.dll error, so I used the rnav removal tool to clean it up.
-There must be bits of Norton AV still left on my computer, as when I go to msconfig, ccapp is still there under startup, even though its unchecked. However, I've already gone to the symantec shared folder and deleted it.. so I don't know what's happening there.
This is my Hijackthis logfile.
Logfile of HijackThis v1.99.0
Scan saved at 10:56:48 AM, on 1/30/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\System32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\System32\CTHELPER.EXE
D:\Program Files\QuickTime\qttask.exe
D:\Program Files\iTunes\iTunesHelper.exe
D:\Program Files\Microsoft Hardware\Keyboard\type32.exe
D:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
D:\Program Files\ProcessGuard\pgaccount.exe
D:\Program Files\Creative\SBAudigy\TaskBar\CTLTray.exe
D:\Program Files\Creative\SBAudigy\TaskBar\CTLTask.exe
D:\Program Files\TGTSoft\StyleXP\StyleXP.exe
D:\Program Files\Creative\SBAudigy\RemoteCenter\Rc\Rcman.exe
D:\Program Files\MSN Messenger\msnmsgr.exe
D:\Program Files\ProcessGuard\procguard.exe
D:\WINDOWS\System32\CTsvcCDA.exe
D:\Program Files\ProcessGuard\dcsuserprot.exe
D:\WINDOWS\System32\MsPMSPSv.exe
D:\Program Files\iPod\bin\iPodService.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\WINDOWS\System32\wuauclt.exe
D:\Documents and Settings\Mary Cheong\Desktop\Edward\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - D:\Program Files\GetRight\xx2gr.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [CTStartup] D:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [Disc Detector] D:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [SSC_UserPrompt] D:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroCheck] D:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [Jet Detection] D:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe
O4 - HKLM\..\Run: [iTunesHelper] D:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [IntelliType] "D:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [gcasServ] "D:\Program Files\GIANT Company Software\GIANT AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [ccRegVfy] "D:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [ATIPTA] D:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [!1_pgaccount] "D:\Program Files\ProcessGuard\pgaccount.exe"
O4 - HKCU\..\Run: [TaskTray] "D:\Program Files\Creative\SBAudigy\TaskBar\CTLTray.exe"
O4 - HKCU\..\Run: [TaskBar] "D:\Program Files\Creative\SBAudigy\TaskBar\CTLTask.exe"
O4 - HKCU\..\Run: [STYLEXP] D:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [RemoteCenter] D:\Program Files\Creative\SBAudigy\RemoteCenter\Rc\Rcman.exe
O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [!1_ProcessGuard_Startup] "D:\Program Files\ProcessGuard\procguard.exe" -minimize
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = D:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: ccApp.exe.lnk = D:\Program Files\Common Files\Symantec Shared\ccApp.exe
O4 - Global Startup: GetRight - Tray Icon.lnk = D:\Program Files\GetRight\getright.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Download with GetRight - D:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Browser - D:\Program Files\GetRight\GRbrowse.htm
O9 - Extra button: (no name) - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
O12 - Plugin for .spop: D:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zon...kr.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zon...er.cab30149.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...nt.cab30149.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec....ta/SymAData.cab
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - http://www.symantec..../ActiveData.cab
O23 - Service: Ati HotKey Poller - Unknown - D:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - D:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: DiamondCS Process Guard Service v3.000 - DiamondCS - D:\Program Files\ProcessGuard\dcsuserprot.exe
O23 - Service: iPod Service - Apple Computer, Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: StyleXPService - Unknown - D:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: SymWMI Service - Unknown - D:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe (file missing)