Can someone please look at this log and tell me what's wrong?

Discussion in 'Spyware' started by AdamsBlueGuitar, May 2, 2004.

  1. I'm having CWS problems. Can anyone help?

    This is my hijackthis log:

    Logfile of HijackThis v1.97.7
    Scan saved at 3:03:44 AM, on 5/2/2004
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\cisvc.exe
    C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
    C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
    C:\Program Files\Digital Line Detect\DLG.exe
    C:\WINDOWS\System32\cidaemon.exe
    C:\Documents and Settings\TheBigA\Desktop\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
    http://www.dellnet.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title =
    Internet Explorer Provided by Cox High Speed Internet
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak =
    about:blank
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP =
    about:blank
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,Shellnext =
    http://www.dellnet.com/
    R3 - URLSearchHook: (no name) -
    _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
    O1 - Hosts: 212.33.69.3 js1.hitbox.com
    O1 - Hosts: 212.33.69.3 stats.hitbox.com
    O1 - Hosts: 212.33.69.3 pagead2.googlesyndication.com
    O1 - Hosts: 212.33.69.3 m1.nedstatbasic.net
    O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
    C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
    C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {68F44C0D-2F79-425D-885D-1BB6B1649975} -
    C:\WINDOWS\System32\omgmpc.dll (file missing)
    O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} -
    C:\Program Files\Microsoft Money\System\mnyviewer.dll
    O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} -
    C:\Program Files\MSN Toolbar\01.01.1601.0\en-us\msntb.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
    C:\WINDOWS\SYSTEM32\msdxm.ocx
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE
    C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
    O4 - HKLM\..\Run: [POINTER] point32.exe
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - Global Startup: Adobe Gamma Loader.lnk.disabled
    O4 - Global Startup: Digital Line Detect.lnk = ?
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions
    present
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel
    present
    O9 - Extra button: AIM (HKLM)
    O9 - Extra button: Real.com (HKLM)
    O9 - Extra button: MoneySide (HKLM)
    O9 - Extra button: Messenger (HKLM)
    O9 - Extra 'Tools' menuitem: Messenger (HKLM)
    O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
    O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download
    Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_41.cab
    O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} -
    http://a1540.g.akamai.net/7/1540/52/20031216/qtinstall.info.apple.com/mickey/us/win/QuickTimeInstaller.exe
    O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) -
    http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38049.8215277778
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash
    Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
     
    AdamsBlueGuitar, May 2, 2004
    #1
    1. Advertisements

  2. Fix these ones:
    Get CWS shredder here:
    http://www.spywareinfo.com/~merijn/files/cwshredder.zip
     
    FakeMailThatWorks, May 2, 2004
    #2
    1. Advertisements

  3. Thanks! I'll fix those as soon as I get off of work.
     
    AdamsBlueGuitar, May 3, 2004
    #3
  4. On 2 May 2004 01:08:59 -0700, in <alt.privacy.spyware>,
    [snip]

    Please put the whole of your questions in the BODY of your article(s).
    [snip]

    Ahhh... Then the answer is simple:

    <http://www.litepc.com/ieradicator.html>
    <http://www.litepc.com/98lite.html>
    <http://www.litepc.com/xplite.html>

    Pick whichever is appropriate to your system/needs.

    --

    Jay T. Blocksom
    --------------------------------
    Appropriate Technology, Inc.
    usenet01[at]appropriate-tech.net


    "They that can give up essential liberty to obtain a little temporary
    safety deserve neither liberty nor safety."
    -- Benjamin Franklin, Historical Review of Pennsylvania, 1759.

    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    Unsolicited advertising sent to this E-Mail address is expressly prohibited
    under USC Title 47, Section 227. Violators are subject to charge of up to
    $1,500 per incident or treble actual costs, whichever is greater.
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
     
    Jay T. Blocksom, May 4, 2004
    #4
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.