Jump to content


Definitely the happy dialer/worm & probably others

  • Please log in to reply
1 reply to this topic

#1 tiff_7_17



  • Full Member
  • Pip
  • 8 posts

Posted 12 July 2004 - 01:53 AM

:huh: Hey everyone! New here...
Here is my hijack log...i've been trying to no avail to get rid of these tv files, search hooks etc...and i'm obviously missing some because they keep coming back. I know for a fact I have the happy dialer/uyelik thing, and I also know that I can't get rid of it.
-Yes, I use adaware, spybot, norton and hijack this on a regular basis, yes I follow the instructions...but nothing has worked so far so I wanted to ask the pros.
I don't know if I have a bunch of other problems going on at the same time...but I do know that my several months old computer which I <thought> I was keeping clean is very very laggy, especially on start up. Anyways! Thanks for the assistance, here is my HJT log:

Logfile of HijackThis v1.97.7
Scan saved at 12:41:11 AM, on 12/07/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
C:\Program Files\Winamp\Winampa.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Netscape\Netscape\Netscp.exe
C:\Program Files\Java\j2re1.4.2_04\bin\javaw.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Administrator\Desktop\Tiffany's Folder\Sounds and movies\HijackThis.exe

R3 - URLSearchHook: (no name) - {707E6F76-9FFB-4920-A976-EA101271BC25} - C:\Program Files\TV Media\TvmBho.dll
N3 - Netscape 7: user_pref("browser.search.defaultengine", "http://www.google.com/"); (C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\nf6iwd17.slt\prefs.js)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\Winampa.exe"
O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe
O4 - HKLM\..\Run: [ccRegVfy] C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Mozilla Quick Launch] "C:\Program Files\Netscape\Netscape\Netscp.exe" -turbo
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKLM\..\RunOnce: [TV Media] C:\Program Files\TV Media\Tvm.exe
O4 - HKCU\..\RunOnce: [TV Media] C:\Program Files\TV Media\Tvm.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: LimeWire 4.0.5.lnk = C:\Program Files\LimeWire\LimeWire 4.0.5\LimeWire.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macr...director/sw.cab
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg...v45/yacscom.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://download.yaho...s/yinst0401.cab
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.micr...922/wmv9VCM.CAB
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akama...meInstaller.exe
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.c...utocomplete.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macr...ash/swflash.cab

#2 tiff_7_17



  • Full Member
  • Pip
  • 8 posts

Posted 12 July 2004 - 02:17 AM

Ok...me again, i'm not about to pretend that I actually know what i'm talking about here but this is something I found interesting. When I pushed CTRL-ALT-DELETE and got my windows task manager up...I checked my processes...javaw.exe is using up 31,160K of my memory? isn't that a bit off?
Also, wmplayer.exe is bouncing all over the place, but maintaining about 11,000K? and one of several svchost.exe the one whose user is dubbed "SYSTEM" is using 30,000K...needless to say my CPU usage is maintained at 100% :(
This all is totally related isn't it? grrrr

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button