Jump to content


Photo

Require help with dialer & other problems!


  • Please log in to reply
6 replies to this topic

#1 tiff_7_17

tiff_7_17

    Member

  • Full Member
  • Pip
  • 8 posts

Posted 13 July 2004 - 09:04 PM

Hey everyone! New here...
Here is my hijack log...i've been trying to no avail to get rid of these tv files, search hooks etc...and i'm obviously missing some because they keep coming back. I know for a fact I have the happy dialer/uyelik thing, and I also know that I can't get rid of it.
-Yes, I use adaware, spybot, norton and hijack this on a regular basis, yes I follow the instructions...but nothing has worked so far so I wanted to ask the pros.
I don't know if I have a bunch of other problems going on at the same time...but I do know that my several months old computer which I <thought> I was keeping clean is very very laggy, especially on start up. Anyways! Thanks for the assistance, here is my HJT log:

Logfile of HijackThis v1.97.7
Scan saved at 12:41:11 AM, on 12/07/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
C:\Program Files\Winamp\Winampa.exe
C:\wmplayer.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Netscape\Netscape\Netscp.exe
C:\Program Files\Java\j2re1.4.2_04\bin\javaw.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Administrator\Desktop\Tiffany's Folder\Sounds and movies\HijackThis.exe

R3 - URLSearchHook: (no name) - {707E6F76-9FFB-4920-A976-EA101271BC25} - C:\Program Files\TV Media\TvmBho.dll
N3 - Netscape 7: user_pref("browser.search.defaultengine", "http://www.google.com/"); (C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\nf6iwd17.slt\prefs.js)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\Winampa.exe"
O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe
O4 - HKLM\..\Run: [ccRegVfy] C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Mozilla Quick Launch] "C:\Program Files\Netscape\Netscape\Netscp.exe" -turbo
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKLM\..\RunOnce: [TV Media] C:\Program Files\TV Media\Tvm.exe
O4 - HKCU\..\RunOnce: [TV Media] C:\Program Files\TV Media\Tvm.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: LimeWire 4.0.5.lnk = C:\Program Files\LimeWire\LimeWire 4.0.5\LimeWire.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macr...director/sw.cab
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg...v45/yacscom.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://download.yaho...s/yinst0401.cab
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.micr...922/wmv9VCM.CAB
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akama...meInstaller.exe
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.c...utocomplete.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macr...ash/swflash.cab

And, i'm not about to pretend that I actually know what i'm talking about here but this is something my instincts/common sense are telling me is bad. When I pushed CTRL-ALT-DELETE and got my windows task manager up...I checked my processes...javaw.exe is using up 31,160K of my memory? isn't that a bit off?
Also, wmplayer.exe is bouncing all over the place, but maintaining about 11,000K? and one of several svchost.exe the one whose user is dubbed "SYSTEM" is using 30,000K...needless to say my CPU usage is maintained at 100%
This all is totally related isn't it? grrrr

#2 tiff_7_17

tiff_7_17

    Member

  • Full Member
  • Pip
  • 8 posts

Posted 15 July 2004 - 08:25 PM

Bump

#3 tiff_7_17

tiff_7_17

    Member

  • Full Member
  • Pip
  • 8 posts

Posted 15 July 2004 - 08:27 PM

Updated log....does this mean i'm clean?!?!
Logfile of HijackThis v1.97.7
Scan saved at 7:23:45 PM, on 15/07/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\Netscape\Netscape\Netscp.exe
C:\Documents and Settings\Administrator\Desktop\Tiffany's Folder\Sounds and movies\HijackThis.exe

N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\nf6iwd17.slt\prefs.js)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe
O4 - HKLM\..\Run: [ccRegVfy] C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe
O4 - HKCU\..\Run: [Mozilla Quick Launch] "C:\Program Files\Netscape\Netscape\Netscp.exe" -turbo
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.c...utocomplete.cab

#4 tiff_7_17

tiff_7_17

    Member

  • Full Member
  • Pip
  • 8 posts

Posted 18 July 2004 - 12:12 AM

Bump
Happy dialer is back after a short vacation, PLEASE HELP

#5 tiff_7_17

tiff_7_17

    Member

  • Full Member
  • Pip
  • 8 posts

Posted 19 July 2004 - 12:13 AM

Bump, someone please help me!

#6 tiff_7_17

tiff_7_17

    Member

  • Full Member
  • Pip
  • 8 posts

Posted 20 July 2004 - 01:45 AM

bump bump bump bump bump :wtf:

#7 H@ns

H@ns

    Forum Deity

  • Retired Staff - Helper
  • PipPipPipPipPip
  • 2,630 posts

Posted 20 July 2004 - 01:49 AM

HI tiff,

Can you give us a fresh log please? :cool:
Nucia Security Forums - Dutch Anti-Malware Support




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button