Jump to content


Strange behaviour lately.

  • This topic is locked This topic is locked
4 replies to this topic

#1 dosto



  • Full Member
  • Pip
  • 6 posts

Posted 26 May 2004 - 07:59 PM


Could someone please look at this log? I run Spybot and Adaware and CWS regularly, but I still believe something is not how it is supposed to be.

Sometimes my startpage is changed to some msn-page. Another, rather annoying, problem is that the computer sometimes stops responding to everything, exept ctrl-alt-del and the most of the start menu. The start-menu doesn't help me much, since everything disapears from "programs" and down, leaving only the top half. It goes back to normal if I log off with ctr-alt-del, but I loose any unsaved data.
Also, from time to time, the net is incredibly slow...

Any sugestions?


Logfile of HijackThis v1.97.7
Scan saved at 2:34:14 AM, on 5/2/2004
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
F:\program files\Datasikkerhet\Norton AntiVirus 2004 Pro\navapsvc.exe
F:\program files\Datasikkerhet\Norton AntiVirus 2004 Pro\AdvTools\NPROTECT.EXE
F:\program files\Datasikkerhet\Norton AntiVirus 2004 Pro\SAVScan.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Creative\ShareDLL\CtNotify.exe
F:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
F:\Games\Battlefield Vietnam\AceGain\LiveUpdate.exe
F:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Creative\ShareDLL\MediaDet.Exe
F:\program files\Datasikkerhet\Eraser\eraser.exe
F:\program files\sec\Natural Color\NaturalColorLoad.exe
F:\Games\Battlefield Vietnam\AceGain\aceagent.exe
F:\program files\Mediaspillere\Winamp3\studio.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
F:\program files\Datasikkerhet\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = about:blank
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - f:\program files\adobe\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - F:\PROGRA~1\DATASI~1\SPYBOT~1.1\SDHelper.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - F:\program files\Datasikkerhet\Norton AntiVirus 2004 Pro\NavShExt.dll
O2 - BHO: (no name) - {ED657BAF-1EE5-4A07-9D2E-6D0525EFC69B} - f:\Program Files\ICOO Loader\addons\icoourlext.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - F:\program files\Datasikkerhet\Norton AntiVirus 2004 Pro\NavShExt.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [anvshell] anvshell.exe
O4 - HKLM\..\Run: [zBrowser Launcher] f:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Resume copy] copyfstq.exe /startup
O4 - HKLM\..\Run: [WinampAgent] "f:\Program Files\Winamp3\winampa.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [lqrjtkjb] C:\WINNT\wqulmd.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [QuickTime Task] "F:\program files\blaze\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AceGain LiveUpdate] F:\Games\Battlefield Vietnam\AceGain\LiveUpdate.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] F:\PROGRA~1\DATASI~1\NORTON~2\AdvTools\ADVCHK.EXE
O4 - HKCU\..\Run: [asustweakenable] C:\Program Files\ASUS\Tweaking Utilities\ATweak.exe /start
O4 - HKCU\..\Run: [Eraser] F:\program files\Datasikkerhet\Eraser\eraser.exe -hide
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = F:\program files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NaturalColorLoad.lnk = F:\program files\sec\Natural Color\NaturalColorLoad.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://F:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Si&milar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macr...ash/swflash.cab
O16 - DPF: {F5192746-22D6-41BD-9D2D-1E75D14FBD3C} - http://download.rfwn...m/cab/crack.CAB

Edited by dosto, 26 May 2004 - 08:01 PM.

#2 dosto



  • Full Member
  • Pip
  • 6 posts

Posted 01 June 2004 - 11:58 PM


#3 jesse



  • New Member
  • Pip
  • 1 posts

Posted 13 April 2005 - 06:49 AM

I have 2 things you could do. <br> #1.download firefox at http://www.mozila.org/products/firefox <br> #2.Post your HJT log on http://www.jesse.dk.tc we can help you out in the spyware and malware, but first you have to register.

#4 jw50


    Forum Deity

  • Retired Staff
  • PipPipPipPipPip
  • 18,969 posts

Posted 01 June 2005 - 09:36 AM

We sincerely apologize for not getting back to you sooner. If you are still experiencing any problems would you please run HijackThis and post a new log. Also please let us know what changes, if any, have occurred since your last post.
Posted Image

#5 jw50


    Forum Deity

  • Retired Staff
  • PipPipPipPipPip
  • 18,969 posts

Posted 02 July 2005 - 02:37 PM

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team
an email with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.
Posted Image

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of

Support SpywareInfo Forum - click the button
PayPal - The safer, easier way to pay online!