OmegaSearch Prob - HiJackThis Log
Hey, I've been HiJacked and I don't know how to stop it, heres my log. Please Help!
Logfile of HijackThis v1.97.7
Scan saved at 2:40:00 AM, on 16/05/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\System32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
D:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
D:\WINDOWS\System32\CTHELPER.EXE
D:\WINDOWS\AGRSMMSG.exe
D:\PROGRA~1\NORTON~1\navapw32.exe
D:\Program Files\Norton Internet Security\IAMAPP.EXE
D:\Program Files\D-Tools\daemon.exe
D:\Program Files\Messenger Plus! 2\MsgPlus.exe
D:\PROGRA~1\TRUSTC~1\Type phone.exe
D:\WINDOWS\System32\ctfmon.exe
D:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE
D:\Program Files\Apache Group\Apache2\bin\Apache.exe
D:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
D:\Program Files\Apache Group\Apache2\bin\Apache.exe
D:\WINDOWS\System32\CTsvcCDA.exe
D:\Program Files\MySQL\bin\mysqld-nt.exe
D:\Program Files\Norton AntiVirus\navapsvc.exe
D:\Program Files\Norton Internet Security\NISUM.EXE
D:\WINDOWS\System32\MsPMSPSv.exe
D:\Program Files\Norton Internet Security\NISSERV.EXE
D:\Program Files\Norton Internet Security\SymProxySvc.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\MSN Messenger\msnmsgr.exe
E:\Downloads\Software Downloads\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://omegasearch.com/passthrough/index.html?http://www.google.com.au/
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - D:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: (no name) - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - (no file)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - D:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [ATIPTA] D:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [CTSysVol] D:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [SBDrvDet] D:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [UpdReg] D:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NeroCheck] D:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [NAV Agent] D:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [iamapp] D:\Program Files\Norton Internet Security\IAMAPP.EXE
O4 - HKLM\..\Run: [DAEMON Tools-1033] "D:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [MessengerPlus2] "D:\Program Files\Messenger Plus! 2\MsgPlus.exe"
O4 - HKLM\..\Run: [platform cake] D:\PROGRA~1\TRUSTC~1\Type phone.exe
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [RemoteCenter] D:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = D:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = D:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &Download with &DAP - D:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - D:\PROGRA~1\DAP\dapextie2.htm
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: AIM (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38077.9077083333
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4DE63E0C-817F-4D38-B92C-5F981D7290FD}: NameServer = 203.134.24.70 203.134.26.70
By the way I also have another problem which you may be able to help me with. Whenever I boot up my computer it takes a long time to load, (mostly the start menu and task bar) the last thing to load is Norton Antivirus and Firewall (from the Norton Internet Security package) I was wondering if there is a way to fix it so Norton doesn't tie down my system for so long on startup.
-Thanks TheDark12
Logfile of HijackThis v1.97.7
Scan saved at 2:40:00 AM, on 16/05/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\System32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
D:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
D:\WINDOWS\System32\CTHELPER.EXE
D:\WINDOWS\AGRSMMSG.exe
D:\PROGRA~1\NORTON~1\navapw32.exe
D:\Program Files\Norton Internet Security\IAMAPP.EXE
D:\Program Files\D-Tools\daemon.exe
D:\Program Files\Messenger Plus! 2\MsgPlus.exe
D:\PROGRA~1\TRUSTC~1\Type phone.exe
D:\WINDOWS\System32\ctfmon.exe
D:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE
D:\Program Files\Apache Group\Apache2\bin\Apache.exe
D:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
D:\Program Files\Apache Group\Apache2\bin\Apache.exe
D:\WINDOWS\System32\CTsvcCDA.exe
D:\Program Files\MySQL\bin\mysqld-nt.exe
D:\Program Files\Norton AntiVirus\navapsvc.exe
D:\Program Files\Norton Internet Security\NISUM.EXE
D:\WINDOWS\System32\MsPMSPSv.exe
D:\Program Files\Norton Internet Security\NISSERV.EXE
D:\Program Files\Norton Internet Security\SymProxySvc.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\MSN Messenger\msnmsgr.exe
E:\Downloads\Software Downloads\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://omegasearch.com/passthrough/index.html?http://www.google.com.au/
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - D:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: (no name) - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - (no file)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - D:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [ATIPTA] D:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [CTSysVol] D:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [SBDrvDet] D:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [UpdReg] D:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NeroCheck] D:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [NAV Agent] D:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [iamapp] D:\Program Files\Norton Internet Security\IAMAPP.EXE
O4 - HKLM\..\Run: [DAEMON Tools-1033] "D:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [MessengerPlus2] "D:\Program Files\Messenger Plus! 2\MsgPlus.exe"
O4 - HKLM\..\Run: [platform cake] D:\PROGRA~1\TRUSTC~1\Type phone.exe
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [RemoteCenter] D:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = D:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = D:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &Download with &DAP - D:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - D:\PROGRA~1\DAP\dapextie2.htm
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: AIM (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38077.9077083333
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4DE63E0C-817F-4D38-B92C-5F981D7290FD}: NameServer = 203.134.24.70 203.134.26.70
By the way I also have another problem which you may be able to help me with. Whenever I boot up my computer it takes a long time to load, (mostly the start menu and task bar) the last thing to load is Norton Antivirus and Firewall (from the Norton Internet Security package) I was wondering if there is a way to fix it so Norton doesn't tie down my system for so long on startup.
-Thanks TheDark12
0
Comments
However, I still need Help with my slow booting comp, has anyone else got this problem? Do you know whether it is related to Norton Internet Security?
Since I've updated my Norton AntiVirus Software it always has a big red cross through it, meaning that AutoProtect is off... I can't turn it back on either.
I've re-installed Norton AntiVirus 3 times now, and every time it updates, same problem. Any ideas what I can look for to solve either of those problems?