Options
Need help with removal of "HS""SW"
Hello how are you... I have a problem with opening aol instant messanger... I have done "spybot" "adware" "norton".. I have now done Hijack this.. this is what came up...
Logfile of HijackThis v1.98.0
Scan saved at 12:13:25 PM, on 12/31/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\LEXBCES.EXE
F:\WINDOWS\system32\spoolsv.exe
F:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
F:\WINDOWS\System32\CTsvcCDA.exe
F:\Program Files\Norton AntiVirus\navapsvc.exe
F:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
F:\WINDOWS\System32\nvsvc32.exe
F:\WINDOWS\appcd.exe
F:\WINDOWS\System32\spool\DRIVERS\W32X86\2\printray.exe
F:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
F:\Program Files\Common Files\Real\Update_OB\realsched.exe
F:\Program Files\Common Files\Symantec Shared\ccApp.exe
F:\WINDOWS\BCMSMMSG.exe
F:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
F:\PROGRA~1\LEXMAR~1\ACMonitor_X73.exe
F:\PROGRA~1\LEXMAR~1\AcBtnMgr_X73.exe
F:\WINDOWS\iptq32.exe
F:\Program Files\Windows ServeAd\WinServAd.exe
F:\Program Files\Messenger\msmsgs.exe
F:\Program Files\Windows ServeAd\WinServSuit.exe
F:\Program Files\Creative\SBLive\Diagnostics\diagent.exe
C:\Program Files\Ontrack\Internet Cleanup\onictask.exe
F:\WINDOWS\System32\wuauclt.exe
F:\WINDOWS\explorer.exe
F:\WINDOWS\system32\rundll32.exe
F:\Program Files\Mozilla Firefox\firefox.exe
F:\Documents and Settings\David Fairman\Desktop\HiJackThis_Last.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://F:\WINDOWS\luuat.dll/sp.html#49977
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://F:\WINDOWS\luuat.dll/sp.html#49977
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://F:\WINDOWS\luuat.dll/sp.html#49977
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://F:\WINDOWS\luuat.dll/sp.html#49977
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://F:\WINDOWS\luuat.dll/sp.html#49977
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://F:\WINDOWS\luuat.dll/sp.html#49977
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {1C72FEB7-4D6C-FAF3-195A-D51516EDCC77} - F:\WINDOWS\apihw32.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - F:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - F:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [PrinTray] F:\WINDOWS\System32\spool\DRIVERS\W32X86\2\printray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [diagent] "F:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup
O4 - HKLM\..\Run: [MMTray] F:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [TkBellExe] "F:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ccApp] "F:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "F:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] F:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "F:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe "F:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaEngineMain
O4 - HKLM\..\Run: [Lexmark X73 Button Monitor] F:\PROGRA~1\LEXMAR~1\ACMonitor_X73.exe
O4 - HKLM\..\Run: [Lexmark X73 Button Manager] F:\PROGRA~1\LEXMAR~1\AcBtnMgr_X73.exe
O4 - HKLM\..\Run: [iptq32.exe] F:\WINDOWS\iptq32.exe
O4 - HKLM\..\Run: [Windows ServeAd] F:\Program Files\Windows ServeAd\WinServAd.exe
O4 - HKLM\..\Run: [KernelFaultCheck] F:\WINDOWS\system32\dumprep 0 -k
O4 - HKCU\..\Run: [MSMSGS] "F:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Tsa2] F:\PROGRA~1\COMMON~1\tsa\tsm2.exe
O4 - HKCU\..\Run: [AIM] F:\PROGRA~1\AIM95\aim.exe -cnetwait.odl
O4 - Startup: Cleanup.lnk = C:\Program Files\Ontrack\Internet Cleanup\onictask.exe
O8 - Extra context menu item: &AIM Search - res://F:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - F:\PROGRA~1\AIM95\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.frame.crazywinnings.com
O15 - Trusted Zone: *.static.topconverting.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{A45FC2C6-789E-43D6-9463-F393C22CB70A}: NameServer = 209.128.224.2 209.128.232.2
I would appreicate any info ..Thanks
Dave
stang@dandy.net
Logfile of HijackThis v1.98.0
Scan saved at 12:13:25 PM, on 12/31/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\LEXBCES.EXE
F:\WINDOWS\system32\spoolsv.exe
F:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
F:\WINDOWS\System32\CTsvcCDA.exe
F:\Program Files\Norton AntiVirus\navapsvc.exe
F:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
F:\WINDOWS\System32\nvsvc32.exe
F:\WINDOWS\appcd.exe
F:\WINDOWS\System32\spool\DRIVERS\W32X86\2\printray.exe
F:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
F:\Program Files\Common Files\Real\Update_OB\realsched.exe
F:\Program Files\Common Files\Symantec Shared\ccApp.exe
F:\WINDOWS\BCMSMMSG.exe
F:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
F:\PROGRA~1\LEXMAR~1\ACMonitor_X73.exe
F:\PROGRA~1\LEXMAR~1\AcBtnMgr_X73.exe
F:\WINDOWS\iptq32.exe
F:\Program Files\Windows ServeAd\WinServAd.exe
F:\Program Files\Messenger\msmsgs.exe
F:\Program Files\Windows ServeAd\WinServSuit.exe
F:\Program Files\Creative\SBLive\Diagnostics\diagent.exe
C:\Program Files\Ontrack\Internet Cleanup\onictask.exe
F:\WINDOWS\System32\wuauclt.exe
F:\WINDOWS\explorer.exe
F:\WINDOWS\system32\rundll32.exe
F:\Program Files\Mozilla Firefox\firefox.exe
F:\Documents and Settings\David Fairman\Desktop\HiJackThis_Last.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://F:\WINDOWS\luuat.dll/sp.html#49977
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://F:\WINDOWS\luuat.dll/sp.html#49977
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://F:\WINDOWS\luuat.dll/sp.html#49977
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://F:\WINDOWS\luuat.dll/sp.html#49977
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://F:\WINDOWS\luuat.dll/sp.html#49977
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://F:\WINDOWS\luuat.dll/sp.html#49977
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {1C72FEB7-4D6C-FAF3-195A-D51516EDCC77} - F:\WINDOWS\apihw32.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - F:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - F:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [PrinTray] F:\WINDOWS\System32\spool\DRIVERS\W32X86\2\printray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [diagent] "F:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup
O4 - HKLM\..\Run: [MMTray] F:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [TkBellExe] "F:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ccApp] "F:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "F:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] F:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "F:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe "F:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaEngineMain
O4 - HKLM\..\Run: [Lexmark X73 Button Monitor] F:\PROGRA~1\LEXMAR~1\ACMonitor_X73.exe
O4 - HKLM\..\Run: [Lexmark X73 Button Manager] F:\PROGRA~1\LEXMAR~1\AcBtnMgr_X73.exe
O4 - HKLM\..\Run: [iptq32.exe] F:\WINDOWS\iptq32.exe
O4 - HKLM\..\Run: [Windows ServeAd] F:\Program Files\Windows ServeAd\WinServAd.exe
O4 - HKLM\..\Run: [KernelFaultCheck] F:\WINDOWS\system32\dumprep 0 -k
O4 - HKCU\..\Run: [MSMSGS] "F:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Tsa2] F:\PROGRA~1\COMMON~1\tsa\tsm2.exe
O4 - HKCU\..\Run: [AIM] F:\PROGRA~1\AIM95\aim.exe -cnetwait.odl
O4 - Startup: Cleanup.lnk = C:\Program Files\Ontrack\Internet Cleanup\onictask.exe
O8 - Extra context menu item: &AIM Search - res://F:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - F:\PROGRA~1\AIM95\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.frame.crazywinnings.com
O15 - Trusted Zone: *.static.topconverting.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{A45FC2C6-789E-43D6-9463-F393C22CB70A}: NameServer = 209.128.224.2 209.128.232.2
I would appreicate any info ..Thanks
Dave
stang@dandy.net
0
Comments