I have tryed everything I know -HijackThis log

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

nowaybutpunk

Thread Starter
Joined
Jul 8, 2005
Messages
4
I have done everything that I know to fix my computer. I am now in need of some help.

Logfile of HijackThis v1.99.1
Scan saved at 2:11:07 PM, on 7/8/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\spoolsv.exe
F:\WINDOWS\Explorer.EXE
F:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
F:\WINDOWS\system32\CTHELPER.EXE
F:\Program Files\V-Stream\PVR Plus\TVR\Scheduled.exe
F:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
F:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
F:\Program Files\Common Files\Network Associates\TalkBack\tbmon.exe
F:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
F:\WINDOWS\System32\igfxtray.exe
F:\WINDOWS\System32\hkcmd.exe
C:\Surround Mixer\CTSysVol.exe
C:\DVDAudio\CTDVDDet.EXE
F:\WINDOWS\SysUpdate.exe
F:\Program Files\Media Access\MediaAccK.exe
F:\Program Files\Media Access\MediaAccess.exe
C:\mtinstall.exe
F:\PROGRA~1\MUSICM~1\MUSICM~1\MMDiag.exe
F:\Program Files\V-Stream Multimedia\TV878 Utilities\C7XRCtl.exe
F:\Program Files\WinZip\WZQKPICK.EXE
F:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mim.exe
F:\WINDOWS\System32\CTsvcCDA.exe
F:\Program Files\Network Associates\Common Framework\FrameworkService.exe
F:\Program Files\Network Associates\VirusScan\vstskmgr.exe
F:\WINDOWS\System32\MsPMSPSv.exe
F:\Program Files\Network Associates\VirusScan\mcshield.exe
F:\Program Files\Common Files\Real\Update_OB\realsched.exe
F:\Program Files\Netscape\Netscape\Netscp.exe
C:\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cus...aults/sb/*http://www.yahoo.com/search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ycomp_wave/defaults/sp/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://aimhome.netscape.com/aimhome.adp
N3 - Netscape 7: user_pref("browser.startup.homepage", "http://home.netscape.com/bookmark/7_2/home.html"); (F:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\4q2w091f.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://F%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (F:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\4q2w091f.slt\prefs.js)
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - F:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - F:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O4 - HKLM\..\Run: [MMTray] "F:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [SBDrvDet] F:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [UpdReg] F:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [PVR Agent] F:\Program Files\V-Stream\PVR Plus\TVR\Scheduled.exe
O4 - HKLM\..\Run: [ShStatEXE] "F:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "F:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "F:\Program Files\Common Files\Network Associates\TalkBack\tbmon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] F:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [IgfxTray] F:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] F:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [CTDVDDET] C:\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] F:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "F:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Media Access] F:\Program Files\Media Access\MediaAccK.exe
O4 - HKLM\..\Run: [MimBoot] F:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exe
O4 - HKLM\..\Run: [ZoneEdit] C:\mtinstall.exe
O4 - HKLM\..\Run: [SAHBundle] F:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\sahagent-cdt1004.exe run
O4 - HKCU\..\Run: [MSMSGS] "F:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [NBJ] "F:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [AIM] F:\PROGRA~1\AIM\aim.exe -cnetwait.odl
O4 - Global Startup: InterVideo WinCinema Manager.lnk = F:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Microsoft Office.lnk = F:\Office10\OSA.EXE
O4 - Global Startup: TV878 Remote Control.lnk = F:\Program Files\V-Stream Multimedia\TV878 Utilities\C7XRCtl.exe
O4 - Global Startup: WinZip Quick Pick.lnk = F:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &AIM Search - res://F:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Office10\EXCEL.EXE/3000
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - F:\PROGRA~1\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/MediaAccess/ie/bridge-c5.cab
O16 - DPF: {99410CDE-6F16-42ce-9D49-3807F78F0287} (ClientInstaller Class) - http://www.180searchassistant.com/180saax.cab
O20 - Winlogon Notify: igfxcui - F:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - F:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - F:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - F:\Program Files\Network Associates\VirusScan\mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - F:\Program Files\Network Associates\VirusScan\vstskmgr.exe
 

nowaybutpunk

Thread Starter
Joined
Jul 8, 2005
Messages
4
here is the new Hijack log

Logfile of HijackThis v1.99.1
Scan saved at 3:09:25 PM, on 7/8/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\spoolsv.exe
F:\WINDOWS\Explorer.EXE
F:\WINDOWS\system32\CTHELPER.EXE
F:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
F:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
F:\Program Files\Common Files\Network Associates\TalkBack\tbmon.exe
F:\WINDOWS\System32\igfxtray.exe
F:\WINDOWS\System32\hkcmd.exe
C:\Surround Mixer\CTSysVol.exe
C:\DVDAudio\CTDVDDet.EXE
C:\mtinstall.exe
F:\Program Files\Messenger\msmsgs.exe
F:\Program Files\V-Stream Multimedia\TV878 Utilities\C7XRCtl.exe
F:\WINDOWS\System32\CTsvcCDA.exe
F:\Program Files\Network Associates\Common Framework\FrameworkService.exe
F:\Program Files\Network Associates\VirusScan\mcshield.exe
F:\Program Files\Network Associates\VirusScan\vstskmgr.exe
F:\WINDOWS\System32\MsPMSPSv.exe
F:\Program Files\Netscape\Netscape\Netscp.exe
F:\Program Files\Internet Explorer\iexplore.exe
C:\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cus...aults/sb/*http://www.yahoo.com/search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ycomp_wave/defaults/sp/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://aimhome.netscape.com/aimhome.adp
N3 - Netscape 7: user_pref("browser.startup.homepage", "http://home.netscape.com/bookmark/7_2/home.html"); (F:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\4q2w091f.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://F%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (F:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\4q2w091f.slt\prefs.js)
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - F:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - F:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [ShStatEXE] "F:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "F:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "F:\Program Files\Common Files\Network Associates\TalkBack\tbmon.exe"
O4 - HKLM\..\Run: [IgfxTray] F:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] F:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [CTDVDDET] C:\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] F:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ZoneEdit] C:\mtinstall.exe
O4 - HKCU\..\Run: [MSMSGS] "F:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Microsoft Office.lnk = F:\Office10\OSA.EXE
O4 - Global Startup: TV878 Remote Control.lnk = F:\Program Files\V-Stream Multimedia\TV878 Utilities\C7XRCtl.exe
O8 - Extra context menu item: &AIM Search - res://F:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Office10\EXCEL.EXE/3000
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - F:\PROGRA~1\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/MediaAccess/ie/bridge-c5.cab
O16 - DPF: {99410CDE-6F16-42ce-9D49-3807F78F0287} (ClientInstaller Class) - http://www.180searchassistant.com/180saax.cab
O20 - Winlogon Notify: igfxcui - F:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - F:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - F:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - F:\Program Files\Network Associates\VirusScan\mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - F:\Program Files\Network Associates\VirusScan\vstskmgr.exe

any other suggestins?
 

flavallee

Frank
Trusted Advisor
Joined
May 12, 2002
Messages
83,277
Run another scan with HijackThis, then select and fix:

O4 - HKLM\..\Run: [Media Access] F:\Program Files\Media Access\MediaAccK.exe

O4 - HKLM\..\Run: [SAHBundle] F:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\sahagent-cdt1004.exe run


After that's done, restart your computer in safe mode. Go into the C:\PROGRAM FILES folder, then delete the MEDIA ACCESS folder.

----------------------------------------------------------------

You do have too many unnecessary programs running in the background, but let's get the log fixed first before we start trimming down the list.

----------------------------------------------------------------

Why is Windows and most of the other programs running off the "F" drive and not the "C" drive?

How many drives are in that computer?

----------------------------------------------------------------
 

flavallee

Frank
Trusted Advisor
Joined
May 12, 2002
Messages
83,277
Oops! It looks like my reply got there too late. :rolleyes:

----------------------------------------------------------------

NoWayButPunk:

It looks like you've already unchecked and disabled some of the entries in the startup list. Do you know what you're doing or are you just guessing at which ones to disable?

Go here and type in each entry in the white box, then click "Search". If it's listed in the database, it'll tell you what it is and whether you can disable it or not.

----------------------------------------------------------------
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Members online

Top