Logfile of HijackThis v1.98.2
Scan saved at 6:32:15 AM, on 8/10/2004
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\csrss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\svchost.exe
D:\Program Files\Roxio\GoBack\GBPoll.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
D:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
D:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\WINNT\system32\nvsvc32.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
D:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\SymTray.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINNT\system32\RUNDLL32.exe
C:\WINNT\system32\RUNDLL32.EXE
C:\WINNT\system32\ctfmon.exe
D:\Program Files\Roxio\GoBack\GBTray.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINNT\System32\svchost.exe
D:\Program Files\Hijack This\hijackthis.exe

O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - D:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - D:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [SymTray - Norton SystemWorks] C:\Program Files\Common Files\Symantec Shared\Symtray.exe SetReg
O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaE ngineMain
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [THGuard] "D:\Program Files\TrojanHunter 3.9\THGuard.exe"
O4 - HKLM\..\RunOnce: [SymTray - Norton SystemWorks] C:\Program Files\Common Files\Symantec Shared\Symtrdr.exe
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 - Global Startup: GoBack.lnk = D:\Program Files\Roxio\GoBack\GBTray.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab



Thats the Updated Hijack This log

lol..

now my Homepage is changed to google.. O_o It never ends.. does it?

First of all uninstall Wildtangent, its spyware.

Then follow the instructions in the Hijack This Logs post at the top of this forum and download the antispyware protection mentioned and also download a firewall. Then download AVG antivirus. Disconnect from the internet and temporarily uninstall Norton. Then install AVG (make sure you have the license key!). Then reconnect to the internet and update AVG.

Perform a full virus scan and clear any viruses detected.

Okay I tried that and it didn't work >_<; still found no viruses

But umm.. If I was to Reformat the entire disk, would that work?

I guess I mean, we already reformatted it last night, and basically when we did the partitions, the C drive said that it so much free space which was about 250 mb lower than what we set it to; basically saying even after it was cleared there was something on it still, so it wouldn't let us reinstall windows correctly.. Today were going to try using it as a slave and using cleansweep or whatever on it to clear the entire Disk.. Will that work? If it does will it be -virus- free? =/

Thanks

You don't have a virus, nothing is detecting a virus. First try this:

- Download System Security Suite
- Put a checkmark next to any Temporary Files entries, Recycle Bin and Cookies
- Click Clear Selected Items

We need to flush the contents of System Restore. To do this, please follow the instructions relevant to your Operating System in this article.

After you have Disabled System Restore, you need to Reboot and then Reenable System Restore so that your system is safe from errors and will be able to be restored to a previous state.

Okay thanks

I have a new question now

Is it normal for me to have an INDEX folder in my cookies, that I cannot get rid of? >_<

http://service1.symantec.com/SUPPORT...build=Symantec

Unable to open the file C:\Documents and Settings\Nick1\Cookies\index.dat. The file is in use by another application or you don't have permission to open the file.

Thats what I get when I try to run Norton on it: Is it normal?

Thanks again!

Yep, you can't access the index.dat files. Need to be done in Safe Mode.