Skip to main content
Start a Conversation

Unsolved

This post is more than 5 years old

lilmac2442

24 Posts

24110

January 29th, 2006 21:00

Adware NDot.Net removal

I have recently run My norton virus scan and it detected adware.NDotnet virus on my computer. I ran the symantec removal tool on my computer and it could not find it or remove it. Do you have any other suggestions on how to remove the virus. I have not noticed anything being effected by the virus but I would still like to remove it.
 
Thanks!!

bamajim

10.4K Posts

January 30th, 2006 17:00

Lilmac2442

Go here http://www.download.com/3000-2144-10045910.html?part=69274&subj=dlpage&tag=button

and download Adware program - save to disc- run the program. See what it finds
 
Reply with findings
 
Bamajim

lilmac2442

24 Posts

January 31st, 2006 00:00

#:11 [ccsetmgr.exe]

   FilePath           : C:\Program Files\Common Files\Symantec Shared\

   ProcessID          : 1584

   ThreadCreationTime : 1-31-2006 2:01:01 AM

   BasePriority       : Normal

   FileVersion        : 103.0.4.3

   ProductVersion     : 103.0.4.3

   ProductName        : Client and Host Security Platform

   CompanyName        : Symantec Corporation

   FileDescription    : Symantec Settings Manager Service

   InternalName       : ccSetMgr

   LegalCopyright     : Copyright (c) 2000-2004 Symantec Corporation. All rights reserved.

   OriginalFilename   : ccSetMgr.exe

 

#:12 [sndsrvc.exe]

   FilePath           : C:\Program Files\Common Files\Symantec Shared\

   ProcessID          : 1636

   ThreadCreationTime : 1-31-2006 2:01:01 AM

   BasePriority       : Normal

   FileVersion        : 5.5.1.6

   ProductVersion     : 5.5

   ProductName        : Symantec Security Drivers

   CompanyName        : Symantec Corporation

   FileDescription    : Network Driver Service

   InternalName       : SndSrvc

   LegalCopyright     : Copyright 2002, 2003, 2004 Symantec Corporation

   OriginalFilename   : SndSrvc.exe

 

#:13 [spbbcsvc.exe]

   FilePath           : C:\Program Files\Common Files\Symantec Shared\SPBBC\

   ProcessID          : 1648

   ThreadCreationTime : 1-31-2006 2:01:01 AM

   BasePriority       : Normal

   FileVersion        : 1,0,1,47

   ProductVersion     : 1,0,1,47

   ProductName        : SPBBC

   CompanyName        : Symantec Corporation

   FileDescription    : SPBBC Service

   InternalName       : SPBBCSvc

   LegalCopyright     : Copyright (c) 2004 Symantec Corporation. All rights reserved.

   OriginalFilename   : SPBBCSvc.exe

 

#:14 [ccevtmgr.exe]

   FilePath           : C:\Program Files\Common Files\Symantec Shared\

   ProcessID          : 1720

   ThreadCreationTime : 1-31-2006 2:01:02 AM

   BasePriority       : Normal

   FileVersion        : 103.0.4.3

   ProductVersion     : 103.0.4.3

   ProductName        : Client and Host Security Platform

   CompanyName        : Symantec Corporation

   FileDescription    : Symantec Event Manager Service

   InternalName       : ccEvtMgr

   LegalCopyright     : Copyright (c) 2000-2004 Symantec Corporation. All rights reserved.

   OriginalFilename   : ccEvtMgr.exe

 

#:15 [spoolsv.exe]

   FilePath           : C:\WINDOWS\system32\

   ProcessID          : 1848

   ThreadCreationTime : 1-31-2006 2:01:02 AM

   BasePriority       : Normal

   FileVersion        : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)

   ProductVersion     : 5.1.2600.2696

   ProductName        : Microsoft® Windows® Operating System

   CompanyName        : Microsoft Corporation

   FileDescription    : Spooler SubSystem App

   InternalName       : spoolsv.exe

   LegalCopyright     : © Microsoft Corporation. All rights reserved.

   OriginalFilename   : spoolsv.exe

 

#:16 [aolacsd.exe]

   FilePath           : C:\PROGRA~1\COMMON~1\AOL\ACS\

   ProcessID          : 1948

   ThreadCreationTime : 1-31-2006 2:01:02 AM

   BasePriority       : Normal

 

 

#:17 [mcdetect.exe]

   FilePath           : c:\program files\mcafee.com\agent\

   ProcessID          : 2012

   ThreadCreationTime : 1-31-2006 2:01:02 AM

   BasePriority       : Normal

   FileVersion        : 6, 0, 0, 19

   ProductVersion     : 6, 0, 0, 0

   ProductName        : McAfee SecurityCenter

   CompanyName        : McAfee, Inc

   FileDescription    : McAfee WSC Integration Service

   InternalName       : McDetect

   LegalCopyright     : Copyright © 2005 McAfee, Inc.

   OriginalFilename   : McDetect.exe

   Comments           : McAfee WSC Integration Service

 

#:18 [mctskshd.exe]

   FilePath           : c:\PROGRA~1\mcafee.com\agent\

   ProcessID          : 2032

   ThreadCreationTime : 1-31-2006 2:01:02 AM

   BasePriority       : Normal

   FileVersion        : 6, 0, 0, 13

   ProductVersion     : 6, 0, 0, 0

   ProductName        : McAfee SecurityCenter

   CompanyName        : McAfee, Inc

   FileDescription    : McAfee Task Scheduler

   InternalName       : McTskshd

   LegalCopyright     : Copyright © 2005 McAfee, Inc.

   OriginalFilename   : McTskshd.exe

 

#:19 [navapsvc.exe]

   FilePath           : C:\Program Files\Norton AntiVirus\

   ProcessID          : 156

   ThreadCreationTime : 1-31-2006 2:01:03 AM

   BasePriority       : Normal

   FileVersion        : 11.0.9.16

   ProductVersion     : 11.0.9

   ProductName        : Norton AntiVirus

   CompanyName        : Symantec Corporation

   FileDescription    : Norton AntiVirus Auto-Protect Service

   InternalName       : NAVAPSVC

   LegalCopyright     : Norton AntiVirus 2005 for Windows 98/ME/2000/XP Copyright © 2004 Symantec Corporation. All rights reserved.

   OriginalFilename   : NAVAPSVC.EXE

 

lilmac2442

24 Posts

January 31st, 2006 00:00

i did the scan twice. The first time it showed only a cookie so I deleted all cookies then restarted my computer and ran the scan again and this is the log summary. I do not understand what the MRU list is but it found a lot of that. I have to post it in 2 entries sorry!

 


Ad-Aware SE Build 1.06r1
Logfile Created on:Monday, January 30, 2006 9:03:59 PM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R89 24.01.2006
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
MRU List(TAC index:0):34 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects


1-30-2006 9:03:59 PM - Scan started. (Full System Scan)

 MRU List Object Recognized!
    Location:          : C:\Documents and Settings\Sarah Beth\Application Data\microsoft\office\recent
    Description        : list of recently opened documents using microsoft office


 MRU List Object Recognized!
    Location:          : C:\Documents and Settings\Sarah Beth\recent
    Description        : list of recently opened documents


 MRU List Object Recognized!
    Location:          : S-1-5-21-4076539155-1093215046-2848032334-1006\software\corel\user assistant\12\recent work\wordperfect\last opened
    Description        : list of recently opened documents in corel wordperfect


 MRU List Object Recognized!
    Location:          : S-1-5-21-4076539155-1093215046-2848032334-1006\software\corel\user assistant\12\recent work\wordperfect\last opened
    Description        : list of recently opened documents in corel wordperfect


 MRU List Object Recognized!
    Location:          : S-1-5-21-4076539155-1093215046-2848032334-1006\software\microsoft\clipart gallery\2.0\mrudescription
    Description        : most recently used description in microsoft clipart gallery


 MRU List Object Recognized!
    Location:          : S-1-5-21-4076539155-1093215046-2848032334-1006\software\microsoft\direct3d\mostrecentapplication
    Description        : most recent application to use microsoft direct3d


 MRU List Object Recognized!
    Location:          : software\microsoft\direct3d\mostrecentapplication
    Description        : most recent application to use microsoft direct3d


 MRU List Object Recognized!
    Location:          : S-1-5-21-4076539155-1093215046-2848032334-1006\software\microsoft\direct3d\mostrecentapplication
    Description        : most recent application to use microsoft direct X


 MRU List Object Recognized!
    Location:          : software\microsoft\direct3d\mostrecentapplication
    Description        : most recent application to use microsoft direct X


 MRU List Object Recognized!
    Location:          : software\microsoft\directdraw\mostrecentapplication
    Description        : most recent application to use microsoft directdraw


 MRU List Object Recognized!
    Location:          : S-1-5-21-4076539155-1093215046-2848032334-1006\software\microsoft\directinput\mostrecentapplication
    Description        : most recent application to use microsoft directinput


 MRU List Object Recognized!
    Location:          : S-1-5-21-4076539155-1093215046-2848032334-1006\software\microsoft\directinput\mostrecentapplication
    Description        : most recent application to use microsoft directinput


 MRU List Object Recognized!
    Location:          : S-1-5-21-4076539155-1093215046-2848032334-1006\software\microsoft\internet explorer
    Description        : last download directory used in microsoft internet explorer


 MRU List Object Recognized!
    Location:          : S-1-5-21-4076539155-1093215046-2848032334-1006\software\microsoft\internet explorer\main
    Description        : last save directory used in microsoft internet explorer


 MRU List Object Recognized!
    Location:          : S-1-5-21-4076539155-1093215046-2848032334-1006\software\microsoft\internet explorer\typedurls
    Description        : list of recently entered addresses in microsoft internet explorer


 MRU List Object Recognized!
    Location:          : S-1-5-21-4076539155-1093215046-2848032334-1006\software\microsoft\mediaplayer\medialibraryui
    Description        : last selected node in the microsoft windows media player media library


 MRU List Object Recognized!
    Location:          : S-1-5-21-4076539155-1093215046-2848032334-1006\software\microsoft\mediaplayer\player\recentfilelist
    Description        : list of recently used files in microsoft windows media player


 MRU List Object Recognized!
    Location:          : S-1-5-21-4076539155-1093215046-2848032334-1006\software\microsoft\mediaplayer\player\settings
    Description        : last save as directory used in jasc paint shop pro


 MRU List Object Recognized!
    Location:          : S-1-5-21-4076539155-1093215046-2848032334-1006\software\microsoft\mediaplayer\preferences
    Description        : last playlist index loaded in microsoft windows media player


 MRU List Object Recognized!
    Location:          : S-1-5-21-4076539155-1093215046-2848032334-1006\software\microsoft\mediaplayer\preferences
    Description        : last playlist loaded in microsoft windows media player


 MRU List Object Recognized!
    Location:          : S-1-5-21-4076539155-1093215046-2848032334-1006\software\microsoft\mediaplayer\preferences
    Description        : last search path used in microsoft windows media player


 MRU List Object Recognized!
    Location:          : S-1-5-21-4076539155-1093215046-2848032334-1006\software\microsoft\office\9.0\common\open find\microsoft word\settings\open\file name mru
    Description        : list of recent documents opened by microsoft word


 MRU List Object Recognized!
    Location:          : S-1-5-21-4076539155-1093215046-2848032334-1006\software\microsoft\office\9.0\common\open find\microsoft word\settings\save as\file name mru
    Description        : list of recent documents saved by microsoft word


 MRU List Object Recognized!
    Location:          : S-1-5-21-4076539155-1093215046-2848032334-1006\software\microsoft\search assistant\acmru
    Description        : list of recent search terms used with the search assistant


 MRU List Object Recognized!
    Location:          : S-1-5-21-4076539155-1093215046-2848032334-1006\software\microsoft\windows\currentversion\applets\paint\recent file list
    Description        : list of files recently opened using microsoft paint


 MRU List Object Recognized!
    Location:          : S-1-5-21-4076539155-1093215046-2848032334-1006\software\microsoft\windows\currentversion\applets\regedit
    Description        : last key accessed using the microsoft registry editor


 MRU List Object Recognized!
    Location:          : S-1-5-21-4076539155-1093215046-2848032334-1006\software\microsoft\windows\currentversion\applets\wordpad\recent file list
    Description        : list of recent files opened using wordpad


 MRU List Object Recognized!
    Location:          : S-1-5-21-4076539155-1093215046-2848032334-1006\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
    Description        : list of recent programs opened


 MRU List Object Recognized!
    Location:          : S-1-5-21-4076539155-1093215046-2848032334-1006\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
    Description        : list of recently saved files, stored according to file extension


 MRU List Object Recognized!
    Location:          : S-1-5-21-4076539155-1093215046-2848032334-1006\software\microsoft\windows\currentversion\explorer\recentdocs
    Description        : list of recent documents opened


 MRU List Object Recognized!
    Location:          : software\musicmatch
    Description        : download location of the musicmatch installer


 MRU List Object Recognized!
    Location:          : software\musicmatch\musicmatch jukebox\4.0\fileconv
    Description        : file conversion location settings in musicmatch jukebox


 MRU List Object Recognized!
    Location:          : software\musicmatch\musicmatch jukebox\4.0\mmradio
    Description        : information on the last station listened to using musicmatch radio


 MRU List Object Recognized!
    Location:          : S-1-5-21-4076539155-1093215046-2848032334-1006\software\microsoft\windows media\wmsdk\general
    Description        : windows media sdk


 

lilmac2442

24 Posts

January 31st, 2006 00:00

#:20 [nicconfigsvc.exe]

   FilePath           : C:\Program Files\Dell\NICCONFIGSVC\

   ProcessID          : 204

   ThreadCreationTime : 1-31-2006 2:01:03 AM

   BasePriority       : Normal

   FileVersion        : 1, 0, 0, 1

   ProductVersion     : 1, 0, 0, 1

   ProductName        : NicConfigSvc

   CompanyName        : Dell Inc.

   FileDescription    : Internal Network Card Power Management  Service

   InternalName       : TestMFCAppWiz

   LegalCopyright     : Copyright (C) 2004 Dell Inc.

   OriginalFilename   : NicConfigSvc.EXE

 

#:21 [npfmntor.exe]

   FilePath           : C:\Program Files\Norton AntiVirus\IWP\

   ProcessID          : 284

   ThreadCreationTime : 1-31-2006 2:01:03 AM

   BasePriority       : Normal

   FileVersion        : 11.0.9.16

   ProductVersion     : 11.0.9

   ProductName        : Norton AntiVirus

   CompanyName        : Symantec Corporation

   FileDescription    : Norton AntiVirus Firewall Install Monitor

   InternalName       : NPFMonitor

   LegalCopyright     : Norton AntiVirus 2005 for Windows 98/ME/2000/XP Copyright © 2004 Symantec Corporation. All rights reserved.

   OriginalFilename   : NPFMonitor.EXE

 

#:22 [svchost.exe]

   FilePath           : C:\WINDOWS\system32\

   ProcessID          : 368

   ThreadCreationTime : 1-31-2006 2:01:04 AM

   BasePriority       : Normal

   FileVersion        : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

   ProductVersion     : 5.1.2600.2180

   ProductName        : Microsoft® Windows® Operating System

   CompanyName        : Microsoft Corporation

   FileDescription    : Generic Host Process for Win32 Services

   InternalName       : svchost.exe

   LegalCopyright     : © Microsoft Corporation. All rights reserved.

   OriginalFilename   : svchost.exe

 

#:23 [symlcsvc.exe]

   FilePath           : C:\Program Files\Common Files\Symantec Shared\CCPD-LC\

   ProcessID          : 424

   ThreadCreationTime : 1-31-2006 2:01:04 AM

   BasePriority       : Normal

   FileVersion        : 1, 8, 54, 534

   ProductVersion     : 1, 8, 54, 534

   ProductName        : Symantec Core Component

   CompanyName        : Symantec Corporation

   FileDescription    : Symantec Core Component

   InternalName       : symlcsvc

   LegalCopyright     : Copyright (C) 2003

   OriginalFilename   : symlcsvc.exe

 

#:24 [wltrysvc.exe]

   FilePath           : C:\WINDOWS\System32\

   ProcessID          : 544

   ThreadCreationTime : 1-31-2006 2:01:04 AM

   BasePriority       : Normal

 

 

#:25 [bcmwltry.exe]

   FilePath           : C:\WINDOWS\System32\

   ProcessID          : 580

   ThreadCreationTime : 1-31-2006 2:01:04 AM

   BasePriority       : Normal

   FileVersion        : 3.100.41.0

   ProductVersion     : 3.100.41.0

   ProductName        : Dell Wireless WLAN Card Wireless Network Controller

   CompanyName        : Dell Inc

   FileDescription    : Dell Wireless WLAN Card Wireless Network Controller

   InternalName       : bcmwltry.exe

   LegalCopyright     : 1998-2004, Dell Inc All Rights Reserved.

   OriginalFilename   : bcmwltry.exe

 

#:26 [explorer.exe]

   FilePath           : C:\WINDOWS\

   ProcessID          : 1444

   ThreadCreationTime : 1-31-2006 2:01:09 AM

   BasePriority       : Normal

   FileVersion        : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)

   ProductVersion     : 6.00.2900.2180

   ProductName        : Microsoft® Windows® Operating System

   CompanyName        : Microsoft Corporation

   FileDescription    : Windows Explorer

   InternalName       : explorer

   LegalCopyright     : © Microsoft Corporation. All rights reserved.

   OriginalFilename   : EXPLORER.EXE

 

#:27 [wmiprvse.exe]

   FilePath           : C:\WINDOWS\system32\wbem\

   ProcessID          : 1464

   ThreadCreationTime : 1-31-2006 2:01:09 AM

   BasePriority       : Normal

   FileVersion        : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

   ProductVersion     : 5.1.2600.2180

   ProductName        : Microsoft® Windows® Operating System

   CompanyName        : Microsoft Corporation

   FileDescription    : WMI

   InternalName       : Wmiprvse.exe

   LegalCopyright     : © Microsoft Corporation. All rights reserved.

   OriginalFilename   : Wmiprvse.exe

 

#:28 [alg.exe]

   FilePath           : C:\WINDOWS\System32\

   ProcessID          : 2520

   ThreadCreationTime : 1-31-2006 2:01:15 AM

   BasePriority       : Normal

   FileVersion        : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

   ProductVersion     : 5.1.2600.2180

   ProductName        : Microsoft® Windows® Operating System

   CompanyName        : Microsoft Corporation

   FileDescription    : Application Layer Gateway Service

   InternalName       : ALG.exe

   LegalCopyright     : © Microsoft Corporation. All rights reserved.

   OriginalFilename   : ALG.exe

lilmac2442

24 Posts

January 31st, 2006 00:00

 

#:28 [alg.exe]

   FilePath           : C:\WINDOWS\System32\

   ProcessID          : 2520

   ThreadCreationTime : 1-31-2006 2:01:15 AM

   BasePriority       : Normal

   FileVersion        : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

   ProductVersion     : 5.1.2600.2180

   ProductName        : Microsoft® Windows® Operating System

   CompanyName        : Microsoft Corporation

   FileDescription    : Application Layer Gateway Service

   InternalName       : ALG.exe

   LegalCopyright     : © Microsoft Corporation. All rights reserved.

   OriginalFilename   : ALG.exe

 

#:29 [hkcmd.exe]

   FilePath           : C:\WINDOWS\system32\

   ProcessID          : 2580

   ThreadCreationTime : 1-31-2006 2:01:16 AM

   BasePriority       : Normal

   FileVersion        : 3.0.0.3943

   ProductVersion     : 7.0.0.3943

   ProductName        : Intel(R) Common User Interface

   CompanyName        : Intel Corporation

   FileDescription    : hkcmd Module

   InternalName       : HKCMD

   LegalCopyright     : Copyright 1999-2004, Intel Corporation

   OriginalFilename   : HKCMD.EXE

 

#:30 [jusched.exe]

   FilePath           : C:\Program Files\Java\j2re1.4.2_03\bin\

   ProcessID          : 2588

   ThreadCreationTime : 1-31-2006 2:01:16 AM

   BasePriority       : Normal

 

 

#:31 [syntplpr.exe]

   FilePath           : C:\Program Files\Synaptics\SynTP\

   ProcessID          : 2596

   ThreadCreationTime : 1-31-2006 2:01:17 AM

   BasePriority       : Normal

   FileVersion        : 7.10.11 13May04

   ProductVersion     : 7.10.11 13May04

   ProductName        : Progressive Touch

   CompanyName        : Synaptics, Inc.

   FileDescription    : TouchPad Driver Helper Application

   InternalName       : SynTPLpr

   LegalCopyright     : Copyright (C) Synaptics, Inc. 1996-2004

   OriginalFilename   : SynTPLpr.exe

 

#:32 [syntpenh.exe]

   FilePath           : C:\Program Files\Synaptics\SynTP\

   ProcessID          : 2604

   ThreadCreationTime : 1-31-2006 2:01:17 AM

   BasePriority       : Normal

   FileVersion        : 7.10.11 13May04

   ProductVersion     : 7.10.11 13May04

   ProductName        : Progressive Touch

   CompanyName        : Synaptics, Inc.

   FileDescription    : Synaptics TouchPad Enhancements

   InternalName       : Scrolleroo

   LegalCopyright     : Copyright (C) Synaptics, Inc. 1996-2004

   OriginalFilename   : SynTPEnh.exe

 

#:33 [pronomgr.exe]

   FilePath           : C:\Program Files\Intel\PROSetWired\NCS\PROSet\

   ProcessID          : 2624

   ThreadCreationTime : 1-31-2006 2:01:17 AM

   BasePriority       : Normal

   FileVersion        : 6.6.10.7

   ProductVersion     : 6.6.10.7

   ProductName        : Intel(R) Network Configuration Services

   CompanyName        : Intel(R) Corporation

   FileDescription    : PRONotifyMgr Module

   InternalName       : PRONotifyMgr

   LegalCopyright     : Copyright(C) 2001-2004 Intel Corporation

   OriginalFilename   : PRONoMgr.exe

 

#:34 [quickset.exe]

   FilePath           : C:\Program Files\Dell\QuickSet\

   ProcessID          : 2704

   ThreadCreationTime : 1-31-2006 2:01:17 AM

   BasePriority       : Normal

   FileVersion        : 1, 0, 0, 1

   ProductVersion     : 1, 0, 0, 1

   ProductName        : QuickSet Application

   FileDescription    : QuickSet MFC Application

   InternalName       : direct

   LegalCopyright     : Copyright (C) 2001

   OriginalFilename   : direct.EXE

 

lilmac2442

24 Posts

January 31st, 2006 00:00

#:44 [ccapp.exe]

   FilePath           : C:\Program Files\Common Files\Symantec Shared\

   ProcessID          : 3344

   ThreadCreationTime : 1-31-2006 2:01:20 AM

   BasePriority       : Normal

   FileVersion        : 103.0.4.3

   ProductVersion     : 103.0.4.3

   ProductName        : Client and Host Security Platform

   CompanyName        : Symantec Corporation

   FileDescription    : Symantec User Session

   InternalName       : ccApp

   LegalCopyright     : Copyright (c) 2000-2004 Symantec Corporation. All rights reserved.

   OriginalFilename   : ccApp.exe

 

#:45 [mm_tray.exe]

   FilePath           : C:\Program Files\Musicmatch\Musicmatch Jukebox\

   ProcessID          : 3424

   ThreadCreationTime : 1-31-2006 2:01:21 AM

   BasePriority       : Normal

   FileVersion        : 10.00.4015

   ProductVersion     : 10.00.4015

   ProductName        : Musicmatch Jukebox

   CompanyName        : Musicmatch, Inc.

   FileDescription    : mm_tray

   InternalName       : mm_tray

   LegalCopyright     : Copyright © Musicmatch 1998-2004

   LegalTrademarks    :    

   OriginalFilename   : mm_tray.exe

 

#:46 [dsagnt.exe]

   FilePath           : C:\Program Files\Dell Support\

   ProcessID          : 3464

   ThreadCreationTime : 1-31-2006 2:01:22 AM

   BasePriority       : Below Normal

   FileVersion        : 1, 1, 0, 73

   ProductVersion     : 1, 1, 0, 73

   ProductName        : Dell Support

   CompanyName        : Gteko Ltd.

   FileDescription    : Dell Support

   InternalName       : AUAgent

   LegalCopyright     : Copyright (C) 2000 - 2004 Gteko Ltd.

   OriginalFilename   : AUAgent.exe

 

#:47 [mmdiag.exe]

   FilePath           : C:\PROGRA~1\MUSICM~1\MUSICM~3\

   ProcessID          : 3476

   ThreadCreationTime : 1-31-2006 2:01:22 AM

   BasePriority       : Normal

   FileVersion        : 10.00.4015

   ProductVersion     : 10.00.4015

   ProductName        : Musicmatch Jukebox

   CompanyName        : Musicmatch, Inc.

   FileDescription    : Logging and tracing manager

   InternalName       : MMTraceExe

   LegalCopyright     : Copyright © Musicmatch 1998-2004

   LegalTrademarks    :    

   OriginalFilename   : MMTraceExe.EXE

 

#:48 [aim.exe]

   FilePath           : C:\Program Files\AIM\

   ProcessID          : 3512

   ThreadCreationTime : 1-31-2006 2:01:22 AM

   BasePriority       : Normal

   FileVersion        : 5.9.3861

   ProductVersion     : 5.9.3861

   ProductName        : AOL Instant Messenger

   CompanyName        : America Online, Inc.

   FileDescription    : AOL Instant Messenger

   InternalName       : AIM

   LegalCopyright     : Copyright © 1996-2005 America Online, Inc.

   OriginalFilename   : AIM.EXE

 

#:49 [aoltray.exe]

   FilePath           : C:\Program Files\America Online 9.0\

   ProcessID          : 3752

   ThreadCreationTime : 1-31-2006 2:01:24 AM

   BasePriority       : Normal

   FileVersion        : 9.00.001

   ProductVersion     : 9.00.001

   ProductName        : America Online

   CompanyName        : America Online, Inc.

   FileDescription    : AOL Tray Icon

   InternalName       : AolTray

   LegalCopyright     : Copyright (C) America Online, Inc. 1999 - 2004

lilmac2442

24 Posts

January 31st, 2006 00:00

Listing running processes

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

#:1 [smss.exe]

   FilePath           : \SystemRoot\System32\

   ProcessID          : 708

   ThreadCreationTime : 1-31-2006 2:00:56 AM

   BasePriority       : Normal

 

 

#:2 [csrss.exe]

   FilePath           : \??\C:\WINDOWS\system32\

   ProcessID          : 780

   ThreadCreationTime : 1-31-2006 2:00:57 AM

   BasePriority       : Normal

 

 

#:3 [winlogon.exe]

   FilePath           : \??\C:\WINDOWS\system32\

   ProcessID          : 804

   ThreadCreationTime : 1-31-2006 2:00:58 AM

   BasePriority       : High

 

 

#:4 [services.exe]

   FilePath           : C:\WINDOWS\system32\

   ProcessID          : 848

   ThreadCreationTime : 1-31-2006 2:00:58 AM

   BasePriority       : Normal

   FileVersion        : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

   ProductVersion     : 5.1.2600.2180

   ProductName        : Microsoft® Windows® Operating System

   CompanyName        : Microsoft Corporation

   FileDescription    : Services and Controller app

   InternalName       : services.exe

   LegalCopyright     : © Microsoft Corporation. All rights reserved.

   OriginalFilename   : services.exe

 

#:5 [lsass.exe]

   FilePath           : C:\WINDOWS\system32\

   ProcessID          : 860

   ThreadCreationTime : 1-31-2006 2:00:58 AM

   BasePriority       : Normal

   FileVersion        : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

   ProductVersion     : 5.1.2600.2180

   ProductName        : Microsoft® Windows® Operating System

   CompanyName        : Microsoft Corporation

   FileDescription    : LSA Shell (Export Version)

   InternalName       : lsass.exe

   LegalCopyright     : © Microsoft Corporation. All rights reserved.

   OriginalFilename   : lsass.exe

 

#:6 [svchost.exe]

   FilePath           : C:\WINDOWS\system32\

   ProcessID          : 1016

   ThreadCreationTime : 1-31-2006 2:00:58 AM

   BasePriority       : Normal

   FileVersion        : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

   ProductVersion     : 5.1.2600.2180

   ProductName        : Microsoft® Windows® Operating System

   CompanyName        : Microsoft Corporation

   FileDescription    : Generic Host Process for Win32 Services

   InternalName       : svchost.exe

   LegalCopyright     : © Microsoft Corporation. All rights reserved.

   OriginalFilename   : svchost.exe

 

#:7 [svchost.exe]

   FilePath           : C:\WINDOWS\system32\

   ProcessID          : 1076

   ThreadCreationTime : 1-31-2006 2:00:59 AM

   BasePriority       : Normal

   FileVersion        : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

   ProductVersion     : 5.1.2600.2180

   ProductName        : Microsoft® Windows® Operating System

   CompanyName        : Microsoft Corporation

   FileDescription    : Generic Host Process for Win32 Services

   InternalName       : svchost.exe

   LegalCopyright     : © Microsoft Corporation. All rights reserved.

   OriginalFilename   : svchost.exe

 

#:8 [svchost.exe]

   FilePath           : C:\WINDOWS\System32\

   ProcessID          : 1112

   ThreadCreationTime : 1-31-2006 2:00:59 AM

   BasePriority       : Normal

   FileVersion        : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

   ProductVersion     : 5.1.2600.2180

   ProductName        : Microsoft® Windows® Operating System

   CompanyName        : Microsoft Corporation

   FileDescription    : Generic Host Process for Win32 Services

   InternalName       : svchost.exe

   LegalCopyright     : © Microsoft Corporation. All rights reserved.

   OriginalFilename   : svchost.exe

 

#:9 [svchost.exe]

   FilePath           : C:\WINDOWS\system32\

   ProcessID          : 1164

   ThreadCreationTime : 1-31-2006 2:00:59 AM

   BasePriority       : Normal

   FileVersion        : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

   ProductVersion     : 5.1.2600.2180

   ProductName        : Microsoft® Windows® Operating System

   CompanyName        : Microsoft Corporation

   FileDescription    : Generic Host Process for Win32 Services

   InternalName       : svchost.exe

   LegalCopyright     : © Microsoft Corporation. All rights reserved.

   OriginalFilename   : svchost.exe

 

#:10 [svchost.exe]

   FilePath           : C:\WINDOWS\system32\

   ProcessID          : 1240

   ThreadCreationTime : 1-31-2006 2:01:00 AM

   BasePriority       : Normal

   FileVersion        : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

   ProductVersion     : 5.1.2600.2180

   ProductName        : Microsoft® Windows® Operating System

   CompanyName        : Microsoft Corporation

   FileDescription    : Generic Host Process for Win32 Services

   InternalName       : svchost.exe

   LegalCopyright     : © Microsoft Corporation. All rights reserved.

   OriginalFilename   : svchost.exe

 

lilmac2442

24 Posts

January 31st, 2006 00:00

#:35 [wltray.exe]

   FilePath           : C:\WINDOWS\system32\

   ProcessID          : 2752

   ThreadCreationTime : 1-31-2006 2:01:17 AM

   BasePriority       : Normal

   FileVersion        : 3.100.41.0

   ProductVersion     : 3.100.41.0

   ProductName        : Dell Wireless WLAN Card Wireless Network Tray Applet

   CompanyName        : Dell Inc

   FileDescription    : Dell Wireless WLAN Card Wireless Network Tray Applet

   InternalName       : wltray.exe

   LegalCopyright     : 1998-2004, Dell Inc All Rights Reserved.

   OriginalFilename   : wltray.exe

 

#:36 [dvdlauncher.exe]

   FilePath           : C:\Program Files\CyberLink\PowerDVD\

   ProcessID          : 2792

   ThreadCreationTime : 1-31-2006 2:01:18 AM

   BasePriority       : Normal

   FileVersion        : 3.00.0000

   ProductVersion     : 3.00.0000

   ProductName        : Cyberlink PowerCinema 3.0

   CompanyName        : CyberLink Corp.

   FileDescription    : CyberLink PowerCinema Resident Program

   InternalName       : CyberLink PowerCinema Resident Program

   LegalCopyright     : Copyright (c) 2003 CyberLink Corp.

   OriginalFilename   : DVDLauncher.EXE

 

#:37 [realplay.exe]

   FilePath           : C:\Program Files\Real\RealPlayer\

   ProcessID          : 2848

   ThreadCreationTime : 1-31-2006 2:01:18 AM

   BasePriority       : Normal

   FileVersion        : 6.0.9.584

   ProductVersion     : 6.0.9.584

   ProductName        : RealPlayer (32-bit)

   CompanyName        : RealNetworks, Inc.

   FileDescription    : RealPlayer

   InternalName       : REALPLAY

   LegalCopyright     : Copyright © RealNetworks, Inc. 1995-2000

   LegalTrademarks    : RealAudio(tm) is a trademark of RealNetworks, Inc.

   OriginalFilename   : REALPLAY.EXE

 

#:38 [tfswctrl.exe]

   FilePath           : C:\WINDOWS\system32\dla\

   ProcessID          : 2940

   ThreadCreationTime : 1-31-2006 2:01:18 AM

   BasePriority       : Normal

   FileVersion        : 1.04.08a

   CompanyName        : Sonic Solutions

   FileDescription    : Drive Letter Access Component

   LegalCopyright     : Copyright © 2004 Sonic Solutions

 

#:39 [issch.exe]

   FilePath           : C:\Program Files\Common Files\InstallShield\UpdateService\

   ProcessID          : 3068

   ThreadCreationTime : 1-31-2006 2:01:19 AM

   BasePriority       : Normal

   FileVersion        : 3, 10, 100, 1155

   ProductVersion     : 3, 10

   ProductName        : InstallShield Update Service

   CompanyName        : InstallShield Software Corporation

   FileDescription    : InstallShield Update Service Scheduler

   InternalName       : Scheduler

   LegalCopyright     : Copyright (C) 1990-2004 InstallShield Software Corporation

   OriginalFilename   : issch.exe

 

#:40 [hpwuschd2.exe]

   FilePath           : C:\Program Files\Hewlett-Packard\HP Software Update\

   ProcessID          : 3120

   ThreadCreationTime : 1-31-2006 2:01:19 AM

   BasePriority       : Normal

   FileVersion        : 3, 0, 38, 1

   ProductVersion     : 3, 0, 38, 1

   ProductName        : HP Software Update Application

   CompanyName        : Hewlett-Packard Company

   FileDescription    : hpwuSchd

   InternalName       : hpwuSchd

   LegalCopyright     : Copyright © 2003

   OriginalFilename   : hpwuSchd.exe

 

#:41 [hpztsb10.exe]

   FilePath           : C:\WINDOWS\system32\spool\drivers\w32x86\3\

   ProcessID          : 3132

   ThreadCreationTime : 1-31-2006 2:01:19 AM

   BasePriority       : Normal

   FileVersion        : 2.323.0.0

   ProductVersion     : 2.323.0.0

   ProductName        : HP DeskJet

   CompanyName        : HP

   LegalCopyright     : Copyright (c) Hewlett-Packard Company 1999-2004

 

#:42 [mcagent.exe]

   FilePath           : C:\PROGRA~1\mcafee.com\agent\

   ProcessID          : 3200

   ThreadCreationTime : 1-31-2006 2:01:19 AM

   BasePriority       : Normal

   FileVersion        : 6, 0, 0, 16

   ProductVersion     : 6, 0, 0, 0

   ProductName        : McAfee SecurityCenter

   CompanyName        : McAfee, Inc

   FileDescription    : McAfee SecurityCenter Agent

   InternalName       : mcagent

   LegalCopyright     : Copyright © 2005 McAfee, Inc.

   OriginalFilename   : mcagent.exe

 

#:43 [gcasserv.exe]

   FilePath           : C:\Program Files\Microsoft AntiSpyware\

   ProcessID          : 3324

   ThreadCreationTime : 1-31-2006 2:01:20 AM

   BasePriority       : Idle

   FileVersion        : 1.00.0701

   ProductVersion     : 1.00.0701

   ProductName        : Microsoft AntiSpyware (Beta 1)

   CompanyName        : Microsoft Corporation

   FileDescription    : Microsoft AntiSpyware Service

   InternalName       : gcasServ

   LegalCopyright     : Copyright © 2004-2005 Microsoft Corporation. All rights reserved.

   LegalTrademarks    : Microsoft® and Windows® are registered trademarks of Microsoft Corporation. SpyNet(tm) is a trademark of Microsoft Corporation.

   OriginalFilename   : gcasServ.exe

 

lilmac2442

24 Posts

January 31st, 2006 00:00

#:50 [dlg.exe]

   FilePath           : C:\Program Files\Digital Line Detect\

   ProcessID          : 3768

   ThreadCreationTime : 1-31-2006 2:01:24 AM

   BasePriority       : Normal

   FileVersion        : 1, 0, 0, 1

   ProductVersion     : 1, 0, 0, 1

   ProductName        : BVRP Software TestLine

   CompanyName        : BVRP Software

   FileDescription    : Digital Line Detection

   InternalName       : TestLine

   LegalCopyright     : Copyright © 2003

   OriginalFilename   : TestLine.exe

 

#:51 [hpqtra08.exe]

   FilePath           : C:\Program Files\HP\Digital Imaging\bin\

   ProcessID          : 3776

   ThreadCreationTime : 1-31-2006 2:01:24 AM

   BasePriority       : Normal

   FileVersion        : 43.1.5.000

   ProductVersion     : 043.001.005.000

   ProductName        : hp digital imaging - hp all-in-one series

   CompanyName        : Hewlett-Packard Co.

   FileDescription    : HP Digital Imaging Monitor (CUE)

   InternalName       : HPQTRA00

   LegalCopyright     : Copyright (C) Hewlett-Packard Co. 1995-2004

   OriginalFilename   : HPQTRA00.EXE

   Comments           : HP Digital Imaging Monitor (CUE)

 

#:52 [mim.exe]

   FilePath           : C:\Program Files\MUSICMATCH\Musicmatch Jukebox\

   ProcessID          : 3916

   ThreadCreationTime : 1-31-2006 2:01:25 AM

   BasePriority       : Normal

   FileVersion        : 10.00.4015

   ProductVersion     : 10.00.4015

   ProductName        : Musicmatch Jukebox

   CompanyName        : Musicmatch, Inc.

   FileDescription    : mim

   InternalName       : mim

   LegalCopyright     : Copyright © Musicmatch 1998-2004

   LegalTrademarks    :    

   OriginalFilename   : mim.exe

 

#:53 [gcasdtserv.exe]

   FilePath           : C:\Program Files\Microsoft AntiSpyware\

   ProcessID          : 4000

   ThreadCreationTime : 1-31-2006 2:01:26 AM

   BasePriority       : Normal

   FileVersion        : 1.00.0701

   ProductVersion     : 1.00.0701

   ProductName        : Microsoft AntiSpyware (Beta 1)

   CompanyName        : Microsoft Corporation

   FileDescription    : Microsoft AntiSpyware Data Service

   InternalName       : gcasDtServ

   LegalCopyright     : Copyright © 2004-2005 Microsoft Corporation. All rights reserved.

   LegalTrademarks    : Microsoft® and Windows® are registered trademarks of Microsoft Corporation. SpyNet(tm) is a trademark of Microsoft Corporation.

   OriginalFilename   : gcasDtServ.exe

 

#:54 [hpqgalry.exe]

   FilePath           : C:\Program Files\HP\Digital Imaging\bin\

   ProcessID          : 492

   ThreadCreationTime : 1-31-2006 2:01:31 AM

   BasePriority       : Normal

 #:55 [wuauclt.exe]

   FilePath           : C:\WINDOWS\system32\

   ProcessID          : 3012

   ThreadCreationTime : 1-31-2006 2:01:54 AM

   BasePriority       : Normal

   FileVersion        : 5.8.0.2469 built by: lab01_n(wmbla)

   ProductVersion     : 5.8.0.2469

   ProductName        : Microsoft® Windows® Operating System

   CompanyName        : Microsoft Corporation

   FileDescription    : Automatic Updates

   InternalName       : wuauclt.exe

   LegalCopyright     : © Microsoft Corporation. All rights reserved.

   OriginalFilename   : wuauclt.exe

 

#:56 [wmiprvse.exe]

   FilePath           : C:\WINDOWS\system32\wbem\

   ProcessID          : 2808

   ThreadCreationTime : 1-31-2006 2:02:08 AM

   BasePriority       : Normal

   FileVersion        : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

   ProductVersion     : 5.1.2600.2180

   ProductName        : Microsoft® Windows® Operating System

   CompanyName        : Microsoft Corporation

   FileDescription    : WMI

   InternalName       : Wmiprvse.exe

   LegalCopyright     : © Microsoft Corporation. All rights reserved.

   OriginalFilename   : Wmiprvse.exe

 

#:57 [msiexec.exe]

   FilePath           : C:\WINDOWS\system32\

   ProcessID          : 3812

   ThreadCreationTime : 1-31-2006 2:02:14 AM

   BasePriority       : Normal

 

 

#:58 [ad-aware.exe]

   FilePath           : C:\Program Files\Lavasoft\Ad-Aware SE Personal\

   ProcessID          : 3100

   ThreadCreationTime : 1-31-2006 2:03:37 AM

   BasePriority       : Normal

   FileVersion        : 6.2.0.236

   ProductVersion     : SE 106

   ProductName        : Lavasoft Ad-Aware SE

   CompanyName        : Lavasoft Sweden

   FileDescription    : Ad-Aware SE Core application

   InternalName       : Ad-Aware.exe

   LegalCopyright     : Copyright © Lavasoft AB Sweden

   OriginalFilename   : Ad-Aware.exe

   Comments           : All Rights Reserved

 

#:59 [msmsgs.exe]

   FilePath           : C:\Program Files\Messenger\

   ProcessID          : 3472

   ThreadCreationTime : 1-31-2006 2:03:46 AM

   BasePriority       : Normal

   FileVersion        : 4.7.3001

   ProductVersion     : Version 4.7.3001

   ProductName        : Messenger

   CompanyName        : Microsoft Corporation

   FileDescription    : Windows Messenger

   InternalName       : msmsgs

   LegalCopyright     : Copyright (c) Microsoft Corporation 2004

   LegalTrademarks    : Microsoft(R) is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.

   OriginalFilename   : msmsgs.exe

RoadiJeff

1.2K Posts

January 31st, 2006 00:00

lilmac,
 
Your subject title says adware and then you go on to mention virus. The two are not the same. Depending on which you have there would be different free utilities to remove it. I'm at work so my resources for searching deeper into the specific ndot.net problem are limited.
 
If it's a virus you can do a Google search for Avast!, which is an excellent free antivirus program. If Norton can't remove it install Avast!, disable Norton (shouldn't have two antivirus programs running at the same time) and have Avast! scan your system. Check for Avast! updates first. There is also a free online antivirus scan tool at Trend Microhouse.
 
If it's adware do a Google search for Spybot and have it check your system after you do an update of the Spybot database. You mentioned you already tried Lavasoft's AdAware - another good free utility.
 
MRU means Most Recently Used and you can remove those items if you want to delete your history of files you've recently accessed.

Message Edited by RoadiJeff on 01-30-2006 09:02 PM

bamajim

10.4K Posts

January 31st, 2006 02:00

It appears you have both Norton & Mcafee? If so you need to have one and delete one. They are both such info hogs that the trojan your after is hard to erradicate entirely.

Restart  in safemode - turn off virsuscan - rerun spybot s&d. If you come up clean, reply and I'll give you another link

lilmac2442

24 Posts

January 31st, 2006 14:00

Hi I cannot figure out how to disable norton can you help so I can run sybot s&d correctly. I did it in safe mode without disabling norton and it found nothing so I need to figure out the norton thing.

bamajim

10.4K Posts

January 31st, 2006 14:00

Thanks for the info you posted, it was a bunch
 
Here's your link so we can see whats going on
 
 
Save it in a convenient permanent folder such as C:\HJT\, double click HijackThis.exe, and hit "Scan".
When the scan is finished, the "Scan" button will change into a "Save Log" button.
Press that, save the log, Ctrl-A to Select All, and copy its contents here.
 
 

And you will be sent a reply

Please do not be tempted to "fix" on your own. Hijackthis is a very powerful tool, if used incorrectly can cause system problems.

Message Edited by bamajim on 01-31-2006 11:48 AM

lilmac2442

24 Posts

January 31st, 2006 15:00

Hi ok I figured out the norton problem. I ran the S&D and it found the following:
 
NewDotNet
Exectuable   C:\Windows\NDNuninstall6_90.exe
User Settings   HKEY_USERS\.DEFAULT\Software\new.net
User Settings   HKEY_USERS\S-1-5-18\Software\new.net
 
WinSoftware.Common
Program Directory     C:\Programfiles\commonfiles\winsoftware\
 
 
Should I fix these problems or not?

bamajim

10.4K Posts

January 31st, 2006 15:00

X-rouge

Thanks posted the wrong link thanks

Was this post helpful?

View All

0 events found

No Events found!

Top