Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

log file uploaded

Started by davtys , Jul 10 2008 09:41 PM

  • Please log in to reply

#1
davtys
Posted 10 July 2008 - 09:41 PM

davtys

    New Member

  • Member
  • Pip
  • 2 posts
I can not log in as adminstrator nor can edit the registry. I also want to remove kaspersky virus program and I can't Can some one help?



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:40:07 PM, on 7/10/2008
Platform: Windows XP SP2 (WinNT

5.01.2600)
MSIE: Internet Explorer v7.00

(7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program

Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\crypserv.exe
C:\Program

Files\Firebird\Firebird_1_5\bin\fbguard.exe
C:\Program Files\Google\Common\Google

Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
c:\Program Files\Dell\RAID Storage

Manager\StorServ.exe
C:\Program

Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Microsoft

Office\Office12\GrooveMonitor.exe
C:\Program

Files\AWS\WeatherBug\Weather.exe
C:\Program

Files\AntiSpywareBot\AntiSpywareBot.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media

Player\WMPNSCFG.exe
C:\Program Files\Common

Files\DataViz\DvzIncMsgr.exe
C:\Program Files\Palm\Hotsync.exe
C:\WINDOWS\system32\WTablet\TabUserW.

exe
C:\Program Files\Analog

Devices\SoundMAX\spkrmon.exe
C:\WINDOWS\system32\Tablet.exe
C:\Program

Files\Firebird\Firebird_1_5\bin\fbserver.exe
C:\Program Files\Trend

Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe

R1 - HKCU\Software\Microsoft\Internet

Explorer\Main,Search Page =

http://us.rd.yahoo.c...mize/ycomp/defa

ults/sp/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet

Explorer\Main,Start Page =

http://finance.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet

Explorer\Main,Default_Page_URL =

http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet

Explorer\Main,Default_Search_URL =

http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet

Explorer\Main,Search Page =

http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet

Explorer\Main,Start Page =

http://go.microsoft....k/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet

Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet

Explorer\Main,Window Title = Windows

Internet Explorer provided by Yahoo!
R1 -

HKCU\Software\Microsoft\Windows\CurrentVe

rsion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar -

{EF99BD32-C1FB-11D2-892F-0090271D4F8

8} - C:\Program

Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper -

{02478D38-C3F9-4efb-9B51-7695ECA05670

} - C:\Program

Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: WormRadar.com

IESiteBlocker.NavFilter -

{3CA2F312-6F6E-4B53-A66E-4E65E497C8C

0} - C:\Program Files\AVG\AVG8\avgssie.dll

(file missing)
O2 - BHO: (no name) -

{3f71e367-b592-4a27-9463-05c80e7be334} -

C:\WINDOWS\system32\tuvUMeEu.dll (file

missing)
O2 - BHO: SSVHelper Class -

{761497BB-D6F0-462C-B6EB-D4DAF1D92D

43} - C:\Program

Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: SingleInstance Class -

{FDAD4DA1-61A2-4FD8-9C17-86F7AC2450

81} - C:\Program

Files\Yahoo!\Companion\Installs\cpn2\YTSingl

eInstance.dll
O3 - Toolbar: Yahoo! Toolbar -

{EF99BD32-C1FB-11D2-892F-0090271D4F8

8} - C:\Program

Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O3 - Toolbar: Adobe PDF -

{47833539-D0C5-4125-9FA8-0819E2EAAC9

3} - C:\Program Files\Adobe\Acrobat

8.0\Acrobat\AcroIEFavClient.dll (file missing)
O3 - Toolbar: stfngdvw -

{44196A27-31BD-48ED-96B2-E06E2221077

8} - C:\WINDOWS\stfngdvw.dll (file missing)
O4 - HKLM\..\Run: [Phase One Media Reader]

C:\PROGRA~1\PHASEO~1\CAPTUR~1\DCIMI

mp.exe /noscan /CheckAutoStart
O4 - HKLM\..\Run: [QuickTime Task]

"C:\Program Files\QuickTime\qttask.exe"

-atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched]

"C:\Program

Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed

Launcher] "C:\Program Files\Adobe\Reader

8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [GrooveMonitor]

"C:\Program Files\Microsoft

Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NvCplDaemon]

RUNDLL32.EXE

C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [AVP] "C:\Documents and

Settings\All Users\Desktop\Kaspersky Lab

Tool\setup_7.0.0.180_18.05.2008_00-35[1].e

xe"
O4 - HKCU\..\Run: [Weather] C:\Program

Files\AWS\WeatherBug\Weather.exe 1
O4 - HKCU\..\Run: [AntiSpywareBot]

C:\Program

Files\AntiSpywareBot\AntiSpywareBot.exe

-boot
O4 - HKCU\..\Run: [ctfmon.exe]

C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program

Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-18\..\Run: [ntuser]

C:\WINDOWS\system32\drivers\svchost.exe

(User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ntuser]

C:\WINDOWS\system32\drivers\svchost.exe

(User 'Default user')
O4 - Global Startup: DataViz Inc

Messenger.lnk = C:\Program Files\Common

Files\DataViz\DvzIncMsgr.exe
O4 - Global Startup:

HOTSYNCSHORTCUTNAME.lnk =

C:\Program Files\Palm\Hotsync.exe
O4 - Global Startup: TabUserW.exe.lnk =

C:\WINDOWS\system32\WTablet\TabUserW.

exe
O7 -

HKCU\Software\Microsoft\Windows\CurrentVe

rsion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: Append to

existing PDF - res://C:\Program

Files\Adobe\Acrobat

8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend

.html
O8 - Extra context menu item: Convert link

target to Adobe PDF - res://C:\Program

Files\Adobe\Acrobat

8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture

.html
O8 - Extra context menu item: Convert link

target to existing PDF - res://C:\Program

Files\Adobe\Acrobat

8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend

.html
O8 - Extra context menu item: Convert

selected links to Adobe PDF - res://C:\Program

Files\Adobe\Acrobat

8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture

SelLinks.html
O8 - Extra context menu item: Convert

selected links to existing PDF -

res://C:\Program Files\Adobe\Acrobat

8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend

SelLinks.html
O8 - Extra context menu item: Convert

selection to Adobe PDF - res://C:\Program

Files\Adobe\Acrobat

8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture

.html
O8 - Extra context menu item: Convert

selection to existing PDF - res://C:\Program

Files\Adobe\Acrobat

8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend

.html
O8 - Extra context menu item: Convert to

Adobe PDF - res://C:\Program

Files\Adobe\Acrobat

8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture

.html
O8 - Extra context menu item: E&xport to

Microsoft Excel -

res://C:\PROGRA~1\MICROS~2\Office12\EXC

EL.EXE/3000
O9 - Extra button: (no name) -

{08B0E5C0-4FCB-11CF-AAA5-00401C60850

1} - C:\Program

Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java

Console -

{08B0E5C0-4FCB-11CF-AAA5-00401C60850

1} - C:\Program

Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Send to OneNote -

{2670000A-7350-4f3c-8081-5663EE0C6C49}

-

C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.

dll
O9 - Extra 'Tools' menuitem: S&end to

OneNote -

{2670000A-7350-4f3c-8081-5663EE0C6C49}

-

C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.

dll
O9 - Extra button: Research -

{92780B25-18CC-41C8-B9BE-3C9C571A826

3} -

C:\PROGRA~1\MICROS~2\Office12\REFIEBA

R.DLL
O9 - Extra button: UltimateBet -

{94148DB5-B42D-4915-95DA-2CBB4F7095B

F} - C:\Program

Files\UltimateBet\UltimateBet.exe
O9 - Extra 'Tools' menuitem: UltimateBet -

{94148DB5-B42D-4915-95DA-2CBB4F7095B

F} - C:\Program

Files\UltimateBet\UltimateBet.exe
O10 - Unknown file in Winsock LSP:

c:\windows\system32\nwprovau.dll
O16 - DPF:

{238F6F83-B8B4-11CF-8771-00A024541EE

3} -

http://a516.g.akamai...6/25175/7d/runa

ware.download.akamai.com/25175/citrix/wficat

-no-eula.cab
O16 - DPF:

{30528230-99f7-4bb4-88d8-fa1d4f56a2ab}

(Installation Support) - C:\Program

Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF:

{6E32070A-766D-4EE6-879C-DC1FA91D2F

C3} (MUWebControl Class) -

http://update.micros...crosoftupdate/v

6/V5Controls/en/x86/client/muweb_site.cab?1

137209494818
O16 - DPF:

{6E704581-CCAE-46D2-9C64-20D724B3624

E} (UnagiAx Class) -

http://radaol-prod-w...amops.aol.com/m

ediaplugin/3.0.84.2/win32/unagi3.0.84.2.cab
O16 - DPF:

{87BE3784-6977-4E84-AA08-55A96B9CEAC

5} (Bl_camera Control) -

http://tahoemountain...iewnetcam.com:5

0000/bl_camera.cab
O16 - DPF:

{CB50428B-657F-47DF-9B32-671F82AA73F

7} - http://www.photodex.com/pxplay.cab
O16 - DPF:

{E8F628B5-259A-4734-97EE-BA914D7BE94

1} (Driver Agent ActiveX Control) -

http://plugin.driver...les/driveragent.

cab
O16 - DPF:

{EDFCB7CB-942C-4822-AF14-F0B68740984

8} (Image Uploader Control) -

http://www.mpix.com/.../Uploading/acti

vex/ImageUploader4.cab
O18 - Protocol: grooveLocalGWS -

{88FED34C-F0CA-4636-A375-3CB6248B04C

D} -

C:\PROGRA~1\MICROS~2\Office12\GR99D3~

1.DLL
O20 - Winlogon Notify: yayvUNHa -

yayvUNHa.dll (file missing)
O21 - SSODL: SetupService -

{a2b2fbcb-1382-4870-8223-4a60c4dfdaba} -

C:\WINDOWS\Installer\{a2b2fbcb-1382-4870-

8223-4a60c4dfdaba}\SetupService.dll (file

missing)
O23 - Service: Adobe LM Service - Unknown

owner - C:\Program Files\Common

Files\Adobe Systems

Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS3 -

Adobe Systems Incorporated - C:\Program

Files\Common Files\Adobe\Adobe Version

Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service:

##Id_String1.6844F930_1628_4223_B5CC_

5BB94B879762## (Bonjour Service) - Apple

Computer, Inc. - C:\Program

Files\Bonjour\mDNSResponder.exe
O23 - Service: Crypkey License - CrypKey

(Canada) Ltd. -

C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: Firebird Guardian -

DefaultInstance

(FirebirdGuardianDefaultInstance) - The

Firebird Project - C:\Program

Files\Firebird\Firebird_1_5\bin\fbguard.exe
O23 - Service: Firebird Server -

DefaultInstance

(FirebirdServerDefaultInstance) - The Firebird

Project - C:\Program

Files\Firebird\Firebird_1_5\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service -

Macrovision Europe Ltd. - C:\Program

Files\Common Files\Macrovision

Shared\FLEXnet

Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service

(gusvc) - Google - C:\Program

Files\Google\Common\Google

Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager

(IDriverT) - Macrovision Corporation -

C:\Program Files\Common

Files\InstallShield\Driver\11\Intel

32\IDriverT.exe
O23 - Service: iPodService - Apple Computer,

Inc. - C:\Program

Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service

- Unknown owner - C:\Program Files\Common

Files\Macromedia

Shared\Service\Macromedia Licensing.exe
O23 - Service: Intel NCS NetService (NetSvc) -

Intel® Corporation - c:\Program

Files\Intel\PROSetWired\NCS\Sync\NetSvc.ex

e
O23 - Service: NVIDIA Display Driver Service

(NVSvc) - NVIDIA Corporation -

C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: RAID Storage Manager Agent

(RAIDStorAgent) - Dell - c:\Program

Files\Dell\RAID Storage

Manager\StorServ.exe
O23 - Service:

setup_7.0.0.180_18.05.2008_00-35[1] -

Kaspersky Lab - C:\Documents and

Settings\All Users\Desktop\Kaspersky Lab

Tool\setup_7.0.0.180_18.05.2008_00-35[1].e

xe
O23 - Service: spkrmon - Unknown owner -

C:\Program Files\Analog

Devices\SoundMAX\spkrmon.exe
O23 - Service: StuffIt Task Manager -

Unknown owner -

C:\PROGRA~1\Allume\StuffIt\MXTask.exe (file

missing)
O23 - Service: TabletService - Wacom

Technology, Corp. -

C:\WINDOWS\system32\Tablet.exe

--
End of file - 11383 bytes
  • 0

Advertisements

#2
davtys
Posted 12 July 2008 - 10:38 AM

davtys

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
No one interested in helping me solve my problem?
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP