Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

WinFixer 2005! grrrr (and pop ups)


  • Please log in to reply

#1
cky3396

cky3396

    New Member

  • Member
  • Pip
  • 3 posts
wow, this whole ordeal has been SO exhausting. the computer has the aweful winfixer2005 pop up at the windows startup, along with countless pop ups in IE. a lot of winfixer2005 related popups.. so i went through the process described in the forum header

here are my logs!

---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 6:49:08 PM, 8/26/2005
+ Report-Checksum: 15B1937C

+ Scan result:

[1052] VM_01170000 -> Adware.BetterInternet : Error during cleaning
[604] C:\WINDOWS\System32\jkkugr.exe -> Trojan.Agent.cp : Cleaned with backup
[552] C:\Program Files\Extlycos\WinGenerics.dll -> Spyware.AproposMedia : Error during cleaning
:mozilla.6:C:\Documents and Settings\Daddy\Application Data\Mozilla\Firefox\Profiles\1qgpxjw6.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.31:C:\Documents and Settings\Daddy\Application Data\Mozilla\Firefox\Profiles\1qgpxjw6.default\cookies.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
:mozilla.32:C:\Documents and Settings\Daddy\Application Data\Mozilla\Firefox\Profiles\1qgpxjw6.default\cookies.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
:mozilla.35:C:\Documents and Settings\Daddy\Application Data\Mozilla\Firefox\Profiles\1qgpxjw6.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
:mozilla.36:C:\Documents and Settings\Daddy\Application Data\Mozilla\Firefox\Profiles\1qgpxjw6.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.37:C:\Documents and Settings\Daddy\Application Data\Mozilla\Firefox\Profiles\1qgpxjw6.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.38:C:\Documents and Settings\Daddy\Application Data\Mozilla\Firefox\Profiles\1qgpxjw6.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
C:\Documents and Settings\Daddy\Cookies\daddy@abetterinternet[1].txt -> Spyware.Cookie.Abetterinternet : Cleaned with backup
C:\Documents and Settings\Daddy\Cookies\daddy@perf.overture[1].txt -> Spyware.Cookie.Overture : Cleaned with backup
C:\WINDOWS\isxiznnovdh.exe -> Adware.BetterInternet : Cleaned with backup
C:\WINDOWS\Nail.exe -> Adware.BetterInternet : Cleaned with backup
C:\WINDOWS\svcproc.exe -> Trojan.Stervis.d : Cleaned with backup
C:\WINDOWS\system32\DrPMon.dll -> Trojan.Agent.db : Cleaned with backup


::Report End

and hijack


Logfile of HijackThis v1.99.1
Scan saved at 7:49:46 PM, on 8/26/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sony\VAIO Media Music Server\SSSvr.exe
C:\Program Files\Sony\Photo Server 20\appsrv\PicAppSrv.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe
C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\sv_httpd.exe
C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Extlycos\ssdrnr20.exe
C:\WINDOWS\System32\admsound.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\WINDOWS\Sonysys\VAIO Recovery\reminder.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\inisys.exe
C:\WINDOWS\System32\hbnrpt.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\TrojanHunter 4.2\THGuard.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Common Files\AOL\1124477358\ee\AOLHostManager.exe
C:\Program Files\Common Files\AOL\1124477358\ee\AOLServiceHost.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\wuauclt.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Common Files\AOL\1124477358\ee\AOLServiceHost.exe
C:\HJT\HijackThis1991.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sony.com/vaiopeople
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
O2 - BHO: (no name) - {00F1D395-4744-40f0-A611-980F61AE2C59} - (no file)
O2 - BHO: WinStat - {0BAE99AF-A9F7-4f7e-9C72-2C1CC81BE0FF} - C:\WINDOWS\System32\WinStat13.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5411AC19-5237-E060-A13C-767E68030764} - (no file)
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O2 - BHO: (no name) - {85333864-52A3-EE78-151E-F65A68B7E0BE} - (no file)
O2 - BHO: (no name) - {D2114A78-0040-31B4-7787-1ABDC8D8B6B4} - C:\WINDOWS\cdapp\kuopkuthsj.dll (file missing)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [CreateCD_Reminder] C:\WINDOWS\Sonysys\VAIO Recovery\reminder.exe
O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [QuickFinder Scheduler] "C:\Program Files\Corel\WordPerfect Office 2002\Programs\QFSCHD100.EXE"
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [MMC] C:\WINDOWS\inisys.exe
O4 - HKLM\..\Run: [ibin] C:\Documents and Settings\Jen\win.exe
O4 - HKLM\..\Run: [NI.UWFX5LP_0001_0614] "C:\WINDOWS\Downloaded Program Files\UWFX5LP_0001_0614NetInstaller.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1124477358\ee\AOLHostManager.exe
O4 - HKLM\..\Run: [gfkcyj] c:\windows\system32\xwngblj.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.2\THGuard.exe"
O4 - HKLM\..\Run: [agzgic] C:\WINDOWS\System32\hbnrpt.exe r
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: NDWCab - http://www.neededware.com/ndw4.cab
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windup...e/bridge-c5.cab
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540013} - http://adserver.shar...ver/Install.cab
O16 - DPF: {2F003D51-39FD-4D18-9016-95CF70B92ABE} (AltPmts.TinyInstaller) - http://download.movi.../altpmtscab.cab
O16 - DPF: {3A7FE611-1994-4EF1-A09F-99456752289D} - http://install.wildt...iveLauncher.cab
O16 - DPF: {52D7DDE4-F150-4D82-AAB5-6EED6AB7C708} (my printer) - http://www.hpphoto.c...ads/HPPrint.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1125110184609
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterf...ds/Uploader.cab
O16 - DPF: {FC67BB52-AAB6-4282-9D51-2DAFFE73AFD0} - http://download.spys...rCabInstall.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: mswebdvd - Unknown owner - C:\WINDOWS\System32\mswebdvd.exe (file missing)
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINDOWS\svcproc.exe (file missing)
O23 - Service: VAIO Media Music Server (Application) (VAIOMediaPlatform-MusicServer-AppServer) - Unknown owner - C:\Program Files\Sony\VAIO Media Music Server\SSSvr.exe" /Service=VAIOMediaPlatform-MusicServer-AppServer /DisplayName="VAIO Media Music Server (Application) (file missing)
O23 - Service: VAIO Media Music Server (HTTP) (VAIOMediaPlatform-MusicServer-HTTP) - Unknown owner - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\sv_httpd.exe" /Service=VAIOMediaPlatform-MusicServer-HTTP /RegRoot="Software\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\MusicServer\HTTP (file missing)
O23 - Service: VAIO Media Music Server (UPnP) (VAIOMediaPlatform-MusicServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
O23 - Service: VAIO Media Photo Server (Application) (VAIOMediaPlatform-PhotoServer-AppServer) - Unknown owner - C:\Program Files\Sony\Photo Server 20\appsrv\PicAppSrv.exe
O23 - Service: VAIO Media Photo Server (HTTP) (VAIOMediaPlatform-PhotoServer-HTTP) - Unknown owner - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-PhotoServer-HTTP /RegRoot="Software\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\PhotoServer\HTTP (file missing)
O23 - Service: VAIO Media Photo Server (UPnP) (VAIOMediaPlatform-PhotoServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe



any help is appreciated!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! help me solve thiSSS!!! :tazz:
  • 0

Advertisements


#2
cky3396

cky3396

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
oh yes, 1 more thing. at windows startup i get a notification about nail.exe missing and it wont start ??? ::shrugs::
  • 0

#3
cky3396

cky3396

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
bump
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP