Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

vx2 is it?

Started by crackersandmilk , Sep 21 2005 09:30 AM

  • Please log in to reply

#1
crackersandmilk
Posted 21 September 2005 - 09:30 AM

crackersandmilk

    New Member

  • Member
  • Pip
  • 1 posts
Here is my Hijack this log. I have run all kinds of scans
ewido, trojan hunter, spybot, adaware, clean up, reg cleaner,
vx2plugin for adaware etc. nothing worked

please help

geoff

Logfile of HijackThis v1.99.1
Scan saved at 11:24:04 AM, on 9/21/2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\csrss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\cisvc.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\WINNT\System32\llssrv.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
C:\WINNT\system32\nvsvc32.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\System32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\dns.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
C:\WINNT\system32\rundll32.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Administrator\Desktop\hijack

this\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet

Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page

=
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page

=
R3 - URLSearchHook: (no name) -

_{707E6F76-9FFB-4920-A976-EA101271BC25} - (no file)
O2 - BHO: AcroIEHlprObj Class -

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program

Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: COMMUNICATOR -

{4E7BD74F-2B8D-469E-8DBC-A42EB79CB428} -

C:\WINNT\system32\communicator.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -

C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467}

- C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: COMMUNICATOR -

{4E7BD74F-2B8D-469E-8DBC-A42EB79CB428} -

C:\WINNT\system32\communicator.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE

C:\WINNT\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program

Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE

C:\WINNT\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common

Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [vptray]

C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter

4.2\THGuard.exe"
O4 - HKLM\..\Run: [stb] C:\WINNT\system32\stb.exe
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE

C:\WINNT\system32\NVMCTRAY.DLL,NvTaskbarInit
O6 - HKCU\Software\Policies\Microsoft\Internet

Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel -

res://C:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O12 - Plugin for .spop: C:\Program Files\Internet

Explorer\Plugins\NPDocBox.dll
O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} (SupportSoft

SmartIssue) -

http://www.symantec....trl/tgctlsi.cab
O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft

Script Runner Class) -

http://www.symantec....trl/tgctlsr.cab
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl

Class) -

http://www.symantec....rl/LSSupCtl.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall

Control) -

http://a840.g.akamai...ousecall.trendm

icro.com/housecall/xscan53.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078}

(ActiveDataInfo Class) -

http://www.symantec....rl/SymAData.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave

Flash Object) -

https://active.macro...abs/swflash.cab
O17 -

HKLM\System\CCS\Services\Tcpip\..\{077B415A-3234-4B7B-9CB1-A75

0EB1EED2F}: NameServer = 128.104.254.254
O17 -

HKLM\System\CCS\Services\Tcpip\..\{5D0D2CC3-220F-435B-8F9C-5E1

DD33527A9}: NameServer = 146.151.2.5,144.92.254.254
O17 -

HKLM\System\CS1\Services\Tcpip\..\{077B415A-3234-4B7B-9CB1-A75

0EB1EED2F}: NameServer = 128.104.254.254
O17 -

HKLM\System\CS2\Services\Tcpip\..\{077B415A-3234-4B7B-9CB1-A75

0EB1EED2F}: NameServer = 128.104.254.254
O20 - Winlogon Notify: nwprovau -

C:\WINNT\SYSTEM32\nwprovau.dll
O23 - Service: CWShredder Service - InterMute, Inc. -

C:\Documents and Settings\Administrator\Desktop\CWShredder.exe
O23 - Service: DefWatch - Symantec Corporation -

C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
O23 - Service: Logical Disk Manager Administrative Service

(dmadmin) - VERITAS Software Corp. -

C:\WINNT\System32\dmadmin.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2)

- SEIKO EPSON CORPORATION - C:\Program Files\Common

Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: ewido security suite control - ewido networks -

C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks -

C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: Symantec AntiVirus Client (Norton AntiVirus

Server) - Symantec Corporation -

C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA

Corporation - C:\WINNT\system32\nvsvc32.exe
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP