Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works

Adware/Malware, I think it's VX2, among others

  • This topic is locked This topic is locked




  • Member
  • PipPip
  • 20 posts
Hello Geeks: Glad I found you. I considered myself at least moderately geekish myself, so this one is really frustrating me. couple weeks ago, I absent-mindedly and stupidly clicked "yes" on a "do you want to load me" question from a purported spyware checking program who turned out to be spyware itself. I've been getting a lot of redirections and hijacking to aggravating websites, mostly trying to sell me spyware killers. I repeatedly ran Spybot and MS Beta (Giant), both of whom found and fixed something on every run, but the problem keeps coming back. At startup, I get a RUNDLL warning: "An exception occurred while trying to run C:\windows\system32\mklogmgr.dll",Umonitor" , though the name of the .dll file changes each time. Then I'll get redirections and popups. I followed all the instructions on your "do this first" page yester day with one exception --- I loaded Windows Service Pack 2 while I had this problem, and I'm hesitent to unload now that it's been running for a few days. All the programs you had me run found problems, with the exception of CWShredder, which found nothing. This is probably a pretty common problem for you. Here's the log from my Hijack This scan. Thanks in advance, rmj55
Logfile of HijackThis v1.99.0
Scan saved at 10:13:23 AM, on 1/16/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\Program Files\NavNT\defwatch.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\NavNT\rtvscan.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program Files\NavNT\vptray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iWare\iWare Mouse\3.2\MOUSE32A.EXE
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\SEC\Natural Color\NaturalColorLoad.exe
C:\Program Files\NETGEAR WG311v2 Adapter\wlancfg5.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Rick\My Documents\Security\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapp...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/custom

Topic closed: double post.
  • 0


Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP