Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Adware/Malware, I think it's VX2, among others

Started by rmj55 , Jan 16 2005 10:31 AM

  • This topic is locked This topic is locked

#1
rmj55
Posted 16 January 2005 - 10:31 AM

rmj55

    Member

  • Member
  • PipPip
  • 20 posts
Hello Geeks: Glad I found you. I considered myself at least moderately geekish myself, so this one is really frustrating me. couple weeks ago, I absent-mindedly and stupidly clicked "yes" on a "do you want to load me" question from a purported spyware checking program who turned out to be spyware itself. I've been getting a lot of redirections and hijacking to aggravating websites, mostly trying to sell me spyware killers. I repeatedly ran Spybot and MS Beta (Giant), both of whom found and fixed something on every run, but the problem keeps coming back. At startup, I get a RUNDLL warning: "An exception occurred while trying to run C:\windows\system32\mklogmgr.dll",Umonitor" , though the name of the .dll file changes each time. Then I'll get redirections and popups. I followed all the instructions on your "do this first" page yester day with one exception --- I loaded Windows Service Pack 2 while I had this problem, and I'm hesitent to unload now that it's been running for a few days. All the programs you had me run found problems, with the exception of CWShredder, which found nothing. This is probably a pretty common problem for you. Here's the log from my Hijack This scan. Thanks in advance, rmj55
Logfile of HijackThis v1.99.0
Scan saved at 10:13:23 AM, on 1/16/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\NavNT\defwatch.exe
C:\WINDOWS\system32\cba\pds.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\NavNT\rtvscan.exe
C:\WINDOWS\System32\ScsiAccess.EXE
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\cba\xfr.exe
C:\WINDOWS\system32\MsgSys.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program Files\NavNT\vptray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\mHotkey.exe
C:\Program Files\iWare\iWare Mouse\3.2\MOUSE32A.EXE
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\SEC\Natural Color\NaturalColorLoad.exe
C:\Program Files\NETGEAR WG311v2 Adapter\wlancfg5.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Rick\My Documents\Security\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapp...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/custom

Topic closed: double post.
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP