What happened to the Messenger Plus! forums on msghelp.net?
Shoutbox » MsgHelp Archive » Skype & Technology » Tech Talk » infections all around

infections all around
Author: Message:
[MR]
Veteran Member
*****

Avatar
Scruffy Ruffy

Posts: 1060
Reputation: 25
34 / Male / Flag
Joined: Jun 2005
O.P. infections all around
the other day i downloaded what i thought was going to be a no cd crack for a game.  it happened to be a program that deploys loads of adware and spyware and such.  i have been scanning and removing for days and looking through google and some adware/spyware removal forums which helped a bit but not really that much.  i have used xoftspy, adaware, trend micro anti-spyware, l2mfix, spybot, and symantec antivirus.  they have helped to get loads off my computer but there is still much on my computer.  Oh and i have used hijack this but im not really sure how to use it, but i can post my log file from hijack this on here if that is helpful.  i know that internet explorer is running the background and causes popups but that has gotten better just a few more things i need help with that.  firefox has tons of popups and icons appearing on my desktop and such.  i have no doubt whatsoever that it is adware and spyware junk.  some of the sites that want to pop up are big discounts some place called ad-w-a-r-e.com and others.  these only occur in firefox.  some threats i had a few minutes ago were coolwwwsearch and things like that.
now trend micro AS is coming up with tspy_small, adware_bhot, adware_bhot_accoona, tspy_agent, expl_mhtredir, adware_look2me and Adwaere_zestyfind, which all were detected by SAV as well but i guess it couldnt delete it?  anyways here is the log file from hijack this:

Logfile of HijackThis v1.99.1
Scan saved at 1:58:47 PM, on 2/3/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Trend Micro\Tmas\tmas.exe
C:\Documents and Settings\Michael Ruffner\Desktop\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R3 - URLSearchHook: (no name) - <default> - (no file)
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\RunServices: [RegisterDropHandler] C:\Program Files\ScannerU\TBRIDGE\BIN\RegisterDropHandler.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [µTorrent] "C:\Documents and Settings\Michael Ruffner\My Documents\My Downloads\utorrent.exe"
O4 - Startup: XPizeReloader.lnk = C:\WINDOWS\XPize\XPizeReloader.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Trend Micro Anti-Spyware.lnk = C:\Program Files\Trend Micro\Tmas\Tmas.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: BITS - C:\WINDOWS\system32\kt00l7dm1.dll
O20 - Winlogon Notify: htproc - htproc32.dll (file missing)
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O20 - Winlogon Notify: ssldr - C:\WINDOWS\SYSTEM32\ssldr32.dll
O21 - SSODL: AidnDTTdveqsIofy - {34FF400D-9E55-EAA7-B480-A4AA6415A2D8} - C:\WINDOWS\system32\vcd.dll (file missing)
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Virtual CD v7 Management Service (VC7SecS) - H+H Software GmbH - C:\Program Files\HHVcdV7Sys\VC7SecS.exe
O23 - Service: WMP54Gv4SVC - Unknown owner - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe" "WMP54Gv4.exe (file missing)



thanks.
[Image: siggy20ss.jpg]
02-03-2006 08:00 PM
Profile E-Mail PM Web Find Quote Report
« Next Oldest Return to Top Next Newest »

Messages In This Thread
infections all around - by [MR] on 02-03-2006 at 08:00 PM
RE: infections all around - by user27089 on 02-03-2006 at 08:02 PM
RE: infections all around - by [MR] on 02-03-2006 at 08:05 PM
RE: infections all around - by GiantSpider on 02-03-2006 at 08:06 PM
RE: infections all around - by [MR] on 02-03-2006 at 08:06 PM
RE: infections all around - by Millenium_edition on 02-03-2006 at 08:07 PM
RE: infections all around - by [MR] on 02-03-2006 at 08:16 PM
RE: infections all around - by ShawnZ on 02-03-2006 at 08:17 PM
RE: infections all around - by [MR] on 02-03-2006 at 08:43 PM
RE: infections all around - by ShawnZ on 02-03-2006 at 08:46 PM
RE: infections all around - by [MR] on 02-03-2006 at 08:48 PM
RE: infections all around - by Snake on 02-03-2006 at 08:51 PM
RE: infections all around - by [MR] on 02-03-2006 at 08:58 PM
RE: infections all around - by ShawnZ on 02-03-2006 at 09:01 PM
RE: infections all around - by kittymew on 02-03-2006 at 09:55 PM
RE: infections all around - by [MR] on 02-04-2006 at 01:39 AM
RE: RE: infections all around - by kittymew on 02-04-2006 at 03:57 AM
RE: infections all around - by Dane on 02-04-2006 at 02:09 AM
RE: infections all around - by ShawnZ on 02-04-2006 at 02:20 AM
RE: infections all around - by [MR] on 02-04-2006 at 03:43 AM
RE: infections all around - by Dane on 02-04-2006 at 05:48 AM
RE: infections all around - by [MR] on 02-04-2006 at 05:53 AM
RE: infections all around - by AJR on 02-04-2006 at 07:06 AM
RE: infections all around - by [MR] on 02-04-2006 at 07:09 AM


Threaded Mode | Linear Mode
View a Printable Version
Send this Thread to a Friend
Subscribe | Add to Favorites
Rate This Thread:

Forum Jump:

Forum Rules:
You cannot post new threads
You cannot post replies
You cannot post attachments
You can edit your posts
HTML is Off
myCode is On
Smilies are On
[img] Code is On