 |  |  |  |  |  |  |  |
Virus/spyware issue (Log File inside)
Thread Solved |
Recently was infected by polkapolka...did some scans deleted it out of my registry for good i think, anyways might still have some spyware or something that i didnt clear,since my comps acting a bit sluggish...heres my log plz help me out im stressin big time over this mess...
Logfile of HijackThis v1.99.1
Scan saved at 9:50:00 PM, on 10/6/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Dual-Band Wireless A+G PCI Adapter\WLService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Dual-Band Wireless A+G PCI Adapter\WMP55AGV2.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AIM\aim.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\XoftSpy\XoftSpy.exe
C:\DOCUME~1\RAPHAE~1\LOCALS~1\Temp\Rar$EX00.906\HijackThis.exe
C:\Documents and Settings\Raphael Kosmicki\Desktop\HijackThis.exe
C:\Documents and Settings\Raphael Kosmicki\Desktop\h\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.search345quest.com/sp2.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.search345quest.com/sp2.php
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local.,
O2 - BHO: (no name) - {00000000-0000-4BA8-A7B0-0ACE5E31815D} - C:\Program Files\ProSiteFinder\ProSiteFinder.dll (file missing)
O2 - BHO: (no name) - {21B4ACC4-8874-4AEC-AEAC-F567A249B4D4} - (no file)
O2 - BHO: Internet Explorer Web Content Catcher - {FFF4E223-7019-4ce7-BE03-D7D3C8CCE884} - C:\Program Files\DNS\Catcher.dll
O4 - HKLM\..\Run: [Media Gateway] C:\Program Files\InetGet\Adperform180safull.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Freeprod Toolbar - {77FBF9B8-1D37-4FF2-9CED-192D8E3ABA6F} - C:\Program Files\Freeprod Toolbar\freeprod.dll
O9 - Extra 'Tools' menuitem: Freeprod Toolbar - {77FBF9B8-1D37-4FF2-9CED-192D8E3ABA6F} - C:\Program Files\Freeprod Toolbar\freeprod.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: WMP55AGV2 - Unknown owner - C:\Program Files\Dual-Band Wireless A+G PCI Adapter\WLService.exe" "WMP55AGV2.exe (file missing)
Logfile of HijackThis v1.99.1
Scan saved at 9:50:00 PM, on 10/6/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Dual-Band Wireless A+G PCI Adapter\WLService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Dual-Band Wireless A+G PCI Adapter\WMP55AGV2.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AIM\aim.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\XoftSpy\XoftSpy.exe
C:\DOCUME~1\RAPHAE~1\LOCALS~1\Temp\Rar$EX00.906\HijackThis.exe
C:\Documents and Settings\Raphael Kosmicki\Desktop\HijackThis.exe
C:\Documents and Settings\Raphael Kosmicki\Desktop\h\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.search345quest.com/sp2.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.search345quest.com/sp2.php
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local.,
O2 - BHO: (no name) - {00000000-0000-4BA8-A7B0-0ACE5E31815D} - C:\Program Files\ProSiteFinder\ProSiteFinder.dll (file missing)
O2 - BHO: (no name) - {21B4ACC4-8874-4AEC-AEAC-F567A249B4D4} - (no file)
O2 - BHO: Internet Explorer Web Content Catcher - {FFF4E223-7019-4ce7-BE03-D7D3C8CCE884} - C:\Program Files\DNS\Catcher.dll
O4 - HKLM\..\Run: [Media Gateway] C:\Program Files\InetGet\Adperform180safull.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Freeprod Toolbar - {77FBF9B8-1D37-4FF2-9CED-192D8E3ABA6F} - C:\Program Files\Freeprod Toolbar\freeprod.dll
O9 - Extra 'Tools' menuitem: Freeprod Toolbar - {77FBF9B8-1D37-4FF2-9CED-192D8E3ABA6F} - C:\Program Files\Freeprod Toolbar\freeprod.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: WMP55AGV2 - Unknown owner - C:\Program Files\Dual-Band Wireless A+G PCI Adapter\WLService.exe" "WMP55AGV2.exe (file missing)
 |
Similar Threads
- could not open INSTALL.LOG file. (Windows NT / 2000 / XP)
- Has My IE6 Browser Been HiJacked? HiJackThis Log file Here - please help! (Viruses, Spyware and other Nasties)
- A whole lot of spyware - Help! (hijackthis log included) (Viruses, Spyware and other Nasties)
- Internet cant connect directly! Trojan? (Viruses, Spyware and other Nasties)
- May have Virus/Spyware/Aliens? or IE Hijacked (Viruses, Spyware and other Nasties)
- Virus/Spyware on computer, Hijack This log file (Viruses, Spyware and other Nasties)
- In Desperate Need of Help with hijack this log file; computer full of spyware (Viruses, Spyware and other Nasties)
Other Threads in the Viruses, Spyware and other Nasties Forum
- Previous Thread: My Hijack This Log(mouse issue)
- Next Thread: Frustrating hjt log...this HAS to be simple
| Thread Tools | Search this Thread |
You need to join our community in order to build your list of favorite forums. You can visit the forum index for a listing of all forums.
Related Forum Features
Latest Viruses, Spyware and other Nasties Posts
adware anti-malware anti-virussitesaccessissue antivirus apple attack avg backtoschoolspeech bar blackhat botnet botnets censorship china commercial conficker connect control cyber cybercrime cyberwarfare ddos education email europe exam exploit facebook fake fancheckvirus gaming gtaiv halloween herss.exe hijack hosting internet iphone kaspersky legal logfiles malware mcafee messagelabs microsoft mobile msn nazi news obama onlinethreats paedophile panel parents patch phishing police policeprovirusmba-mblockedinternetaccess president privacy pro problem redirect redirecting reliability report research risk rogueantivirus samhain sans scareware school search security seopoisoning sites software spam spyware spywareexternalwindows7adminstratortrojans sqlinjection symantec system teen translate trojan unabletoaccessanti-virussites unwanted update usa virus viruses vista war warning windows worm yahoo zeroday
