| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 56426 | 2005-04-04 10:45:00 | Please Help, this spyware is relentless!!! | MasturJeff (7803) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 341629 | 2005-04-05 02:44:00 | K, here's yet another htl Logfile of HijackThis v1.99.1 Scan saved at 9:37:23 PM, on 4/4/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe C:\WINDOWS\SYSTEM\DRIVER\ntuser.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\wanmpsvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe C:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\Program Files\Microsoft AntiSpyware\gcasServ.exe C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe C:\Program Files\Stardock\ObjectDock\ObjectDock.exe c:\progra~1\mcafee.com\vso\mcvsescn.exe C:\Program Files\Logitech\MouseWare\system\em_exec.exe C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe C:\Program Files\Maxthon\Maxthon.exe c:\PROGRA~1\mcafee.com\vso\mcshield.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Documents and Settings\Owner\My Documents\Install Programs\Zip Files\hijackthis\HijackThis.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe" O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MSKAgent.exe O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MskDetct.exe /startup O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe" O4 - HKCU\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe O20 - Winlogon Notify: Nls - C:\WINDOWS\system32\h62olgf3162.dll O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe O23 - Service: Content Monitoring Tool (msCMTSrvc) - Unknown owner - C:\WINDOWS\system32\msCMTSrvc.exe (file missing) O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe O23 - Service: NTBOOTMGR (NTBOOT) - Unknown owner - C:\WINDOWS\SYSTEM\DRIVER\ntuser.exe O23 - Service: NTLOAD - Unknown owner - c:\windows\system32\dllcache\win32\winlogon.exe O23 - Service: NTSVCMGR - Unknown owner - c:\windows\system32\dllcache\win32\winlogon.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe |
MasturJeff (7803) | ||
| 341630 | 2005-04-05 02:50:00 | i tried to delete h62olgf3162.dll but it said file is locked or being used by another program. |
MasturJeff (7803) | ||
| 341631 | 2005-04-05 03:14:00 | so what should i do next | MasturJeff (7803) | ||
| 341632 | 2005-04-05 03:23:00 | You have 3 antivirus programs installed dump 2 of them, running 3 side by side causes all sorts of conflicts | bartsdadhomer (80) | ||
| 341633 | 2005-04-05 03:26:00 | You have 3 antivirus programs installed dump 2 of them, running 3 side by side causes all sorts of conflicts I only have AVG free and McAfee |
MasturJeff (7803) | ||
| 341634 | 2005-04-05 03:28:00 | I only have AVG free and McAfee So what are all the Symantec entries for? Also check your hosts file it's probably been hijacked as well |
bartsdadhomer (80) | ||
| 341635 | 2005-04-05 03:30:00 | Is Norton Internet Security installed? This also includes an Antivirus. To delete h62olgf3162.dll tick it in hijackthis and click on fix . Do the same for the other entries that need to be removed. |
Speedy Gonzales (78) | ||
| 341636 | 2005-04-05 03:33:00 | Is Norton Internet Security installed? This also includes an Antivirus. To delete h62olgf3162.dll tick it in hijackthis and click on fix . Do the same for the other entries that need to be removed. I did that, but i'll scan again and it's still there. Also, I downloaded the trial verson of Norton Internet Security a few months ago, tried to uninstall it but some of it's components still left. |
MasturJeff (7803) | ||
| 341637 | 2005-04-05 03:34:00 | some of thse files i'll try to fix on hijackthislog, and if I try to scan again afterwards it's still there. | MasturJeff (7803) | ||
| 341638 | 2005-04-05 03:37:00 | so has anybody viewed my lm2fix log yet? I'll run it again if needed. | MasturJeff (7803) | ||
| 1 2 3 4 5 6 7 8 9 10 11 | |||||