Jump to content


Photo

NEED VX2.ABetterInternet Removal


  • Please log in to reply
1 reply to this topic

#1 magicm1ke

magicm1ke

    Member

  • New Member
  • Pip
  • 1 posts

Posted 24 July 2004 - 11:59 AM

Have tried all need help removing here are my logs:
CW:
Windows XP (5.01.2600 SP1)
Windows dir: C:\WINDOWS
Windows system dir: C:\WINDOWS\System32
AppData folder: C:\Documents and Settings\magicmike\Application Data
Username: magicmike

Found Hosts file: C:\WINDOWS\System32\drivers\etc\hosts (777 bytes, A)
Shell Registry value: HKLM\..\WinLogon [Shell] Explorer.exe
UserInit Registry value: HKLM\..\WinLogon [UserInit] C:\WINDOWS\system32\userinit.exe,
Found Win.ini file: C:\WINDOWS\win.ini (604 bytes, A)
Found System.ini file: C:\WINDOWS\system.ini (227 bytes, A)

- END OF REPORT -

AD AWARE
Lavasoft Ad-aware Personal Build 6.181
Logfile created on :Saturday, July 24, 2004 12:43:11 PM
Created with Ad-aware Personal, free for private use.
Using reference-file :01R333 18.07.2004
______________________________________________________

Ad-aware Settings
=========================
Set : Activate in-depth scan (Recommended)
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep scan registry


7-24-2004 12:43:11 PM - Scan started. (Smart mode)

Listing running processes
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ThreadCreationTime : 7-24-2004 4:01:04 PM
BasePriority : Normal


#:2 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ThreadCreationTime : 7-24-2004 4:01:09 PM
BasePriority : High


#:3 [services.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 7-24-2004 4:01:11 PM
BasePriority : Normal
FileSize : 99 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
OriginalFilename : services.exe
ProductName : Microsoft
Created on : 8/23/2001 12:00:00 PM
Last accessed : 7/24/2004 4:43:11 PM
Last modified : 8/23/2001 12:00:00 PM

#:4 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 7-24-2004 4:01:11 PM
BasePriority : Normal
FileSize : 11 KB
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
OriginalFilename : lsass.exe
ProductName : Microsoft
Created on : 8/23/2001 12:00:00 PM
Last accessed : 7/24/2004 4:43:11 PM
Last modified : 8/29/2002 10:41:26 AM

#:5 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 7-24-2004 4:01:11 PM
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 8/23/2001 12:00:00 PM
Last accessed : 7/24/2004 4:43:11 PM
Last modified : 8/23/2001 12:00:00 PM

#:6 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 7-24-2004 4:01:12 PM
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 8/23/2001 12:00:00 PM
Last accessed : 7/24/2004 4:43:11 PM
Last modified : 8/23/2001 12:00:00 PM

#:7 [ccsetmgr.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ThreadCreationTime : 7-24-2004 4:01:13 PM
BasePriority : Normal
FileSize : 229 KB
FileVersion : 2.1.0.610
ProductVersion : 2.1.0.610
Copyright : Copyright © 2000-2003 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Common Client Settings Manager Service
InternalName : ccSetMgr
OriginalFilename : ccSetMgr.exe
ProductName : Common Client
Created on : 4/30/2004 2:10:09 AM
Last accessed : 7/24/2004 4:43:11 PM
Last modified : 11/10/2003 5:30:12 PM

#:8 [ccevtmgr.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ThreadCreationTime : 7-24-2004 4:01:14 PM
BasePriority : Normal
FileSize : 249 KB
FileVersion : 2.1.0.610
ProductVersion : 2.1.0.610
Copyright : Copyright © 2000-2003 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Common Client Event Manager Service
InternalName : ccEvtMgr
OriginalFilename : ccEvtMgr.exe
ProductName : Common Client
Created on : 4/30/2004 2:10:08 AM
Last accessed : 7/24/2004 4:43:11 PM
Last modified : 11/10/2003 5:30:04 PM

#:9 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 7-24-2004 4:01:14 PM
BasePriority : Normal
FileSize : 50 KB
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
OriginalFilename : spoolsv.exe
ProductName : Microsoft
Created on : 8/23/2001 12:00:00 PM
Last accessed : 7/24/2004 4:43:11 PM
Last modified : 8/23/2001 12:00:00 PM

#:10 [navapsvc.exe]
FilePath : C:\Program Files\Norton AntiVirus\
ThreadCreationTime : 7-24-2004 4:01:21 PM
BasePriority : Normal
FileSize : 155 KB
FileVersion : 10.00.2
ProductVersion : 10.00.2
Copyright : Norton AntiVirus 2004 for Windows 98/ME/2000/XP Copyright © 2003 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
OriginalFilename : NAVAPSVC.EXE
ProductName : Norton AntiVirus
Created on : 7/10/2004 3:41:09 PM
Last accessed : 7/24/2004 4:43:11 PM
Last modified : 4/23/2004 3:04:18 PM

#:11 [nprotect.exe]
FilePath : C:\Program Files\Norton AntiVirus\AdvTools\
ThreadCreationTime : 7-24-2004 4:01:21 PM
BasePriority : Normal
FileSize : 132 KB
FileVersion : 16.00.0.22
ProductVersion : 16.00.0.22
Copyright : Copyright © 2003 Symantec Corporation
CompanyName : Symantec Corporation
FileDescription : Norton Protection Status
InternalName : NPROTECT
OriginalFilename : NPROTECT.EXE
ProductName : Norton Utilities
Created on : 4/30/2004 2:06:31 AM
Last accessed : 7/24/2004 4:43:11 PM
Last modified : 8/14/2002 10:03:00 AM

#:12 [savscan.exe]
FilePath : C:\Program Files\Norton AntiVirus\
ThreadCreationTime : 7-24-2004 4:01:22 PM
BasePriority : Normal
FileSize : 189 KB
FileVersion : 9.2.1.14
ProductVersion : 9.2
Copyright : Copyright © 2003 Symantec Corporation
CompanyName : Symantec Corporation
FileDescription : Symantec AntiVirus Scanner
InternalName : SAVSCAN
OriginalFilename : SAVSCAN.EXE
ProductName : Symantec AntiVirus AutoProtect
Created on : 4/30/2004 2:10:13 AM
Last accessed : 7/24/2004 4:43:12 PM
Last modified : 12/4/2003 10:22:30 PM

#:13 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 7-24-2004 4:01:22 PM
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 8/23/2001 12:00:00 PM
Last accessed : 7/24/2004 4:43:11 PM
Last modified : 8/23/2001 12:00:00 PM

#:14 [symlcsvc.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\CCPD-LC\
ThreadCreationTime : 7-24-2004 4:01:22 PM
BasePriority : Normal
FileSize : 572 KB
FileVersion : 1, 8, 48, 77
ProductVersion : 1, 8, 48, 77
Copyright : Copyright © 2003
CompanyName : Symantec Corporation
FileDescription : Symantec Core Component
InternalName : symlcsvc
OriginalFilename : symlcsvc.exe
ProductName : Symantec Core Component
Created on : 4/30/2004 2:05:30 AM
Last accessed : 7/24/2004 4:43:12 PM
Last modified : 4/30/2004 2:05:30 AM

#:15 [explorer.exe]
FilePath : C:\WINDOWS\
ThreadCreationTime : 7-24-2004 4:05:32 PM
BasePriority : Normal
FileSize : 973 KB
FileVersion : 6.00.2800.1221 (xpsp2.030511-1403)
ProductVersion : 6.00.2800.1221
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
OriginalFilename : EXPLORER.EXE
ProductName : Microsoft
Created on : 5/12/2003 1:12:10 AM
Last accessed : 7/24/2004 4:35:56 PM
Last modified : 5/12/2003 1:12:10 AM

#:16 [igfxtray.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 7-24-2004 4:05:36 PM
BasePriority : Normal
FileSize : 152 KB
FileVersion : 3.0.0.3762
ProductVersion : 7.0.0.3762
Copyright : Copyright 1999-2002, Intel Corporation
CompanyName : Intel Corporation
FileDescription : igfxTray Module
InternalName : IGFXTRAY
OriginalFilename : IGFXTRAY.EXE
ProductName : Intel® Common User Interface
Created on : 4/30/2004 1:23:05 AM
Last accessed : 7/24/2004 4:01:04 PM
Last modified : 2/10/2004 2:55:32 PM

#:17 [hkcmd.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 7-24-2004 4:05:36 PM
BasePriority : Normal
FileSize : 116 KB
FileVersion : 3.0.0.3762
ProductVersion : 7.0.0.3762
Copyright : Copyright 1999-2002, Intel Corporation
CompanyName : Intel Corporation
FileDescription : hkcmd Module
InternalName : HKCMD
OriginalFilename : HKCMD.EXE
ProductName : Intel® Common User Interface
Created on : 4/30/2004 1:23:05 AM
Last accessed : 7/24/2004 4:01:04 PM
Last modified : 2/10/2004 2:51:30 PM

#:18 [soundman.exe]
FilePath : C:\WINDOWS\
ThreadCreationTime : 7-24-2004 4:05:36 PM
BasePriority : Normal
FileSize : 63 KB
FileVersion : 5.1.0.24
ProductVersion : 5.1.0.24
Copyright : Copyright © 2001-2003 Realtek Semiconductor Corp.
CompanyName : Realtek Semiconductor Corp.
FileDescription : Realtek Sound Manager
InternalName : ALSMTray
OriginalFilename : ALSMTray.exe
ProductName : Realtek Sound Manager
Created on : 4/30/2004 1:57:33 AM
Last accessed : 7/24/2004 4:01:04 PM
Last modified : 2/26/2004 8:53:00 PM

#:19 [ccapp.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ThreadCreationTime : 7-24-2004 4:05:36 PM
BasePriority : Normal
FileSize : 69 KB
FileVersion : 2.1.0.610
ProductVersion : 2.1.0.610
Copyright : Copyright © 2000-2003 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Common Client User Session
InternalName : ccApp
OriginalFilename : ccApp.exe
ProductName : Common Client
Created on : 4/30/2004 2:10:08 AM
Last accessed : 7/24/2004 4:01:04 PM
Last modified : 11/10/2003 5:30:02 PM

#:20 [type32.exe]
FilePath : C:\Program Files\Microsoft IntelliType Pro\
ThreadCreationTime : 7-24-2004 4:05:36 PM
BasePriority : Normal
FileSize : 112 KB
FileVersion : 5.00.174.0
ProductVersion : 5.0
CompanyName : Microsoft Corporation
FileDescription : Type32.exe
InternalName : Type32.exe
OriginalFilename : Type32.exe
ProductName : Microsoft IntelliType Pro
Created on : 5/15/2003 7:45:54 PM
Last accessed : 7/24/2004 4:01:04 PM
Last modified : 5/15/2003 7:45:54 PM

#:21 [sethook.exe]
FilePath : C:\Program Files\Fellowes\MediaFACE 4.0\
ThreadCreationTime : 7-24-2004 4:05:36 PM
BasePriority : Normal
FileSize : 52 KB
FileVersion : 4,0,0,136
ProductVersion : 4,0,0,136
Copyright : Copyright
CompanyName : Fellowes, Inc.
FileDescription : MediaFACE Hook Application
InternalName : SetHook
OriginalFilename : SetHook.exe
ProductName : MediaFACE
Created on : 9/17/2002 10:31:26 PM
Last accessed : 7/24/2004 4:01:04 PM
Last modified : 9/17/2002 10:31:26 PM

#:22 [jusched.exe]
FilePath : C:\Program Files\Java\j2re1.5.0\bin\
ThreadCreationTime : 7-24-2004 4:05:37 PM
BasePriority : Normal
FileSize : 32 KB
Created on : 5/12/2004 12:10:01 AM
Last accessed : 7/24/2004 4:01:04 PM
Last modified : 5/12/2004 12:10:01 AM

#:23 [ppcontrol.exe]
FilePath : C:\PROGRA~1\PESTPA~1\
ThreadCreationTime : 7-24-2004 4:05:37 PM
BasePriority : Normal
FileSize : 52 KB
Created on : 7/24/2004 3:07:49 PM
Last accessed : 7/24/2004 4:01:04 PM
Last modified : 3/26/2003 11:41:10 PM

#:24 [ppmemcheck.exe]
FilePath : C:\PROGRA~1\PESTPA~1\
ThreadCreationTime : 7-24-2004 4:05:37 PM
BasePriority : Normal
FileSize : 145 KB
Created on : 7/24/2004 3:07:49 PM
Last accessed : 7/24/2004 4:05:40 PM
Last modified : 4/19/2003 11:53:08 AM

#:25 [cookiepatrol.exe]
FilePath : C:\PROGRA~1\PESTPA~1\
ThreadCreationTime : 7-24-2004 4:05:38 PM
BasePriority : Normal
FileSize : 68 KB
Created on : 7/24/2004 3:07:49 PM
Last accessed : 7/24/2004 4:01:04 PM
Last modified : 5/30/2003 3:47:06 AM

#:26 [acrotray.exe]
FilePath : C:\Program Files\Adobe\Acrobat 6.0\Distillr\
ThreadCreationTime : 7-24-2004 4:05:39 PM
BasePriority : Normal
FileSize : 212 KB
FileVersion : 6.0.0.2003051500
ProductVersion : 6.0.0.0
Copyright : Copyright 1984-2003 Adobe Systems Incorporated and its licensors. All rights reserved.
CompanyName : Adobe Systems Inc.
FileDescription : AcroTray
InternalName : AcroTray
OriginalFilename : AcroTray.exe
ProductName : AcroTray - Adobe Acrobat Distiller helper application.
Created on : 5/15/2003 5:19:50 AM
Last accessed : 7/24/2004 4:01:04 PM
Last modified : 5/15/2003 5:19:50 AM

#:27 [ebaytbar.exe]
FilePath : C:\Program Files\eBay\eBay Toolbar\4.3.0.9\
ThreadCreationTime : 7-24-2004 4:05:40 PM
BasePriority : Normal
FileSize : 372 KB
FileVersion : 4, 3, 0, 9
ProductVersion : 4, 3, 0, 9
Copyright : Copyright
CompanyName : eBay
FileDescription : eBay Toolbar Daemon
InternalName : eBay Toolbar
OriginalFilename : eBayTBar.exe
ProductName : eBay Toolbar
Created on : 7/23/2004 1:07:57 AM
Last accessed : 7/24/2004 4:05:42 PM
Last modified : 7/15/2004 8:35:06 PM

#:28 [hpobnz08.exe]
FilePath : C:\Program Files\Hewlett-Packard\Digital Imaging\bin\
ThreadCreationTime : 7-24-2004 4:05:41 PM
BasePriority : Normal
FileSize : 316 KB
FileVersion : 4.2.0.020
ProductVersion : 2.4.1.020
Copyright : Copyright © Hewlett-Packard Co. 1995-2001
CompanyName : Hewlett-Packard Co.
FileDescription : HP OfficeJet COM Device Objects
InternalName : HPOBNZ08
OriginalFilename : HPOBNZ08.EXE
ProductName : hp digital imaging - hp all-in-one series
Created on : 4/6/2003 4:37:10 AM
Last accessed : 7/24/2004 4:05:42 PM
Last modified : 4/6/2003 4:37:10 AM

#:29 [hpotdd01.exe]
FilePath : C:\Program Files\Hewlett-Packard\Digital Imaging\bin\
ThreadCreationTime : 7-24-2004 4:05:41 PM
BasePriority : Normal
FileSize : 28 KB
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
Copyright : Copyright
CompanyName : Hewlett-Packard
FileDescription : hpotdd01
InternalName : hpotdd01
OriginalFilename : hpotdd01.exe
ProductName : Hewlett-Packard hpotdd01
Created on : 4/6/2003 5:06:58 AM
Last accessed : 7/24/2004 4:01:04 PM
Last modified : 4/6/2003 5:06:58 AM

#:30 [hpoevm08.exe]
FilePath : C:\Program Files\Hewlett-Packard\Digital Imaging\bin\
ThreadCreationTime : 7-24-2004 4:05:46 PM
BasePriority : Normal
FileSize : 280 KB
FileVersion : 4.2.0.020
ProductVersion : 2.4.1.020
Copyright : Copyright © Hewlett-Packard Co. 1995-2001
CompanyName : Hewlett-Packard Co.
FileDescription : HP OfficeJet COM Event Manager
InternalName : HPOEVM08
OriginalFilename : HPOEVM08.EXE
ProductName : hp digital imaging - hp all-in-one series
Created on : 4/6/2003 4:45:10 AM
Last accessed : 7/24/2004 4:35:56 PM
Last modified : 4/6/2003 4:45:10 AM

#:31 [hpzipm12.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 7-24-2004 4:05:49 PM
BasePriority : Normal
FileSize : 64 KB
FileVersion : 6, 0, 0, 0
ProductVersion : 6, 0, 0, 0
Copyright : Copyright
CompanyName : HP
FileDescription : PML Driver
InternalName : PmlDrv
OriginalFilename : PmlDrv.exe
ProductName : HP PML
Created on : 3/9/2003 8:31:02 PM
Last accessed : 7/24/2004 4:43:12 PM
Last modified : 3/9/2003 8:31:02 PM

#:32 [hposts08.exe]
FilePath : C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\
ThreadCreationTime : 7-24-2004 4:06:23 PM
BasePriority : Normal
FileSize : 304 KB
FileVersion : 4.2.0.020
ProductVersion : 2.4.1.020
Copyright : Copyright © Hewlett-Packard Co. 1995-2001
CompanyName : Hewlett-Packard Co.
FileDescription : HP OfficeJet Status
InternalName : HPOSTS08
OriginalFilename : HPOSTS08.EXE
ProductName : hp digital imaging - hp all-in-one series
Created on : 4/6/2003 4:55:04 AM
Last accessed : 7/24/2004 4:35:56 PM
Last modified : 4/6/2003 4:55:04 AM

#:33 [pwdgui.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 7-24-2004 4:08:09 PM
BasePriority : Normal
FileSize : 37 KB
Created on : 7/24/2004 4:08:07 PM
Last accessed : 7/24/2004 4:08:07 PM
Last modified : 6/17/2004 5:14:12 PM

#:34 [iexplore.exe]
FilePath : C:\Program Files\Internet Explorer\
ThreadCreationTime : 7-24-2004 4:36:04 PM
BasePriority : Normal
FileSize : 89 KB
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
OriginalFilename : IEXPLORE.EXE
ProductName : Microsoft
Created on : 4/30/2004 12:19:39 AM
Last accessed : 7/24/2004 4:36:06 PM
Last modified : 8/29/2002 10:41:26 AM

#:35 [pestpatrol.exe]
FilePath : C:\Program Files\PestPatrol\
ThreadCreationTime : 7-24-2004 4:41:46 PM
BasePriority : Normal
FileSize : 1219 KB
FileVersion : 4.4.3.24
ProductVersion : 4.4
CompanyName : PestPatrol Inc.
ProductName : PestPatrol
Created on : 7/24/2004 3:07:48 PM
Last accessed : 7/24/2004 4:35:56 PM
Last modified : 6/7/2004 6:43:30 PM

#:36 [msmsgs.exe]
FilePath : C:\Program Files\Messenger\
ThreadCreationTime : 7-24-2004 4:42:42 PM
BasePriority : Normal
FileSize : 1462 KB
FileVersion : 4.7.2009
ProductVersion : Version 4.7
Copyright : Copyright © Microsoft Corporation 1997-2003
CompanyName : Microsoft Corporation
FileDescription : Messenger
InternalName : msmsgs
OriginalFilename : msmsgs.exe
ProductName : Messenger
Created on : 4/15/2003 12:05:20 AM
Last accessed : 7/24/2004 4:21:26 PM
Last modified : 4/15/2003 12:05:20 AM

#:37 [ad-aware.exe]
FilePath : C:\PROGRA~1\Lavasoft\AD-AWA~1\
ThreadCreationTime : 7-24-2004 4:42:53 PM
BasePriority : Normal
FileSize : 668 KB
FileVersion : 6.0.1.181
ProductVersion : 6.0.0.0
Copyright : Copyright
CompanyName : Lavasoft Sweden
FileDescription : Ad-aware 6 core application
InternalName : Ad-aware.exe
OriginalFilename : Ad-aware.exe
ProductName : Lavasoft Ad-aware Plus
Created on : 7/24/2004 3:25:46 PM
Last accessed : 7/24/2004 4:29:03 PM
Last modified : 7/13/2003 1:00:20 AM

Memory scan result :
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 0
Objects found so far: 0


Started registry scan
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ

StopPop Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{4534CD6B-59D6-43FD-864B-06A0D843444A}


VX2 Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{0000607d-d204-42c7-8e46-216055bf9918}


VX2 Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : mxtargetdll.mxtargetdllobj.1


VX2 Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : TypeLib\{690BCCB4-6B83-4203-AE77-038C116594EC}


VX2 Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : vx2.vx2obj


Other Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value : Win Server Updt


Registry scan result :
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 6
Objects found so far: 6


Started deep registry scan
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ

Deep registry scan result :
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 0
Objects found so far: 6


ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ


Deep scanning and examining files (C:)
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ


Performing conditional scans..
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ

VX2 Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : Software\MxTarget


VX2 Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0000607D-D204-42C7-8E46-216055BF9918}


VX2 Object recognized!
Type : File
Data : dummy.htm
Object : c:\docume~1\magicm~1\locals~1\temp\

Created on : 7/24/2004 4:05:45 PM
Last accessed : 7/24/2004 4:05:45 PM
Last modified : 7/24/2004 4:05:45 PM



VX2 Object recognized!
Type : File
Data : polmx3.cab
Object : c:\docume~1\magicm~1\locals~1\temp\
FileSize : 41 KB
Created on : 7/24/2004 4:07:56 PM
Last accessed : 7/24/2004 4:07:56 PM
Last modified : 7/24/2004 4:07:56 PM



VX2 Object recognized!
Type : File
Data : polmx3.exe
Object : c:\docume~1\magicm~1\locals~1\temp\
FileSize : 37 KB
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
Copyright : callinghome.biz
CompanyName : callinghome.biz
FileDescription : Installation utility for www.callinghome.biz
InternalName : Calling Home
OriginalFilename : Caller.exe
ProductName : Calling Home
Created on : 7/24/2004 4:07:57 PM
Last accessed : 7/24/2004 4:07:57 PM
Last modified : 6/17/2004 5:14:12 PM



VX2 Object recognized!
Type : File
Data : polmx3.inf
Object : c:\docume~1\magicm~1\locals~1\temp\

Created on : 7/24/2004 4:07:57 PM
Last accessed : 7/24/2004 4:07:57 PM
Last modified : 6/17/2004 5:15:44 PM



VX2 Object recognized!
Type : File
Data : polmx3.inf
Object : c:\windows\inf\

Created on : 7/24/2004 4:07:57 PM
Last accessed : 7/24/2004 4:08:07 PM
Last modified : 6/17/2004 5:15:44 PM



VX2 Object recognized!
Type : File
Data : polmx3.inf
Object : c:\windows\lastgood\inf\

Created on : 7/24/2004 4:08:07 PM
Last accessed : 7/24/2004 4:08:07 PM
Last modified : 7/24/2004 4:08:07 PM



VX2 Object recognized!
Type : File
Data : polmx3.pnf
Object : c:\windows\lastgood\inf\

Created on : 7/24/2004 4:08:07 PM
Last accessed : 7/24/2004 4:08:07 PM
Last modified : 7/24/2004 4:08:07 PM



Conditional scan result:
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 9
Objects found so far: 15


12:47:28 PM Scan complete

Summary of this scan
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
Total scanning time :00:04:16:391
Objects scanned :54699
Objects identified :15
Objects ignored :0
New objects :15

Pest Patrol
OS: Windows XP
Product Edition: Corporate
PestPatrol version: 6/7/2004 4.4.3.24
PPServer.dll version: 1/26/2003
PPMemCheck version: 4/19/2003
PestPatrolCL version: 6/7/2004 4.4.3.19
PPUpdater version: 3/10/2004 4.4.0.33
PPfile.dat version: 7/22/2004
PPInfo.dat version: 7/22/2004
Spyware.dat version: 7/22/2004

Pests found:
ABetterInternet,HKEY_CLASSES_ROOT\interface\{4534cd6b-59d6-43fd-864b-06a0d843444a},na,na,7/24/2004,00-10-DC-9E-63-0D,USA
ABetterInternet,HKEY_CLASSES_ROOT\typelib\{690bccb4-6b83-4203-ae77-038c116594ec},na,na,7/24/2004,00-10-DC-9E-63-0D,USA
Adware.Binet,HKEY_LOCAL_MACHINE\software\classes\interface\{4534cd6b-59d6-43fd-864b-06a0d843444a},na,na,7/24/2004,00-10-DC-9E-63-0D,USA
Adware.Binet,HKEY_LOCAL_MACHINE\software\classes\typelib\{690bccb4-6b83-4203-ae77-038c116594ec},na,na,7/24/2004,00-10-DC-9E-63-0D,USA
IEPlugin,HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run|win server updt,na,na,7/24/2004,00-10-DC-9E-63-0D,USA
SpediaBar,HKEY_CLASSES_ROOT\vx2.vx2obj,na,na,7/24/2004,00-10-DC-9E-63-0D,USA
SpediaBar,HKEY_LOCAL_MACHINE\software\vendor\xml,na,na,7/24/2004,00-10-DC-9E-63-0D,USA
Twain-Tech,C:\WINDOWS\mxtarget.dll,na,na,7/24/2004,00-10-DC-9E-63-0D,USA
Twain-Tech,HKEY_CLASSES_ROOT\clsid\{0000607d-d204-42c7-8e46-216055bf9918},na,na,7/24/2004,00-10-DC-9E-63-0D,USA
Twain-Tech,HKEY_LOCAL_MACHINE\software\classes\clsid\{0000607d-d204-42c7-8e46-216055bf9918},na,na,7/24/2004,00-10-DC-9E-63-0D,USA
Twain-Tech,HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{0000607d-d204-42c7-8e46-216055bf9918},na,na,7/24/2004,00-10-DC-9E-63-0D,USA
Unknown BHO,C:\WINDOWS\preinsmt.exe,na,na,7/24/2004,00-10-DC-9E-63-0D,USA
VX2.ABetterInternet,HKEY_LOCAL_MACHINE\software\classes\vx2.vx2obj,na,na,7/24/2004,00-10-DC-9E-63-0D,USA

Hijack This
Logfile of HijackThis v1.98.0
Scan saved at 12:40:30 PM, on 7/24/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Fellowes\MediaFACE 4.0\SetHook.exe
C:\Program Files\Java\j2re1.5.0\bin\jusched.exe
C:\PROGRA~1\PESTPA~1\PPControl.exe
C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\eBay\eBay Toolbar\4.3.0.9\ebaytbar.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\WINDOWS\System32\pwdgui.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\magicmike\Local Settings\Temporary Internet Files\Content.IE5\OLABW1U7\CWShredder[1].exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\magicmike\Desktop\HijackThis.exe

O1 - Hosts: 216.19.0.250 idenupdate.motorola.com
O2 - BHO: MxTargetObj Class - {0000607D-D204-42C7-8E46-216055BF9918} - C:\WINDOWS\mxTarget.dll
O2 - BHO: eBay Helper Object - {001F2570-5DF5-11d3-B991-00A0C9BB0874} - C:\Program Files\eBay\eBay Toolbar\4.3.0.9\eBayBand.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: eBay Toolbar - {46AE04C0-BCFA-4728-90E7-00EB4A8B3863} - C:\Program Files\eBay\eBay Toolbar\4.3.0.9\eBayBand.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [MediaFace Integration] C:\Program Files\Fellowes\MediaFACE 4.0\SetHook.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.5.0\bin\jusched.exe
O4 - HKLM\..\Run: [PestPatrol Control Center] C:\PROGRA~1\PESTPA~1\PPControl.exe
O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
O4 - HKLM\..\Run: [Win Server Updt] C:\WINDOWS\wupdt.exe
O4 - HKLM\..\Run: [vviahxgk] C:\WINDOWS\System32\pwdgui.exe
O4 - Startup: Registration-InstantCopy.lnk = C:\Program Files\Pinnacle\Shared Files\InstantCDDVD\Pixie\RegTool.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: eBay Toolbar.LNK = C:\Program Files\eBay\eBay Toolbar\4.3.0.9\ebaytbar.exe
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Si&milar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.5.0\bin\npjpi150.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: eBay Toolbar - {92D7F210-7F20-11d3-8157-0090278B20DE} - C:\Program Files\eBay\eBay Toolbar\4.3.0.9\eBayBand.dll
O9 - Extra 'Tools' menuitem: eBay Toolbar - {92D7F210-7F20-11d3-8157-0090278B20DE} - C:\Program Files\eBay\eBay Toolbar\4.3.0.9\eBayBand.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {1C955F3B-5B32-4393-A05D-24B4970CD2A1} - http://streamp.baben...cabs/videox.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akama...meInstaller.exe
O16 - DPF: {C1BC62C5-CB36-4F0A-A48F-14696DA34140} (OBL.OBL_rev18) - http://www.dssrev.co...e/obl-rev18.CAB

VX2 FINDER
Files Found---

Additional Files---

Keys Under Notify---crypt32chain
Keys Under Notify---cryptnet
Keys Under Notify---cscdll
Keys Under Notify---igfxcui
Keys Under Notify---ScCertProp
Keys Under Notify---Schedule
Keys Under Notify---sclgntfy
Keys Under Notify---SensLogn
Keys Under Notify---termsrv
Keys Under Notify---wlballoon


Guardian Key--- is called:

User Agent String---

PLS HELP THX
MM

#2 mmxx66

mmxx66

    The SWI drummer

  • Retired Staff
  • PipPipPipPipPip
  • 4,412 posts

Posted 04 September 2004 - 06:33 PM

Sorry for the delay, if you still have problems post a fresh log please




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button