Tech Support Guy banner
Status
Not open for further replies.
1 - 3 of 3 Posts

·
Registered
Joined
·
120 Posts
Discussion Starter · #1 ·
hello guyz,

i have a mechine using 2network cards for internet sharing i use it as a internet server. found couple of virusus like w32randex.gen and cleand it updated the AV run the CWSSHREDER my problem is now when i open the ie explorer it will flash on the screen for few seconds and gone also i cant run any dianostic program like regedit hapen same fate to it aswell. also my AV is now not loading at all .did windows update and instaled the patches before this hapen when windows load can c two dos windows opens and closes in fraction of seconds.

any clue guyz

heres my hjt log but i can c the current running procces in the hjt window but can in the log.

family key loger i instaled it

thanks in advance

rimzan
Logfile of HijackThis v1.97.7
Scan saved at 10:51:04 AM, on 4/13/2004
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\Program Files\FamilyKeyLogger\cisvc.exe
C:\WINNT\system32\wuapdc.exe
C:\WINNT\system32\wuapdc.exe
C:\WINNT\system32\regedlt.exe
C:\HijackThis.exe

O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [FamilyKeyLogger] C:\Program Files\FamilyKeyLogger\cisvc.exe
O4 - HKLM\..\Run: [MBsync] wuapdc.exe
O4 - HKLM\..\Run: [tsx] regedlt.exe
O4 - HKLM\..\RunServices: [MBsync] wuapdc.exe
O4 - HKLM\..\RunServices: [tsx] regedlt.exe
O4 - HKCU\..\Run: [MBsync] wuapdc.exe
O4 - HKLM\..\RunOnce: [tsx] regedlt.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38084.2668055556
 
1 - 3 of 3 Posts
Status
Not open for further replies.
Top