TechSpot

Need help unknown virus

By ANITO9999
Apr 24, 2008
  1. PLZ HELP IT DISABLES MY FOLDER OPTIONS EVEN IF IF I FIX IT THROUGH REGEDIT IT RETURNS AFTER A FEW SECONDS
    HERE IS MY LOG FILE

    Logfile of HijackThis v1.99.1
    Scan saved at 1:10:20 PM, on 4/23/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    H:\WINDOWS\System32\smss.exe
    H:\WINDOWS\system32\winlogon.exe
    H:\WINDOWS\system32\services.exe
    H:\WINDOWS\system32\lsass.exe
    H:\WINDOWS\system32\svchost.exe
    H:\WINDOWS\System32\svchost.exe
    H:\Program Files\Stardock\Object Desktop\WindowBlinds\wbload.exe
    H:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    H:\WINDOWS\Explorer.EXE
    H:\WINDOWS\system32\spoolsv.exe
    H:\WINDOWS\system32\nvsvc32.exe
    H:\Program Files\HHVcdV5Sys\VC5SecS.exe
    H:\Program Files\HHVcdV5Sys\VC5Play.exe
    H:\WINDOWS\smss.exe
    H:\Program Files\DAEMON Tools\daemon.exe
    H:\PROGRA~1\Greatis\REGRUN~1\WatchDog.exe
    H:\Program Files\UnHackMe\hackmon.exe
    H:\Program Files\Virtual CD v5\System\VC5Tray.exe
    h:\Program Files\Hijackthis\HijackThis.exe

    O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - P:\Internet Download Manager\IDMIECC.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - h:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O4 - HKLM\..\Run: [VC5Player] H:\Program Files\HHVcdV5Sys\VC5Play.exe
    O4 - HKLM\..\Run: [MSPY2002] H:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [DAEMON Tools] "H:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [NeroFilterCheck] H:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE H:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [system] H:\WINDOWS\kernel32.ini
    O4 - HKLM\..\Run: [RegRun WinBait] H:\WINDOWS\winbait.exe
    O4 - HKLM\..\Run: [@RegRunOnSecure] h:\PROGRA~1\Greatis\REGRUN~1\OnSecure.exe
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "H:\Program Files\DAEMON Tools\daemon.exe"
    O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "H:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
    O4 - HKCU\..\Run: [Regrun2] h:\PROGRA~1\Greatis\REGRUN~1\WatchDog.exe
    O4 - HKCU\..\Run: [UnHackMe Monitor] h:\Program Files\UnHackMe\hackmon.exe
    O8 - Extra context menu item: Download all links with IDM - P:\Internet Download Manager\IEGetAll.htm
    O8 - Extra context menu item: Download FLV video content with IDM - P:\Internet Download Manager\IEGetVL.htm
    O8 - Extra context menu item: Download with IDM - P:\Internet Download Manager\IEExt.htm
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - h:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - h:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
    O20 - Winlogon Notify: WB - H:\PROGRA~1\STARDOCK\OBJECT~1\WINDOW~1\fastload.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - H:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - H:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Boonty Games - BOONTY - H:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - H:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Virtual CD v5 Security service (VC5SecS) - H+H Software GmbH - H:\Program Files\HHVcdV5Sys\VC5SecS.exe
     
  2. kritius

    kritius TS Guru Posts: 2,087

    Go to add/remove programs and unistall HijackThis your version is out of date.

    I need you to follow all the steps HERE and then post back with the three requested logs as attachments
    • AVG antispyware
    • ComboFix
    • Hijackthis (step 15)

    Dont forget to make sure that AVG is set to quarantine the results, that HJT is the last step and to let us know the results of the antirootkit scan.

    And dont use CAPITALS.
     
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.