1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

win2k problem hjtlog posted

Discussion in 'Windows XP' started by rimzan, Apr 13, 2004.

Thread Status:
Not open for further replies.
  1. rimzan

    rimzan Thread Starter

    Joined:
    Sep 18, 2003
    Messages:
    108
    hello guyz,

    i have a mechine using 2network cards for internet sharing i use it as a internet server. found couple of virusus like w32randex.gen and cleand it updated the AV run the CWSSHREDER my problem is now when i open the ie explorer it will flash on the screen for few seconds and gone also i cant run any dianostic program like regedit hapen same fate to it aswell. also my AV is now not loading at all .did windows update and instaled the patches before this hapen when windows load can c two dos windows opens and closes in fraction of seconds.

    any clue guyz

    heres my hjt log but i can c the current running procces in the hjt window but can in the log.

    family key loger i instaled it


    thanks in advance

    rimzan
    Logfile of HijackThis v1.97.7
    Scan saved at 10:51:04 AM, on 4/13/2004
    Platform: Windows 2000 SP4 (WinNT 5.00.2195)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINNT\System32\smss.exe
    C:\WINNT\system32\winlogon.exe
    C:\WINNT\system32\services.exe
    C:\WINNT\system32\lsass.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\system32\spoolsv.exe
    C:\WINNT\System32\svchost.exe
    C:\WINNT\system32\regsvc.exe
    C:\WINNT\system32\MSTask.exe
    C:\WINNT\System32\WBEM\WinMgmt.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\Explorer.EXE
    C:\Program Files\FamilyKeyLogger\cisvc.exe
    C:\WINNT\system32\wuapdc.exe
    C:\WINNT\system32\wuapdc.exe
    C:\WINNT\system32\regedlt.exe
    C:\HijackThis.exe

    O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
    O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
    O4 - HKLM\..\Run: [FamilyKeyLogger] C:\Program Files\FamilyKeyLogger\cisvc.exe
    O4 - HKLM\..\Run: [MBsync] wuapdc.exe
    O4 - HKLM\..\Run: [tsx] regedlt.exe
    O4 - HKLM\..\RunServices: [MBsync] wuapdc.exe
    O4 - HKLM\..\RunServices: [tsx] regedlt.exe
    O4 - HKCU\..\Run: [MBsync] wuapdc.exe
    O4 - HKLM\..\RunOnce: [tsx] regedlt.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38084.2668055556
     
    rimzan, Apr 13, 2004
    #1
  2. Pancake

    Pancake

    Joined:
    Jan 9, 2004
    Messages:
    313
    W32/Sdbot-KA is/was an IRC backdoor Trojan and network worm.So you can remove these and see how it goes.

    O4 - HKLM\..\Run: [tsx] regedlt.exe
    O4 - HKLM\..\RunOnce: [tsx] regedlt.exe

    Remove this one from your main files....
    C:\WINNT\system32\regedlt.exe

    Should you have problems just follow the instruction here..
    http://www.us.sophos.com/virusinfo/analyses/w32sdbotka.html
     
    Pancake, Apr 13, 2004
    #2
  3. rimzan

    rimzan Thread Starter

    Joined:
    Sep 18, 2003
    Messages:
    108
    thanks pancake

    ill do it and post a reply

    rimzan
     
    rimzan, Apr 13, 2004
    #3
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Similar Threads - win2k problem hjtlog
  1. dragster1981

    Installed Maxthon 5 browser now audio problems

    dragster1981, Sep 15, 2019, in forum: Windows XP
    Replies:
    10
    Views:
    742
    plodr
    Oct 13, 2019
  2. skpappish

    Solved Problem with BIOS

    skpappish, May 20, 2019, in forum: Windows XP
    Replies:
    10
    Views:
    705
    skpappish
    May 22, 2019
  3. ljsejones

    Solved I know this is an old problem, but...

    ljsejones, May 4, 2019, in forum: Windows XP
    Replies:
    8
    Views:
    812
    ljsejones
    May 8, 2019
  4. RoBorG2021

    WiFi connectivity problems with all browsers??

    RoBorG2021, May 1, 2019, in forum: Windows XP
    Replies:
    2
    Views:
    594
    plodr
    May 2, 2019
  5. Unlucky_Pete

    System Restore & Connection Problems

    Unlucky_Pete, Apr 26, 2019, in forum: Windows XP
    Replies:
    4
    Views:
    792
    TerryNet
    Apr 27, 2019
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/219883

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice