Welcome guest. Before posting on our computer help forum, you must register. Click here it's easy and free.

« previous next »
Pages: [1]   Go Down

Author Topic: Re: Sysvxd.exe problem  (Read 3584 times)

0 Members and 1 Guest are viewing this topic.

gumybob

    Topic Starter


    Starter

    Re: Sysvxd.exe problem
    « on: May 29, 2009, 04:22:04 PM »
    OK, I now have the same problem... here is my hijack log...

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 3:19:31 PM, on 05/29/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16827)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
    C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Symantec\pcAnywhere\awhost32.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Symantec AntiVirus\DefWatch.exe
    c:\windows\micros~1.net\framew~1\v11~1.432\exe_cron.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Symantec AntiVirus\Rtvscan.exe
    C:\Program Files\Sony\VAIO Media Music Server\SSSvr.exe
    C:\Program Files\Sony\Photo Server 20\appsrv\PicAppSrv.exe
    C:\Program Files\Sony\giga pocket\GPVSvr.exe
    C:\WINDOWS\wanmpsvc.exe
    C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\sv_httpd.exe
    C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe
    C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
    C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
    C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe
    C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
    C:\WINDOWS\LTSMMSG.exe
    C:\WINDOWS\System32\ezSP_Px.exe
    C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
    C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\PROGRA~1\SYMANT~1\VPTray.exe
    C:\Program Files\2Wire Wireless Manager\2Wire.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Microsoft ActiveSync\wcescomm.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\PROGRA~1\MICROS~4\rapimgr.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\drivers\svchost.exe
    C:\Program Files\sony\giga pocket\usbsircs.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Sony\VAIO Action Setup\VAServ.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\4.0M MPEG4 DV\Console\Watch.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\TrueSwitchMSN\TrueWizard.exe
    C:\Program Files\sony\giga pocket\gps.exe
    C:\Documents and Settings\Robert\Application Data\mjusbsp\magicJack.exe
    C:\WINDOWS\explorer.exe
    C:\WINDOWS\system32\ntvdm.exe
    C:\American Systems\Print Screen Deluxe\psdeluxe.exe
    E:\Microsoft Office\Office10\WINWORD.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (file missing)
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
    O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe
    O4 - HKLM\..\Run: [LTSMMSG] LTSMMSG.exe
    O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
    O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
    O4 - HKLM\..\Run: [QuickFinder Scheduler] "C:\Program Files\Corel\WordPerfect Office 2002\Programs\QFSCHD100.EXE"
    O4 - HKLM\..\Run: [Lexmark X74-X75] "C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe"
    O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
    O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
    O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
    O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1102870781\ee\AOLSoftware.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
    O4 - HKLM\..\Run: [2Wire Wireless Manager] "C:\Program Files\2Wire Wireless Manager\2Wire.exe" -a
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "E:\Quick Time\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [realteks] "C:\Documents and Settings\Robert\Application Data\Google\uqrke8412012.exe" 2
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [Walgreens PhotoShow Media Manager] C:\PROGRA~1\WALGRE~1\WALGRE~1\data\Xtras\mssysmgr.exe
    O4 - HKCU\..\Run: [TivoTransfer] "C:\Program Files\Common Files\TiVo Shared\Transfer\TiVoTransfer.exe" /service /registry /auto:TivoTransfer
    O4 - HKCU\..\Run: [TivoNotify] "C:\Program Files\TiVo\Desktop\TiVoNotify.exe" /service /registry /auto:TivoNotify
    O4 - HKCU\..\Run: [TivoServer] "C:\Program Files\TiVo\Desktop\TiVoServer.exe" /service /registry /auto:TivoServer
    O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [cdloader] "C:\Documents and Settings\Robert\Application Data\mjusbsp\cdloader2.exe" MAGICJACK
    O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0b\AOL.EXE" -b
    O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_1_0 -reboot 1
    O4 - HKCU\..\Run: [SVCHOST.EXE] C:\WINDOWS\system32\drivers\svchost.exe
    O4 - HKCU\..\Run: [nah_Shell] C:\Documents and Settings\Robert\nah_juio.exe
    O4 - Startup: TrueAssistant.lnk = C:\Program Files\TrueSwitchMSN\TrueWizard.exe
    O4 - Startup: Webshots.lnk = E:\Webshots\Launcher.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = ?
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: DOG_NAV UPDATE.lnk = C:\navupdate\WiseUpdt.exe
    O4 - Global Startup: Giga Pocket Remocon Driver.lnk = ?
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - Global Startup: Microsoft Office.lnk = E:\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: Timer Recording Manager.lnk = ?
    O4 - Global Startup: VAIO Action Setup (Server).lnk = ?
    O4 - Global Startup: Watch.lnk = C:\Program Files\4.0M MPEG4 DV\Console\Watch.exe
    O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\MICROS~1\Office10\EXCEL.EXE/3000
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
    O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://bin.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,84/mcinsctl.cab
    O16 - DPF: {640B39C1-D713-464F-92C3-75BD972B95EE} - http://www.sidestep.com/get/k42037/sb028.cab
    O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://bin.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,21/mcgdmgr.cab
    O16 - DPF: {FA13A9FA-CA9B-11D2-9780-00104B242EA3} (WildTangent Control) - http://www.wildtangent.com/install/wdriver/ddc/shockwave/wtinst.cab
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
    O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: pcAnywhere Host Service (awhost32) - Symantec Corporation - C:\Program Files\Symantec\pcAnywhere\awhost32.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
    O23 - Service: EXE_CRON -   - c:\windows\micros~1.net\framew~1\v11~1.432\exe_cron.exe
    O23 - Service: Contivity VPN Service (ExtranetAccess) - Unknown owner - C:\Program Files\Qwest Virtual Remote Access\Extranet_serv.exe (file missing)
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
    O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
    O23 - Service: TiVo Beacon (TivoBeacon2) - TiVo Inc. - C:\Program Files\Common Files\TiVo Shared\Beacon\TiVoBeacon.exe
    O23 - Service: VAIO Media Music Server (Application) (VAIOMediaPlatform-MusicServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Music Server\SSSvr.exe
    O23 - Service: VAIO Media Music Server (HTTP) (VAIOMediaPlatform-MusicServer-HTTP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\sv_httpd.exe
    O23 - Service: VAIO Media Music Server (UPnP) (VAIOMediaPlatform-MusicServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
    O23 - Service: VAIO Media Photo Server (Application) (VAIOMediaPlatform-PhotoServer-AppServer) - Unknown owner - C:\Program Files\Sony\Photo Server 20\appsrv\PicAppSrv.exe
    O23 - Service: VAIO Media Photo Server (HTTP) (VAIOMediaPlatform-PhotoServer-HTTP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe
    O23 - Service: VAIO Media Photo Server (UPnP) (VAIOMediaPlatform-PhotoServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
    O23 - Service: VAIO Media Video Server (Application) (VAIOMediaPlatform-VideoServer-AppServer) - Sony Corporation - C:\Program Files\Sony\giga pocket\GPVSvr.exe
    O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe
    O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
    O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

    --
    End of file - 13694 bytes
    Logged

    gumybob

      Topic Starter


      Starter

      Re: Sysvxd.exe problem
      « Reply #1 on: May 29, 2009, 05:16:51 PM »
      Imput the log into the tool on this website and followed the instructions.  Also downloaded MBAM and ran that, found 10 files, deleted and here is the log it gave back....

      mbam-log-2009-05-29 (16-11-25).txt

      Scan type: Quick Scan
      Objects scanned: 102064
      Time elapsed: 8 minute(s), 2 second(s)

      Memory Processes Infected: 1
      Memory Modules Infected: 1
      Registry Keys Infected: 1
      Registry Values Infected: 1
      Registry Data Items Infected: 2
      Folders Infected: 0
      Files Infected: 4

      Memory Processes Infected:
      C:\WINDOWS\system32\drivers\svchost.exe (Heuristics.Reserved.Word.Exploit) -> Unloaded process successfully.

      Memory Modules Infected:
      C:\Documents and Settings\Robert\Application Data\Google\Shell32.dll (Trojan.FakeAlert) -> Delete on reboot.

      Registry Keys Infected:
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{386a771c-e96a-421f-8ba7-32f1b706892f} (Adware.ISTBar) -> Quarantined and deleted successfully.

      Registry Values Infected:
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.

      Registry Data Items Infected:
      HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe " %1) Good: (regedit.exe "%1") -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

      Folders Infected:
      (No malicious items detected)

      Files Infected:
      C:\WINDOWS\system32\drivers\svchost.exe (Trojan.Agent) -> Delete on reboot.
      c:\documents and settings\Robert\application data\Google\Shell32.dll (Trojan.FakeAlert) -> Delete on reboot.
      c:\documents and settings\Robert\application data\Google\uqrke8412012.exe (Trojan.FakeAlert) -> Delete on reboot.
      C:\WINDOWS\Sysvxd.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      Logged

      gumybob

        Topic Starter


        Starter

        Re: Sysvxd.exe problem
        « Reply #2 on: May 29, 2009, 05:25:21 PM »
        Reran Hijack and here is the log now... (by the way, things are running better).  But I do have WAOL.exe that keeps starting up and slowing the system down.  Once I end that the system flys.

        Logfile of Trend Micro HijackThis v2.0.2
        Scan saved at 4:22:47 PM, on 05/29/2009
        Platform: Windows XP SP3 (WinNT 5.01.2600)
        MSIE: Internet Explorer v7.00 (7.00.6000.16827)
        Boot mode: Normal

        Running processes:
        C:\WINDOWS\System32\smss.exe
        C:\WINDOWS\system32\winlogon.exe
        C:\WINDOWS\system32\services.exe
        C:\WINDOWS\system32\lsass.exe
        C:\WINDOWS\system32\svchost.exe
        C:\WINDOWS\System32\svchost.exe
        C:\WINDOWS\system32\svchost.exe
        C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
        C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
        C:\WINDOWS\system32\LEXBCES.EXE
        C:\WINDOWS\system32\spoolsv.exe
        C:\WINDOWS\system32\LEXPPS.EXE
        C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
        C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
        C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
        C:\Program Files\Symantec\pcAnywhere\awhost32.exe
        C:\WINDOWS\Explorer.EXE
        C:\Program Files\Bonjour\mDNSResponder.exe
        C:\Program Files\Symantec AntiVirus\DefWatch.exe
        c:\windows\micros~1.net\framew~1\v11~1.432\exe_cron.exe
        C:\Program Files\Java\jre6\bin\jqs.exe
        C:\WINDOWS\System32\svchost.exe
        C:\Program Files\Symantec AntiVirus\Rtvscan.exe
        C:\Program Files\Sony\VAIO Media Music Server\SSSvr.exe
        C:\Program Files\Sony\Photo Server 20\appsrv\PicAppSrv.exe
        C:\Program Files\Sony\giga pocket\GPVSvr.exe
        C:\WINDOWS\wanmpsvc.exe
        C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\sv_httpd.exe
        C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe
        C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe
        C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
        C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
        C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
        C:\WINDOWS\System32\ezSP_Px.exe
        C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe
        C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
        C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
        C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
        C:\Program Files\Lexmark X74-X75\lxbbbmon.exe
        C:\Program Files\Common Files\AOL\1102870781\ee\AOLSoftware.exe
        C:\Program Files\Common Files\Symantec Shared\ccApp.exe
        C:\PROGRA~1\SYMANT~1\VPTray.exe
        C:\Program Files\2Wire Wireless Manager\2Wire.exe
        C:\Program Files\Java\jre6\bin\jusched.exe
        C:\Program Files\iTunes\iTunesHelper.exe
        C:\Program Files\Microsoft ActiveSync\wcescomm.exe
        C:\WINDOWS\system32\ctfmon.exe
        C:\WINDOWS\System32\svchost.exe
        C:\PROGRA~1\MICROS~4\rapimgr.exe
        C:\Program Files\adobe\Acrobat 7.0\Reader\reader_sl.exe
        C:\Program Files\sony\giga pocket\usbsircs.exe
        C:\Program Files\iPod\bin\iPodService.exe
        C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
        C:\Program Files\Sony\VAIO Action Setup\VAServ.exe
        C:\WINDOWS\system32\wuauclt.exe
        C:\Program Files\4.0M MPEG4 DV\Console\Watch.exe
        C:\Program Files\TrueSwitchMSN\TrueWizard.exe
        C:\Program Files\sony\giga pocket\gps.exe
        C:\Documents and Settings\Robert\Application Data\mjusbsp\st00000\mjsetup.exe
        C:\Documents and Settings\Robert\Application Data\mjusbsp\magicJack.exe
        C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
        R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
        O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
        O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
        O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
        O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
        O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
        O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
        O4 - HKLM\..\Run: [QuickFinder Scheduler] "C:\Program Files\Corel\WordPerfect Office 2002\Programs\QFSCHD100.EXE"
        O4 - HKLM\..\Run: [Lexmark X74-X75] "C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe"
        O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
        O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
        O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
        O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1102870781\ee\AOLSoftware.exe
        O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
        O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
        O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
        O4 - HKLM\..\Run: [2Wire Wireless Manager] "C:\Program Files\2Wire Wireless Manager\2Wire.exe" -a
        O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
        O4 - HKLM\..\Run: [QuickTime Task] "E:\Quick Time\qttask.exe" -atboottime
        O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
        O4 - HKLM\..\Run: [realteks] "C:\Documents and Settings\Robert\Application Data\Google\uqrke8412012.exe" 2
        O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
        O4 - HKCU\..\Run: [Walgreens PhotoShow Media Manager] C:\PROGRA~1\WALGRE~1\WALGRE~1\data\Xtras\mssysmgr.exe
        O4 - HKCU\..\Run: [TivoTransfer] "C:\Program Files\Common Files\TiVo Shared\Transfer\TiVoTransfer.exe" /service /registry /auto:TivoTransfer
        O4 - HKCU\..\Run: [TivoNotify] "C:\Program Files\TiVo\Desktop\TiVoNotify.exe" /service /registry /auto:TivoNotify
        O4 - HKCU\..\Run: [TivoServer] "C:\Program Files\TiVo\Desktop\TiVoServer.exe" /service /registry /auto:TivoServer
        O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
        O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
        O4 - HKCU\..\Run: [cdloader] "C:\Documents and Settings\Robert\Application Data\mjusbsp\cdloader2.exe" MAGICJACK
        O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0b\AOL.EXE" -b
        O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_1_0 -reboot 1
        O4 - Startup: TrueAssistant.lnk = C:\Program Files\TrueSwitchMSN\TrueWizard.exe
        O4 - Startup: Webshots.lnk = E:\Webshots\Launcher.exe
        O4 - Global Startup: Adobe Gamma Loader.lnk = ?
        O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\adobe\Acrobat 7.0\Reader\reader_sl.exe
        O4 - Global Startup: DOG_NAV UPDATE.lnk = C:\navupdate\WiseUpdt.exe
        O4 - Global Startup: Giga Pocket Remocon Driver.lnk = ?
        O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
        O4 - Global Startup: Microsoft Office.lnk = E:\Microsoft Office\Office10\OSA.EXE
        O4 - Global Startup: Timer Recording Manager.lnk = ?
        O4 - Global Startup: VAIO Action Setup (Server).lnk = ?
        O4 - Global Startup: Watch.lnk = C:\Program Files\4.0M MPEG4 DV\Console\Watch.exe
        O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
        O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\MICROS~1\Office10\EXCEL.EXE/3000
        O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
        O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
        O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
        O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
        O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
        O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
        O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
        O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
        O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
        O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://bin.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,84/mcinsctl.cab
        O16 - DPF: {640B39C1-D713-464F-92C3-75BD972B95EE} - http://www.sidestep.com/get/k42037/sb028.cab
        O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://bin.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,21/mcgdmgr.cab
        O16 - DPF: {FA13A9FA-CA9B-11D2-9780-00104B242EA3} (WildTangent Control) - http://www.wildtangent.com/install/wdriver/ddc/shockwave/wtinst.cab
        O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
        O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
        O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
        O23 - Service: pcAnywhere Host Service (awhost32) - Symantec Corporation - C:\Program Files\Symantec\pcAnywhere\awhost32.exe
        O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
        O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
        O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
        O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
        O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
        O23 - Service: EXE_CRON -   - c:\windows\micros~1.net\framew~1\v11~1.432\exe_cron.exe
        O23 - Service: Contivity VPN Service (ExtranetAccess) - Unknown owner - C:\Program Files\Qwest Virtual Remote Access\Extranet_serv.exe (file missing)
        O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
        O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
        O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
        O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
        O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
        O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
        O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
        O23 - Service: TiVo Beacon (TivoBeacon2) - TiVo Inc. - C:\Program Files\Common Files\TiVo Shared\Beacon\TiVoBeacon.exe
        O23 - Service: VAIO Media Music Server (Application) (VAIOMediaPlatform-MusicServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Music Server\SSSvr.exe
        O23 - Service: VAIO Media Music Server (HTTP) (VAIOMediaPlatform-MusicServer-HTTP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\sv_httpd.exe
        O23 - Service: VAIO Media Music Server (UPnP) (VAIOMediaPlatform-MusicServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
        O23 - Service: VAIO Media Photo Server (Application) (VAIOMediaPlatform-PhotoServer-AppServer) - Unknown owner - C:\Program Files\Sony\Photo Server 20\appsrv\PicAppSrv.exe
        O23 - Service: VAIO Media Photo Server (HTTP) (VAIOMediaPlatform-PhotoServer-HTTP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe
        O23 - Service: VAIO Media Photo Server (UPnP) (VAIOMediaPlatform-PhotoServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
        O23 - Service: VAIO Media Video Server (Application) (VAIOMediaPlatform-VideoServer-AppServer) - Sony Corporation - C:\Program Files\Sony\giga pocket\GPVSvr.exe
        O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe
        O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
        O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

        --
        End of file - 13265 bytes


        Logged

        evilfantasy

        • Malware Removal Specialist
        • Moderator


          • Genius
        • Calm like a bomb
          • Thanked: 493
        • Experience: Experienced
        • OS: Windows 11
        Re: Re: Sysvxd.exe problem
        « Reply #3 on: May 29, 2009, 09:54:00 PM »
        Is AOL your internet provider?

        Please go to Jotti's malware scan

        • Copy the file path in the below Code box:
        Code: [Select]
        c:\windows\micros~1.net\framew~1\v11~1.432\exe_cron.exe
        • At the upload site, click once inside the window next to Browse.
        • Press Ctrl+V on the keyboard (both at the same time) to paste the file path into the window.
        • Next click Submit file
          • Your file will possibly be entered into a queue which normally takes less than a minute to clear.
        • This will perform a scan across multiple different virus scanning engines.
        • Important: Wait for all of the scanning engines to complete.
        • Once the scan is finished, Copy and then Paste the link in the address bar into your next reply.
        Logged
        Pages: [1]   Go Up
        « previous next »