|
Malware Removal Discussion about Trojans, viruses, hoaxes, firewalls, spyware, and general Security issues. If you suspect your PC is infected with a virus, trojan or spyware app please include any supporting documentation or logs |
|
Topic Tools |
#1
|
|||
|
|||
anyone reading this.....please help
hello
i got infected with trojan sometimes ago, and i've been trying with norton antivirus and avg but i dun think,it even detected the trojan, when it detected the trojan and it fixed/deleted the trojan, but the trojan keeps coming back now i turnoff the system restore, the antivirus has stop noticing me with the infection but my computer running so slow. please read my HijackThis log file. thanks much Logfile of HijackThis v1.98.2 Scan saved at 9:01:11 PM, on 10/23/2004 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVG6\avgserv.exe C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\SOUNDMAN.EXE C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe C:\Program Files\Ahead\InCD\InCD.exe C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\MSN Apps\Updater\01.02.0002.1001\en-us\msnappau.exe C:\WINDOWS\System32\rundll32.exe C:\Program Files\Microtek\ScanWizard 5\ScannerFinder.exe C:\Program Files\Sony Ericsson\Mobile\audevicemgr.exe C:\PROGRA~1\SONYER~1\Mobile\CONNEC~1\CONNMN~1.EXE C:\PROGRA~1\Intuwave\Shared\MROUTE~1\mRouterRuntim e.exe C:\PROGRA~1\SONYER~1\Mobile\MOBILE~1\EPMWOR~1.EXE C:\Program Files\Messenger\msmsgs.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\WINDOWS\system32\ntvdm.exe C:\WINDOWS\System32\wuauclt.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Documents and Settings\Danny\My Documents\receive\Hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.searchwww.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.friendster.com/login.php R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.searchwww.com/bar.html O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.02.0002.1001\en-xu\stmain.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.0002.1001\en-au\msntb.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O2 - BHO: (no name) - {DE614603-6320-4046-A7A7-6A69CEC26F14} - C:\WINDOWS\mslagent\4b_1,0,0,9_mslagent.dll (file missing) O2 - BHO: WebBar Class - {EE392A64-F30B-47C8-A363-CDA1CEC7DC1B} - C:\PROGRA~1\ADVANC~1\bar.dll (file missing) O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: &SearchBar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: ninemsn - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.0002.1001\en-au\msntb.dll O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe /STARTUP O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~2\AdvTools\ADVCHK.EXE O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.0002.1001\en-us\msnappau.exe" O4 - HKLM\..\Run: [Spyware Stormer] C:\Program Files\Spyware Stormer\SpywareStormer.Exe O4 - HKCU\..\Run: [Instant Access] rundll32.exe EGCOMLIB_1035.dll,InstantAccess O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Microtek Scanner Finder.lnk = C:\Program Files\Microtek\ScanWizard 5\ScannerFinder.exe O4 - Global Startup: Phone Connection Monitor.lnk = C:\Program Files\Sony Ericsson\Mobile\audevicemgr.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Shorten URL - http://www.cjb.net/menuext.html O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O16 - DPF: {086A694F-91FB-4068-B44C-124FB69BF05D} - http://www.searchwww.com/search.cab O16 - DPF: {093F9CF8-0DE1-491C-95D5-5EC257BD4CA3} - http://akamai.downloadv3.com/binarie...tc32_EN_XP.cab O16 - DPF: {1EB17D1C-141D-4D9D-91CB-24D99215851D} - http://akamai.downloadv3.com/binarie...ia32_EN_XP.cab O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540000} (CInstall Class) - http://www.spywarestormer.com/files2/Install.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/SSC/Sha...in/AvSniff.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab O16 - DPF: {A02780C3-7F77-4E28-855B-28890F3CF37A} - http://akamai.downloadv3.com/binarie...35_pack_XP.cab O16 - DPF: {B914A3C5-80F5-43C1-A4A3-C4211921DC7B} - http://akamai.downloadv3.com/binarie...tc32_EN_XP.cab |
#2
|
||||
|
||||
Hi danitj and welcome to cth.
Running two av programs at the same time can cause problems ie conflicts. Your log does need attention. Please go here and download Spybot Search&Destroy: http://www.safer-networking.org/inde...&page=download Check for updates before running the program. A tutorial can be found under help. You can safely delete what it finds. Do likewise with Adaware SE that can be found here: http://lavasoft.element5.com/software/adaware/ Download CW Shredder: http://www.spywareinfo.com/~merijn/files/cwshredder.zip Unzip, run and hit the fix tab to fix all found problems. If the above does not resolve your problem then please post a new hjt log for one of the hjt experts to take a look. |
Bookmarks |
«
Previous Topic
|
Next Topic
»
Topic Tools | |
|
|
Similar Topics | ||||
Topic | Topic Starter | Forum | Replies | Last Post |
Not Reading CD's | lj219 | Windows XP | 8 | November 12th, 2007 02:15 AM |
reading CD's | weedp | Windows XP | 1 | November 2nd, 2006 05:46 PM |
Reading CD | jdunn | Windows XP | 0 | October 29th, 2006 03:16 AM |
512 RAM only Reading as 504 | MooseMan2216 | Hardware | 2 | February 26th, 2005 11:30 AM |
CD ROM not reading D:\ | Elite | The Anything Else Board | 0 | September 8th, 2003 01:20 PM |
All times are GMT +1. The time now is 08:28 AM.