[Please check this log.] - Computers



Search Tech-Forums - link takes you to our Forum's search page.

Note: The following is only a text archive!

To view the actual forum discussion, please visit our website at http://www.tech-forums.net

Pages:1


Please check this log.

(Click here to view the original thread with full colors/images)


Posted by: rlsmith04

These problems are killing me. Before posting this log I have ran the following: Norton AV, Spybot S7D, Adaware and CWS Shredder (all were updated) I did this about a week ago and just as I started to post a log on here the monitor shut off. The computer would power up but the monitor would not come on. I tried several diffents things and it just would not work. Well, a week later I decide to check the monitor to make sure it is working because it appeard the CPU was working fine. I hooked the monitor to my laptop and it worked fine. I plugged the monitor back up and rebooted. It came on to my suprise. After the computer booter Norton found about 20 trojans. Hope that give you more infor to go on. If I need to do anything else or rescan I will do anything it takes.

Logfile of HijackThis v1.98.2
Scan saved at 7:46:38 PM, on 2/13/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\System32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLACSD.EXE
C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\WINDOWS\system32\pctspk.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\vptray.exe
C:\PROGRA~1\PESTPA~1\PPControl.exe
C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
C:\Program Files\Messenger\msmsgs.exe
C:\antispyware\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [url]http://www.alltel.net/newuser/benefits[/url]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [url]http://rd.yahoo.com/customize/ymsgr/defaults/*http://my.yahoo.com[/url]
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [vptray] C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\vptray.exe
O4 - HKLM\..\Run: [PestPatrol Control Center] C:\PROGRA~1\PESTPA~1\PPControl.exe
O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE10\EXCEL.EXE/3000
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .asx: C:\Program Files\Netscape\Communicator\Program\PLUGINS\npdspl
ay.dll
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - [url]http://www.pandasoftware.com/activescan/as5/asinst.cab[/url]


Posted by: mobo

The log is relatively clean so please continue with this:

Download TDS-3 trojan scanner from [url]http://tds.diamondcs.com.au/index.php?page=download[/url]

Then you will need to manually update it so follow the instructions given here
[url]http://tds.diamondcs.com.au/index.php?page=update[/url]

Now open the program, pause until its finished its mini test then click system testing / full scan

If anything is found, right click and select delete to each when the scan completes itself.


Posted by: southernlady

Closed due to lack of activity. Liz




vBulletin Copyright ©2000 - 2003, Jelsoft Enterprises Limited.


PPC Management
vB Easy Archive Final - Created by Xenon