Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected With Alexa And Winnt Virus? Win2kp


  • This topic is locked This topic is locked
5 replies to this topic

#1 Knucka

Knucka

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:11:32 PM

Posted 09 December 2006 - 03:22 AM

My Dell XPS laptop just died and I happened across this old Compaq Armada, P1 233Mhz, 96Mb ram, 2Mb video memory.

I know, I know, you're all thinking, "I have to have that laptop at any price, please sell it to me!" :thumbsup:

But seriously folks, after spending three nights scanning, and rescanning I am done, I need help, whatever is on it keeps changing and I cannot do some of the steps you have posted. Both Housecall and Panda quit to desktop once started, and I cannot defrag or clean up after downloading all these programs onto my massive 3.2 gig hard drive. It works ok as a browser but I keep getting horizontal lines that glicth across the screen, and random IE crashes and system restarts.

I don't know if you guys do tech on 2k but I have patched to SP4, installed the rollup, DX8.1 and IE6.0(although I cannot install the cumilative patch reccomended for IE as it does not recognize IE6.0 as being installed.

I would appreciate any help with this as I have been getting a kick out of having to downgrade from an XPS M170 to an Armada 1592DMT, and would like to learn how to fix it so I can use it as a rig for older games like Starflight 2 or some Spacequest action.

Here is my log, thankx again;

Logfile of HijackThis v1.99.1
Scan saved at 12:48:08 AM, on 12/9/2006
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1165380391920
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

BC AdBot (Login to Remove)

 


#2 Knucka

Knucka
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:11:32 PM

Posted 15 December 2006 - 12:58 AM

http://www.bleepingcomputer.com/forums/t/74722/infected-with-alexa-and-winnt-virus-win2kp/

Posted on the 6th of December.

Thankx,
Knucka

#3 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:11:32 PM

Posted 15 December 2006 - 08:23 AM

Hi and welcome to Bleeping Computer! My name is Sam and I will be helping you. :thumbsup:
I apologize for the delay getting to your log, the helpers here are very busy.


Your log looks very clean. There is no signs of malware.
What indication are you getting that you are infected?
Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================

#4 Knucka

Knucka
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:11:32 PM

Posted 22 December 2006 - 12:36 AM

I will run all the tests again tonight and tomorrow just to make sure, maybee I got them all, admittedly a slower system, but I keep getting horizontal 'tears' accross the desktop but not when I am in a program or browsing window?

Thanks for the reply I will get back asap.
Knucka

#5 Knucka

Knucka
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:11:32 PM

Posted 31 December 2006 - 05:40 PM

Housecall exits to desktop before it finishes(unless it auto completes and compiles a log file), I have an active scan and bittorrent log file full of problems that maybe you could look at but don't know how to get them to you(suggestions?).

Computer still has horizontal 'tears' accross the desktop(lcd problem maybe?), and Avant wont update as it has become corrupted or damaged, so I dont know what to do in regards to a reinstall because of the items in the virus vault?

Would it be easier to just reformat and reinstall win2k, can one even buy it anymore?

I need to find a bigger hard drive for this bad boy.

Thankx for any and all help,
Knucka

#6 Buckeye_Sam

Buckeye_Sam

    Malware Expert


  • Members
  • 17,382 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pickerington, Ohio
  • Local time:11:32 PM

Posted 01 January 2007 - 10:53 AM

If you're going to reformat anyway, you should look into installing XP instead of 2000.

If you have a log from a virus scan, you can just post it here and I'll take a look. The problems with your screen would appear to be hardware related.
Posted Image If I have helped you in any way, please consider a donation to help me continue the fight against malware.


Failing to respond back to the person that is giving up their own time to help you not only is insensitive and disrespectful, but it guarantees that you will never receive help from me again. Please thank your helpers and there will always be help here when you need it!


========================================================




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users