Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Please Help Me Get Rid Of This Virus...


  • This topic is locked This topic is locked
9 replies to this topic

#1 Jassie71606

Jassie71606

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:58 AM

Posted 17 May 2007 - 04:52 PM

I'd like to start off by saying I'm not really computer savy, so if I ask stupid questions I apologize in advance. I recently picked up a trojan virus from somewhere. My Norton picks it up but will not get rid of it all it has done is quarantine it. My Norton is always updated so I don't know why it won't remove it. Well I keep getting pop ups and my searches keep getting misdirected. It's really annoying. And now my pc is running slower. So I need help. How can I get you guys more info so that you can help me?

BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • BC Advisor
  • 12,985 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:04:58 AM

Posted 17 May 2007 - 07:02 PM

Welcome to BC
If you know the name of the malware that Norton identified I might be able to give you a more specific fix. Otherwise, follow the directions below.

Install Super Antispyware. Run it in safe mode. Allow it to quarantine whatever it finds.
http://www.superantispyware.com/

Run the online scan for Bit Defender in normal mode. Allow it to quarantine whatever it finds.
http://www.bitdefender.com/scan8/ie.html

--------------------------------------------------------------------------------

Post a Hijack This log in the Hijack This Forum by following the directions in the link below if the programs above have not removed ALL malware. DO NOT post the log in this forum.
http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/
--------------------------------------------------------------------------------

How To start Windows in Safe Mode
http://www.bleepingcomputer.com/tutorials/how-to-start-windows-in-safe-mode/

Edited by buddy215, 17 May 2007 - 07:18 PM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,111 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:58 AM

Posted 17 May 2007 - 10:11 PM

Also download and scan with Dr.Web CureIt. Follow the instructions here for performing a scan.

Post back and let us know how your machine is running after performing these scans.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#4 Jassie71606

Jassie71606
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:58 AM

Posted 17 May 2007 - 10:16 PM

Unfortunately Norton only tells me it is a Trojan Horse, which is not very helpful. I will take the above steps and get back to you. Thanks for the help, it's very much appreciated.

#5 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,111 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:58 AM

Posted 17 May 2007 - 10:56 PM

If Norton provides the name of the file and the path to its location, you can submit the file for analysis to jotti's virusscan or virustotal.com. In the "File to upload & scan" box, browse to the location of the suspicious file and submit (upload) it for scanning/analysis.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#6 Jassie71606

Jassie71606
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:58 AM

Posted 18 May 2007 - 02:47 PM

Ok I ran the Superantispyware It found a lot of things...

Here is the log

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 05/18/2007 at 01:11 AM

Application Version : 3.7.1018

Core Rules Database Version : 3240
Trace Rules Database Version: 1251

Scan type : Complete Scan
Total Scan Time : 01:25:11

Memory items scanned : 174
Memory threats detected : 2
Registry items scanned : 7929
Registry threats detected : 26
File items scanned : 50924
File threats detected : 30

Trojan.WinFixer
C:\WINDOWS\SYSTEM32\SSTTQ.DLL
C:\WINDOWS\SYSTEM32\SSTTQ.DLL
HKLM\Software\Classes\CLSID\{FDCE5880-49CD-4E3B-86DE-55D3035D0B7D}
HKCR\CLSID\{FDCE5880-49CD-4E3B-86DE-55D3035D0B7D}
HKCR\CLSID\{FDCE5880-49CD-4E3B-86DE-55D3035D0B7D}\InprocServer32
HKCR\CLSID\{FDCE5880-49CD-4E3B-86DE-55D3035D0B7D}\InprocServer32#ThreadingModel
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDCE5880-49CD-4E3B-86DE-55D3035D0B7D}
Software\Microsoft\Windows NT\CurrentVersion\WinLogon\Notify\ssttq

Trojan.Mezzia/Resident
C:\WINDOWS\SYSTEM32\WINMFU32.DLL
C:\WINDOWS\SYSTEM32\WINMFU32.DLL

Adware.Vundo Variant
HKLM\Software\Classes\CLSID\{55DB983C-BDBF-426f-86F0-187B02DDA39B}
HKCR\CLSID\{55DB983C-BDBF-426F-86F0-187B02DDA39B}
HKCR\CLSID\{55DB983C-BDBF-426F-86F0-187B02DDA39B}\InprocServer32
HKCR\CLSID\{55DB983C-BDBF-426F-86F0-187B02DDA39B}\InprocServer32#ThreadingModel
C:\WINDOWS\SYSTEM32\WGHYPAEL.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{55DB983C-BDBF-426f-86F0-187B02DDA39B}
HKCR\CLSID\{55DB983C-BDBF-426F-86F0-187B02DDA39B}
C:\WINDOWS\SYSTEM32\YAYXUVS.DLL

Adware.Tracking Cookie
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@track.bestbuy[2].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@www.amaena[2].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@ehg-pcsecurityshield.hitbox[1].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@www.asiansexqueens[1].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@myadultreviews[1].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@kanoodle[2].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@www2.addfreestats[1].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@mywebsearch[2].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@3.adbrite[1].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@2.adbrite[1].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@c.alladultchannel[1].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@imrworldwide[2].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@winantivirus[1].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@alladultchannel[1].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@www.googleadservices[2].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@hitbox[2].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@cpvfeed[1].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@track.searchignite[1].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@www.alladultchannel[1].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@www.3dstats[1].txt
C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@indiads[1].txt
C:\Documents and Settings\Paul\Cookies\paul@ads.as4x.tmcs.ticketmaster[2].txt

Trojan.NewDotNet
C:\Program Files\NewDotNet\readme.txt
C:\Program Files\NewDotNet

Trojan.Unknown Origin
HKLM\SOFTWARE\Microsoft\MSSMGR
HKLM\SOFTWARE\Microsoft\MSSMGR#Data
HKLM\SOFTWARE\Microsoft\MSSMGR#LSTV
HKLM\SOFTWARE\Microsoft\MSSMGR#Brnd
HKLM\SOFTWARE\Microsoft\MSSMGR#MSLIST
HKLM\SOFTWARE\Microsoft\MSSMGR#PID
HKLM\SOFTWARE\Microsoft\MSSMGR#Rid
HKLM\SOFTWARE\Microsoft\MSSMGR#LID
HKLM\SOFTWARE\Microsoft\MSSMGR#SCLIST
HKLM\SOFTWARE\Microsoft\MSSMGR#SSLIST
HKLM\SOFTWARE\Microsoft\MSSMGR#BSTV
HKLM\SOFTWARE\Microsoft\MSSMGR#SSTV
HKLM\SOFTWARE\Microsoft\MSSMGR#BPTV
HKLM\SOFTWARE\Microsoft\MSSMGR#PSTV

Trojan.Downloader-Gen/Mandingo
C:\WINDOWS\TEMP\WIN31.TMP.EXE

Trojan.Downloader-Gen/Inst2
C:\WINDOWS\TEMP\WIN35.TMP.EXE

And I did a scan with Bit defender as advised and here is the log for that one...

BitDefender Online Scanner
Scan report generated at: Fri, May 18, 2007 - 04:50:30
Scan path: C:\;D:\;E:\;F:\;H:\;I:\;J:\;K:\;

Statistics

Time 03:18:46

Files 921583

Folders 9422

Boot Sectors 3

Archives 19944

Packed Files 93828


Results

Identified Viruses 15

Infected Files 21

Suspect Files 0

Warnings 0

Disinfected 0

Deleted Files 27


Engines Info

Virus Definitions

506918

Engine build


AVCORE v1.0 (build 2397) (i386) (Feb 8 2007 14:24:08)

Scan plugins


14

Archive plugins


38

Unpack plugins


6

E-mail plugins


6

System plugins


1







Scan Settings

First Action


Disinfect

Second Action


Delete

Heuristics


Yes

Enable Warnings


Yes

Scanned Extensions


*;

Exclude Extensions




Scan Emails


Yes

Scan Archives


Yes

Scan Packed


Yes

Scan Files


Yes

Scan Boot


Yes








Scanned File


Status

C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Profiles\chihuahua at Optimum Online\TlZDrOu8.slt\Cache(2)\7C3CB2F9d01=>wise0020


Infected with: Trojan.Downloader.Small.DQ

C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Profiles\chihuahua at Optimum Online\TlZDrOu8.slt\Cache(2)\7C3CB2F9d01=>wise0020


Disinfection failed

C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Profiles\chihuahua at Optimum Online\TlZDrOu8.slt\Cache(2)\7C3CB2F9d01=>wise0020


Deleted

C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Profiles\chihuahua at Optimum Online\TlZDrOu8.slt\Cache(2)\7C3CB2F9d01


Update failed

C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Profiles\chihuahua at Optimum Online\TlZDrOu8.slt\Cache(2)\7C3CB2F9d01=>wise0021


Detected with: Application.Adware.NewDotNet.B.Dropper

C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Profiles\chihuahua at Optimum Online\TlZDrOu8.slt\Cache(2)\7C3CB2F9d01=>wise0021


Deleted

C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Profiles\chihuahua at Optimum Online\TlZDrOu8.slt\Cache(2)\7C3CB2F9d01


Update failed

C:\Documents and Settings\HP_Administrator\Shared\Setup.exe


Infected with: Trojan.Downloader.Agent.AUV

C:\Documents and Settings\HP_Administrator\Shared\Setup.exe


Disinfection failed

C:\Documents and Settings\HP_Administrator\Shared\Setup.exe


Deleted

C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\1E315B15.cab=>(Quarantine-2)=>UWA7P_0001_N91M0809NetInstaller.exe


Infected with: Trojan.Downloader.Winfixer.O

C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\1E315B15.cab=>(Quarantine-2)=>UWA7P_0001_N91M0809NetInstaller.exe


Disinfection failed

C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\1E315B15.cab=>(Quarantine-2)=>UWA7P_0001_N91M0809NetInstaller.exe


Deleted

C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\1E315B15.cab=>(Quarantine-2)


Update failed

C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\2FA72ABA.exe=>(Quarantine-2)


Infected with: Trojan.Agent.AUJ

C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\2FA72ABA.exe=>(Quarantine-2)


Disinfection failed

C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\2FA72ABA.exe=>(Quarantine-2)


Deleted

C:\System Volume Information\_restore{7E6001F9-0A8D-45EC-B593-E452C096CF95}\RP295\A0057402.DLL


Detected with: Adware.Mywebsearch.G

C:\System Volume Information\_restore{7E6001F9-0A8D-45EC-B593-E452C096CF95}\RP295\A0057402.DLL


Disinfection failed

C:\System Volume Information\_restore{7E6001F9-0A8D-45EC-B593-E452C096CF95}\RP295\A0057402.DLL


Deleted

C:\System Volume Information\_restore{7E6001F9-0A8D-45EC-B593-E452C096CF95}\RP295\A0057405.DLL


Detected with: Adware.Mywebsearch.G

C:\System Volume Information\_restore{7E6001F9-0A8D-45EC-B593-E452C096CF95}\RP295\A0057405.DLL


Disinfection failed

C:\System Volume Information\_restore{7E6001F9-0A8D-45EC-B593-E452C096CF95}\RP295\A0057405.DLL


Deleted

C:\System Volume Information\_restore{7E6001F9-0A8D-45EC-B593-E452C096CF95}\RP295\A0057419.DLL


Detected with: Adware.Mywebsearch.G

C:\System Volume Information\_restore{7E6001F9-0A8D-45EC-B593-E452C096CF95}\RP295\A0057419.DLL


Disinfection failed

C:\System Volume Information\_restore{7E6001F9-0A8D-45EC-B593-E452C096CF95}\RP295\A0057419.DLL


Deleted

C:\System Volume Information\_restore{7E6001F9-0A8D-45EC-B593-E452C096CF95}\RP351\A0066668.exe=>(NSIS o)=>lzma_solid_nsis0000


Infected with: Trojan.Downloader.Zlob.ZTQ

C:\System Volume Information\_restore{7E6001F9-0A8D-45EC-B593-E452C096CF95}\RP351\A0066668.exe=>(NSIS o)=>lzma_solid_nsis0000


Disinfection failed

C:\System Volume Information\_restore{7E6001F9-0A8D-45EC-B593-E452C096CF95}\RP351\A0066668.exe=>(NSIS o)=>lzma_solid_nsis0000


Deleted

C:\System Volume Information\_restore{7E6001F9-0A8D-45EC-B593-E452C096CF95}\RP351\A0066668.exe=>(NSIS o)


Update failed

C:\System Volume Information\_restore{7E6001F9-0A8D-45EC-B593-E452C096CF95}\RP351\A0066668.exe=>(NSIS o)=>lzma_solid_nsis0006


Infected with: Trojan.Zlob.BPA

C:\System Volume Information\_restore{7E6001F9-0A8D-45EC-B593-E452C096CF95}\RP351\A0066668.exe=>(NSIS o)=>lzma_solid_nsis0006


Disinfection failed

C:\System Volume Information\_restore{7E6001F9-0A8D-45EC-B593-E452C096CF95}\RP351\A0066668.exe=>(NSIS o)=>lzma_solid_nsis0006


Deleted

C:\System Volume Information\_restore{7E6001F9-0A8D-45EC-B593-E452C096CF95}\RP351\A0066668.exe=>(NSIS o)


Update failed

C:\System Volume Information\_restore{7E6001F9-0A8D-45EC-B593-E452C096CF95}\RP352\A0067106.exe


Infected with: Trojan.Downloader.Agent.AUV

C:\System Volume Information\_restore{7E6001F9-0A8D-45EC-B593-E452C096CF95}\RP352\A0067106.exe


Disinfection failed

C:\System Volume Information\_restore{7E6001F9-0A8D-45EC-B593-E452C096CF95}\RP352\A0067106.exe


Deleted

C:\System Volume Information\_restore{7E6001F9-0A8D-45EC-B593-E452C096CF95}\RP355\A0067366.exe=>(NSIS o)=>lzma_nsis0006


Infected with: Trojan.FatObfus.Gen

C:\System Volume Information\_restore{7E6001F9-0A8D-45EC-B593-E452C096CF95}\RP355\A0067366.exe=>(NSIS o)=>lzma_nsis0006


Disinfection failed

C:\System Volume Information\_restore{7E6001F9-0A8D-45EC-B593-E452C096CF95}\RP355\A0067366.exe=>(NSIS o)=>lzma_nsis0006


Deleted

C:\System Volume Information\_restore{7E6001F9-0A8D-45EC-B593-E452C096CF95}\RP355\A0067366.exe=>(NSIS o)


Update failed

C:\System Volume Information\_restore{7E6001F9-0A8D-45EC-B593-E452C096CF95}\RP366\A0068980.exe=>(RAR Sfx o)=>crack.exe


Infected with: MemScan:Trojan.Vundo.AJ

C:\System Volume Information\_restore{7E6001F9-0A8D-45EC-B593-E452C096CF95}\RP366\A0068980.exe=>(RAR Sfx o)=>crack.exe


Disinfection failed

C:\System Volume Information\_restore{7E6001F9-0A8D-45EC-B593-E452C096CF95}\RP366\A0068980.exe=>(RAR Sfx o)=>crack.exe


Deleted

C:\System Volume Information\_restore{7E6001F9-0A8D-45EC-B593-E452C096CF95}\RP366\A0068980.exe=>(RAR Sfx o)


Update failed

C:\System Volume Information\_restore{7E6001F9-0A8D-45EC-B593-E452C096CF95}\RP366\A0068980.exe=>(RAR Sfx o)=>serial.exe


Infected with: Trojan.Agent.AAAN

C:\System Volume Information\_restore{7E6001F9-0A8D-45EC-B593-E452C096CF95}\RP366\A0068980.exe=>(RAR Sfx o)=>serial.exe


Disinfection failed

C:\System Volume Information\_restore{7E6001F9-0A8D-45EC-B593-E452C096CF95}\RP366\A0068980.exe=>(RAR Sfx o)=>serial.exe


Deleted

C:\System Volume Information\_restore{7E6001F9-0A8D-45EC-B593-E452C096CF95}\RP366\A0068980.exe=>(RAR Sfx o)


Update failed

C:\System Volume Information\_restore{7E6001F9-0A8D-45EC-B593-E452C096CF95}\RP366\A0069161.dll=>(Quarantine-2)


Infected with: MemScan:Trojan.Vundo.DLO

C:\System Volume Information\_restore{7E6001F9-0A8D-45EC-B593-E452C096CF95}\RP366\A0069161.dll=>(Quarantine-2)


Disinfection failed

C:\System Volume Information\_restore{7E6001F9-0A8D-45EC-B593-E452C096CF95}\RP366\A0069161.dll=>(Quarantine-2)


Deleted

C:\System Volume Information\_restore{7E6001F9-0A8D-45EC-B593-E452C096CF95}\RP366\A0069162.exe=>(Quarantine-2)


Infected with: Trojan.DDos.M

C:\System Volume Information\_restore{7E6001F9-0A8D-45EC-B593-E452C096CF95}\RP366\A0069162.exe=>(Quarantine-2)


Disinfection failed

C:\System Volume Information\_restore{7E6001F9-0A8D-45EC-B593-E452C096CF95}\RP366\A0069162.exe=>(Quarantine-2)


Deleted

C:\System Volume Information\_restore{7E6001F9-0A8D-45EC-B593-E452C096CF95}\RP366\A0069163.dll=>(Quarantine-2)


Infected with: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{7E6001F9-0A8D-45EC-B593-E452C096CF95}\RP366\A0069163.dll=>(Quarantine-2)


Deleted

C:\System Volume Information\_restore{7E6001F9-0A8D-45EC-B593-E452C096CF95}\RP366\A0069170.dll=>(Quarantine-2)


Detected with: Adware.Instafind.A

C:\System Volume Information\_restore{7E6001F9-0A8D-45EC-B593-E452C096CF95}\RP366\A0069170.dll=>(Quarantine-2)


Disinfection failed

C:\System Volume Information\_restore{7E6001F9-0A8D-45EC-B593-E452C096CF95}\RP366\A0069170.dll=>(Quarantine-2)


Deleted

C:\System Volume Information\_restore{7E6001F9-0A8D-45EC-B593-E452C096CF95}\RP373\A0070836.dll


Infected with: Trojan.Agent.AAAN

C:\System Volume Information\_restore{7E6001F9-0A8D-45EC-B593-E452C096CF95}\RP373\A0070836.dll


Disinfection failed

C:\System Volume Information\_restore{7E6001F9-0A8D-45EC-B593-E452C096CF95}\RP373\A0070836.dll


Deleted

C:\System Volume Information\_restore{7E6001F9-0A8D-45EC-B593-E452C096CF95}\RP373\A0070852.exe


Infected with: Trojan.Downloader.Agent.AUV

C:\System Volume Information\_restore{7E6001F9-0A8D-45EC-B593-E452C096CF95}\RP373\A0070852.exe


Disinfection failed

C:\System Volume Information\_restore{7E6001F9-0A8D-45EC-B593-E452C096CF95}\RP373\A0070852.exe


Deleted

C:\System Volume Information\_restore{7E6001F9-0A8D-45EC-B593-E452C096CF95}\RP373\A0070855.exe=>(Quarantine-2)


Infected with: Trojan.Agent.AUJ

C:\System Volume Information\_restore{7E6001F9-0A8D-45EC-B593-E452C096CF95}\RP373\A0070855.exe=>(Quarantine-2)


Disinfection failed

C:\System Volume Information\_restore{7E6001F9-0A8D-45EC-B593-E452C096CF95}\RP373\A0070855.exe=>(Quarantine-2)


Deleted


Computer is still acting up and opening internet explorer and redirecting searches.

I tried to do a hijack this log but when I downloaded it and unzipped and Norton popped up saying it found an info stealer virus and blocked it. For some reason I unzipped the program but it's not on my pc so that I can run it. I even went to the hijack this file under program files and the only thing in it was the .exe. So I wasn't able to produce a log for that. Anyhoo if you have anymore suggestions I would appreciate it my computer is still slow and acting weird. Thanks in advance.

#7 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,111 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:58 AM

Posted 18 May 2007 - 03:04 PM

If you downloaded Hijackthis from the link in the Prep Guide, it is safe and Norton appears to be giving a false positive. Redownload it, disconnect from the Internet and either block Norton from taking this action or temporarily disable it so you can install and run Hijackthis. Re-enable your anti-virus when done and before connecting back to the Internet.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#8 Jassie71606

Jassie71606
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:58 AM

Posted 18 May 2007 - 03:47 PM

Yes I downloaded Hijack this from the Prep guide link. I will do as you suggest now.

Edited by Jassie71606, 18 May 2007 - 08:25 PM.


#9 Jassie71606

Jassie71606
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:58 AM

Posted 18 May 2007 - 08:37 PM

Ok I posted my Hijack this log in the proper forum.
Here is the link....

http://www.bleepingcomputer.com/forums/t/92691/i-posted-on-the-am-i-infected-section/

#10 tg1911

tg1911

    Lord Spam Magnet


  • Members
  • 19,274 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SW Louisiana
  • Local time:03:58 AM

Posted 18 May 2007 - 08:56 PM

Jassie71606,

Since you have an open HJT log posted in the HijackThis Logs and Analysis forum, you shouldn't make any changes to your system.
That could change the results of the posted log, making it difficult to properly clean your system.

At this point, the HJT Team should be the only members that you take advice from, until they have verified your log as clean.

I'm closing this topic until you are cleared by the HJT Team.
If, after your log has been cleaned, you still need help, please PM a Moderator and we will re-open this topic.

If you have any questions, don't hesitate to send me a PM.
MOBO: GIGABYTE GA-MA790X-UD4P, CPU: Phenom II X4 955 Deneb BE, HS/F: CoolerMaster V8, RAM: 2 x 1G Kingston HyperX DDR2 800, VGA: ECS GeForce Black GTX 560, PSU: Antec TruePower Modular 750W, Soundcard: Asus Xonar D1, Case: CoolerMaster COSMOS 1000, Storage: Internal - 2 x Seagate 250GB SATA, 2 x WD 1TB SATA; External - Seagate 500GB USB, WD 640GB eSATA, 3 x WD 1TB eSATA

Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users