|
|||||||
| Malware Removal Discussion about Trojans, viruses, hoaxes, firewalls, spyware, and general Security issues. If you suspect your PC is infected with a virus, trojan or spyware app please include any supporting documentation or logs |
 |
|
|
Topic Tools |
|
#16
October 23rd, 2004, 06:03 PM
|
||||
|
||||
|
Everything I Download Eg, MSN, mIRC, Zonelabs Firewall ( It Always Says a File Is Curropt )
Could It Be Related To The Norton? MSN Curropt File Is MsgrCore.cab ( I Think ) Does Anyone Else Have Info? Feel Abit Sorry For Acrobaze 8( 
|
|
#17
October 23rd, 2004, 06:31 PM
|
||||
|
||||
|
Logfile of HijackThis v1.98.2
Scan saved at 19:23:46, on 23/10/2004 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Macromedia\Flash Communication Server MX\FlashComAdmin.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe D:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE C:\Program Files\Macromedia\Flash Communication Server MX\FlashCom.exe C:\WINDOWS\System32\winitr32.exe C:\Program Files\Messenger Plus! 2\MsgPlus.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\WINDOWS\System32\carpserv.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\cmd.exe C:\WINDOWS\System32\winmon32.exe C:\New Folder (2)\HijackThis.exe O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - D:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - D:\Program Files\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [MessengerPlus2] "C:\Program Files\Messenger Plus! 2\MsgPlus.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe" O4 - HKLM\..\Run: [Advanced Tools Check] D:\PROGRA~1\NORTON~2\AdvTools\ADVCHK.EXE O4 - HKLM\..\Run: [CARPService] carpserv.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [Window Monitor] winmon32.exe O4 - HKLM\..\RunServices: [Window Monitor] winmon32.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{6076DE2B-5833-4109-86E0-3C66EEB441B5}: NameServer = 163.121.128.134 212.103.160.18
|
|
#18
October 23rd, 2004, 06:52 PM
|
|||
|
|||
|
New files..
Is your windows xp sp1 updated? Look at this: http://www.trendmicro.com/vinfo/viru...=WORM_SDBOT.RT Update windows with security patchs (the link is given in this page). ----------- Firewalls here: http://www.cybertechhelp.com/forums/...ad.php?t=12901 If the files you download are corrupted, then activate the windows xp's firewall: start->run-> type services.msc go to the firewall service and activate it. ----------- Lines to fix with HijackThis: O4 - HKLM\..\Run: [Window Monitor] winmon32.exe O4 - HKLM\..\RunServices: [Window Monitor] winmon32.exe and files to delete: C:\WINDOWS\System32\winitr32.exe C:\WINDOWS\System32\winmon32.exe
|
|
#19
October 23rd, 2004, 08:06 PM
|
||||
|
||||
|
Ok This is From another pc but its tottaly rubbish just using it to post a reply
Hijackthis doesnt load up anymore, and i have tres32.exe and a few more things im on the ball trying ti fix it but it just not going nowere
|
|
#20
November 27th, 2004, 03:37 PM
|
||||
|
||||
|
W00000000000000000000t! Finaly The Goddamn PC Is Fixed
 I Left It For Over 3 Weeks And Went On It Today, Disabled Some Processes Which Let Me Use HiJackThis And Got Rid Of Winser32.exe, sres.exe tres32.exe winitr32.exe and Some Other .EXE's WHich i Cant Remember Thx Acrobaz For All Your Help You Gave! And It Finaly Worked Out M8 Cheers! Samm
|
|
| Bookmarks |
«
Previous Topic
|
Next Topic
»
| Topic Tools | |
|
|
All times are GMT +1. The time now is 12:04 AM.