Gradia Posted April 6, 2005 Share Posted April 6, 2005 First, today I ran my virus scan and find this: Any idea what it is and how I can delete it? Also, my computer has been acting quite weird lately, I haven't been able to open Ad-Aware/Spybot. It just closes after about 5 seconds. This also happens with Firefox, if I have it open for about 10 minutes. Erm... Thats about it. :oops: Link to comment Share on other sites More sharing options...
Gradia Posted April 6, 2005 Author Share Posted April 6, 2005 I am also using Windows XP if that helps... Link to comment Share on other sites More sharing options...
grin_king Posted April 6, 2005 Share Posted April 6, 2005 Reboot into "Safe Mode with Networking". Scan using http://housecall.antivirus.com Scan with Ad-Aware SE Scan with HiJackThis reboot into "normal" mode. Post a HJT log here. One-time #13 smither.All-time #1 noob. Link to comment Share on other sites More sharing options...
zonda Posted April 6, 2005 Share Posted April 6, 2005 If you don't know how to boot up in safe mode with networking here is how: Restart your computer, and as it is restarting hit F8 repeatedly untill you get a screen asking how you would like to boot up. Then just use the up and down arrows to select 'safe mode with networking' and hit enter :wink: ... Link to comment Share on other sites More sharing options...
Gradia Posted April 6, 2005 Author Share Posted April 6, 2005 Done. I keep getting a problem with Housecall... So I just used AVG. It picked up this: Ad Aware didn't pick up anything serious. Here is the HJT Log: Logfile of HijackThis v1.99.1 Scan saved at 7:43:23 AM, on 7/04/2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss[Caution: ExecutableFile] C:\WINDOWS\system32\winlogon[Caution: ExecutableFile] C:\WINDOWS\system32\services[Caution: ExecutableFile] C:\WINDOWS\system32\lsass[Caution: ExecutableFile] C:\WINDOWS\system32\svchost[Caution: ExecutableFile] C:\WINDOWS\System32\svchost[Caution: ExecutableFile] C:\WINDOWS\system32\spoolsv[Caution: ExecutableFile] C:\WINDOWS\Explorer[Caution: ExecutableFile] C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr[Caution: ExecutableFile] C:\Program Files\Common Files\Sonic\Update Manager\sgtray[Caution: ExecutableFile] C:\apps\ABoard\ABoard[Caution: ExecutableFile] C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc[Caution: ExecutableFile] C:\Program Files\D-Link\DSL-200\dslagent[Caution: ExecutableFile] C:\Program Files\Zone Labs\ZoneAlarm\zlclient[Caution: ExecutableFile] C:\apps\ABoard\AOSD[Caution: ExecutableFile] C:\WINDOWS\system32\slserv[Caution: ExecutableFile] C:\Program Files\Java\jre1.5.0\bin\jusched[Caution: ExecutableFile] C:\Program Files\Microsoft IntelliType Pro\type32[Caution: ExecutableFile] C:\WINDOWS\system32\ZoneLabs\vsmon[Caution: ExecutableFile] C:\Program Files\Microsoft IntelliPoint\point32[Caution: ExecutableFile] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc[Caution: ExecutableFile] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc[Caution: ExecutableFile] C:\Program Files\iTunes\iTunesHelper[Caution: ExecutableFile] C:\Program Files\Common Files\Microsoft Shared\DAO\System32\svchost[Caution: ExecutableFile] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt[Caution: ExecutableFile] C:\Program Files\Belkin\Belkin 802.11g Wireless PCI Card Configuration Utility\utility[Caution: ExecutableFile] C:\Program Files\iPod\bin\iPodService[Caution: ExecutableFile] C:\WINDOWS\System32\wuauclt[Caution: ExecutableFile] C:\WINDOWS\System32\wuauclt[Caution: ExecutableFile] C:\Documents and Settings\Stephen Bell\Desktop\HijackThis[Caution: ExecutableFile] C:\Program Files\Mozilla Firefox\firefox[Caution: ExecutableFile] R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsmedia.com/9series/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [siS KHooker] C:\WINDOWS\System32\khooker[Caution: ExecutableFile] O4 - HKLM\..\Run: [updateManager] "c:\Program Files\Common Files\Sonic\Update Manager\sgtray[Caution: ExecutableFile]" /r O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard[Caution: ExecutableFile] O4 - HKLM\..\Run: [DSLSTATEXE] C:\Program Files\D-Link\DSL-200\dslstat[Caution: ExecutableFile] icon O4 - HKLM\..\Run: [DSLAGENTEXE] C:\Program Files\D-Link\DSL-200\dslagent[Caution: ExecutableFile] O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient[Caution: ExecutableFile]" O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched[Caution: ExecutableFile] O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32[Caution: ExecutableFile]" O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32[Caution: ExecutableFile]" O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc[Caution: ExecutableFile] /STARTUP O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc[Caution: ExecutableFile] O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa[Caution: ExecutableFile] O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper[Caution: ExecutableFile] O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask[Caution: ExecutableFile]" -atboottime O4 - HKLM\..\Run: [WinService32] C:\Program Files\Common Files\Microsoft Shared\DAO\System32\svchost[Caution: ExecutableFile] O4 - HKLM\..\Run: [sSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt[Caution: ExecutableFile] O4 - Global Startup: Belkin 802.11g Wireless PCI Card Configuration Utility.lnk = ? O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr[Caution: ExecutableFile] O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc[Caution: ExecutableFile] O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService[Caution: ExecutableFile] O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv[Caution: ExecutableFile] O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC[Caution: ExecutableFile] O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon[Caution: ExecutableFile] Link to comment Share on other sites More sharing options...
grin_king Posted April 6, 2005 Share Posted April 6, 2005 Done. I keep getting a problem with Housecall... So I just used AVG. What kind of problem ??? (Sorry, don't have time to check your HJT log jsut at the moment) One-time #13 smither.All-time #1 noob. Link to comment Share on other sites More sharing options...
Mercifull Posted April 7, 2005 Share Posted April 7, 2005 You are running SP1 so you seriously need to consider upgrading to SP2. Microsoft will stop issueing patches for SP1 shortly and you are already vulnerable to several critical exploits. SP2 has been around for months now. The only thing that looks a bit weird is this. O4 - HKLM\..\Run: [WinService32] C:\Program Files\Common Files\Microsoft Shared\DAO\System32\svchost[Caution: ExecutableFile] Dont do anything with it just yet until some one else can identify this. Thats not supposed to be the location of that exe :-/ Mercifull <3 Suzi "We don't want players to be able to buy their way to success in RuneScape. If we let players start doing this, it devalues RuneScape for others. We feel your status in real-life shouldn't affect your ability to be successful in RuneScape" Jagex 01/04/01 - 02/03/12 Link to comment Share on other sites More sharing options...
devilheart14 Posted April 7, 2005 Share Posted April 7, 2005 i had that not long ago but its seemed to have disapeared or it has been removed Aussie Aussie Aussie, :D Link to comment Share on other sites More sharing options...
Gradia Posted April 7, 2005 Author Share Posted April 7, 2005 Done. I keep getting a problem with Housecall... So I just used AVG. What kind of problem ??? (Sorry, don't have time to check your HJT log jsut at the moment) I tried it first in Firefox, it didn't work. So I tried it in IE, and it was lagging rather bad. It wouldn't let me click "Scan". Link to comment Share on other sites More sharing options...
Gradia Posted April 7, 2005 Author Share Posted April 7, 2005 Okay... I upgraded to SP2 now. Link to comment Share on other sites More sharing options...
Gradia Posted April 8, 2005 Author Share Posted April 8, 2005 Still have the same problem... Link to comment Share on other sites More sharing options...
Mercifull Posted April 8, 2005 Share Posted April 8, 2005 Turn off System Resore temporarily and then do a full virus scan Mercifull <3 Suzi "We don't want players to be able to buy their way to success in RuneScape. If we let players start doing this, it devalues RuneScape for others. We feel your status in real-life shouldn't affect your ability to be successful in RuneScape" Jagex 01/04/01 - 02/03/12 Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now