Member Panel

Remember me ?

Forgot password?   

Sponsors and Ads

Noticeboard
PC Forum PC Help Forum » Security & Safety » [Fixed] Hijackthis! Logs » [Resolved] Can't delete the virus help plz!!!

[Fixed] Hijackthis! Logs - [Resolved] Can't delete the virus help plz!!! posted in the Security & Safety forums; Hello My avast detects a trojan which is called "!uptade-4995[1].0000/Win32:Trojan-gen.{UPX!}" then although i delete it,it comes back again every time when i turn my pc on What should i do ...

JOIN US NOW to remove these Ads

Post New Thread  Reply
Page 1 of 2 1 2 >
  #1  
Old 12-26-2006
Bronze Member
  
Join Date: Dec 2006
Posts: 35
Volcano1985 - See this Members User comments on their Profile page
Default [Resolved] Can't delete the virus help plz!!!
Hello

My avast detects a trojan which is called "!uptade-4995[1].0000/Win32:Trojan-gen.{UPX!}" then although i delete it,it comes back again every time when i turn my pc on

What should i do ?
  #2  
Old 12-26-2006
upgrader's Avatar
Site Manager
My PC
 
Join Date: Jul 2006
Location: /home/upgrader/
Posts: 6,457
PC Experience: Some Experience
upgrader - See this Members User comments on their Profile page upgrader - See this Members User comments on their Profile page upgrader - See this Members User comments on their Profile page upgrader - See this Members User comments on their Profile page upgrader - See this Members User comments on their Profile page upgrader - See this Members User comments on their Profile page upgrader - See this Members User comments on their Profile page upgrader - See this Members User comments on their Profile page upgrader - See this Members User comments on their Profile page upgrader - See this Members User comments on their Profile page upgrader - See this Members User comments on their Profile page
Send a message via MSN to upgrader Send a message via Skype™ to upgrader
Default
Welcome to PCHF volcano!

Can you follow the PCHF Prework link in my sig and then post a Hijackthis log back here and a AVG spyware report. Then a member of the security team will help you.

Moved to HJT logs forum.


__________________
PCHF Rules--PCHF Prework--PCHF Downloads
  #3  
Old 12-26-2006
Bronze Member
  
Join Date: Dec 2006
Posts: 35
Volcano1985 - See this Members User comments on their Profile page
Default
I don't know how to use HJK


  #4  
Old 12-26-2006
upgrader's Avatar
Site Manager
My PC
 
Join Date: Jul 2006
Location: /home/upgrader/
Posts: 6,457
PC Experience: Some Experience
upgrader - See this Members User comments on their Profile page upgrader - See this Members User comments on their Profile page upgrader - See this Members User comments on their Profile page upgrader - See this Members User comments on their Profile page upgrader - See this Members User comments on their Profile page upgrader - See this Members User comments on their Profile page upgrader - See this Members User comments on their Profile page upgrader - See this Members User comments on their Profile page upgrader - See this Members User comments on their Profile page upgrader - See this Members User comments on their Profile page upgrader - See this Members User comments on their Profile page
Send a message via MSN to upgrader Send a message via Skype™ to upgrader
Default
It tells you in the PCHF Prework link in my sig.


__________________
PCHF Rules--PCHF Prework--PCHF Downloads
  #5  
Old 12-26-2006
Bronze Member
  
Join Date: Dec 2006
Posts: 35
Volcano1985 - See this Members User comments on their Profile page
Default
I have a notepad file of HJk now

What should i do ?
  #6  
Old 12-26-2006
upgrader's Avatar
Site Manager
My PC
 
Join Date: Jul 2006
Location: /home/upgrader/
Posts: 6,457
PC Experience: Some Experience
upgrader - See this Members User comments on their Profile page upgrader - See this Members User comments on their Profile page upgrader - See this Members User comments on their Profile page upgrader - See this Members User comments on their Profile page upgrader - See this Members User comments on their Profile page upgrader - See this Members User comments on their Profile page upgrader - See this Members User comments on their Profile page upgrader - See this Members User comments on their Profile page upgrader - See this Members User comments on their Profile page upgrader - See this Members User comments on their Profile page upgrader - See this Members User comments on their Profile page
Send a message via MSN to upgrader Send a message via Skype™ to upgrader
Default
go to file>edit> select all then >file> edit>copy> then right click in the reply box on here and click paste


__________________
PCHF Rules--PCHF Prework--PCHF Downloads
  #7  
Old 12-26-2006
Bronze Member
  
Join Date: Dec 2006
Posts: 35
Volcano1985 - See this Members User comments on their Profile page
Default
HERE

Logfile of HijackThis v1.99.1
Scan saved at 22:20:01, on 26.12.2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\emMon.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\M?crosoft.NET\??ool32.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.8472\Go ogleToolbarNotifier.exe
C:\Program Files\NetMeter\NetMeter.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\ntvdm.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Volkan ANLI\Desktop\hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = Download Accelerator Plus - Finish Install Page
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Bağlantılar
R3 - URLSearchHook: (no name) - {90A362C4-FB22-8986-7004-881A05CB58B7} - C:\WINDOWS\System32\zfscd.dll
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {73364D99-1240-4dff-B12A-67E448373148} - C:\WINDOWS\System32\ipv6mons.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: (no name) - {90A362C4-FB22-8986-7004-881A05CB58B7} - C:\WINDOWS\System32\zfscd.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Radyo - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [emMonitor] C:\WINDOWS\emMon.exe
O4 - HKLM\..\Run: [hpcmd] C:\WINDOWS\System32\spool\cmd.exe
O4 - HKLM\..\Run: [KIT3] C:\WINDOWS\System32\spool\hpprintqueue.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Bssc] "C:\DOCUME~1\VOLKAN~1\BELGEL~1\MBOLS~1\iexplore.ex e" -vt yazb
O4 - HKCU\..\Run: [Cdhavxll] C:\WINDOWS\system32\M?crosoft.NET\??ool32.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.8472\Go ogleToolbarNotifier.exe
O4 - HKCU\..\Run: [C:\Program Files\NetMeter\NetMeter.exe] C:\Program Files\NetMeter\NetMeter.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: Microsoft Excel'e Gö&nder - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Araştır - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: MsgPlusLoader.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe

Reply
Satellite TV on your PC - over 3000 Channels! Click Here!
Page 1 of 2 1 2 >

Bookmarks

« [Resolved] my computer got some spyware...plz help me | [Resolved] Sluggish performance, something nasty suspected »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are On

Contact Us - PC Help Forum - Site Map - Privacy Statement - Top
All times are GMT +1. The time now is 01:27 AM.
Powered by vBulletin
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
SEO by vBSEO 3.2.0 RC7
All Graphics & Content Copyright © 2004-2008 - PC Help Forum.com


Back to Top