Member Panel

Remember me ?

Forgot password?   

Sponsors and Ads

Noticeboard
PC Forum PC Help Forum » Security & Safety » [Fixed] Hijackthis! Logs » Doing prework,, lots of trojans and viruses found

[Fixed] Hijackthis! Logs - Doing prework,, lots of trojans and viruses found posted in the Security & Safety forums; Hi to the Great Helpers here! Working on a Dell Dimension 2100 w/ ME. My avast found several trojans and viruses about a week ago. I thought I cleaned and ...

JOIN US NOW to remove these Ads

Post New Thread  Reply
Page 1 of 2 1 2 >
  #1  
Old 12-13-2007
Bronze Member
  
Join Date: Aug 2006
Posts: 16
angpace - See this Members User comments on their Profile page
Default
Hi to the Great Helpers here!

Working on a Dell Dimension 2100 w/ ME. My avast found several trojans and viruses about a week ago. I thought I cleaned and got rid of them. But now several things will not work for my husband when he goes on there. Went to a place given by a friend, it did a scan, found all the same trojans and viruses I THOUGHT avast had cleaned off.

I have printed out everything in the prework topic,, going to do that, then will post my results here.

Thanks! Great community here!

First update----the SuperAntispyware scan found things,, and fixed "quarantined and deleted",, but did not make a log. The save logs was check marked.


Last edited by Cowburn199; 12-13-2007 at 10:52 PM.
  #2  
Old 12-14-2007
Bronze Member
  
Join Date: Aug 2006
Posts: 16
angpace - See this Members User comments on their Profile page
Default Re: Doing prework,, lots of trojans and viruses found
OK,, Couldnt figure out how to edit my own 1st post.
some of the problems experienced on my ME computer, is..Webpages show loaded and done, but blank. Links and Buttons on webpages wont work. Font size on Webpages looks like safemode size HUGE. Chatrooms wont work, cant see room or anything typed in them. Same with pm's. Can see person typing, cant see what it says. My type will show until I submit, but then cant see anything. While trying to attach my logs to my message on the ME computer, wouldnt click on the attachmnt clip, and cursor kept blinking, disappearing. Doing this from my other computer.
Attached Files
File Type: log SUPERAntiSpyware Scan Log - 12-13-2007 - 13-53-56.log (1.7 KB, 1 views)
File Type: txt CCCleanerlog.txt (196 Bytes, 1 views)
File Type: log hijackthis.log (9.5 KB, 5 views)


  #3  
Old 12-14-2007
Senior Security Analyst
  
Join Date: Dec 2006
Location: In a van, down by the river
Posts: 545
PC Experience: Experienced
dahli - See this Members User comments on their Profile page dahli - See this Members User comments on their Profile page dahli - See this Members User comments on their Profile page
Default Re: Doing prework,, lots of trojans and viruses found
Hello angpace,

Run HijackThis and check the following:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
O1 - Hosts: 205.238.40.51 www.winmx.com err.winmx.com
O1 - Hosts: 205.238.40.2 test3201.winmx.com test3205.winmx.com
O1 - Hosts: 205.238.40.2 test3202.winmx.com test3206.winmx.com
O1 - Hosts: 205.238.40.1 test3203.winmx.com test3207.winmx.com
O1 - Hosts: 82.43.224.20 test3204.winmx.com test3208.winmx.com
O1 - Hosts: 205.238.40.2 c3310.z1301.winmx.com c3310.z1302.winmx.com c3310.z1303.winmx.com c3310.z1304.winmx.com c3310.z1305.winmx.com c3310.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3313.z1301.winmx.com c3313.z1302.winmx.com c3313.z1303.winmx.com c3313.z1304.winmx.com c3313.z1305.winmx.com c3313.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3316.z1301.winmx.com c3316.z1302.winmx.com c3316.z1303.winmx.com c3316.z1304.winmx.com c3316.z1305.winmx.com c3316.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3311.z1301.winmx.com c3311.z1302.winmx.com c3311.z1303.winmx.com c3311.z1304.winmx.com c3311.z1305.winmx.com c3311.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3314.z1301.winmx.com c3314.z1302.winmx.com c3314.z1303.winmx.com c3314.z1304.winmx.com c3314.z1305.winmx.com c3314.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3317.z1301.winmx.com c3317.z1302.winmx.com c3317.z1303.winmx.com c3317.z1304.winmx.com c3317.z1305.winmx.com c3317.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3312.z1301.winmx.com c3312.z1302.winmx.com c3312.z1303.winmx.com c3312.z1304.winmx.com c3312.z1305.winmx.com c3312.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3315.z1301.winmx.com c3315.z1302.winmx.com c3315.z1303.winmx.com c3315.z1304.winmx.com c3315.z1305.winmx.com c3315.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3318.z1301.winmx.com c3318.z1302.winmx.com c3318.z1303.winmx.com c3318.z1304.winmx.com c3318.z1305.winmx.com c3318.z1306.winmx.com
O1 - Hosts: 82.43.224.20 c3319.z1301.winmx.com c3319.z1302.winmx.com c3319.z1303.winmx.com c3319.z1304.winmx.com c3319.z1305.winmx.com c3319.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3520.z1301.winmx.com c3520.z1302.winmx.com c3520.z1303.winmx.com c3520.z1304.winmx.com c3520.z1305.winmx.com c3520.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3523.z1301.winmx.com c3523.z1302.winmx.com c3523.z1303.winmx.com c3523.z1304.winmx.com c3523.z1305.winmx.com c3523.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3526.z1301.winmx.com c3526.z1302.winmx.com c3526.z1303.winmx.com c3526.z1304.winmx.com c3526.z1305.winmx.com c3526.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3521.z1301.winmx.com c3521.z1302.winmx.com c3521.z1303.winmx.com c3521.z1304.winmx.com c3521.z1305.winmx.com c3521.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3524.z1301.winmx.com c3524.z1302.winmx.com c3524.z1303.winmx.com c3524.z1304.winmx.com c3524.z1305.winmx.com c3524.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3527.z1301.winmx.com c3527.z1302.winmx.com c3527.z1303.winmx.com c3527.z1304.winmx.com c3527.z1305.winmx.com c3527.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3522.z1301.winmx.com c3522.z1302.winmx.com c3522.z1303.winmx.com c3522.z1304.winmx.com c3522.z1305.winmx.com c3522.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3525.z1301.winmx.com c3525.z1302.winmx.com c3525.z1303.winmx.com c3525.z1304.winmx.com c3525.z1305.winmx.com c3525.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3528.z1301.winmx.com c3528.z1302.winmx.com c3528.z1303.winmx.com c3528.z1304.winmx.com c3528.z1305.winmx.com c3528.z1306.winmx.com
O1 - Hosts: 82.43.224.20 c3529.z1301.winmx.com c3529.z1302.winmx.com c3529.z1303.winmx.com c3529.z1304.winmx.com c3529.z1305.winmx.com c3529.z1306.winmx.com
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbar...p=ZCxdm565YYUS
O15 - Trusted Zone: *.workathomeagent.com
O15 - Trusted Zone: *.west.com
O16 - DPF: {E7D2588A-7FB5-47DC-8830-832605661009} (Live Collaboration) - http://livenj01.rightnowtech.com/750.../java/RntX.cab
O16 - DPF: {70522FA2-4656-11D5-B0E9-0050DAC24E8F} - http://cc.iwon.com/ct/pm3/iwonpm_12_1,0,2,5.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} (FunGamesLoader Object) - http://gsn.worldwinner.com/games/v47...amesLoader.cab
O16 - DPF: {A91FB93D-7561-4524-8484-5C27C8FA8D42} (WwLuxor Control) - http://www.worldwinner.com/games/v49/luxor/luxor.cab

Click FIX CHECKED

Attach a new HijackThis log.

Thanks.


__________________
Steve
  #4  
Old 12-15-2007
Bronze Member
  
Join Date: Aug 2006
Posts: 16
angpace - See this Members User comments on their Profile page
Default Re: Doing prework,, lots of trojans and viruses found
Hi Dahli!

Thanks for your reply. Attaching the second hijack this log. I will say, still cant do it from that computer.

Thanks
Ang
Attached Files
File Type: log hijackthis1214.log (5.3 KB, 4 views)


  #5  
Old 12-15-2007
Bronze Member
  
Join Date: Aug 2006
Posts: 16
angpace - See this Members User comments on their Profile page
Default Re: Doing prework,, lots of trojans and viruses found
Another thing I would like to add/ask...

Have you ever heard of NoAdaware.net? this is what I ran and it still showed the same trojans, worms and viruses that I thought my Avast had removed. Would you like me to post those results here?
Thanks!


Last edited by angpace; 12-15-2007 at 09:02 PM.
  #6  
Old 12-17-2007
Senior Security Analyst
  
Join Date: Dec 2006
Location: In a van, down by the river
Posts: 545
PC Experience: Experienced
dahli - See this Members User comments on their Profile page dahli - See this Members User comments on their Profile page dahli - See this Members User comments on their Profile page
Default Re: Doing prework,, lots of trojans and viruses found
I do not know much about the site but I am testing it tonight. Please post the results it did find. Thanks.


__________________
Steve
  #7  
Old 12-17-2007
Bronze Member
  
Join Date: Aug 2006
Posts: 16
angpace - See this Members User comments on their Profile page
Default Re: Doing prework,, lots of trojans and viruses found
i did find noadaware in the rogue sites listing by hengis,,but it had been updated , that they had fixed things so maybe ok now,, anyway attaching what it showed,, had to type it into notepad, wouldnt c n p.


thanks for your help

Reply
Satellite TV on your PC - over 3000 Channels! Click Here!
Page 1 of 2 1 2 >

Bookmarks

« Redirect problem, SafeNavWeb.com | hijack this log, are my probs here??? »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are On

Contact Us - PC Help Forum - Site Map - Privacy Statement - Top
All times are GMT +1. The time now is 08:41 AM.
Powered by vBulletin
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
SEO by vBSEO 3.2.0 RC7
All Graphics & Content Copyright © 2004-2008 - PC Help Forum.com


Back to Top