Member Panel

Remember me ?

Forgot password?   

Sponsors and Ads

Join the Team

Live Tag Cloud
PC Forum PC Help Forum » Security & Safety » [Pending] HJT Logs » Trojan-PSW.Win32.Ldpinch.rew

[Pending] HJT Logs - Trojan-PSW.Win32.Ldpinch.rew posted in the Security & Safety forums; Hi all New to the forum. Have a problem, computer keeps turning itself off or rebooting every time I run a super spyware scan, it even does it in safemode. ...

JOIN US NOW to remove these Ads

Post New Thread  Reply
  #1  
Old 05-04-2008
yuanvill's Avatar
Bronze Member
  
Join Date: May 2008
Posts: 3
PC Experience: Some Experience
yuanvill - See this Members User comments on their Profile page
Cool Trojan-PSW.Win32.Ldpinch.rew
Hi all
New to the forum.
Have a problem, computer keeps turning itself off or rebooting every time I run a super spyware scan, it even does it in safemode.
before installing super spyware I ran an A-Squared scan which found a trojan called PSW.Win32Ldpinch.rew just before it re-booted the computer. Does any know how to get rid of this nuisance programme.
I can pst a HJT log if this will help.
Thanx in advance.
  #2  
Old 05-04-2008
Jelly Bean's Avatar
Moderation Team Leader
My PC
 
Join Date: Feb 2008
Location: Swansea
Posts: 4,528
PC Experience: I Try My Best.
Jelly Bean - See this Members User comments on their Profile page Jelly Bean - See this Members User comments on their Profile page Jelly Bean - See this Members User comments on their Profile page Jelly Bean - See this Members User comments on their Profile page Jelly Bean - See this Members User comments on their Profile page Jelly Bean - See this Members User comments on their Profile page Jelly Bean - See this Members User comments on their Profile page Jelly Bean - See this Members User comments on their Profile page Jelly Bean - See this Members User comments on their Profile page Jelly Bean - See this Members User comments on their Profile page Jelly Bean - See this Members User comments on their Profile page
Send a message via MSN to Jelly Bean Send a message via Yahoo to Jelly Bean Send a message via Skype™ to Jelly Bean
Default Re: Trojan-PSW.Win32.Ldpinch.rew
Hello and welcome to PC Help Forum.

See the "Prework" link below in pink?

Could you do that prework and copy n paste results back here on your thread?

Thankyou.


__________________
It is all in the hardware..........................................
Sources:
Microsoft Home Page /Seagate Home Page /Petri Home Page

PCHF Rules / Home Page / Prework /Windows Vista Home Page / XBOX360 / Test your Internet Speed
  #3  
Old 05-04-2008
yuanvill's Avatar
Bronze Member
  
Join Date: May 2008
Posts: 3
PC Experience: Some Experience
yuanvill - See this Members User comments on their Profile page
Default Re: Trojan-PSW.Win32.Ldpinch.rew
Hi thanks for the reply
Here is the HJT log
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:34:03, on 04/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\COMPAQ\Easy Access Button Support\StartEAK.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Compaq\Easy Access Button Support\CPQEADM.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Compaq\EAKDRV\EAUSBKBD.EXE
C:\PROGRA~1\Compaq\EASYAC~1\BttnServ.exe
C:\Program Files\SAGEM\TalkTalk Broadband\dslmon.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = News, Sport, Music, Movies, Money, Cars, Shopping and more from MSN UK
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = AltaVista
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\COMPAQ\Easy Access Button Support\StartEAK.exe
O4 - HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [EPSON Stylus CX3200] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC 2.EXE /P19 "EPSON Stylus CX3200" /O6 "USB001" /M "Stylus CX3200"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\TalkTalk Broadband\dslmon.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by133fd.bay133.hotmail.msn.co...x/HMAtchmt.ocx
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
--
End of file - 5352 bytes

And here is the super spyware log
SUPERAntiSpyware Scan Log
SUPERAntiSpyware.com - AntiAdware, AntiSpyware, AntiMalware!
Generated 05/04/2008 at 12:11 PM
Application Version : 4.0.1154
Core Rules Database Version : 3452
Trace Rules Database Version: 1444
Scan type : Complete Scan
Total Scan Time : 00:46:12
Memory items scanned : 192
Memory threats detected : 0
Registry items scanned : 4985
Registry threats detected : 0
File items scanned : 14792
File threats detected : 0

The CCleaner cleared all files.
Whatever is in there switches the comp back on when you close it down.
  #4  
Old 05-04-2008
ih8bills's Avatar
Tech Team Leader
My PC
 
Join Date: Feb 2006
Location: coastal Rhode Island
Posts: 4,240
PC Experience: More Stubborn than any PC
ih8bills - See this Members User comments on their Profile page ih8bills - See this Members User comments on their Profile page ih8bills - See this Members User comments on their Profile page ih8bills - See this Members User comments on their Profile page ih8bills - See this Members User comments on their Profile page ih8bills - See this Members User comments on their Profile page ih8bills - See this Members User comments on their Profile page ih8bills - See this Members User comments on their Profile page ih8bills - See this Members User comments on their Profile page ih8bills - See this Members User comments on their Profile page ih8bills - See this Members User comments on their Profile page
Default Re: Trojan-PSW.Win32.Ldpinch.rew
Hi...

Forum Rules require that HJT logs must be analyzed by experienced Security Team Analysts. This is for your protection... and to give you our best service.

Our Security Team is always very busy-- and as we live all over the Earth...
Time-Zones are also an important factor.

Your patience is greatly appreciated.

Thank You



__________________


Without music, life would be a mistake
Friedrich Nietzsche
  #5  
Old 05-04-2008
yuanvill's Avatar
Bronze Member
  
Join Date: May 2008
Posts: 3
PC Experience: Some Experience
yuanvill - See this Members User comments on their Profile page
Default Re: Trojan-PSW.Win32.Ldpinch.rew
Hi
Thanx, i'll gladly wait if I get shut of this Trojan

Reply
New! Norton Internet Security 2008 – Download Now Click Here

Bookmarks

« Help With Internet Explorer! | HJT Log »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are On

Similar Threads
Thread Thread Starter Forum Replies Last Post
Koran-Spouting Trojan Is First Example of 'Moralityware' joe5 Security Watch 1 11-24-2007 09:40 PM
trojan harrylime Spyware / AdWare 3 06-02-2007 10:19 AM
Cryzip Trojan Encrypts Files, Demands Ransom joe5 Security Watch 0 03-16-2006 10:49 PM
Trojan Horse program that targets Google Adsense ads has been detected joe5 Security Watch 0 01-03-2006 08:08 AM
Virus writers create Nintendo DS Trojan. joe5 Security Watch 0 10-17-2005 04:45 AM

Contact Us - PC Help Forum - Site Map - Privacy Statement - Top

All times are GMT +1. The time now is 03:24 AM.
Powered by vBulletin
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
SEO by vBSEO 3.2.0 RC7
All Graphics & Content Copyright © 2004-2008 - PC Help Forum.com


Back to Top