Search:
Search questions and share your knowledge with the world here on Questionpoint.

:: Categories ::

Interview Question in SQL Server 2008

Interview Question :: Need Help After Windows Virus Infection

My firefox broke so i had to use IE which managed to get me lots of very dangerous viruses in a short space of time... I think ive fixed them but i wanted to be sure before i log into anything that would cost me dearly.

Here's my hijack thish Log any other info u need ask and ill put up asap... Thank You All

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:46:40, on 15/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\Program Files\ASUS\Speeding HDD\SteelVine.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\System32\PnkBstrA.exe
C:\WINDOWS\system32\PSIService.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch....
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\ASUS\Six Engine\SixEngine.exe
C:\Program Files\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe
C:\Program Files\InstallShield Installation Information\{3A94E148-9C8B-4FE9-99DD-930...
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe
C:\DOCUME~1\Ollie\LOCALS~1\Temp\Sound_...
C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe
C:\Program Files\Common Files\Creative Labs Shared\Service\XMBLicensing.exe
C:\Program Files\ASUS\AI Direct Link\AsShare.exe
C:\Program Files\ASUS\Speeding HDD\DriveXpert.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\PROGRA~1\FREEDO~1\fdm.exe
C:\WINDOWS\system32\ctfmon.exe
F:\Downloads\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=6...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=5...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=5...
R1 - HKCU\Software\Microsoft\Windows\CurrentV... Settings,ProxyOverride = *.local
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAge...
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\i... -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.... -start
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [Six Engine] "C:\Program Files\ASUS\Six Engine\SixEngine.exe" -r
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [CTSyncService] "C:\Program Files\InstallShield Installation Information\{3A94E148-9C8B-4FE9-99DD-930... /StartRunKey
O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe"
O4 - HKLM\..\Run: [QFan Help] "C:\Program Files

Answers to "Need Help After Windows Virus Infection"

RE: Need Help After Windows Virus Infection?
Everything looks fine to me. I notice you have AVG antivirus, which occasionally gives false positives - i.e. you may not have any viruses on your computer that AVG hasn't already put in the vault. These will show up as Trojan horses. I had exactly the same problem and panicked. However, where is your Firewall???? I can't see it on here and you should have a Firewall, not just antivirus protection. At least have Windows Firewall activated or download Zone Alarm Free from www.zonealarm.com or Commado Firewall. I have Zone Alarm on my pc and apart from a couple of hiccup's they seem to run along okay together. Get your updates from AVG first and then install your Firewall. All the best.
Vote for this answer ::

RE: Need Help After Windows Virus Infection?
the log seems clean
Vote for this answer ::

RE: Need Help After Windows Virus Infection?
Your log looks clean but you do have a lot of ASUS crap on your PC. Could not see a firewall on there are you using one ?
Vote for this answer ::

Notify me whenever an answer is posted for this question Update Alert Setting

Top Tags

- Sharepoint Developer Interview Questions - Java Interview Questions - J2EE Interview Questions - ASP.NET Interview Questions - MOSS 2007 Interview Questions - WPF Interview Questions - Microsoft CRM Interview Questions - Technical Interview Questions for Programmers

Search questions and share your knowledge with the world here on Questionpoint.

:: Categories ::

Interview Question in SQL Server 2008

Interview Question :: Need Help After Windows Virus Infection

Top Tags