 |  |  |  |  |  |  |  |
Trojan Horse,Download.Trojan not repaired by Norton;network doesn't function
 |
Hi, i am new in this site, i think it's very cool!
this is my problem:
Norton found Trojan.Byte.Verify...it said "Deleted", and
Trojan Horse,Download.Trojan - " Not Repaired" - "Access Denied",
is it true? or there might be others...
i found a strange file, msxmidi.exe, that i deleted immediately, and
i ran Spyboot, that found nothing.
But my network does not function anymore.
I have now installed Zone Alarm, i find it's a bit difficult to use.
Can you help me?
Thanks you very much for your help.
This is my Hijack log:
Logfile of HijackThis v1.98.2
Scan saved at 1.42.28, on 14/08/2004
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
D:\WINNT\System32\smss.exe
D:\WINNT\system32\winlogon.exe
D:\WINNT\system32\services.exe
D:\WINNT\system32\lsass.exe
D:\WINNT\system32\svchost.exe
D:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
D:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
D:\WINNT\system32\spoolsv.exe
D:\WINNT\System32\Ati2evxx.exe
D:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
D:\WINNT\System32\svchost.exe
D:\Programmi\Norton AntiVirus\navapsvc.exe
D:\WINNT\system32\regsvc.exe
D:\Programmi\Norton AntiVirus\SAVScan.exe
D:\WINNT\system32\MSTask.exe
D:\WINNT\system32\slserv.exe
D:\WINNT\system32\stisvc.exe
D:\WINNT\System32\Tablet.exe
D:\WINNT\system32\ZoneLabs\vsmon.exe
D:\WINNT\System32\WBEM\WinMgmt.exe
D:\WINNT\System32\mspmspsv.exe
D:\WINNT\system32\svchost.exe
D:\WINNT\Explorer.EXE
D:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
D:\WINNT\SOUNDMAN.EXE
D:\Programmi\Winamp\Winampa.exe
D:\Programmi\Gigabyte\Gigabyte Windows Utility Manager\ET4\et4Tray.exe
D:\Programmi\File comuni\Symantec Shared\ccApp.exe
D:\Programmi\FaxTalk Communicator\FTCtrl32.exe
D:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe
D:\WINNT\system32\internat.exe
D:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe
D:\Programmi\FinePixViewer\QuickDCF.exe
D:\WINNT\system32\Wtablet\TabUserW.exe
D:\Programmi\OpenOffice.org1.1.0\program\soffice.exe
D:\Programmi\FaxTalk Communicator\FAPIEXE.EXE
D:\WINNT\system32\wuauclt.exe
D:\PROGRA~1\WIDCOMM\SOFTWA~1\BTSTAC~1.EXE
D:\Programmi\Internet Explorer\iexplore.exe
D:\Documents and Settings\Administrator\Documenti\Sicurezza\HijackThis!\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programmi\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {5321E378-FFAD-4999-8C62-03CA8155F0B3} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - D:\Programmi\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: @msdxmLC.dll,-1@1040,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINNT\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - D:\Programmi\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [ATIPTA] D:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [WinampAgent] "D:\Programmi\Winamp\Winampa.exe"
O4 - HKLM\..\Run: [EasyTuneIV] D:\Programmi\Gigabyte\Gigabyte Windows Utility Manager\ET4\et4Tray.exe
O4 - HKLM\..\Run: [ccApp] "D:\Programmi\File comuni\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [NAV CfgWiz] D:\Programmi\File comuni\Symantec Shared\CfgWiz.exe /GUID NAV /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CallControl 4.5] D:\Programmi\FaxTalk Communicator\FTCtrl32.exe /autoload
O4 - HKLM\..\Run: [Zone Labs Client] "D:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - Startup: Adobe Gamma Loader.exe.lnk = D:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: OpenOffice.org 1.1.0.lnk = D:\Programmi\OpenOffice.org1.1.0\program\quickstart.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = D:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BTTray.lnk = D:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe
O4 - Global Startup: Exif Launcher.lnk = D:\Programmi\FinePixViewer\QuickDCF.exe
O4 - Global Startup: TabUserW.exe.lnk = D:\WINNT\system32\Wtablet\TabUserW.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINNT\web\related.htm
O12 - Plugin for .spop: D:\Programmi\Internet Explorer\Plugins\NPDocBox.dll
this is my problem:
Norton found Trojan.Byte.Verify...it said "Deleted", and
Trojan Horse,Download.Trojan - " Not Repaired" - "Access Denied",
is it true? or there might be others...
i found a strange file, msxmidi.exe, that i deleted immediately, and
i ran Spyboot, that found nothing.
But my network does not function anymore.
I have now installed Zone Alarm, i find it's a bit difficult to use.
Can you help me?
Thanks you very much for your help.
This is my Hijack log:
Logfile of HijackThis v1.98.2
Scan saved at 1.42.28, on 14/08/2004
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
D:\WINNT\System32\smss.exe
D:\WINNT\system32\winlogon.exe
D:\WINNT\system32\services.exe
D:\WINNT\system32\lsass.exe
D:\WINNT\system32\svchost.exe
D:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
D:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
D:\WINNT\system32\spoolsv.exe
D:\WINNT\System32\Ati2evxx.exe
D:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
D:\WINNT\System32\svchost.exe
D:\Programmi\Norton AntiVirus\navapsvc.exe
D:\WINNT\system32\regsvc.exe
D:\Programmi\Norton AntiVirus\SAVScan.exe
D:\WINNT\system32\MSTask.exe
D:\WINNT\system32\slserv.exe
D:\WINNT\system32\stisvc.exe
D:\WINNT\System32\Tablet.exe
D:\WINNT\system32\ZoneLabs\vsmon.exe
D:\WINNT\System32\WBEM\WinMgmt.exe
D:\WINNT\System32\mspmspsv.exe
D:\WINNT\system32\svchost.exe
D:\WINNT\Explorer.EXE
D:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
D:\WINNT\SOUNDMAN.EXE
D:\Programmi\Winamp\Winampa.exe
D:\Programmi\Gigabyte\Gigabyte Windows Utility Manager\ET4\et4Tray.exe
D:\Programmi\File comuni\Symantec Shared\ccApp.exe
D:\Programmi\FaxTalk Communicator\FTCtrl32.exe
D:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe
D:\WINNT\system32\internat.exe
D:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe
D:\Programmi\FinePixViewer\QuickDCF.exe
D:\WINNT\system32\Wtablet\TabUserW.exe
D:\Programmi\OpenOffice.org1.1.0\program\soffice.exe
D:\Programmi\FaxTalk Communicator\FAPIEXE.EXE
D:\WINNT\system32\wuauclt.exe
D:\PROGRA~1\WIDCOMM\SOFTWA~1\BTSTAC~1.EXE
D:\Programmi\Internet Explorer\iexplore.exe
D:\Documents and Settings\Administrator\Documenti\Sicurezza\HijackThis!\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programmi\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {5321E378-FFAD-4999-8C62-03CA8155F0B3} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - D:\Programmi\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: @msdxmLC.dll,-1@1040,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINNT\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - D:\Programmi\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [ATIPTA] D:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [WinampAgent] "D:\Programmi\Winamp\Winampa.exe"
O4 - HKLM\..\Run: [EasyTuneIV] D:\Programmi\Gigabyte\Gigabyte Windows Utility Manager\ET4\et4Tray.exe
O4 - HKLM\..\Run: [ccApp] "D:\Programmi\File comuni\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [NAV CfgWiz] D:\Programmi\File comuni\Symantec Shared\CfgWiz.exe /GUID NAV /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CallControl 4.5] D:\Programmi\FaxTalk Communicator\FTCtrl32.exe /autoload
O4 - HKLM\..\Run: [Zone Labs Client] "D:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - Startup: Adobe Gamma Loader.exe.lnk = D:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: OpenOffice.org 1.1.0.lnk = D:\Programmi\OpenOffice.org1.1.0\program\quickstart.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = D:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BTTray.lnk = D:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe
O4 - Global Startup: Exif Launcher.lnk = D:\Programmi\FinePixViewer\QuickDCF.exe
O4 - Global Startup: TabUserW.exe.lnk = D:\WINNT\system32\Wtablet\TabUserW.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINNT\web\related.htm
O12 - Plugin for .spop: D:\Programmi\Internet Explorer\Plugins\NPDocBox.dll
•
•
Join Date: Feb 2004
Posts: 9,924
Reputation: 
Solved Threads: 709
Re: Trojan Horse,Download.Trojan not repaired by Norton;network doesn't function
0
#2 Aug 15th, 2004
Download CWShredder from here & run it. Select the fix button & it will fix everything related to CoolWebSearch that is stored in it's database. Close ALL windows, including Iinternet Explorer, before running CWShredder. Reboot.
To help prevent this from happening again, install the patches for the vulnerabilities that this hijacker exploits by going here for your critical updates.
Reboot after doing this & post another log please.
To help prevent this from happening again, install the patches for the vulnerabilities that this hijacker exploits by going here for your critical updates.
Reboot after doing this & post another log please.
Proud member of ASAP (Alliance of Security analysis Professionals).
Opera AVAST anti-virus Comodo Firewall Spywareblaster
Opera AVAST anti-virus Comodo Firewall Spywareblaster
Re: Trojan Horse,Download.Trojan not repaired by Norton;network doesn't function
0
#3 Aug 16th, 2004
Thank you for your help, you are very fine.
I ran CWShredder, which found & removed CWS.Yexe.
then, i downloaded all critical updates.
This is the new log:
Logfile of HijackThis v1.98.2
Scan saved at 13.19.07, on 16/08/2004
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
D:\WINNT\System32\smss.exe
D:\WINNT\system32\winlogon.exe
D:\WINNT\system32\services.exe
D:\WINNT\system32\lsass.exe
D:\WINNT\system32\svchost.exe
D:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
D:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
D:\WINNT\system32\spoolsv.exe
D:\WINNT\System32\Ati2evxx.exe
D:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
D:\WINNT\System32\svchost.exe
D:\Programmi\Norton AntiVirus\navapsvc.exe
D:\WINNT\system32\regsvc.exe
D:\Programmi\Norton AntiVirus\SAVScan.exe
D:\WINNT\system32\MSTask.exe
D:\WINNT\system32\slserv.exe
D:\WINNT\system32\stisvc.exe
D:\WINNT\System32\Tablet.exe
D:\WINNT\system32\ZoneLabs\vsmon.exe
D:\WINNT\System32\WBEM\WinMgmt.exe
D:\WINNT\System32\mspmspsv.exe
D:\WINNT\system32\svchost.exe
D:\WINNT\Explorer.EXE
D:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
D:\WINNT\SOUNDMAN.EXE
D:\Programmi\Winamp\Winampa.exe
D:\Programmi\Gigabyte\Gigabyte Windows Utility Manager\ET4\et4Tray.exe
D:\Programmi\File comuni\Symantec Shared\ccApp.exe
D:\Programmi\FaxTalk Communicator\FTCtrl32.exe
D:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe
D:\WINNT\system32\internat.exe
D:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe
D:\Programmi\FinePixViewer\QuickDCF.exe
D:\Programmi\GetRight\getright.exe
D:\Programmi\GetRight\getright.exe
D:\WINNT\system32\Wtablet\TabUserW.exe
D:\Programmi\OpenOffice.org1.1.0\program\soffice.exe
D:\Programmi\FaxTalk Communicator\FAPIEXE.EXE
D:\Documents and Settings\Administrator\Documenti\Sicurezza\HijackThis!\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programmi\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - D:\Programmi\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: @msdxmLC.dll,-1@1040,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINNT\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - D:\Programmi\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [ATIPTA] D:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [WinampAgent] "D:\Programmi\Winamp\Winampa.exe"
O4 - HKLM\..\Run: [EasyTuneIV] D:\Programmi\Gigabyte\Gigabyte Windows Utility Manager\ET4\et4Tray.exe
O4 - HKLM\..\Run: [ccApp] "D:\Programmi\File comuni\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [NAV CfgWiz] D:\Programmi\File comuni\Symantec Shared\CfgWiz.exe /GUID NAV /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CallControl 4.5] D:\Programmi\FaxTalk Communicator\FTCtrl32.exe /autoload
O4 - HKLM\..\Run: [Zone Labs Client] "D:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - Startup: Adobe Gamma Loader.exe.lnk = D:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: OpenOffice.org 1.1.0.lnk = D:\Programmi\OpenOffice.org1.1.0\program\quickstart.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = D:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BTTray.lnk = D:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe
O4 - Global Startup: Exif Launcher.lnk = D:\Programmi\FinePixViewer\QuickDCF.exe
O4 - Global Startup: GetRight - Tray Icon.lnk = D:\Programmi\GetRight\getright.exe
O4 - Global Startup: TabUserW.exe.lnk = D:\WINNT\system32\Wtablet\TabUserW.exe
O8 - Extra context menu item: Download with GetRight - D:\Programmi\GetRight\GRdownload.htm
O8 - Extra context menu item: Open with GetRight Browser - D:\Programmi\GetRight\GRbrowse.htm
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINNT\web\related.htm
O12 - Plugin for .spop: D:\Programmi\Internet Explorer\Plugins\NPDocBox.dll
I ran CWShredder, which found & removed CWS.Yexe.
then, i downloaded all critical updates.
This is the new log:
Logfile of HijackThis v1.98.2
Scan saved at 13.19.07, on 16/08/2004
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
D:\WINNT\System32\smss.exe
D:\WINNT\system32\winlogon.exe
D:\WINNT\system32\services.exe
D:\WINNT\system32\lsass.exe
D:\WINNT\system32\svchost.exe
D:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
D:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
D:\WINNT\system32\spoolsv.exe
D:\WINNT\System32\Ati2evxx.exe
D:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
D:\WINNT\System32\svchost.exe
D:\Programmi\Norton AntiVirus\navapsvc.exe
D:\WINNT\system32\regsvc.exe
D:\Programmi\Norton AntiVirus\SAVScan.exe
D:\WINNT\system32\MSTask.exe
D:\WINNT\system32\slserv.exe
D:\WINNT\system32\stisvc.exe
D:\WINNT\System32\Tablet.exe
D:\WINNT\system32\ZoneLabs\vsmon.exe
D:\WINNT\System32\WBEM\WinMgmt.exe
D:\WINNT\System32\mspmspsv.exe
D:\WINNT\system32\svchost.exe
D:\WINNT\Explorer.EXE
D:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
D:\WINNT\SOUNDMAN.EXE
D:\Programmi\Winamp\Winampa.exe
D:\Programmi\Gigabyte\Gigabyte Windows Utility Manager\ET4\et4Tray.exe
D:\Programmi\File comuni\Symantec Shared\ccApp.exe
D:\Programmi\FaxTalk Communicator\FTCtrl32.exe
D:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe
D:\WINNT\system32\internat.exe
D:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe
D:\Programmi\FinePixViewer\QuickDCF.exe
D:\Programmi\GetRight\getright.exe
D:\Programmi\GetRight\getright.exe
D:\WINNT\system32\Wtablet\TabUserW.exe
D:\Programmi\OpenOffice.org1.1.0\program\soffice.exe
D:\Programmi\FaxTalk Communicator\FAPIEXE.EXE
D:\Documents and Settings\Administrator\Documenti\Sicurezza\HijackThis!\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programmi\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - D:\Programmi\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: @msdxmLC.dll,-1@1040,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINNT\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - D:\Programmi\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [ATIPTA] D:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [WinampAgent] "D:\Programmi\Winamp\Winampa.exe"
O4 - HKLM\..\Run: [EasyTuneIV] D:\Programmi\Gigabyte\Gigabyte Windows Utility Manager\ET4\et4Tray.exe
O4 - HKLM\..\Run: [ccApp] "D:\Programmi\File comuni\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [NAV CfgWiz] D:\Programmi\File comuni\Symantec Shared\CfgWiz.exe /GUID NAV /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CallControl 4.5] D:\Programmi\FaxTalk Communicator\FTCtrl32.exe /autoload
O4 - HKLM\..\Run: [Zone Labs Client] "D:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - Startup: Adobe Gamma Loader.exe.lnk = D:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: OpenOffice.org 1.1.0.lnk = D:\Programmi\OpenOffice.org1.1.0\program\quickstart.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = D:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BTTray.lnk = D:\Programmi\WIDCOMM\Software Bluetooth\BTTray.exe
O4 - Global Startup: Exif Launcher.lnk = D:\Programmi\FinePixViewer\QuickDCF.exe
O4 - Global Startup: GetRight - Tray Icon.lnk = D:\Programmi\GetRight\getright.exe
O4 - Global Startup: TabUserW.exe.lnk = D:\WINNT\system32\Wtablet\TabUserW.exe
O8 - Extra context menu item: Download with GetRight - D:\Programmi\GetRight\GRdownload.htm
O8 - Extra context menu item: Open with GetRight Browser - D:\Programmi\GetRight\GRbrowse.htm
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINNT\web\related.htm
O12 - Plugin for .spop: D:\Programmi\Internet Explorer\Plugins\NPDocBox.dll
•
•
Join Date: Feb 2004
Posts: 9,924
Reputation:
Solved Threads: 709
Re: Trojan Horse,Download.Trojan not repaired by Norton;network doesn't function
0
#4 Aug 16th, 2004
I see no other problems in your log. Are you still getting the message from Norton?
You also should get service pack 1 for Internet Explorer.
You also should get service pack 1 for Internet Explorer.
Proud member of ASAP (Alliance of Security analysis Professionals).
Opera AVAST anti-virus Comodo Firewall Spywareblaster
Opera AVAST anti-virus Comodo Firewall Spywareblaster
Re: Trojan Horse,Download.Trojan not repaired by Norton;network doesn't function
0
#5 Aug 17th, 2004
No, Norton has displayed that message only one time.
I hope it is enoughly powerful to stop those and other Trojans effectively...
I will install SP1 for Internet Explorer, but i also want to try other browsers like Mozilla or Opera.
I hope they have not allthis security problems!
Internet seems to me to be like a jungle..
Thank you very much
I hope it is enoughly powerful to stop those and other Trojans effectively...
I will install SP1 for Internet Explorer, but i also want to try other browsers like Mozilla or Opera.
I hope they have not allthis security problems!
Internet seems to me to be like a jungle..
Thank you very much
•
•
Join Date: Feb 2004
Posts: 9,924
Reputation:
Solved Threads: 709
Re: Trojan Horse,Download.Trojan not repaired by Norton;network doesn't function
0
#6 Aug 17th, 2004
It's a rough jungle if you are not prepared 
. I have used Opera for almost a year now. No virus', no hijacks, no trojans, no running adaware & spybot once a week, no on-line virus scans. Got to be happy with that .
Now, if I could just sort out my hardware.
. I have used Opera for almost a year now. No virus', no hijacks, no trojans, no running adaware & spybot once a week, no on-line virus scans. Got to be happy with that .Now, if I could just sort out my hardware
. Proud member of ASAP (Alliance of Security analysis Professionals).
Opera AVAST anti-virus Comodo Firewall Spywareblaster
Opera AVAST anti-virus Comodo Firewall Spywareblaster
|
Similar Threads
- Help I have a download.trojan (Viruses, Spyware and other Nasties)
- help with download.trojan (Viruses, Spyware and other Nasties)
- ABI Network Trojan Horse (Viruses, Spyware and other Nasties)
Other Threads in the Viruses, Spyware and other Nasties Forum
- Previous Thread: Unable to open some desktop icons, HJT Log.
- Next Thread: Hijack this log, please advise
| Thread Tools | Search this Thread |
You need to join our community in order to build your list of favorite forums. You can visit the forum index for a listing of all forums.
Related Forum Features
Latest Viruses, Spyware and other Nasties Posts
adware anti-malware anti-virussitesaccessissue antivirus apple audio avg backtoschoolspeech bar blackhat botnet botnets censorship china commercial commercials conficker connect control crosssitescripting cyber cybercrime cyberwarfare domains e-mafia education email europe exam facebook fancheckvirus gaming gtaiv halloween hijack hosting internet iphone kaspersky legal logfiles mail malware mcafee messagelabs microsoft mobile msn nazi news obama onlinethreats paedophile panel parents patch phishing police policeprovirusmba-mblockedinternetaccess president privacy pro problem reliability report research risk rogueantivirus samhain sans scareware school search security seopoisoning sites software spam spyware spywareexternalwindows7adminstratortrojans sqlinjection symantec teen translate trojan unabletoaccessanti-virussites unwanted update usa virus viruses war warning windows worm yahoo zeroday