943,191 Members | Top Members by Rank

Hardware and Software > Microsoft Windows > Viruses, Spyware and other Nasties > Another Newbie very desperate for help with Virus Alerts
Ad:
Permalink
Nov 26th, 2007
0

Another Newbie very desperate for help with Virus Alerts

Expand Post »
Hello there. I have been reading posts in this forum and seen how helpful people have been in fixing issues regarding fake virus alerts.

I have had this problem for a week now and have not been able to get rid of them.
I have ran smitfraudfix and ewido but both have not got rid of these annoying alerts.

The text in the windows are as follows

Critical System Warning!
Detected spyware.cyberlog-X.

Security Alert :Networm-i.virus@fp

Malware Threats


My spec is
Windows XP
Pentium 4, Dual core 3.45ghz
1gb or ram
224gb hdd

I have just run hijackthis and here is the log created from it:

PLEASE HELP ME GET RID OF THESE ALERTS I WILL BE MOST GRATEFUL TO ANYONE WHO CAN HELP ME!!


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:37:08, on 26/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\service.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Kontiki\KHost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MySpace\IM\MySpaceIM.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Kontiki\KService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Java\jre1.6.0_02\bin\jucheck.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Hijack this\HijackThis.exe

O3 - Toolbar: Security Toolbar - {11A69AE4-FBED-4832-A2BF-45AF82825583} - C:\WINDOWS\system32\lpcnsfcm.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SW20] C:\WINDOWS\system32\sw20.exe
O4 - HKLM\..\Run: [SW24] C:\WINDOWS\system32\sw24.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [MDNS] C:\WINDOWS\system32\service.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [4oD] "C:\Program Files\Kontiki\KHost.exe" -all
O4 - HKLM\..\Run: [e875ef54] rundll32.exe "C:\WINDOWS\system32\xalejkoc.dll",b
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [kdx] C:\Program Files\Kontiki\KHost.exe -all
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: BlueSoleil.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - AppInit_DLLs: C:\WINDOWS\system32\__c0015FB.dat
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: DomainService - Unknown owner - C:\WINDOWS\system32\vacxmeqq.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: KService - Kontiki Inc. - C:\Program Files\Kontiki\KService.exe
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 4678 bytes


PLEASE HELP ME
THANK YOU

MARTIN.
Last edited by GlimJim25; Nov 26th, 2007 at 10:51 am.
Similar Threads
Reputation Points: 10
Solved Threads: 0
Newbie Poster
GlimJim25 is offline Offline
3 posts
since Nov 2007
Permalink
Nov 26th, 2007
0

Re: Another Newbie very desperate for help with Virus Alerts

Tried ComboFix?

Dont move the mouse while it runs!
Moderator
Featured Poster
Reputation Points: 1764
Solved Threads: 574
Moderator
jbennet is offline Offline
16,481 posts
since Apr 2005
Permalink
Nov 26th, 2007
0

Re: Another Newbie very desperate for help with Virus Alerts

thanks, i ran combofix but still have the damned alert messages cropping up all over the place..

also ran trojan remover, i thought after using it that they had gone for good.. but it only lasted a few miutes.. they're back..

what do i do!!??
Reputation Points: 10
Solved Threads: 0
Newbie Poster
GlimJim25 is offline Offline
3 posts
since Nov 2007
Permalink
Nov 26th, 2007
0

Re: Another Newbie very desperate for help with Virus Alerts

You know the tool Hijackthis?

Download it
Change its name to somethung else -IMPORTANT!

scan and choose to save a log
post the log here
Moderator
Featured Poster
Reputation Points: 1764
Solved Threads: 574
Moderator
jbennet is offline Offline
16,481 posts
since Apr 2005
Permalink
Nov 26th, 2007
0

Re: Another Newbie very desperate for help with Virus Alerts

since my last post i paniked and i decided to run trojan remover again, it appears to of worked this time. It did work last time but as soon as i uninstalled trojan remover the alert messages came back. i havent uninstalled it this time for fear of them returning.

do you think i need to run hijackthis again and post the log here as i did at the start of my post?

i cant tell you how good it feels not to have those bloody fake alert things going off every minute and that i will be alot more cautious since this experience..!!


Martin
Reputation Points: 10
Solved Threads: 0
Newbie Poster
GlimJim25 is offline Offline
3 posts
since Nov 2007

This thread is more than three months old

No one has posted to this discussion for at least three months. Please let old threads die and do not reply to them unless you feel you have something new and valuable to contribute that absolutely must be added to make the discussion complete. Otherwise, please start a new thread in this forum instead.
Message:
Previous Thread in Viruses, Spyware and other Nasties Forum Timeline: cant access control panel
Next Thread in Viruses, Spyware and other Nasties Forum Timeline: MY HiJackIt Log - Anything I should worry about ?





About Us | Contact Us | Advertise | Acceptable Use Policy
Forum Index | Build Custom RSS Feed


Follow us on Twitter


© 2011 DaniWeb® LLC