Ridding this computer of viruses and spyware except for this one stubborn dll logm.dll located in the Windows/System32 Folder.
AVG is telling me that the file is infected with the trojan house BackDoor.Agent.
I can not delete, heal or change the permissions to this file even in safe mode. This computer was infected with the about:blank trojan. I have even search for logm.dll using regedit and deleted one entry but still can not delete this file.
I am at a complete loss. My HiJack this file is clean and attached. Any help is greatly appreciated.
Logfile of HijackThis v1.99.1
Scan saved at 2:22:16 PM, on 5/12/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Sierra\Planner\PLNRnote.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Renee Cavanaugh\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\RunOnce: [GrpConv] grpconv.exe -o
O4 - Global Startup: Event Planner Reminders Tray Icon.lnk = C:\Sierra\Planner\PLNRnote.exe
O4 - Global Startup: winlogin.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Security Agent (scagent) - Unknown owner - C:\WINDOWS\system32\scagent.exe" start (file missing)
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe