Posts by Doinker

Hi DruggedAngel.

I'm quite new to these forums, so don't take this as a highly professional answer, but I had this problem as well, and I spent alot of time trying to figure out what was wrong, because it was one of my major symptoms after having acquired a virus. Now what I found out by browsing alot of boards is that if you're using a router, you should try resetting this, you can do this by unplugging it and waiting about 1 minute, or you can hit the reset button on the router, this is a solution that had worked for alot of the people, it was a problem with the firewall in the router.

Second thing you can try, if the first one didn't work, is to do what Crunchie told me to do in my post about my virus problem. I had read somewhere that the problem with MSN might be related to a virus, a really annoying one that also turned off my run command, my task manager and turn off computer command, also disabled changing in my registry, but seeing how these are none of your symptoms I don't really know if you have this virus. The problems I had with registry, task manager etc was easily fixed but the MSN problem took a bit more.

Anyways here is the post Crunchie made for me, so please give him all the credit, all I know is that after I did what he …

Thank you very much for the quick response Crunchie.

I ran combofix and it definitely seems to have fixed the constant msg's from AVG about having a trojan on my computer, also it fixed my problem about MSN crashing whenever it started, a problem which I had been told was caused by the virus.

Here is my new hijackthis post:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:20, on 2007-12-06
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Programmer\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Programmer\MSN Messenger\MsnMsgr.Exe
C:\Programmer\Spybot - Search & Destroy\TeaTimer.exe
C:\Programmer\Logitech\SetPoint\SetPoint.exe
C:\Programmer\Fælles filer\Logitech\khalshared\KHALMNPR.EXE
C:\Programmer\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmer\HJTrenamed.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = [url]www.google.dk/ig/dell?hl=da&client=dell-row&channel=dk&ibd=4060911[/url]
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = [url]http://www.google.dk/ig/dell?hl=da&client=dell-row&channel=dk&ibd=4060911[/url]
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Programmer\BitComet\tools\BitCometBHO_1.1.8.30.dll
O2 - BHO: (no name) - {44899979-6F17-4D8A-890C-39F12EEB01C8} - (no file)
O2 - BHO: (no name) - {4E930F3F-69FB-479A-AACD-0866B512D7EB} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: (no name) - {71573D66-8062-409C-8F2C-89A33B88A697} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmer\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Hjælp til tilmelding til Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmer\Fælles filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) …

Hi, I'm new to these forums and I really hope someone can help me with my problem. My computer seems to be highly infected, I keep getting popups in my taskbar with badly written warnings of virus that I need to download this and this file to be protected etc. I had a problem with my turn off computer, run and task manager were missing, but I ran AVG in safe mode and spybot s&d and got that fixed, but now my computer seems to run somewhat slow, and there are those popups constantly.

I ran a Hijackthis and here it is:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:43:49, on 05-12-2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Programmer\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Programmer\Logitech\SetPoint\SetPoint.exe
C:\Programmer\Fælles filer\Logitech\khalshared\KHALMNPR.EXE
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Windows Live\Messenger\usnsvc.exe
C:\Programmer\Mozilla Firefox\firefox.exe
C:\Programmer\Fælles filer\Logitech\WebColct\webcolct.exe
C:\Programmer\HJTrenamed.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.dk/ig/dell?hl=da&client=dell-row&channel=dk&ibd=4060911
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.dk/hws/sb/dell-row/da/side.html?channel=dk
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.dk/hws/sb/dell-row/da/side.html?channel=dk
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.euro.dell.com/content/default.aspx?c=dk&l=da&s=gen
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www1.euro.dell.com/content/default.aspx?c=dk&l=da&s=gen
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.dk/hws/sb/dell-row/da/side.html?channel=dk
…