Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

synptons: avg anti virus - non functional, clock weird, start up times

Started by blirger , Apr 06 2007 07:40 AM

  • Please log in to reply

#1
blirger
Posted 06 April 2007 - 07:40 AM

blirger

    New Member

  • Member
  • Pip
  • 7 posts
okay this is the situation: since some days ago my comp has frozen over (some times) while doing regular stuff like listening to music. Today AVG-antivirus started malfunctioning and wouldnt start up. Also the clock has started acted weird, the time and date suddenly went VERY wrong.

on top of that messages on start up have been that the logitech manager-thingy malfunctions and is being closed. The same goes for a java-thingy. Also start up time seem to be longer.

what I have done: I have run spybot S&D, ad-aware personal SE (which couldnt update it's definitions). I ran avg anti-spyware (which couldnt update it's definitions). I have run SUPERantispyware. After that I ran panda activescan.

Then I uninstalled avg antivuris and tried to reinstall it - which I couldnt. it said something of a timeout. I then tried to fix norton antivirus (which is provided by my university) but the verification key will take up to 5 working days to come. so I am currently without antivirus.

here are some logs:

hijack this log:

Logfile of HijackThis v1.99.1
Scan saved at 19:41:25, on 2007-04-06
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\RUNDLL32.EXE
D:\Program\Java\jre1.5.0_11\bin\jusched.exe
D:\Program\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program\SUPERAntiSpyware\SUPERAntiSpyware.exe
D:\Program\Adobe\Reader 8.0\Reader\reader_sl.exe
D:\Program\Grisoft\AVG Anti-Spyware 7.5\guard.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\wscntfy.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Program\Internet Explorer\IEXPLORE.EXE
D:\Program\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hattrick.org/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Program\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Program\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Program\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] "D:\Program\Delade filer\Logitech\khalshared\KHALMNPR.EXE"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "D:\Program\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BlazeServoTool] "D:\Program\BlazeVideo\BlazeDVD4 Professional\MediaDetector.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] D:\Program\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Program\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = D:\Program\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = D:\Program\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Windows Live Search - res://D:\Program\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\Program\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\Program\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: !SASWinLogon - D:\Program\SUPERAntiSpyware\SASWINLO.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - D:\Program\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe


hijack this uninstall log:

AC3Filter (remove only)
Ad-Aware SE Personal
Adobe Download Manager 2.2 (endast avinstallation)
Adobe Flash Player 9 ActiveX
Adobe Reader 8
Adobe Shockwave Player
Audacity 1.2.6
AVG Anti-Spyware 7.5
Azureus
DC++ 0.698
DivX
DivX Converter
DivX Player
DivX Web Player
DScaler 5 Mpeg Decoders
Europa Universalis 2
Heroes of Might and Magic® III Complete
Hijackthis 1.99.1
HijackThis 1.99.1
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB926239)
J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 11
KhalSetup
LADSPA_plugins-win-0.4.15
Logitech SetPoint
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2000 Professional
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
mIRC
Morrowind
NVIDIA Drivers
Panda ActiveScan
Railroad Tycoon 3
ratDVD 0.78.1444
Smarta menyer (Windows Live Toolbar)
SpellForce
Spybot - Search & Destroy 1.4
SUPERAntiSpyware Free Edition
Säkerhetsuppdatering för Windows Internet Explorer 7 (KB928090)
Säkerhetsuppdatering för Windows Media Player (KB911564)
Säkerhetsuppdatering för Windows Media Player 6.4 (KB925398)
Säkerhetsuppdatering för Windows Media Player 9 (KB917734)
Säkerhetsuppdatering för Windows XP (KB893756)
Säkerhetsuppdatering för Windows XP (KB896358)
Säkerhetsuppdatering för Windows XP (KB896423)
Säkerhetsuppdatering för Windows XP (KB896424)
Säkerhetsuppdatering för Windows XP (KB896428)
Säkerhetsuppdatering för Windows XP (KB899587)
Säkerhetsuppdatering för Windows XP (KB899591)
Säkerhetsuppdatering för Windows XP (KB900725)
Säkerhetsuppdatering för Windows XP (KB901017)
Säkerhetsuppdatering för Windows XP (KB901214)
Säkerhetsuppdatering för Windows XP (KB902400)
Säkerhetsuppdatering för Windows XP (KB904706)
Säkerhetsuppdatering för Windows XP (KB905414)
Säkerhetsuppdatering för Windows XP (KB905749)
Säkerhetsuppdatering för Windows XP (KB908519)
Säkerhetsuppdatering för Windows XP (KB911562)
Säkerhetsuppdatering för Windows XP (KB911927)
Säkerhetsuppdatering för Windows XP (KB912919)
Säkerhetsuppdatering för Windows XP (KB913580)
Säkerhetsuppdatering för Windows XP (KB914388)
Säkerhetsuppdatering för Windows XP (KB914389)
Säkerhetsuppdatering för Windows XP (KB917344)
Säkerhetsuppdatering för Windows XP (KB917422)
Säkerhetsuppdatering för Windows XP (KB917953)
Säkerhetsuppdatering för Windows XP (KB918118)
Säkerhetsuppdatering för Windows XP (KB918439)
Säkerhetsuppdatering för Windows XP (KB919007)
Säkerhetsuppdatering för Windows XP (KB920213)
Säkerhetsuppdatering för Windows XP (KB920670)
Säkerhetsuppdatering för Windows XP (KB920683)
Säkerhetsuppdatering för Windows XP (KB920685)
Säkerhetsuppdatering för Windows XP (KB921398)
Säkerhetsuppdatering för Windows XP (KB922616)
Säkerhetsuppdatering för Windows XP (KB922819)
Säkerhetsuppdatering för Windows XP (KB923191)
Säkerhetsuppdatering för Windows XP (KB923414)
Säkerhetsuppdatering för Windows XP (KB923689)
Säkerhetsuppdatering för Windows XP (KB923694)
Säkerhetsuppdatering för Windows XP (KB923789)
Säkerhetsuppdatering för Windows XP (KB923980)
Säkerhetsuppdatering för Windows XP (KB924191)
Säkerhetsuppdatering för Windows XP (KB924270)
Säkerhetsuppdatering för Windows XP (KB924496)
Säkerhetsuppdatering för Windows XP (KB924667)
Säkerhetsuppdatering för Windows XP (KB925454)
Säkerhetsuppdatering för Windows XP (KB925902)
Säkerhetsuppdatering för Windows XP (KB926255)
Säkerhetsuppdatering för Windows XP (KB926436)
Säkerhetsuppdatering för Windows XP (KB927779)
Säkerhetsuppdatering för Windows XP (KB927802)
Säkerhetsuppdatering för Windows XP (KB928255)
Säkerhetsuppdatering för Windows XP (KB928843)
TES Construction Set
Uppdatering för Windows XP (KB894391)
Uppdatering för Windows XP (KB898461)
Uppdatering för Windows XP (KB900485)
Uppdatering för Windows XP (KB908531)
Uppdatering för Windows XP (KB910437)
Uppdatering för Windows XP (KB911280)
Uppdatering för Windows XP (KB916595)
Uppdatering för Windows XP (KB920872)
Uppdatering för Windows XP (KB922582)
Uppdatering för Windows XP (KB929338)
Uppdatering för Windows XP (KB931836)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Live Messenger
Windows Live Toolbar
Windows Live Toolbar
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
WinRAR
Xvid 1.1.2 final uninstall


panda activescan log:


Incident Status Location

Virus:W32/Sdbot.ftp.worm Disinfected C:\WINDOWS\SYSTEM32\I
Virus:W32/Sdbot.INZ.worm Disinfected C:\WINDOWS\SYSTEM32\mlnwinmc3.exe
Virus:W32/Sdbot.INZ.worm Disinfected C:\WINDOWS\MLWINIV1.EXE
Virus:W32/IRCbot.AFP.worm Not disinfected C:\UNDO\BACKUP.CAB[\Device\Harddisk0\Partition1\WINDOWS\SYSTEM32\eraseme_36701.exe]
Virus:W32/Sdbot.IND.worm Not disinfected C:\UNDO\BACKUP.CAB[\Device\Harddisk0\Partition1\WINDOWS\SYSTEM32\IPSLKFYI.EXE]
Virus:W32/Sdbot.IND.worm Not disinfected C:\UNDO\BACKUP.CAB[\Device\Harddisk0\Partition1\WINDOWS\SYSTEM32\TOPBARW1.EXE]
Virus:W32/Sdbot.ftp.worm Not disinfected C:\UNDO\BACKUP.CAB[\Device\Harddisk0\Partition1\WINDOWS\SYSTEM32\I]
Virus:W32/IRCbot.AFP.worm Not disinfected C:\UNDO\BACKUP.CAB[\Device\Harddisk0\Partition1\WINDOWS\SYSTEM32\CSSCV.EXE]
Virus:W32/IRCbot.AFP.worm Not disinfected C:\UNDO\BACKUP.CAB[\Device\Harddisk0\Partition1\WINDOWS\SYSTEM32\eraseme_84414.exe]
Virus:W32/Sdbot.INZ.worm Not disinfected C:\UNDO\BACKUP.CAB[\Device\Harddisk0\Partition1\WINDOWS\SYSTEM32\mlnwinmc3.exe]
Virus:W32/Rinbot.gen.worm Not disinfected C:\UNDO\BACKUP.CAB[\Device\Harddisk0\Partition1\System Volume Information\_restore{A2E1D37C-3373-4558-92AC-5760510469C2}\RP8\A0006315.EXE]
Virus:W32/Rinbot.gen.worm Not disinfected C:\UNDO\BACKUP.CAB[\Device\Harddisk0\Partition1\System Volume Information\_restore{A2E1D37C-3373-4558-92AC-5760510469C2}\RP8\A0006327.EXE]
Virus:W32/Rinbot.gen.worm Not disinfected C:\UNDO\BACKUP.CAB[\Device\Harddisk0\Partition1\System Volume Information\_restore{A2E1D37C-3373-4558-92AC-5760510469C2}\RP8\A0007326.EXE]
Virus:W32/Rinbot.gen.worm Not disinfected C:\UNDO\BACKUP.CAB[\Device\Harddisk0\Partition1\System Volume Information\_restore{A2E1D37C-3373-4558-92AC-5760510469C2}\RP8\A0007336.EXE]
Virus:W32/Rinbot.gen.worm Not disinfected C:\UNDO\BACKUP.CAB[\Device\Harddisk0\Partition1\System Volume Information\_restore{A2E1D37C-3373-4558-92AC-5760510469C2}\RP8\A0007345.EXE]
Virus:W32/Rinbot.gen.worm Not disinfected C:\UNDO\BACKUP.CAB[\Device\Harddisk0\Partition1\System Volume Information\_restore{A2E1D37C-3373-4558-92AC-5760510469C2}\RP8\A0009357.EXE]
Virus:W32/Rinbot.gen.worm Not disinfected C:\UNDO\BACKUP.CAB[\Device\Harddisk0\Partition1\System Volume Information\_restore{A2E1D37C-3373-4558-92AC-5760510469C2}\RP8\A0010387.EXE]
Virus:Trj/Clicker.WM Not disinfected C:\UNDO\BACKUP.CAB[\Device\Harddisk0\Partition1\System Volume Information\_restore{A2E1D37C-3373-4558-92AC-5760510469C2}\RP8\A0010404.EXE]
Virus:Trj/Clicker.WM Not disinfected C:\UNDO\BACKUP.CAB[\Device\Harddisk0\Partition1\System Volume Information\_restore{A2E1D37C-3373-4558-92AC-5760510469C2}\RP8\A0011403.EXE]
Virus:JS/Psyme.gen Not disinfected C:\UNDO\BACKUP.CAB[\Device\Harddisk0\Partition1\System Volume Information\_restore{A2E1D37C-3373-4558-92AC-5760510469C2}\RP8\A0009356_VBS.vir]


and avg antispyware log:

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 15:55:00 5888-10-10

+ Scan result:



C:\undo\backup.cab/\Device\Harddisk0\Partition1\System Volume Information\_restore{A2E1D37C-3373-4558-92AC-5760510469C2}\RP8\A0006315.EXE -> Backdoor.Rbot.bgs : No action taken.
C:\undo\backup.cab/\Device\Harddisk0\Partition1\System Volume Information\_restore{A2E1D37C-3373-4558-92AC-5760510469C2}\RP8\A0006327.EXE -> Backdoor.Rbot.bgs : No action taken.
C:\undo\backup.cab/\Device\Harddisk0\Partition1\System Volume Information\_restore{A2E1D37C-3373-4558-92AC-5760510469C2}\RP8\A0007326.EXE -> Backdoor.Rbot.bgs : No action taken.
C:\undo\backup.cab/\Device\Harddisk0\Partition1\System Volume Information\_restore{A2E1D37C-3373-4558-92AC-5760510469C2}\RP8\A0007336.EXE -> Backdoor.Rbot.bgs : No action taken.
C:\undo\backup.cab/\Device\Harddisk0\Partition1\System Volume Information\_restore{A2E1D37C-3373-4558-92AC-5760510469C2}\RP8\A0007345.EXE -> Backdoor.Rbot.bgs : No action taken.
C:\undo\backup.cab/\Device\Harddisk0\Partition1\System Volume Information\_restore{A2E1D37C-3373-4558-92AC-5760510469C2}\RP8\A0009357.EXE -> Backdoor.Rbot.bgs : No action taken.
C:\undo\backup.cab/\Device\Harddisk0\Partition1\System Volume Information\_restore{A2E1D37C-3373-4558-92AC-5760510469C2}\RP8\A0010387.EXE -> Backdoor.Rbot.bgs : No action taken.
C:\undo\backup.cab/\Device\Harddisk0\Partition1\System Volume Information\_restore{A2E1D37C-3373-4558-92AC-5760510469C2}\RP8\A0009356_VBS.vir -> Downloader.Small.az : No action taken.
C:\undo\backup.cab/\Device\Harddisk0\Partition1\System Volume Information\_restore{A2E1D37C-3373-4558-92AC-5760510469C2}\RP8\A0010404.EXE -> Hijacker.Costrat.k : No action taken.
C:\undo\backup.cab/\Device\Harddisk0\Partition1\System Volume Information\_restore{A2E1D37C-3373-4558-92AC-5760510469C2}\RP8\A0011403.EXE -> Hijacker.Costrat.k : No action taken.


::Report end



thanks a lot in advance!
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP