Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

AIM Virus


  • Please log in to reply

#1
billysue03

billysue03

    New Member

  • Member
  • Pip
  • 4 posts
Alright so here's the deal. I clicked an IM link that said about looking at updated pictures without thinking about it.

Something obviously downloaded and I have some kind of virus/spyware at this point. I don't know what it is as I'm not seeing anything wrong at this point. I do have the most updated version of Mcafee and it hasn't found anything.

I do have ad-aware. I'm in the process of using the Panda ActiveScan and so far apparently i've got 17 infected files and it's been running for the last hour or so.

I've also included a hijack this log if anyone has any insights for me it would be very appreciated.

Thanks

Attached Files


  • 0

Advertisements


#2
meeeeeeeeee

meeeeeeeeee

    Visiting Staff

  • Member
  • PipPipPip
  • 172 posts
Hello there!

I'm so sorry you've had such a long wait! Please post a fresh HijackThis log if you still need help & I'll be right with you.

:tazz:
  • 0

#3
billysue03

billysue03

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
Hey,

No worries, thanks for the help. I'm not sure if i've gotten rid of it at this point or not. Let me know what you think.

Thanks!

Attached Files


  • 0

#4
meeeeeeeeee

meeeeeeeeee

    Visiting Staff

  • Member
  • PipPipPip
  • 172 posts
Looks like you still have some problems. Let's get you cleaned up!

Let's make sure all hidden files are visible. Use this link for information on how to do this: http://www.xtra.co.n...1916458,00.html

Please select the following with HijackThis. With all windows (including this one!) closed, please select "fix.”


R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O3 - Toolbar: (no name) - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - (no file)

O4 - HKLM\..\Run: [ActiveX Loader] D:\WINDOWS\System32\sys.exe
** O4 - HKLM\..\Run: [xwt] D:\WINDOWS\xwt.exe
O4 - HKLM\..\Run: [Media Access] D:\Program Files\Media Access\MediaAccK.exe

O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} (MetaStreamCtl Class) - https://components.v...ktop-1.jpg.html
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windup...bridge-c293.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.r...ip/RdxIE601.cab
O16 - DPF: {65E7DB1D-0101-4100-BD66-C5C78C917F93} - http://install.wildt...lim/install.cab

** If you know what this is leave it alone!



Then find and delete the following:

D:\Program Files\Media Access << This folder
** D:\WINDOWS\xwt.exe << This file
D:\WINDOWS\System32\sys.exe << This file

** If you know what this is leave it alone!


Then reboot and post a fresh HijackThis log.

:tazz:
  • 0

#5
billysue03

billysue03

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
Alright. Here we go with the fresh log. Let me know what you think.

Thanks

Attached Files


  • 0

#6
billysue03

billysue03

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
Ok, ignore the previous log. I didn't get them all the first time. Hopefully this one is better.

Attached Files


  • 0

#7
meeeeeeeeee

meeeeeeeeee

    Visiting Staff

  • Member
  • PipPipPip
  • 172 posts
Looks good! How's it acting?
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP