[Nate72]

Can any one help me clean Trojan-Spy.HTML.Smitfraud.c virun with my PC.

[Advertisements]

I tried everything from site "http://www.geekstogo...showtopic=2852" Here is my hijackthis log.

I still have Trojan-Spy.HTML.Smitfraud.c on my desktop and Norton AV detects Bloodhound.W32.EP D:\WINNTPA\system32\wininet.dll virus. Please help.


Logfile of HijackThis v1.99.1
Scan saved at 10:11:17 PM, on 7/4/2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
D:\WINNTPA\System32\smss.exe
D:\WINNTPA\system32\winlogon.exe
D:\WINNTPA\system32\services.exe
D:\WINNTPA\system32\lsass.exe
D:\WINNTPA\system32\svchost.exe
D:\WINNTPA\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
D:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
D:\WINNTPA\System32\svchost.exe
D:\Program Files\ewido\security suite\ewidoctrl.exe
D:\Program Files\ewido\security suite\ewidoguard.exe
D:\Program Files\NavNT\rtvscan.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
D:\WINNTPA\system32\regsvc.exe
D:\WINNTPA\system32\MSTask.exe
D:\Program Files\Common Files\Mercury Interactive\TDAPIServer\SendAllQualifiedApp.exe
D:\WINNTPA\system32\stisvc.exe
D:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
D:\WINNTPA\System32\WBEM\WinMgmt.exe
D:\WINNTPA\system32\svchost.exe
D:\WINNTPA\system32\inetsrv\inetinfo.exe
D:\WINNTPA\system32\MsgSys.EXE
D:\WINNTPA\Explorer.EXE
D:\WINNTPA\System32\svchost.exe
D:\WINNTPA\system32\wuauclt.exe
D:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\HJT\HijackThis.exe

O1 - Hosts: 64.91.255.87 www.dcsresearch.com
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - D:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - D:\WINNTPA\System32\dmadmin.exe
O23 - Service: ewido security suite control - ewido networks - D:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - D:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - D:\Program Files\NavNT\rtvscan.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: Send All Qualified App (Service1) - Unknown owner - D:\Program Files\Common Files\Mercury Interactive\TDAPIServer\SendAllQualifiedApp.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - D:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

[Nate72]

I tried everything from site "http://www.geekstogo...showtopic=2852" Here is my hijackthis log.

I still have Trojan-Spy.HTML.Smitfraud.c on my desktop and Norton AV detects Bloodhound.W32.EP D:\WINNTPA\system32\wininet.dll virus. Please help.


Logfile of HijackThis v1.99.1
Scan saved at 10:11:17 PM, on 7/4/2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
D:\WINNTPA\System32\smss.exe
D:\WINNTPA\system32\winlogon.exe
D:\WINNTPA\system32\services.exe
D:\WINNTPA\system32\lsass.exe
D:\WINNTPA\system32\svchost.exe
D:\WINNTPA\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
D:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
D:\WINNTPA\System32\svchost.exe
D:\Program Files\ewido\security suite\ewidoctrl.exe
D:\Program Files\ewido\security suite\ewidoguard.exe
D:\Program Files\NavNT\rtvscan.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
D:\WINNTPA\system32\regsvc.exe
D:\WINNTPA\system32\MSTask.exe
D:\Program Files\Common Files\Mercury Interactive\TDAPIServer\SendAllQualifiedApp.exe
D:\WINNTPA\system32\stisvc.exe
D:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
D:\WINNTPA\System32\WBEM\WinMgmt.exe
D:\WINNTPA\system32\svchost.exe
D:\WINNTPA\system32\inetsrv\inetinfo.exe
D:\WINNTPA\system32\MsgSys.EXE
D:\WINNTPA\Explorer.EXE
D:\WINNTPA\System32\svchost.exe
D:\WINNTPA\system32\wuauclt.exe
D:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\HJT\HijackThis.exe

O1 - Hosts: 64.91.255.87 www.dcsresearch.com
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - D:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - D:\WINNTPA\System32\dmadmin.exe
O23 - Service: ewido security suite control - ewido networks - D:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - D:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - D:\Program Files\NavNT\rtvscan.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: Send All Qualified App (Service1) - Unknown owner - D:\Program Files\Common Files\Mercury Interactive\TDAPIServer\SendAllQualifiedApp.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - D:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

[Nate72]

I tried everything from site "http://www.geekstogo...showtopic=2852" Here is my hijackthis log.

I still have Trojan-Spy.HTML.Smitfraud.c on my desktop and Norton AV detects Bloodhound.W32.EP D:\WINNTPA\system32\wininet.dll virus. Please help.


Logfile of HijackThis v1.99.1
Scan saved at 10:11:17 PM, on 7/4/2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
D:\WINNTPA\System32\smss.exe
D:\WINNTPA\system32\winlogon.exe
D:\WINNTPA\system32\services.exe
D:\WINNTPA\system32\lsass.exe
D:\WINNTPA\system32\svchost.exe
D:\WINNTPA\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
D:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
D:\WINNTPA\System32\svchost.exe
D:\Program Files\ewido\security suite\ewidoctrl.exe
D:\Program Files\ewido\security suite\ewidoguard.exe
D:\Program Files\NavNT\rtvscan.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
D:\WINNTPA\system32\regsvc.exe
D:\WINNTPA\system32\MSTask.exe
D:\Program Files\Common Files\Mercury Interactive\TDAPIServer\SendAllQualifiedApp.exe
D:\WINNTPA\system32\stisvc.exe
D:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
D:\WINNTPA\System32\WBEM\WinMgmt.exe
D:\WINNTPA\system32\svchost.exe
D:\WINNTPA\system32\inetsrv\inetinfo.exe
D:\WINNTPA\system32\MsgSys.EXE
D:\WINNTPA\Explorer.EXE
D:\WINNTPA\System32\svchost.exe
D:\WINNTPA\system32\wuauclt.exe
D:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\HJT\HijackThis.exe

O1 - Hosts: 64.91.255.87 www.dcsresearch.com
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - D:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - D:\WINNTPA\System32\dmadmin.exe
O23 - Service: ewido security suite control - ewido networks - D:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - D:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - D:\Program Files\NavNT\rtvscan.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: Send All Qualified App (Service1) - Unknown owner - D:\Program Files\Common Files\Mercury Interactive\TDAPIServer\SendAllQualifiedApp.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - D:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe