Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Trojan Horse Dialer .11.bu Virus


  • Please log in to reply

#1
cbrect

cbrect

    New Member

  • Member
  • Pip
  • 2 posts
Hi,

I'm new to this forum, but also have the problem of an AVG message telling me that I have a trojan horse dialer virus, yet when I ran a scan it found nothing. I hope its ok but I ran the Hijackthis scan and these were the results..

Logfile of HijackThis v1.98.2
Scan saved at 19:47:43, on 29/10/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\brss01a.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\sstray.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Scansoft\PaperPort\pptd40nt.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Scansoft\PaperPort\SmartUI\SmartUI.exe
C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
C:\WINDOWS\system32\Brmfrmps.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\BRMFRSMG.EXE
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\cidaemon.exe
C:\PROGRA~1\Grisoft\AVG6\AVGCC32.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\XoftSpy\XoftSpy.exe
C:\Documents and Settings\Ben\Local Settings\Temporary Internet Files\Content.IE5\UBY7YDQF\HijackThis[1].exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Saristar - {C68AE9C0-0909-4DDC-B661-C1AFB9F5AE50} - C:\WINDOWS\System32\saristar.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe /STARTUP
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\Scansoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\Scansoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [PP8 SE Reminder] "C:\Program Files\Scansoft\PaperPort\WebEreg\NAVBrowser.exe" -r "C:\Program Files\Scansoft\PaperPort\WebEreg\navLoad.ini"
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl03a\BrStDvPt.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: SmartUI.lnk = ?
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akama...meInstaller.exe
O16 - DPF: {71057C18-0507-4747-86BC-E11CE7512C5F} (mailhelper Class) - http://register.btin...mailcontrol.cab
O16 - DPF: {AD7FAFB0-16D6-40C3-AF27-585D6E6453FD} - http://217.73.66.1/m...000_200202_.exe
O16 - DPF: {C56CE781-A6FC-4706-8B32-6EB4622155DF} (MediaConnect Control) - http://plugin.euro-i...ia.com/mpv0.cab

Please could you give me some advice on this.

Many thanks.

Ben



« Next Oldest · Windows NT/2000/2003/XP · Next Newest »



1 User(s) are reading this topic (0 Guests and 0 Anonymous Users)
1 Members: cbrect


Fast Reply


Show Smilies Pop Up Window | Enable Smilies | Enable Signature






Close Topic Options
Track this topic
Receive email notification when a reply has been made to this topic and you are not active on the board.

Subscribe to this forum
Receive email notification when a new topic is posted in this forum and you are not active on the board.

Download / Print this Topic
Download this topic in different formats or view a printer friendly version.
Forum Home Search Help Operating Systems |-- Windows NT/2000/2003/XP |-- Windows 95/98*admin |-- All Other Operating Systems Hardware |-- Hardware/Components/Peripherals |-- System Building/Overclocking |-- Networking Internet |-- Web Design & Web Hosting |-- Spyware/Adware/Viruses |---- HiJackThis Logs |-- Internet/Browsers Software |-- Applications |-- Games |-- Microsoft Office Community |-- Live Chat |-- Arcade |-- Off-Topic |-- Comments/Suggestions |-- News and Updates

English Lo-Fi Version Time is now: 29th October 2004 - 10:18 PM
Proud Member - be assured that you're getting the best support...



©2003 Geeks To Go | All Rights Reserved | -> Link to Us

Have we helped you? Please consider a donation!
  • 0

Advertisements


#2
-=jonnyrotten=-

-=jonnyrotten=-

    Member 2k

  • Retired Staff
  • 2,678 posts
Please run a free online virus scan here (tick the "Auto Clean" checkbox):
http://housecall.antivirus.com/

And a free trojan scan here:
http://www.moosoft.com/

Please post new log when finished so we can clear it up the rest of the way

-=jonnyrotten=- <_<
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP