New Posts  All Forums:Forum Nav:

Is this a virus?? - Page 4

post #31 of 113
Thread Starter 
thanks bver, will do as you said and i'll post it.
Summer Setup
(14 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i5 2500k ASUS P8H67-V Gigabyte GTX 660 OC Windforce Edition 2X2GB CORSAIR DDR3-1333 
Hard DriveOptical DriveCoolingOS
Seagate 1TB SATA 6G Samsung DVD+RW 120mmx2 (Side Intake x1, Rear exhaust x1) Windows 7-Ultimate 
MonitorKeyboardPowerCase
Samsung S22B370 22" 1080p HDMi Logitech K120 Corsair GS-600W Coolermaster Elite 430 
MouseMouse Pad
Logitech G400 Steelseries QCK Heavy 
  hide details  
Reply
Summer Setup
(14 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i5 2500k ASUS P8H67-V Gigabyte GTX 660 OC Windforce Edition 2X2GB CORSAIR DDR3-1333 
Hard DriveOptical DriveCoolingOS
Seagate 1TB SATA 6G Samsung DVD+RW 120mmx2 (Side Intake x1, Rear exhaust x1) Windows 7-Ultimate 
MonitorKeyboardPowerCase
Samsung S22B370 22" 1080p HDMi Logitech K120 Corsair GS-600W Coolermaster Elite 430 
MouseMouse Pad
Logitech G400 Steelseries QCK Heavy 
  hide details  
Reply
post #32 of 113
Thread Starter 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:49:57 PM, on 5/28/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\\WINDOWS\\System32\\smss.exe
C:\\WINDOWS\\system32\\winlogon.exe
C:\\WINDOWS\\system32\\services.exe
C:\\WINDOWS\\system32\\lsass.exe
C:\\WINDOWS\\system32\\svchost.exe
C:\\WINDOWS\\System32\\svchost.exe
C:\\WINDOWS\\explorer.exe
C:\\WINDOWS\\system32\\spoolsv.exe
C:\\Program Files\\Mozilla Firefox\\firefox.exe
C:\\Program Files\\Trend Micro\\HijackThis\\HijackThis.exe

F2 - REG:system.ini: Shell=explorer.exe
O4 - HKLM\\..\\Run: [SoundMax] "C:\\Program Files\\Analog Devices\\SoundMAX\\smax4.exe" /tray
O4 - HKLM\\..\\Run: [7c8345cc] rundll32.exe "C:\\WINDOWS\\system32\\jtcqduxs.dll",b
O4 - HKLM\\..\\Run: [BM7fb07650] Rundll32.exe "C:\\WINDOWS\\system32\\lkxvjnoc.dll",s
O4 - HKCU\\..\\Run: [IDMan] C:\\Program Files\\Internet Download Manager\\IDMan.exe /onboot
O8 - Extra context menu item: Download all links with IDM - C:\\Program Files\\Internet Download Manager\\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\\Program Files\\Internet Download Manager\\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\\Program Files\\Internet Download Manager\\IEExt.htm
O17 - HKLM\\System\\CCS\\Services\\Tcpip\\..\\{E1809FBD-21D4-4787-86ED-664B9F67CB81}: NameServer = 203.145.184.13,202.56.250.5
O17 - HKLM\\System\\CCS\\Services\\Tcpip\\..\\{FE023927-BC5A-4C38-90E1-89E737DF146B}: NameServer = 203.145.184.13,202.56.250.5

--
End of file - 1578 bytes
Summer Setup
(14 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i5 2500k ASUS P8H67-V Gigabyte GTX 660 OC Windforce Edition 2X2GB CORSAIR DDR3-1333 
Hard DriveOptical DriveCoolingOS
Seagate 1TB SATA 6G Samsung DVD+RW 120mmx2 (Side Intake x1, Rear exhaust x1) Windows 7-Ultimate 
MonitorKeyboardPowerCase
Samsung S22B370 22" 1080p HDMi Logitech K120 Corsair GS-600W Coolermaster Elite 430 
MouseMouse Pad
Logitech G400 Steelseries QCK Heavy 
  hide details  
Reply
Summer Setup
(14 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i5 2500k ASUS P8H67-V Gigabyte GTX 660 OC Windforce Edition 2X2GB CORSAIR DDR3-1333 
Hard DriveOptical DriveCoolingOS
Seagate 1TB SATA 6G Samsung DVD+RW 120mmx2 (Side Intake x1, Rear exhaust x1) Windows 7-Ultimate 
MonitorKeyboardPowerCase
Samsung S22B370 22" 1080p HDMi Logitech K120 Corsair GS-600W Coolermaster Elite 430 
MouseMouse Pad
Logitech G400 Steelseries QCK Heavy 
  hide details  
Reply
post #33 of 113
Thread Starter 
Quote:
Originally Posted by KSIMP88 View Post
pop the HDD in another computer, then scan it.
i'll be leaving to my other house in mumbai in a couple of days, i'll be taking my hdd along with me and i'll remove the file myself if its there for too long.
Summer Setup
(14 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i5 2500k ASUS P8H67-V Gigabyte GTX 660 OC Windforce Edition 2X2GB CORSAIR DDR3-1333 
Hard DriveOptical DriveCoolingOS
Seagate 1TB SATA 6G Samsung DVD+RW 120mmx2 (Side Intake x1, Rear exhaust x1) Windows 7-Ultimate 
MonitorKeyboardPowerCase
Samsung S22B370 22" 1080p HDMi Logitech K120 Corsair GS-600W Coolermaster Elite 430 
MouseMouse Pad
Logitech G400 Steelseries QCK Heavy 
  hide details  
Reply
Summer Setup
(14 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i5 2500k ASUS P8H67-V Gigabyte GTX 660 OC Windforce Edition 2X2GB CORSAIR DDR3-1333 
Hard DriveOptical DriveCoolingOS
Seagate 1TB SATA 6G Samsung DVD+RW 120mmx2 (Side Intake x1, Rear exhaust x1) Windows 7-Ultimate 
MonitorKeyboardPowerCase
Samsung S22B370 22" 1080p HDMi Logitech K120 Corsair GS-600W Coolermaster Elite 430 
MouseMouse Pad
Logitech G400 Steelseries QCK Heavy 
  hide details  
Reply
post #34 of 113
O4 - HKLM\\..\\Run: [7c8345cc] rundll32.exe "C:\\WINDOWS\\system32\\jtcqduxs.dll",b
O4 - HKLM\\..\\Run: [BM7fb07650] Rundll32.exe "C:\\WINDOWS\\system32\\lkxvjnoc.dll",s

Those look like the problem, but shouldn't your log be longer? I've never seen one that short.
Gaming Rig
(13 items)
 
  
CPUMotherboardGraphicsRAM
AMD Athlon 64 x2 4600+ AM2 Dell 0CT103 EVGA GeForce 9600GT 512MB 4 x 1GB Wintec (DDR2-667) 
Hard DriveOSMonitorCase
SAMSUNG HD160JJ/P SATA-II 160GB Windows Vista Ultimate x64 Dell 1907FP 19" Dell Dimension E521 
Mouse
Logitech MX518 
  hide details  
Reply
Gaming Rig
(13 items)
 
  
CPUMotherboardGraphicsRAM
AMD Athlon 64 x2 4600+ AM2 Dell 0CT103 EVGA GeForce 9600GT 512MB 4 x 1GB Wintec (DDR2-667) 
Hard DriveOSMonitorCase
SAMSUNG HD160JJ/P SATA-II 160GB Windows Vista Ultimate x64 Dell 1907FP 19" Dell Dimension E521 
Mouse
Logitech MX518 
  hide details  
Reply
post #35 of 113
O4 - HKLM\\..\\Run: [7c8345cc] rundll32.exe "C:\\WINDOWS\\system32\\jtcqduxs.dll",b
O4 - HKLM\\..\\Run: [BM7fb07650] Rundll32.exe "C:\\WINDOWS\\system32\\lkxvjnoc.dll",s


These are the problems > just check them and click fix.

His log isn't that long because he just reloaded.
post #36 of 113
Thread Starter 
thats all i got, i aint got much processes running so it might be due to that....and i've got rid of avast already.

regarding the two processes, those dll files are what i'm looking at right now, and am unable to delete them.
Summer Setup
(14 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i5 2500k ASUS P8H67-V Gigabyte GTX 660 OC Windforce Edition 2X2GB CORSAIR DDR3-1333 
Hard DriveOptical DriveCoolingOS
Seagate 1TB SATA 6G Samsung DVD+RW 120mmx2 (Side Intake x1, Rear exhaust x1) Windows 7-Ultimate 
MonitorKeyboardPowerCase
Samsung S22B370 22" 1080p HDMi Logitech K120 Corsair GS-600W Coolermaster Elite 430 
MouseMouse Pad
Logitech G400 Steelseries QCK Heavy 
  hide details  
Reply
Summer Setup
(14 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i5 2500k ASUS P8H67-V Gigabyte GTX 660 OC Windforce Edition 2X2GB CORSAIR DDR3-1333 
Hard DriveOptical DriveCoolingOS
Seagate 1TB SATA 6G Samsung DVD+RW 120mmx2 (Side Intake x1, Rear exhaust x1) Windows 7-Ultimate 
MonitorKeyboardPowerCase
Samsung S22B370 22" 1080p HDMi Logitech K120 Corsair GS-600W Coolermaster Elite 430 
MouseMouse Pad
Logitech G400 Steelseries QCK Heavy 
  hide details  
Reply
post #37 of 113
Quote:
Originally Posted by bver View Post
His log isn't that long because he just reloaded.
Ah, didn't notice that as I just skimmed through the thread.
Gaming Rig
(13 items)
 
  
CPUMotherboardGraphicsRAM
AMD Athlon 64 x2 4600+ AM2 Dell 0CT103 EVGA GeForce 9600GT 512MB 4 x 1GB Wintec (DDR2-667) 
Hard DriveOSMonitorCase
SAMSUNG HD160JJ/P SATA-II 160GB Windows Vista Ultimate x64 Dell 1907FP 19" Dell Dimension E521 
Mouse
Logitech MX518 
  hide details  
Reply
Gaming Rig
(13 items)
 
  
CPUMotherboardGraphicsRAM
AMD Athlon 64 x2 4600+ AM2 Dell 0CT103 EVGA GeForce 9600GT 512MB 4 x 1GB Wintec (DDR2-667) 
Hard DriveOSMonitorCase
SAMSUNG HD160JJ/P SATA-II 160GB Windows Vista Ultimate x64 Dell 1907FP 19" Dell Dimension E521 
Mouse
Logitech MX518 
  hide details  
Reply
post #38 of 113
Also after you finish, restart into safemode w net and run a scan just to be safe.

www.eset.com/onlinescan ( I happen to like this one, Its free )
Edited by bver - 5/28/08 at 11:34am
post #39 of 113
IF you cant delete them it's most likely because they are running.

Log into safe mode by hitting F8 as your computer is starting up. Re-run HijackThis and try and fix them (fix actually deletes the registry keys and the file associated with it).
post #40 of 113
Thread Starter 
LOLLLL!!!....that site said it doesnt support my firefox so i opened my IE, and explorer crashed like hell!!...with popups!! and an error saying "Visual C++ buffer overrun detected".....that's website's freaking me out!!
Summer Setup
(14 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i5 2500k ASUS P8H67-V Gigabyte GTX 660 OC Windforce Edition 2X2GB CORSAIR DDR3-1333 
Hard DriveOptical DriveCoolingOS
Seagate 1TB SATA 6G Samsung DVD+RW 120mmx2 (Side Intake x1, Rear exhaust x1) Windows 7-Ultimate 
MonitorKeyboardPowerCase
Samsung S22B370 22" 1080p HDMi Logitech K120 Corsair GS-600W Coolermaster Elite 430 
MouseMouse Pad
Logitech G400 Steelseries QCK Heavy 
  hide details  
Reply
Summer Setup
(14 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i5 2500k ASUS P8H67-V Gigabyte GTX 660 OC Windforce Edition 2X2GB CORSAIR DDR3-1333 
Hard DriveOptical DriveCoolingOS
Seagate 1TB SATA 6G Samsung DVD+RW 120mmx2 (Side Intake x1, Rear exhaust x1) Windows 7-Ultimate 
MonitorKeyboardPowerCase
Samsung S22B370 22" 1080p HDMi Logitech K120 Corsair GS-600W Coolermaster Elite 430 
MouseMouse Pad
Logitech G400 Steelseries QCK Heavy 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Operating Systems