User User name Password  
   
Saturday 21.12.2024 / 11:26
Search AfterDawn Forums:        In English   Suomeksi   På svenska
afterdawn.com > forums > software, operating systems and more > windows - virus and spyware problems > computer infected(not this 1 )
Show topics
 
Forums
Forums
computer infected(not this 1 )
  Jump to:
 
Posted Message
john1690
Member
_
2. December 2005 @ 10:15 _ Link to this message    Send private message to this user   
hi i was on my own pc last night and i went to dload from the site astalvista.box , after a second my search and destroy programm came up with the message computer infected or sumething like that .in a box it says reboot so i did ,the comp rebooted ta as far as windows is starting up ,and didnt go any further,plz help
Advertisement
_
__
aaxxeell
Senior Member
_
2. December 2005 @ 13:02 _ Link to this message    Send private message to this user   
u need to post Hjt log so we can see what's wrong with pc.

http://forums.afterdawn.com/thread_view.cfm/263784
Do this instruction from step 3!

We will fix then you're comp.

ddp
Moderator
_
2. December 2005 @ 13:20 _ Link to this message    Send private message to this user   
try running your anti-virus program in safe mode
-kemisti-
AfterDawn Addict
_
3. December 2005 @ 00:11 _ Link to this message    Send private message to this user   
Yep, you can first try to scan with your av in safe mode as ddp said, but please post HjT-log after that.
john1690
Member
_
3. December 2005 @ 08:17 _ Link to this message    Send private message to this user   
i cant even start on safe mode as wen im booting up it gets to as far as windows is starting up ,but it just stays there doing nothing ,yet i can move my mouse about . ive tried all modes on startup,any ideas guys, and tnx for the replys
ddp
Moderator
_
3. December 2005 @ 10:57 _ Link to this message    Send private message to this user   
what windows are you using & what format is the hd in as in ntfs or fat32??
john1690
Member
_
4. December 2005 @ 02:09 _ Link to this message    Send private message to this user   
i am using windows xp pro and my hd is running on fat 32.
ddp
Moderator
_
4. December 2005 @ 06:41 _ Link to this message    Send private message to this user   
do you have a win98 boot disk or can get a copy of it?
john1690
Member
_
4. December 2005 @ 10:40 _ Link to this message    Send private message to this user   
thank u for ure help i got back on it eventualy started in safe mode ,it was an infection in java vm,although i still cant get rid id of the infections as i dont have java in control panel,to delete the cache, igot this infection name and repair ere
john1690
Member
_
4. December 2005 @ 10:50 _ Link to this message    Send private message to this user   
Logfile of HijackThis v1.99.1
Scan saved at 20:47:50, on 04/12/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\ISafe.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVTray.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVRID.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://radio-slut.org/
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVRID.exe"
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/cl...
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/virusinfo/webscan.cab
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\ISafe.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe
hope this is correct
ddp
Moderator
_
4. December 2005 @ 11:51 _ Link to this message    Send private message to this user   
should be more to that log
aaxxeell
Senior Member
_
4. December 2005 @ 18:22 _ Link to this message    Send private message to this user   
Probably log is ok, strange that it looks clean :)

1.Do u have firewall?
There's just no firewall in running processes.

2. Download ewido
-> http://www.ewido.net/en/download/
Update, do complete system scan, remove all files that ewido find and post report here to analyse.

3. Update your windows. Get SP 2
-> http://windowsupdate.microsoft.com/

4. U are using IE. I advise u to change into FireFox -> http://www.mozilla.com/firefox/ or
Opera -> http://www.opera.com/

lturchin
Newbie
_
17. December 2005 @ 01:07 _ Link to this message    Send private message to this user   
Not sure if anyone is seeing this thread but axell's advice saved me a bunch. I bought some new RAM and after installing it (coincidental), I could not get to login screen in xp pro SP2. I am a field engineer in IT and pride myself (does it go before fall?) on troubleshooting ability: I changed the power supply because I read that it's deterioration can slow things down; I blamed my new SATA drive (no viable reason) and because my Norton Antivirus Corp edition is always on, I did not in the least, suspect any viruses. In my favor, I have a copy of power quest desktop which can restore a drive to any state metal to metal and when I needed to reboot my PC, I had to use a 30 day old copy of my hard drive image. Long story short: I found this thread using google and downloaded the ewido prog and it found some ibm virus name that was f***g up my system.

thanks dude, is the least I can say
Advertisement
_
__
 
_
aaxxeell
Senior Member
_
19. December 2005 @ 18:23 _ Link to this message    Send private message to this user   
You're welcome & glad to hear you're story :)

afterdawn.com > forums > software, operating systems and more > windows - virus and spyware problems > computer infected(not this 1 )
 

Digital video: AfterDawn.com | AfterDawn Forums
Music: MP3Lizard.com
Gaming: Blasteroids.com | Blasteroids Forums | Compare game prices
Software: Software downloads
Blogs: User profile pages
RSS feeds: AfterDawn.com News | Software updates | AfterDawn Forums
International: AfterDawn in Finnish | AfterDawn in Swedish | AfterDawn in Norwegian | download.fi
Navigate: Search | Site map
About us: About AfterDawn Ltd | Advertise on our sites | Rules, Restrictions, Legal disclaimer & Privacy policy
Contact us: Send feedback | Contact our media sales team
 
  © 1999-2024 by AfterDawn Ltd.

  IDG TechNetwork