Check my logs?

By jimvonhank
Dec 28, 2007
  1. I've had no symptoms, but have noticed suspicious internet access requests.

    Thank you people for great tips in this forum. I've done scans according to the thread on "Viruses/Spyware/Malware, preliminary removal instructions"

    But I still suspect some creepy activity on my computer by the file c:windows/system32/routing.exe
    I did a scan on Log attached. Should I get rid of it, and how? By using HJT?

    Can someone check my log files?
    Panda Antiroot kit scan showed nothing wrong.

    Sorry if I posted too many logs

    grateful guy
  2. Tedster

    Tedster Techspot old timer..... Posts: 6,000   +15

  3. jimvonhank

    jimvonhank TS Rookie Topic Starter

    Yes, I'm very familiar with that thread. It's the one I've been following when scanning for viruses. I was about to post that exact link in my first posting. But you are not allowed to post links in the 3 first posts. So I just wrote the title.

    My first question is if routing.exe in C:Windows/system32/ is a trojan or not! According to Kapersky and F-prot it is a trojan (See the logfile "virustotal scan of routing.exe"). But I don't want to buy Kapersky or F-prot just to get rid of it. Is there any other way? Maybe through HiJack This?

    My second question is: Are there more suspicious things in my files in my hijackthis log?

    Thank you!
  4. Tedster

    Tedster Techspot old timer..... Posts: 6,000   +15

    you appear to have more than 1 antivirus installed on your machine. only install 1 AV. Then tell me what viri it finds.
  5. jimvonhank

    jimvonhank TS Rookie Topic Starter

    Thank you for a quick reply!

    I fail to see two anti virus systems installed. I run Norman Antivirus. If you are referring to the process c:/programfiles/grisoft/AVG Anti-Spyware 7.5/avgas.exe this is anti SPYWARE, and not AVG Antivirus!

    Which is the other antivirus program apart from Norman?

    Can i remove routing.exe with HJT, or could my XP get in trouble?
  6. Tedster

    Tedster Techspot old timer..... Posts: 6,000   +15

    These are the ones I thought. They have an asterix * in front.

    Antivirus Version Last Update Result
    AhnLab-V3 2007.12.29.10 2007.12.29 -
    *AntiVir 2007.12.28 -
    Authentium 4.93.8 2007.12.29 -
    *Avast 4.7.1098.0 2007.12.28 -
    *AVG 2007.12.28 -
    BitDefender 7.2 2007.12.29 -
    CAT-QuickHeal 9.00 2007.12.28 -
    ClamAV 0.91.2 2007.12.28 -
    DrWeb 2007.12.28 -
    eSafe 2007.12.27 -
    eTrust-Vet 31.3.5410 2007.12.29 -
    Ewido 4.0 2007.12.28 -
    FileAdvisor 1 2007.12.29 -
    Fortinet 2007.12.28 -
    F-Prot 2007.12.28 -
    *F-Secure 6.70.13030.0 2007.12.28 Trojan-Downloader.Win32.Agent.gwg
    Ikarus T3.1.1.15 2007.12.29 -
    Kaspersky 2007.12.29 Trojan-Downloader.Win32.Agent.gwg
    McAfee 5195 2007.12.28 -
    Microsoft 1.3109 2007.12.29 -
    NOD32v2 2754 2007.12.28 -
    Norman 5.80.02 2007.12.28 -
    *Panda 2007.12.28 -
    Prevx1 V2 2007.12.29 Generic.Rootkit
    Rising 2007.12.28 -
    *Sophos 4.24.0 2007.12.28 -
    Sunbelt 2.2.907.0 2007.12.28 -
    *Symantec 10 2007.12.29 -
    TheHacker 2007.12.28 -
    VBA32 2007.12.26 -
    VirusBuster 4.3.26:9 2007.12.28 -
    Webwasher-Gateway 6.6.2 2007.12.28

    It looked like you had several antivirus programs installed.

    Try this for removal of trojans:
  7. jimvonhank

    jimvonhank TS Rookie Topic Starter

    Wrong log!

    Ah, I see!

    You are looking at a log from a scan done on the website I scanned one single file called routing.exe on that site. The site uses ALL available antivirus and antispyware systems. So of course it shows a hole bunch of antivirus software. On my computer I've only installed Norman.

    Now will you please read my earlier postings in the thread and answer my questions about this file routing.exe? There are 3 or 4 other logs attached. If they are missing, I can post them again.
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...