hjt log...

Status
Not open for further replies.

whiteraven

Posts: 11   +0
some funky stuffs been happening with my computer lately. i had norton, decided to change antivirus/firewall and discovered that my computer wont let me install anything. its never done this before and ive tried to install a few things but nothing spectacular happens. and some programmes that come with a thing thats like a pop-up or something the first time you use them just to run through stuff keep acting like its the first time ive run them even if its not.
so heres my hjt log so someone can look at and hopefully find something
 
Hello and welcome to TechSpot.

Your system is infected with a trojan/backdoor. It also appears to be infected with the Vundo trojan.

Malware infections can lead to identity theft, loss of funds from bank accounts, misuse of credit card information, etc since they can send sensitive information from your computer to their creators. Please read this thread before deciding what course of action to take regarding your infection.

If, after reading the above thread, you decide to clean your system, do the following.

Go and read the Viruses/spyware/malware, preliminary removal instructions. Follow all the instructions exactly.

Post fresh HJT, ComboFix, and AVG Antispyware logs as attachments into this thread, only after doing the above. Also post here the results of the AVG Antirootkit scan.

Regards :)

This thread is for the use of whiteraven only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our Security and the Web forum.
 
You should download AVG or Avast anti-virus (whichever you choose) and either ZoneAlarm, Comodo, or Sunbelt firewall (whichever you choose) to your hard drive (links HERE). Also download the Norton removal tool from HERE to your hard drive. Don't run any of these programs yet.

Then disconnect from the Internet.

Run the Norton removal tool, and wait until it's finished removing Norton.

Then install your preferred firewall, followed by your preferred anti-virus. Reboot the required number of times.

Then reconnect to the Internet. Update your anti-virus program and scan your computer.

Once that's all done, please run HJT and do a system scan. Place a check in the box next to the following entries (if there):

O2 - BHO: (no name) - {0555A1F4-80E4-4F28-A850-A1BAC3A3C3B1} - C:\WINDOWS\system32\tguvisqw.dll
O2 - BHO: (no name) - {938A8A03-A938-4019-B764-03FF8D167D79} - C:\WINDOWS\system32\ejgbhxtt.dll

O4 - HKLM\..\Run: [ctqbgngx.exe] C:\Documents and Settings\All Users\Application Data\ctqbgngx.exe
O4 - HKLM\..\Run: [avp] C:\WINDOWS\TEMP\win3181.tmp.exe
O4 - HKLM\..\Run: [smgr] mgrs.exe
O4 - HKLM\..\Run: [icq.com] rundll32.exe "C:\WINDOWS\system32\pfbnkjrs.dll",forkonce

O20 - Winlogon Notify: wingsa32 - C:\WINDOWS\SYSTEM32\wingsa32.dll

Click the Fix Checked button. Wait for the fixing to complete, then close HJT.

You need to configure AVG Anti-Spyware to apply the recommended action to all items found. See how HERE.

Please rerun HJT, ComboFix, and AVG Anti-Spyware and post their fresh logfiles.

Regards :)

This thread is for the use of whiteraven only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our Security and the Web forum.
 
Status
Not open for further replies.
Back