IEXPLORER.EXE even when i'm not running internet explorer
- Thread starter DeZahid
- Start date
- Status
D
DelJo63
well there are some things that I would address; two types
A) bogus and B) unnecessary
B) C:\WINDOWS\System32\snmp.exe ; I don't have one on XP/home sp2 and
if a true MS product, you don't need it running --
SNMP (Simple Network Management Protocol). SNMP is used to perform remote administration of network hardware such as Routers and Hubs.
B) should be deleted
R1(3)
O2 - BHO: Windows Live Sign-in Helper
O2 - BHO: (no name)
O3 - Toolbar: &Google caused me all kinds of problems
O17 (two) entries
disable startup
O20 Winlogon Notify: igfxcui
A) real issues
O4 - (two of these!) HKLM\..\Run: [startkey] C:\WINDOWS\svchort.exe
O4 - HKLM\..\Run: [DRam prosessor] dll.exe
O4 - HKLM\..\RunServices: [DRam prosessor] dll.exe
A) bogus and B) unnecessary
B) C:\WINDOWS\System32\snmp.exe ; I don't have one on XP/home sp2 and
if a true MS product, you don't need it running --
SNMP (Simple Network Management Protocol). SNMP is used to perform remote administration of network hardware such as Routers and Hubs.
B) should be deleted
R1(3)
O2 - BHO: Windows Live Sign-in Helper
O2 - BHO: (no name)
O3 - Toolbar: &Google caused me all kinds of problems
O17 (two) entries
disable startup
O20 Winlogon Notify: igfxcui
A) real issues
O4 - (two of these!) HKLM\..\Run: [startkey] C:\WINDOWS\svchort.exe
O4 - HKLM\..\Run: [DRam prosessor] dll.exe
O4 - HKLM\..\RunServices: [DRam prosessor] dll.exe
tomrca
Posts: 924 +3
you have within your log, evidence of a worm "C:\Program Files\Network Monitor\netmon.exe"(MIMAIL-A WORM, W32/codbot-A backdoor) and Troj/Ciadoor-M and more i would suggest that you do go HERE follow all the instructions, then do another scan and post the hjt log, but you must first change the name of hjt! place hjt in it's own folder within my docs or programme files, there you MUST change the hjt to analyser 1991, as there are now bug that will hide from it.
when you post your log do it as an attachment. look at, additional options and attach files, you will find these below the reply box
when you post your log do it as an attachment. look at, additional options and attach files, you will find these below the reply box
howard_hopkinso
Posts: 21,238 +17
Hello and welcome to Techspot.
Your system is infected with a variety of nasties.
Very Important: Before deciding whether you should clean or reformat your system, go and read this thread HERE and decide what it is you want to do.
If after reading the above, you wish to clean your system, do the following.
Go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.
Post fresh HJT and AVG Antispyware logs as attachments into this thread, only after doing the above.
Regards Howard :wave: :wave:
This thread is for the use of DeZahid only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Your system is infected with a variety of nasties.
Very Important: Before deciding whether you should clean or reformat your system, go and read this thread HERE and decide what it is you want to do.
If after reading the above, you wish to clean your system, do the following.
Go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.
Post fresh HJT and AVG Antispyware logs as attachments into this thread, only after doing the above.
Regards Howard :wave: :wave:
This thread is for the use of DeZahid only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
- Status
Latest posts
-
Renewable energy sources are now used for a third of the world's electricity needs- scavengerspc replied
-
Understanding teen gaming: The positive, negative, and complex realities- Linoleum77 replied
