Malware or virus im unsure

[wee1man]

hi guys , i have an annoying problem with my browser every time i open an explorer page i get a security warning wanting to scan my computer , i am using windows explorer 7 , heres a hijack file if it helps and thankyou for your time


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:15:56 AM, on 1/22/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal


thanks guys

Moderator Edit:
Pasted Logs removed
Logs must be attached

thanks kimsland once again i hope this is right this time hijackthis and malwarebytes ...

 

[kimsland]

You're concerning me wee1man :suspiciou
If you have to resubmit again after this because of some other silly mistake, I think I'll re-check all your posts, as at this stage I thought you had already known all these basic things



-> No action taken on MBAM scan, for found issues

Download and Run Malwarebytes' Anti-Malware
Please download Malwarebytes' Anti-Malware to your desktop.

• Double-click mbam-setup.exe and follow the prompts to install the program.
• At the end, be sure a checkmark is placed next to:
  • Update Malwarebytes' Anti-Malware
  • Launch Malwarebytes' Anti-Malware
• Then click Finish.
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select Perform full scan, then click Scan.
• When the scan is complete, click OK, then Show Results to view the results.
• Be sure that everything is checked, and click Remove Selected. <========= Not Done

Please re-run Malwarebytes
Confirm updated (third tab)
Then do the above quoted message, but this time "Remove all found issues"

By the way, you will need to then restart, and run (and attach) a new HJT log

 

[wee1man]

logs attached

With this second scan , with update 3rd tab in the scan has come up clean, Previous to this scan i performed the threats were placed into Quarintine , as the checkboxs were all checked. please dont be angry with me

 

[kimsland]

Please remove Spybots S&D from Add\Remove Programs

Then scan with HJT again, and tick all of the following
Close your Internet Browser, and then select Fix all

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://hosting.conduit.com/Uninstall?toolbarid=&version=4.5.189.19&uid=
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKUS\S-1-5-19\..\Run: [gewuniruni] Rundll32.exe "C:\WINDOWS\system32\wisepale.dll",s (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [gewuniruni] Rundll32.exe "C:\WINDOWS\system32\wisepale.dll",s (User 'NETWORK SERVICE')
O20 - AppInit_DLLs: ntsyqw.dll

Download Combofix
Lots of info on its use h e r e
Direct download h e r e

Save it to a location that you can easily find later (in Safe Mode) ie directly to C drive

Restart your computer to Safe Mode (by repeatedly pressing F8 on your keyboard before Windows starts)
Log into your Administrator account
Locate the previously downloaded Combofix
Double click on it to run, answering any prompts along the way
Note: during Combofix scan (lasting up to 10mins) your Desktop and clock may reset (all normal)

Once Combofix has finished, save the log file to be attached to a new reply
Restart back to Normal mode, and attach the Combofix log

 

[wee1man]

thanks

hope this is right.

 

[kimsland]

hi guys , i have an annoying problem with my browser every time i open an explorer page i get a security warning wanting to scan my computer

This should be fixed now :grinthumb

Clear & Reset System Restore's Cache

Go to Start >> Run - type or copy/paste control sysdm.cpl,,4 and then press Enter
* Tick on the checkbox - Turn off System Restore on all drives
* Click Apply
Turn it back 'On' by unticking the same checkbox & click Apply, and then OK

Restart

Open your browser

 

[wee1man]

thanks kim and thanks for being understanding and patient .

 

[kimsland]

No probs
I'll wait patiently for your next thread one day