Hi, I tried searching the forums for answers before posting, but I just couldnt find anything that could compare.
So a few days ago I noticed that whenever I click a search engine link, I get redirected, and I could not visit most anti virus websites, and even if I could download an Anti-Virus, it would not run.
I then downloaded SuperAntiVirus and ran it in alternative mode, it cleaned up some stuff and I was able to visit anti virus websites (still cant run most anti-virus applications though, and websearches are still redirected. Firefox now runs more slowly as well.), so I download Avira (didnt do anything), Vipre (didnt do much), and Ad-Aware.
Ad-Aware finds a bunch of infected files and removes them, one of which is "Win32TrojanAgent2." This virus keeps coming back with EVERY Ad-Aware scan, even though Ad-Aware keeps deleting it, it is the only thing that keeps coming back.
I did everything, but I cannot get rid of it.
I realized that you guys usually ask for Hijack This logs, so heres mines... I cant run Mbam, so I couldnt give it sorry.
I took the "h" out of "http", and a "w" out of "www" so it would let me post this... Excuse me for that.
I hope you guys can help me, I would really appreciate it, as this thing is making me go crazy!
Thank you.
So a few days ago I noticed that whenever I click a search engine link, I get redirected, and I could not visit most anti virus websites, and even if I could download an Anti-Virus, it would not run.
I then downloaded SuperAntiVirus and ran it in alternative mode, it cleaned up some stuff and I was able to visit anti virus websites (still cant run most anti-virus applications though, and websearches are still redirected. Firefox now runs more slowly as well.), so I download Avira (didnt do anything), Vipre (didnt do much), and Ad-Aware.
Ad-Aware finds a bunch of infected files and removes them, one of which is "Win32TrojanAgent2." This virus keeps coming back with EVERY Ad-Aware scan, even though Ad-Aware keeps deleting it, it is the only thing that keeps coming back.
I did everything, but I cannot get rid of it.
I realized that you guys usually ask for Hijack This logs, so heres mines... I cant run Mbam, so I couldnt give it sorry.
I took the "h" out of "http", and a "w" out of "www" so it would let me post this... Excuse me for that.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:53:18, on 4/19/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Sunbelt Software\VIPRE\SBAMSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Sunbelt Software\VIPRE\SBAMTray.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\DOCUME~1\ALLUSE~1\MESSEN~1\Companion\Installs\cpn\yt.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\DOCUME~1\ALLUSE~1\MESSEN~1\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\DOCUME~1\ALLUSE~1\MESSEN~1\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SBAMTray] C:\Program Files\Sunbelt Software\VIPRE\SBAMTray.exe
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - ttp://ww.systemrequirementslab.com/srl_bin/sysreqlab_srl.cab
O16 - DPF: {5727FF4C-EF4E-4d96-A96C-03AD91910448} (System Requirements Lab) - ttp://ww.srtest.com/srl_bin/sysreqlab_ind.cab
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.112.79,85.255.112.213
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.79,85.255.112.213
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: VIPRE Antivirus + Antispyware (SBAMSvc) - Sunbelt Software - C:\Program Files\Sunbelt Software\VIPRE\SBAMSvc.exe
--
End of file - 3670 bytes
I hope you guys can help me, I would really appreciate it, as this thing is making me go crazy!
Thank you.