Solved: virus, tojan, and html thing

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

barncat

Thread Starter
Joined
Jan 11, 2005
Messages
253
avg found no viri......

avast set at maximum sensitivity found 2:
Matyas in -sys\Activescan\pav.sig, and

Kuang2 in -sys\ActiveScan\IMscan.dll ,,,

could not put these in "vault"..would get "RPC Server is unavailable. cannot process "c:\win\sys\activescan\pav.sig"file or -IMscan.dll...

Is activescan folder part of the "trend housecall"?
i couldn't find it.

Kapersk online would not work for me......

Panda online scan found and fixed 2 viri:gendel.A in -sys\gendel32.exe and TrjD in -\unzippid\hijackthis backup-20050104-212557....

Trend online scan found HTML ADVER.A which it could not fix, but said it was not dangerous.


Logfile of HijackThis v1.99.0
Scan saved at 5:10:36 PM, on 2/5/05
Platform: Windows 95 B (Win9x 4.00.1111)
MSIE: Internet Explorer v4.70 SP1 (4.70.0000.1155)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\LOGITECH\ITOUCH\ITOUCH.EXE
C:\WINDOWS\ptsnoop.exe
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\ANALOGX\COOKIEWALL\COOKIE.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\tapiexe.exe
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\NOTEPAD.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\HIJACKTHIS\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = {BROWSER_HOMEPAGE}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.earthlink.net/partner/more/msie/button/search.html
O3 - Toolbar: @msdxmLC.dll,[email protected],&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [zBrowser Launcher] C:\PROGRA~1\LOGITECH\ITOUCH\iTouch.exe
O4 - HKLM\..\Run: [CountrySelection] pctptt.exe
O4 - HKLM\..\Run: [PTSNOOP] ptsnoop.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {01FE8D0A-51AD-459B-B62B-85E135128B32} (DD_v4.DDv4) - http://www.drivershq.com/DD_v4.CAB
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab



THANKS FOR ANY SUGGESTIONS!.....
 

barncat

Thread Starter
Joined
Jan 11, 2005
Messages
253
thank you.....first scan was avg 7 w/ current update......it missed everything!

was surprized when avast started finding things, but suspected it was looking at another av program....is that what it did?
 
Joined
Mar 17, 2004
Messages
2,735
Hi Barncat It is quite possible as they are both installed on your system Shut one down completely and run the other and see if it comes up clean You should choose which one you like Update it and to be safe uninstall the other .

For a second opinion you can always run Housecall or Panda as well .
 

barncat

Thread Starter
Joined
Jan 11, 2005
Messages
253
Dust Sailor, thanks....interesting handle...what does it refer to?

i only have one av running at a time, though spybot may look for things...not sure what it is doing...it fights with excite when i try to look at my mail,,,and looses....still get popunders....

i suspect everything found by all av scans was a false positive except for the html thing and it may be too.......avast av was set on "high sensitivity", so i'll not do that again....thanks again.....
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Members online

Top