trojan horse bho

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

jvik2

Thread Starter
Joined
Sep 3, 2006
Messages
93
I got a trojan horse virus that keeps poping up can you help get rid of it

thank you jer hijak posted

Logfile of HijackThis v1.99.1
Scan saved at 5:34:52 AM, on 2007-11-08
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\devldr32.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/home.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [a00c6822] rundll32.exe "C:\WINDOWS\System32\rchgkqow.dll",b
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: Aces Up! by pogo - http://game1.pogo.com/applet-6.5.0.45/aces/aces-ob-assets.cab
O16 - DPF: Ali Baba Slots TM by pogo - http://game1.pogo.com/applet-6.5.2.26/slots/alibaba-en_US.cab
O16 - DPF: Dice Derby by pogo - http://game1.pogo.com/applet-6.5.0.45/checkeredflag/checkeredflag-ob-assets.cab
O16 - DPF: Fortune Bingo by pogo - http://game1.pogo.com/applet-6.5.1.24/superbingo/superbingo-en_US.cab
O16 - DPF: Harvest Mania by pogo - http://game1.pogo.com/applet-6.5.0.45/harvest/harvest-ob-assets.cab
O16 - DPF: Jokers Wild Poker by pogo - http://game1.pogo.com/applet-6.5.2.26/videopoker2/jokerswild-en_US.cab
O16 - DPF: Jungle Gin by pogo - http://game1.pogo.com/applet-6.4.4.34/gin/gin-ob-assets.cab
O16 - DPF: Keno by pogo - http://game1.pogo.com/applet-6.5.3.37/keno/keno-en_US.cab
O16 - DPF: Lottso by pogo - http://game1.pogo.com/applet-6.5.3.37/lottso/lottso-en_US.cab
O16 - DPF: Mah Jong Garden by pogo - http://game1.pogo.com/applet-6.4.4.27/mahjong/mahjong-ob-assets.cab
O16 - DPF: Perfect Pair Solitaire by pogo - http://game1.pogo.com/applet-6.4.4.34/waterwheel/waterwheel-ob-assets.cab
O16 - DPF: Pop Fu by pogo - http://game1.pogo.com/applet-6.5.0.45/popfu/popfu-ob-assets.cab
O16 - DPF: Poppit by pogo - http://game1.pogo.com/applet-6.5.0.45/poppit2/poppit2-ob-assets.cab
O16 - DPF: Quick Quack by pogo - http://game1.pogo.com/applet-6.4.4.34/hotstreak/hotstreak-ob-assets.cab
O16 - DPF: Ride The Tide by pogo - http://game1.pogo.com/applet-6.4.4.34/ride/ride-ob-assets.cab
O16 - DPF: Video Poker by pogo - http://game1.pogo.com/applet-6.5.3.37/videopoker2/videopoker-en_US.cab
O16 - DPF: Wonderland Memories by pogo - http://game1.pogo.com/applet-6.5.2.26/memories/memories-en_US.cab
O16 - DPF: Word Whomp by pogo - http://game1.pogo.com/applet-6.5.3.37/wordwhomp2/whomp2-en_US.cab
O16 - DPF: Word Whomp Whackdown by pogo - http://game1.pogo.com/applet-6.5.3.37/whackdown/whackdown-en_US.cab
O16 - DPF: WordJong by pogo - http://game1.pogo.com/applet-6.4.4.34/wordjong/wordjong-ob-assets.cab
O16 - DPF: World Class Solitaire by pogo - http://game1.pogo.com/applet-6.4.4.34/worldclass/worldclass-ob-assets.cab
O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst20040510.cab
O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} - https://www-secure.symantec.com/techsupp/asa/ctrl/SymAData.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by10fd.bay10.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {9A57B18E-2F5D-11D5-8997-00104BD12D94} (compid Class) - http://support.gateway.com/support/serialharvest/gwCID.CAB
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} - http://www.symantec.com/techsupp/activedata/ActiveData.cab
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Members online

Top