Tech Support Forum - View Single Post

**amateur** · 12-11-2007, 02:09 PM

Hi,

You appear to be running two antivirus applications, i.e. AntiVir and Network Associates' VirusScan. Multiple antivirus programs won't give you extra protection, but, on the contrary, can bog down your system, interfere with each other, and may even cause crashes. I strongly recommend you remove one of them using the Add/Remove Programs in the Control Panel.

=====================================

I noticed that you are using LimeWire, which is a p2p file sharing program. I would like to warn you that the nature of P2P filesharing is so that even if one is using a "clean" program, many of the files downloaded from non-documented sources have the potential of being infected. So, regardless of whether one is using a "clean" program, one may still be prone to infection by malware because more than half of all files available for download from peer-to-peer networks have been deliberately infected with some form of malware. Also, by default, most P2P file sharing programs are configured to automatically launch at startup. They are also configured to allow other P2P users on the same network open access to a shared directory on your computer. However, this practice can make you vulnerable to data and identity theft. I recommend very strongly that you remove LimeWire too from your system via Add/Remove Programs in Control Panel.

=====================================

Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update.

Click Start>Run, type in appwiz.cpl and press Enter.
Remove all entries of Runtime Environment (J2SE or JRE) that are listed.
Now reboot your computer.
Download the latest version of Java Runtime Environment, and install it to your computer.

=====================================

Scan with HijackThis and put a checkmark against the following entries:

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
O2 - BHO: (no name) - {AC35F647-8DFF-4ACC-B429-FC1B1D572825} - C:\WINDOWS\system32\byvut.dll (file missing)
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe

Close all browsers/windows other than HijackThis and click on "fix checked".

=====================================

Download ComboFix from Here to your Desktop.

**Note: In the event you already have Combofix, please delete it from your desktop and download this new version . It is important that it is saved directly to your desktop**
--------------------------------------------------------------------

Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
Close any open browsers and make sure you are disconnected from the net. Unplug the cable if need be before running combofix.
WARNING: IF you have not already done so Combofix will disconnect your machine from the Internet when it starts
Please do not re-connect your machine back to the Internet until Combofix has completely finished.
Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing the scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
Remember to re enable the protection again afterwards before connecting to the net

--------------------------------------------------------------------

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.
Please post the "C:\ComboFix.txt" along with a new HijackThis log for further review

****Note: Do not mouseclick combofix's window while it's running. That may cause it to stall or freeze ****

*If there is no internet connection when Combofix has completely finished then restart your computer to restore back the connections.
******
=======================================

Restart your computer, scan with HijackThis again post the fresh log along with the ComboFix txt.

12-11-2007, 02:09 PM	#8 (permalink)
amateur Moderator, Analyst, Security Team ; Rangemaster, TSF Academy Join Date: Jun 2006 Location: USA Posts: 7,298 OS: XP SP3	Re: Unsure of virus type Hi, You appear to be running two antivirus applications, i.e. AntiVir and Network Associates' VirusScan. Multiple antivirus programs won't give you extra protection, but, on the contrary, can bog down your system, interfere with each other, and may even cause crashes. I strongly recommend you remove one of them using the Add/Remove Programs in the Control Panel. ===================================== I noticed that you are using LimeWire, which is a p2p file sharing program. I would like to warn you that the nature of P2P filesharing is so that even if one is using a "clean" program, many of the files downloaded from non-documented sources have the potential of being infected. So, regardless of whether one is using a "clean" program, one may still be prone to infection by malware because more than half of all files available for download from peer-to-peer networks have been deliberately infected with some form of malware. Also, by default, most P2P file sharing programs are configured to automatically launch at startup. They are also configured to allow other P2P users on the same network open access to a shared directory on your computer. However, this practice can make you vulnerable to data and identity theft. I recommend very strongly that you remove LimeWire too from your system via Add/Remove Programs in Control Panel. ===================================== Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update. Click Start>Run, type in appwiz.cpl and press Enter. Remove all entries of Runtime Environment (J2SE or JRE) that are listed. Now reboot your computer. Download the latest version of Java Runtime Environment, and install it to your computer. ===================================== Scan with HijackThis and put a checkmark against the following entries: R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb O2 - BHO: (no name) - {AC35F647-8DFF-4ACC-B429-FC1B1D572825} - C:\WINDOWS\system32\byvut.dll (file missing) O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe Close all browsers/windows other than HijackThis and click on "fix checked". ===================================== Download ComboFix from Here to your Desktop. Note: In the event you already have Combofix, please delete it from your desktop and download this new version . It is important that it is saved directly to your desktop -------------------------------------------------------------------- Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask. Close any open browsers and make sure you are disconnected from the net. Unplug the cable if need be before running combofix. WARNING: IF you have not already done so Combofix will disconnect your machine from the Internet when it starts Please do not re-connect your machine back to the Internet until Combofix has completely finished. Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing the scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results". Remember to re enable the protection again afterwards before connecting to the net -------------------------------------------------------------------- Double click on combofix.exe & follow the prompts. When finished, it will produce a report for you. Please post the "C:\ComboFix.txt" along with a new HijackThis log for further review **Note: Do not mouseclick combofix's window while it's running. That may cause it to stall or freeze ** If there is no internet connection when Combofix has completely finished then restart your computer to restore back the connections. *** ======================================= Restart your computer, scan with HijackThis again post the fresh log along with the ComboFix txt. __________________ My services are free. However, you can donate to TSF to help keep it running. Member of ASAP since 2005 Member of UNITE** since 2006