|
|
|
|
|||||
|
|
|
|
|
|
|||
| Welcome
to Tech Support Forum home to more then 136,000 problems solved. Issues
have included: Spyware, Malware, Virus Issues, Windows, Microsoft,
Linux, Networking, Security, Hardware, and Gaming Getting your
problem solved is as easy as: 1. Registering for a free account 2. Asking your question 3. Receiving an answer Registered members: * See fewer ads. * And much more..
|
| Want to know how to post a question? click here | Having problems with spyware and pop-ups? First Steps |
|
|||||||
| Internet Explorer Forum Internet Explorer Support. |
 |
|
|
LinkBack | Thread Tools |
10-10-2007, 04:36 PM
|
#1 (permalink) |
|
Registered User
Join Date: Oct 2007
Posts: 11
OS: xp
|
Explorer issues!! Trojan horses.. BHO.BMB, BHO.BLD, BHO.BMQ
Getting constant warnings regarding Trojan Horses in file ..\WINDOWS\system32\avifilep.dll
This also includes lack of files C:\WINDOWS\System32\NvCpl.dll and ..\NvMcTray.dll Other files uploaded simultaniously are cnbjmono.dll, cnbjmono.dll.bak, dsseca.dll, lbssl32.dll, libeay32.dll, cdtool.dll, wsil32.dll HIJACKTHIS LOG as follows Logfile of HijackThis v1.99.1 Scan saved at 16:39:52, on 2007-10-10 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SOUNDMAN.EXE C:\Program\DAEMON Tools\daemon.exe C:\Program\Grisoft\AVG7\avgamsvr.exe C:\Program\Grisoft\AVG7\avgupsvc.exe C:\Program\Grisoft\AVG7\avgemc.exe C:\Program\WinRAR\WinRAR.exe C:\DOCUME~1\Silent\LOKALA~1\Temp\Rar$EX00.609\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.se/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {23898304-25B7-4097-BE77-729CDC1918EC} - C:\WINDOWS\System32\avifilep.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: (no name) - {C246A7E5-35D3-42C7-8060-3620738802CC} - c:\windows\system32\cnbjmono.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AVG7_CC] C:\Program\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program\D-Tools\daemon.exe" -lang 1033 O4 - HKCU\..\Run: [msnmsgr] "C:\Program\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [WhenUSave] "C:\Program\Save\Save.exe" O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program\PartyGaming\PartyPoker\RunApp.exe O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program\PartyGaming\PartyPoker\RunApp.exe O20 - Winlogon Notify: pbipvssw - C:\WINDOWS\SYSTEM32\cnbjmono.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\Program\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\Program\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\Program\Grisoft\AVG7\avgemc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: ServiceLayer - Nokia. - C:\Program\PC Connectivity Solution\ServiceLayer.exe WHAT TO DO/ PLEASE HELP!! |
|
     
|
| Important Information |
|
Join the #1 Tech Support Forum Today - It's Totally Free!
TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free. Join TechSupportforum.com Today - Click Here |
|
10-10-2007, 09:07 PM
|
#2 (permalink) |
|
Registered User
Join Date: Dec 2005
Location: Arabia/winter = N.India/summer
Posts: 143
OS: XP
|
Re: Explorer issues!! Trojan horses.. BHO.BMB, BHO.BLD, BHO.BMQ
You might get faster help if you put "HJT Log" in your thread title, and post it in the HJT forum.
http://www.techsupportforum.com/secu...this-log-help/
__________________
dailyrotation.com>Daily Updated REFERENCE DESK>refdesk.com Last edited by sultan_emerr; 10-10-2007 at 09:10 PM. |
|
|
|
|
10-10-2007, 10:20 PM
|
#3 (permalink) |
|
Moderator, Microsoft Support
|
Re: Explorer issues!! Trojan horses.. BHO.BMB, BHO.BLD, BHO.BMQ
Hello and welcome to TSF
 ,Before posting your log in the HJT help section, please follow these steps: http://www.techsupportforum.com/secu...sting-log.html and post your logs in the link that sultan_emerr provided.
__________________
 |
|
|
|
|
| Thread Tools | |
|
|
