help with win32:trojan-gen??

cooper29 · 09-16-2009, 07:44 AM

Avast keeps finding an infection and i cant do anything with it. laptop running very slow.

DDS:

DDS (Ver_09-07-30.01) - NTFSx86
Run by xxx at 9:26:49.33 on Wed 09/16/2009
Internet Explorer: 6.0.2900.2180
Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.255.138 [GMT -4:00]

AV: avast! antivirus 4.8.1351 [VPS 090915-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\WINDOWS\system32\atievxx.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TRENDnet\TRENDnet TEW-421PC_TEW-423PI\WlanCU.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\xxx\Bureau\dds.pif

============== Pseudo HJT Report ===============

BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Programme d'aide de l'Assistant de connexion Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\fichiers communs\microsoft shared\windows live\WindowsLiveLogin.dll
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [yt8a] c:\windows\system32\yt8a.exe
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
StartupFolder: c:\docume~1\alluse~1\menudm~1\progra~1\dmarra~1\wirele~1.lnk - c:\program files\trendnet\trendnet tew-421pc_tew-423pi\WlanCU.exe
IE: E&xporter vers Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1245459437653
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\xxx\applic~1\mozilla\firefox\profiles\dupnf4ey.default\

============= SERVICES / DRIVERS ===============

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-6-19 114768]
R2 aawservice;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\aawservice.exe [2008-5-12 611664]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-6-19 20560]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2009-6-19 138680]
R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2009-6-19 254040]
R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2009-6-19 352920]
R3 maestro;Pilote audio ESS Maestro 3 (WDM);c:\windows\system32\drivers\es198x.sys [2009-6-19 174464]
R3 SjyPkt;SjyPkt;c:\windows\system32\drivers\SjyPkt.sys [2002-10-2 13532]
R3 WDHAALBA;WDHAALBAMiniPCI Winmodem;c:\windows\system32\drivers\WDHAALBA.sys [2009-6-19 701386]
S3 EL556ND5;Pilote de carte Ethernet MiniPCI 10/100 3Com;c:\windows\system32\drivers\EL556ND5.sys [2009-6-19 55999]

=============== Created Last 30 ================

2009-09-16 08:35 <DIR> --d----- c:\program files\Spybot - Search & Destroy
2009-09-16 08:35 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2009-09-16 08:18 <DIR> --d----- c:\program files\Lavasoft
2009-09-16 08:17 <DIR> --d----- c:\program files\fichiers communs\Wise Installation Wizard
2009-09-15 19:05 21,419 a------- c:\windows\system32\drivers\AegisP.sys
2009-09-15 19:04 <DIR> --d----- c:\windows\OPTIONS
2009-09-15 19:04 <DIR> --d----- c:\program files\TRENDnet
2009-09-15 19:02 <DIR> --d----- c:\program files\fichiers communs\InstallShield
2009-09-13 08:03 36,642 ---sh--- C:\yt8a.exe
2009-08-20 17:26 <DIR> --d----- C:\202cb1471798b0f722
2009-08-20 17:26 <DIR> --d----- c:\windows\ServicePackFiles

==================== Find3M ====================

2009-08-05 05:06 205,312 a------- c:\windows\system32\mswebdvd.dll
2009-07-17 14:56 58,880 a------- c:\windows\system32\atl.dll
2009-07-13 02:18 233,472 a------- c:\windows\system32\wmpdxm.dll
2009-06-26 12:18 663,552 a------- c:\windows\system32\wininet.dll
2009-06-26 12:18 81,920 a------- c:\windows\system32\ieencode.dll
2009-06-25 14:36 661,504 a------- c:\windows\system32\mqqm.dll
2009-06-25 14:36 527,360 a------- c:\windows\system32\mqutil.dll
2009-06-25 14:36 517,120 a------- c:\windows\system32\mqsnap.dll
2009-06-25 14:36 186,880 a------- c:\windows\system32\mqtrig.dll
2009-06-25 14:36 177,152 a------- c:\windows\system32\mqrt.dll
2009-06-25 14:36 123,392 a------- c:\windows\system32\mqrtdep.dll
2009-06-25 14:36 95,744 a------- c:\windows\system32\mqsec.dll
2009-06-25 14:36 48,640 a------- c:\windows\system32\mqupgrd.dll
2009-06-25 14:36 225,280 a------- c:\windows\system32\mqoa.dll
2009-06-25 14:36 138,240 a------- c:\windows\system32\mqad.dll
2009-06-25 14:36 47,104 a------- c:\windows\system32\mqdscli.dll
2009-06-25 14:36 16,896 a------- c:\windows\system32\mqise.dll
2009-06-25 04:44 731,136 a------- c:\windows\system32\lsasrv.dll
2009-06-25 04:44 168,448 a------- c:\windows\system32\schannel.dll
2009-06-25 04:44 133,632 a------- c:\windows\system32\msv1_0.dll
2009-06-25 04:44 59,392 a------- c:\windows\system32\wdigest.dll
2009-06-25 04:44 56,320 a------- c:\windows\system32\secur32.dll
2009-06-25 04:44 298,496 a------- c:\windows\system32\kerberos.dll
2009-06-22 07:49 117,248 a------- c:\windows\system32\mqtgsvc.exe
2009-06-22 07:49 19,968 a------- c:\windows\system32\mqbkup.exe
2009-06-22 07:49 4,608 a------- c:\windows\system32\mqsvc.exe
2009-06-20 00:45 368,314 a------- c:\windows\system32\perfh00C.dat
2009-06-20 00:45 49,054 a------- c:\windows\system32\perfc00C.dat
2009-06-19 13:01 86,331 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2009-06-19 11:47 21,892 a------- c:\windows\system32\emptyregdb.dat
2008-10-20 11:03 36,642 ---sh--- c:\windows\system32\yt8a.exe

============= FINISH: 9:27:14.22 ===============

cooper29 · 09-16-2009, 08:49 AM

While waiting a reply I have noticed on other sites that ppl with the same issue are told that this problems occurs with AVAST and told to uninstall it and use AVG....Is this something I should try?

cooper29 · 09-17-2009, 08:12 AM

Delete this thread pls....

09-16-2009, 08:49 AM	#2 (permalink)
cooper29 Registered User Join Date: Sep 2009 Posts: 11 OS: xp	Re: help with win32:trojan-gen?? While waiting a reply I have noticed on other sites that ppl with the same issue are told that this problems occurs with AVAST and told to uninstall it and use AVG....Is this something I should try?

09-17-2009, 08:12 AM	#3 (permalink)
cooper29 Registered User Join Date: Sep 2009 Posts: 11 OS: xp	Re: help with win32:trojan-gen?? Delete this thread pls....