Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help > Resolved HJT Threads

User Tag List

[SOLVED] Virus/Trojan is blocking my Anti Virus,Need help :-(

This is a discussion on [SOLVED] Virus/Trojan is blocking my Anti Virus,Need help :-( within the Resolved HJT Threads forums, part of the Tech Support Forum category. Edit: add more detail Yesterday I tried format my computer for about 3 times but it's still here. This Virus/Trojan


 
 
Thread Tools Search this Thread
Old 08-03-2009, 06:17 PM   #1
Guest
 
Join Date: Aug 2009
Posts: 2
OS:



Edit: add more detail

Yesterday I tried format my computer for about 3 times but it's still here.

This Virus/Trojan is blocking my internet connection to every Anti Virus web site (eg.Avast! Bitdefender) and it also blocks my bitdefender update too.

Bitdefender found some virus but seems like can't do anything about it.

----------------------------------
[System]=]HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET001\SERVICES\COMSYSAPP\ImagePath=]C:\WINDOWS\SYSTEM32\DLLHOST.EXE Gen:[email protected] Infected
[System]=]HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET001\SERVICES\NETLOGON\DisplayName=]C:\WINDOWS\SYSTEM32\NET.EXE Gen:[email protected] Infected

-----------------------------------


I can access blocked anti virus web site in safemode,though


I'm sorry I can't do Gmer and zip attach.txt.The computer just denied to use winRAR or Zip,don't know why either.

----------------------------------------------------------------

DDS (Ver_09-07-30.01) - NTFSx86
Run by Administrator at 6:55:15.57 on Tue 08/04/2009
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_07
Microsoft Windows XP Professional 5.1.2600.3.874.66.1033.18.3007.2247 [GMT 7:00]

AV: BitDefender Antivirus *On-access scanning disabled* (Updated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
AV: avast! antivirus 4.8.1335 [VPS 090803-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: BitDefender Firewall *enabled* {4055920F-2E99-48A8-A270-4243D2B8F242}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\LClock\LClock.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\FolderSize\FolderSizeSvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\reader_s.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Administrator\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = about:blank
uInternet Connection Wizard,ShellNext = hxxp://www.bitdefender.com/scanner/online/free.html
mWinlogon: SfcDisable=-99 (0xffffff9d)
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
TB: BitDefender Toolbar: {381ffde8-2394-4f90-b10d-fc6124a40f8c} - c:\program files\bitdefender\bitdefender 2009\IEToolbar.dll
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [LClock] c:\program files\lclock\LClock.exe
uRun: [MsnMsgr] "c:\program files\windows live\messenger\MsnMsgr.Exe" /background
mRun: [29963] c:\windows\temp\VRT3.tmp.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [reader_s] c:\windows\system32\reader_s.exe
dRun: [reader_s] c:\documents and settings\administrator\reader_s.exe
dRunOnce: [xpdesc_1] rundll32 advpack.dll,LaunchINFSectionEx XProDesc.inf
dRunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
dRunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32
uPolicies-explorer: NoResolveTrack = 1 (0x1)
uPolicies-explorer: NoRecentDocsNetHood = 1 (0x1)
dPolicies-explorer: ForceClassicControlPanel = 1 (0x1)
dPolicies-explorer: NoResolveTrack = 1 (0x1)
dPolicies-explorer: NoSMHelp = 1 (0x1)
IE: {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\admini~1\applic~1\mozilla\firefox\profiles\5s49emv9.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?btnG=Google+Search&q=
FF - component: c:\documents and settings\administrator\application data\mozilla\firefox\profiles\5s49emv9.default\extensions\{463f6ca5-ee3c-4be1-b7e6-7fee11953374}\platform\winnt\components\FoxyTunes.dll
FF - component: c:\program files\mozilla firefox\components\FFComm.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}

============= SERVICES / DRIVERS ===============

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-8-3 114768]
R1 vcdrom;Virtual CD-ROM Device Driver;c:\program files\system\cpl bonus\vcdrom.sys [2009-8-3 8576]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-8-3 20560]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2009-8-3 138680]
R2 BDVEDISK;BDVEDISK;c:\program files\bitdefender\bitdefender 2009\BDVEDISK.sys [2008-9-4 82440]
R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2009-8-3 254040]
R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2009-8-3 352920]
R3 bdfm;BDFM;c:\windows\system32\drivers\bdfm.sys [2008-9-18 111112]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;c:\windows\system32\drivers\bdfndisf.sys [2008-10-17 104328]
S3 Arrakis3;BitDefender Arrakis Server;c:\program files\common files\bitdefender\bitdefender arrakis server\bin\Arrakis3.exe [2008-7-17 139264]

=============== Created Last 30 ================

2009-08-04 05:23 212,224 -------- c:\windows\system32\dllcache\ndis.sys
2009-08-04 05:21 55,808 a------- c:\documents and settings\administrator\reader_s.exe
2009-08-04 05:20 55,808 a------- c:\windows\system32\reader_s.exe
2009-08-04 04:37 52,864 a------- c:\windows\system32\drivers\DMusic.sys
2009-08-04 04:37 142,592 a------- c:\windows\system32\drivers\aec.sys
2009-08-04 04:37 7,552 a------- c:\windows\system32\drivers\MSKSSRV.sys
2009-08-04 04:37 5,376 a------- c:\windows\system32\drivers\MSPCLOCK.sys
2009-08-04 04:37 6,272 a------- c:\windows\system32\drivers\splitter.sys
2009-08-04 04:37 56,576 a------- c:\windows\system32\drivers\swmidi.sys
2009-08-04 04:37 2,944 a------- c:\windows\system32\drivers\drmkaud.sys
2009-08-04 04:37 4,992 a------- c:\windows\system32\drivers\MSPQM.sys
2009-08-04 04:37 83,072 a------- c:\windows\system32\drivers\wdmaud.sys
2009-08-04 04:37 172,416 a------- c:\windows\system32\drivers\kmixer.sys
2009-08-04 04:35 57,600 a------- c:\windows\system32\drivers\redbook.sys
2009-08-04 04:35 25,856 a------- c:\windows\system32\drivers\usbprint.sys
2009-08-04 04:33 74,240 a------- c:\windows\system32\usbui.dll
2009-08-04 04:32 <DIR> --d----- c:\program files\common files\ODBC
2009-08-04 04:32 <DIR> --d----- c:\program files\common files\SpeechEngines
2009-08-04 04:31 <DIR> --d--r-- c:\documents and settings\all users\Documents
2009-08-04 04:31 16,535 a----r-- c:\windows\SET8.tmp
2009-08-04 04:31 1,088,840 a----r-- c:\windows\SET4.tmp
2009-08-04 04:31 1,296,669 a----r-- c:\windows\SET3.tmp
2009-08-04 04:31 <DIR> --d----- c:\windows\system32\CatRoot2
2009-08-04 04:31 <DIR> --d----- c:\windows\system32\CatRoot
2009-08-04 04:31 76,688 a------- c:\windows\system32\drivers\jraid.sys
2009-08-04 04:31 105,856 a------- c:\windows\system32\drivers\Rtenicxp.sys
2009-08-04 04:30 5,810 a------- c:\windows\system32\drivers\ASACPI.sys
2009-08-04 04:30 <DIR> --d----- C:\Documents and Settings
2009-08-04 04:29 1,404 a------- c:\windows\system32\$winnt$.inf
2009-08-03 23:55 <DIR> --d----- c:\docume~1\admini~1\applic~1\Malwarebytes
2009-08-03 23:55 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-08-03 23:55 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-08-03 22:40 <DIR> --d----- c:\documents and settings\administrator\.housecall6.6
2009-08-03 22:13 <DIR> --d----- c:\program files\Creative
2009-08-03 22:09 <DIR> --d----- c:\docume~1\admini~1\applic~1\BitDefender
2009-08-03 22:08 <DIR> --d----- c:\program files\BitDefender
2009-08-03 22:08 <DIR> --d----- c:\docume~1\alluse~1\applic~1\BitDefender
2009-08-03 22:08 <DIR> --d----- c:\program files\Trend Micro
2009-08-03 22:08 <DIR> --d----- c:\program files\common files\BitDefender
2009-08-03 21:58 <DIR> --d----- c:\documents and settings\administrator\Contacts
2009-08-03 21:52 <DIR> --d----- c:\program files\MTN
2009-08-03 21:52 <DIR> --d----- c:\program files\USB Disk Security
2009-08-03 21:51 <DIR> --d----- c:\program files\FolderSize
2009-08-03 21:45 <DIR> --d----- c:\program files\Alky for Applications
2009-08-03 21:41 <DIR> --dsh--- c:\documents and settings\all users\DRM
2009-08-03 21:41 <DIR> --d-h--- c:\program files\WindowsUpdate
2009-08-03 21:41 <DIR> --d----- c:\program files\Online Services
2009-08-03 21:40 <DIR> --d----- c:\program files\common files\MSSoap
2009-08-03 21:39 <DIR> --d----- c:\program files\Windows Media Connect 2
2009-08-03 21:39 <DIR> --d----- c:\program files\Visual+
2009-08-03 21:39 <DIR> --d----- c:\program files\OCCT
2009-08-03 21:39 <DIR> --d----- c:\program files\LClock
2009-08-03 21:38 <DIR> --d----- c:\program files\System
2009-08-03 21:38 <DIR> --d----- c:\program files\Unlocker
2009-08-03 21:38 <DIR> --d----- c:\program files\Microsoft PowerToys
2009-08-03 21:38 <DIR> --d----- c:\program files\HashTab Shell Extension
2009-08-03 21:38 <DIR> --d----- c:\program files\MSN Gaming Zone
2009-08-03 21:38 <DIR> --d----- c:\program files\Windows NT

==================== Find3M ====================

2009-08-04 00:23 471,876 a------- C:\zip.exe
2009-08-04 00:23 19,286 a------- C:\cleanup.exe
2009-08-04 00:23 574 a------- C:\cleanup.bat
2009-08-04 00:23 0 a------- C:\backup.reg
2009-08-03 21:45 717,296 a------- c:\windows\system32\drivers\sptd.sys
2009-08-03 21:42 86,327 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2009-08-03 21:39 21,640 a------- c:\windows\system32\emptyregdb.dat
2009-07-13 13:36 38,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-07-13 13:36 19,096 a------- c:\windows\system32\drivers\mbam.sys

============= FINISH: 6:55:35.31 ===============

Thank you!

and this is HijackThis log.

-----------------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:11:19, on 4/8/2552
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20815)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\LClock\LClock.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\FolderSize\FolderSizeSvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\reader_s.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.bitdefender.com/scanner/online/free.html
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O4 - HKLM\..\Run: [29963] C:\WINDOWS\TEMP\VRT3.tmp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [reader_s] C:\WINDOWS\System32\reader_s.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LClock] C:\Program Files\LClock\LClock.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [LClock] C:\Program Files\LClock\LClock.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [xpdesc_1] rundll32 advpack.dll,LaunchINFSectionEx XProDesc.inf (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [xpdesc_1] rundll32 advpack.dll,LaunchINFSectionEx XProDesc.inf (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [reader_s] C:\Documents and Settings\Administrator\reader_s.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [xpdesc_1] rundll32 advpack.dll,LaunchINFSectionEx XProDesc.inf (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [reader_s] C:\Documents and Settings\Administrator\reader_s.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [xpdesc_1] rundll32 advpack.dll,LaunchINFSectionEx XProDesc.inf (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O13 - Gopher Prefix:
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - https://download.bitdefender.com/reso...an8/oscan8.cab
O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. https://www.bitdefender.com - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: COM+ System Application (COMSysApp) - Unknown owner - C:\WINDOWS\system32\dllhost.exe (file missing)
O23 - Service: Folder Size (FolderSize) - Brio - C:\Program Files\FolderSize\FolderSizeSvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: MS Software Shadow Copy Provider (SwPrv) - Unknown owner - C:\WINDOWS\system32\dllhost.exe (file missing)
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe

--
End of file - 6465 bytes
Attached Files
File Type: txt Attach.txt (3.8 KB, 41 views)
SilverXP is offline  
Sponsored Links
Advertisement
 
Old 08-05-2009, 05:42 PM   #2
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Hello and Welcome to TSF.

Please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

------------------------------------------------------

It appears that you have two antivirus programs installed and running, avast! and BitDefender. While this may seem like better protection, they can actually conflict with one another and cause system instability or even system hangs. Please choose one to keep and uninstall the other via Add or Remove Programs in your Control Panel.

------------------------------------------------------

Please go to: VirusTotal
  • On the page you'll find a Browse button.
  • Next to the Browse button you'll see a box to enter text.
  • Please copy/paste the following bolded text into the box:

    C:\WINDOWS\Explorer.EXE

  • Then click the Send File button just below.
  • This will scan the file. Please be patient.
  • If you get a message saying File has already been analysed: click Reanalyse file now
  • Once scanned, copy and paste the results in your next reply.
  • Please repeat for the following file:

    C:\WINDOWS\system32\userinit.exe
------------------------------------------------------
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 08-07-2009, 09:41 PM   #3
Guest
 
Join Date: Aug 2009
Posts: 2
OS:



I found out that I had reader_s and virut virus on my PC so yesterday I've already cleared all of .exe/.scr/.rar ,disinfected all of HTML applications by replace redirect iframe scripts in my PC and reinstall Windows.

I'm sorry that I take action without waiting for your instruction first,I'm a bit hurry to use this computer for my university projects :-(

Anyways,thank you for your instruction,I really appreciate it.
SilverXP is offline  
Sponsored Links
Advertisement
 
Old 08-07-2009, 10:09 PM   #4
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Thanks for letting us know.
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
 

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 01:43 PM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts