Please Help with Norton Problem/Virus found! [Resolved]

jimbo1406jimbo1406 Maine
edited August 2006 in Spyware & Virus Removal
I was on yahoo chat and accidentaly clicked a link and got assaulted by about 50 webcam popups. AVG found a virus i scanned and it didnt heal it. Any suggestions.



Logfile of HijackThis v1.99.1
Scan saved at 1:09:43 AM, on 8/13/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Common Files\AOL\1155364705\ee\AOLSoftware.exe
C:\Program Files\Messenger\msmsgs.exe
c:\program files\common files\aol\1155364705\ee\aim6.exe
C:\Program Files\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sherdog.com/
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1155364705\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\Common Files\AOL\Launch\AOLLaunch.exe" /d locale=en-US ee://aol/imApp
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1104625714295
O16 - DPF: {6F750200-1362-4815-A476-88533DE61D0C} (Ofoto Upload Manager Class) - http://www.ofoto.com/downloads/BUM/BUM_WIN_IE_1/axofupld.cab
O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} (TLIEFlashObj Class) - https://echat.us.dell.com/Media/VisitorChatENU/TLIEFlash.CAB
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {FA3662C3-B8E8-11D6-A667-0010B556D978} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/_media/dalaillama/ampx.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Comments

  • jimbo1406jimbo1406 Maine
    edited August 2006
    wow, i see that i cant get help now., thanx guys
  • jimbo1406jimbo1406 Maine
    edited August 2006
    you guys are wack!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
  • jimbo1406jimbo1406 Maine
    edited August 2006
    I recently fixed my pc with you guys help, but every time i startup my computer, i get a message that says norton does not support the repair feature, and it tells me to uninstall and reinstall? I'm not sure what it is telling me to uninstall. Do you guys know anything about this?
  • CrunchieCrunchie Mandurah. Western Australia. Member
    edited August 2006
    I would say it is asking you to uninstall Norton itself. May as well leave it off too IMO :).
  • jimbo1406jimbo1406 Maine
    edited August 2006
    Thank you, I am learning the hard way, that Norton sucks. I just fixed a laptop with you guys help, and I use AVG on that, I paid for Norton on my PC and to be honest it sucks. So should i just uninstall norton and download the free AVG?
  • jmoney3457jmoney3457 Maine
    edited August 2006
    jimbo1406 wrote:
    Thank you, I am learning the hard way, that Norton sucks. I just fixed a laptop with you guys help, and I use AVG on that, I paid for Norton on my PC and to be honest it sucks. So should i just uninstall norton and download the free AVG?
    yes jimbo I STRONGLY recommend AVG free over norton..norton use to be good back 5 or so years ago but now its just a bloated no-good crap antivirus that lets more viruses in than it catches and hogs system resources *RAM* so yes I recommend uninstall all of norton, reboot your computer then install AVG free but remember to uninstall all of norton before downloading/installing AVG as having 2 or more anti virus programs on the same PC is actually worse then having none at all for various reasons:)
    EDIT: heres link to AVG free incase you need it-->http://free.grisoft.com/freeweb.php/doc/avg-anti-virus-free/lng/us/tpl/v5
  • jmoney3457jmoney3457 Maine
    edited August 2006
    jimbo,i'm sorry you feel like your not getting helped by as you can see we deal with dozens upon dozens of HJT logs and malware problems a day,we're not intentionally going over your thread we do the best we can and in return I ask you to please not make rude comments like the above as we all are volunteers here and have lifes outside this forum and try the best we can so please be patient:)
    EDIT: I also have merged your other thread with this one as to not create confusion in helping you jimbo
  • jimbo1406jimbo1406 Maine
    edited August 2006
    I apologize. I was out of line you guys have been so helpful, and that is why i waited for you guys to repost. I'm gonna get rid of norton, and I have another project going on right now. So this one can be closed. Once again thank you for all of the help and i do apologize. I am gonna be posting a new log for my buddies piece of crap infested pc soon, right now i'm running adaware and so far it has found 572 objects!!!!!!!!!!!!!I'm gonna follow all of the steps, and then post and wait to see what the experts say, this is the worst i've seen, i think his dad has been on the free porn stuff lately, well thanx again!!!
  • jmoney3457jmoney3457 Maine
    edited August 2006
    closed @ op's request :)
This discussion has been closed.