Free MMORPG Forums

acessxz

Here's my hijack this scan log


R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mail.yahoo.com/
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [pejifofiba] Rundll32.exe "disidaji.dll",s
O4 - HKLM\..\RunOnce: [Spybot - Search & Destroy] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswupdsv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus (avast! antivirus) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner (avast! mail scanner) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner (avast! web scanner) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Webroot Client Service (WRConsumerService) - Unknown owner - C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.ex e (file missing)



Need help deleting WebRoot, I still see it running in Task Manager(WRconsumerService.exe), but I can't run the uninstaller, it seems to be missing or already uninstalled. I tried deleting in Program Files, but the "files are in use" error popped up.

Also, Spybot S&D picked up some trojans, but they can't be removed. Could someone help me get rid of these files? Help appreciated.

__________________

Ronin

S&D is not a virus scanner.

Uninstall Spy-sweeper.

Decide what program you want to use that installs a permanent guard and stick with only ONE.

Do a proper complete scan with Avast, that includes everything.
Yes you need to wait until it's finished or it's not "finished".

That you picked more than one background scanner is likely linked that your pc became insecure and now is infected with a nasty *.dll hijack (Or by other behavior mistakes on the user-side).
Those you can't fix manually, so if you can only hope now that after doing scans with every virus scanner you get your hands on (scans, not installing those programs to run on your PC forever), you will have a chance of a 2/3 that your system is not infected with anything that tries to destroy your data.
That leaves you with probably one or 2 Trojans.

Play around with the viruses as long as you feel like it, but after that I personally would recommend cleaning out ALL data you have, as well as erasing or throwing away any kind of external backups completely and starting fresh with newly installing a fresh setup of a genuine windows OS.

If you really have the patience to try to get your system back on track somewhat (though it's a low chance of complete sucess), let any virus scan you use do a logfile and post the results here.
Also download clamwin and do a scan.
http://www.clamwin.com/

__________________