my pc has got partition tables (C:\ and D:\). Recently, they were both
affected.
The virus was found first in D:\ and swept through to other drives.
The infected drive was D:\WINDOWS\System32\SSLDyn.dll
It was found to be Trojan horse PSW.OnlineGames.K and can repeat
itself once it was deleted.
Other viruses entry found in AVG free edition scan are:
Trojan horse PSW.OnlineGames. WZB
Trojan horse PSW.OnlineGames.XAN
Trojan horse PSW.OnlineGames.XAO
Trojan horse PSW.OnlineGames.WZC
Trojan horse PSW.OnlineGames.WYS
Trojan horse PSW.OnlineGames.WUJ
Trojan horse.Legendmir.JAX
Trojan horse Generic.ABVW
Trojan horse PSW.Agent.RBM
etc...
The Hijackthis report shows the following log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:48:37 p.m., on 17/12/2007
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
D:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
D:\WINDOWS\System32\svchost.exe
D:\PROGRA~1\MOZILL~1\FIREFOX.EXE
D:\Program Files\NJStar Communicator\NJCOM32.EXE
D:\Program Files\NJStar Communicator\NJSIME.EXE
D:\Documents and Settings\Administrator\Desktop\hijackthis.exe
D:\Program Files\Grisoft\AVG Free\avgcc.exe
O4 - HKLM\..\Run: [mppds] D:\WINDOWS\mppds.exe
O4 - HKLM\..\Run: [cmdbcs] D:\WINDOWS\cmdbcs.exe
O4 - HKLM\..\Run: [msccrt] D:\WINDOWS\msccrt.exe
O4 - HKLM\..\Run: [SSLDyn] D:\WINDOWS\SSLDyn.exe
O4 - HKLM\..\Run: [LotusHlp] D:\WINDOWS\LotusHlp.exe
O4 - HKLM\..\Run: [Kvsc3] D:\WINDOWS\Kvsc3.exE
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o.
- D:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - D:
\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: F1AB436F - Unknown owner - D:\WINDOWS
\System32\59858B88.EXE
--
End of file - 1439 bytes
+++++++++++++++++++
I have tried everything I can include: delete infected files from safe
mode (F
. The file reproduced itself after deleting.
Also, I have tried to delete files from AVG scan, but they just keep
on reproducing...
The other thing I did was to press "fix problem" from hijackthis
report for all the log entries, but it would not help. I even did try
to radically delete all the files that was produced on the day the pc
was infected, but trojan horse virus actually stopped me from
searching several times, so I gave up.
I have been doing this for almost 10 hours. I am dehydrated and nearly
passed out (at the blink of calling ambulance)....what should I do
now...
Please help me.....
:skull: :skull: :skull:
FAQ
Profile
Private Messages
Log in
