Bullguard Antivirus Forum Download A Free Copy Of Bullguard Antivirus Software
Free Antivirus Forum - Learn about antivirus, firewalls and personal security Free Antivirus Forum - Learn about antivirus, firewalls and personal security
 HomeLog InRegisterCommunity CalendarSearch the ForumView The Member ListHelp
Infected by Trojan.Agent virtu
   
BullGuard Antivirus Forum > Virus Removal > Removal Help > Infected by Trojan.Agent virtu  
Forum Quick Jump
 
New Topic Post reply to : Infected by Trojan.Agent virtu Printable version of : Infected by Trojan.Agent virtu
[ << Previous Thread | Next Thread >> ]

deran
New Member


Date Joined Sep 2009
Total Posts : 12
  		   Posted 10-3-2009 2:07 (GMT +1)    Quote: Infected by Trojan.Agent virtuAlert an admin about: Infected by Trojan.Agent virtu
Hi,
 
My m/c got infected by trojan.Agent virtu...virus.
 
I ran SupperAntiSpyware and removed the Trojan and I need help removing what HijackThis recommends...I am listing HijackThis report below .please assist me on what to delete on this list.
 
=========================================
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:05:55 PM, on 10/3/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
D:\PROGRA~1\avgwdsvc.exe
D:\PROGRA~1\avgfws8.exe
I:\Program Files\jre6\bin\jqs.exe
D:\PROGRA~1\avgemc.exe
D:\PROGRA~1\avgam.exe
D:\PROGRA~1\avgrsx.exe
D:\PROGRA~1\avgnsx.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Conexant\Adsl\dslstat.exe
C:\Program Files\Conexant\Adsl\dslagent.exe
D:\ProgramFiles\avgcsrvx.exe
D:\PROGRA~1\avgtray.exe
I:\Program Files\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
I:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\wuauclt.exe
I:\Program Files\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
F2 - REG:system.ini: UserInit=C:\WINDOWS\SYSTEM32\Userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - D:\ProgramFiles\avgssie.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - D:\ProgramFiles\Toolbar\IEToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - I:\Program Files\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - I:\Program Files\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - D:\ProgramFiles\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [DSLSTATEXE] C:\Program Files\Conexant\Adsl\dslstat.exe icon
O4 - HKLM\..\Run: [DSLAGENTEXE] C:\Program Files\Conexant\Adsl\dslagent.exe
O4 - HKLM\..\Run: [AVG8_TRAY] D:\PROGRA~1\avgtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "I:\Program Files\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] I:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O8 - Extra context menu item: + Offline &Explorer: Download the link - file://I:\Program Files\Offline Explorer\Add_UrlO.htm
O8 - Extra context menu item: + Offline E&xplorer: Download the current page - file://I:\Program Files\Offline Explorer\Add_AllO.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - D:\ProgramFiles\avgpp.dll
O20 - Winlogon Notify: !SASWinLogon - I:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Apache2.2 - Apache Software Foundation - I:\Program Files\Apache Software Foundation\Apache2.2\bin\httpd.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - D:\PROGRA~1\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - D:\PROGRA~1\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - D:\PROGRA~1\avgfws8.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - I:\Program Files\jre6\bin\jqs.exe
O23 - Service: MySQL51 - Unknown owner - I:\Program.exe (file missing)
--
End of file - 4788 bytes
 
 
Thanks in advance
deran.
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 16739
  		   Posted 10-4-2009 6:35 (GMT +1)    Quote: Infected by Trojan.Agent virtuAlert an admin about: Infected by Trojan.Agent virtu
Hello deran  smile
 
 
We need to get a more comprehensive report of what is present in your system.
Please download DDS: http://download.bleepingcomputer.com/sUBs/dds.scr
 
 to your Desktop and doubleclick on DDs.scr to run it.
If your security software includes script blocking features, please disable these before you run this utility.

When the scan has finished, two logs will open.
Copy and paste both reports in this topic.
 
The logs will be reasonably large so you may have to divide them into sections and make several posts to post them.


Do NOT post your problem in someone elses thread.
A non-profit, volunteer network.

Back to Top
 
New Topic Post reply to : Infected by Trojan.Agent virtu Printable version of : Infected by Trojan.Agent virtu
 
Forum Information
Currently it is Saturday, March 13, 2010 5:05 PM (GMT +1)
There are a total of 76.163 posts in 17.593 threads.
In the last 3 days there were 6 new threads and 63 reply posts. View Active Threads
Who's Online
This forum has 31125 registered members. Please welcome our newest member, keith45.
35 Guest(s), 1 Registered Member(s) are currently online.  Details
markusg
5 Latest Threads
Firewall bullguard 9 (0)13-03-2010 15:57:33 (knoestigeknoert)
Redirect Virus (27)13-03-2010 15:49:46 (markusg)
How to remove a redirect virus that also stops my Antivirus for updating (5)13-03-2010 15:11:01 (markusg)
I suspect ad-divert virus; HiJackThis! log included (9)13-03-2010 10:34:40 (markusg)
Blue Screen on Windows Vista x32 (5)12-03-2010 17:06:01 (markusg)


Need Support? Write to: | Forum Help Manual

Download free trial version of Bullguard