cant get rid of virus!!!!

Status
Not open for further replies.
H

HebrewCossack

Beta member
Messages
1
It is a Trojen.Vundo. Its file is ssttr.dll and it wont DIE!!!! I have downloaded Spybot, Vundofix, FixVundo, and HiJackThis. I even have Nortan and that proved as helpful as a cripple horse. SO, here is the HijackThis log report...

Scan saved at 2:26:53 PM, on 3/2/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:..WINDOWS..System32..smss.exe
C:..WINDOWS..system32..csrss.exe
C:..WINDOWS..system32..winlogon.exe
C:..WINDOWS..system32..services.exe
C:..WINDOWS..system32..lsass.exe
C:..WINDOWS..system32..svchost.exe
C:..WINDOWS..system32..svchost.exe
C:..WINDOWS..System32..svchost.exe
C:..WINDOWS..system32..svchost.exe
C:..WINDOWS..system32..svchost.exe
C:..Program Files..Common Files..Symantec Shared..ccProxy.exe
C:..Program Files..Common Files..Symantec Shared..ccSetMgr.exe
C:..Program Files..Norton Internet Security..ISSVC.exe
C:..Program Files..Common Files..Symantec Shared..SNDSrvc.exe
C:..Program Files..Common Files..Symantec Shared..SPBBC..SPBBCSvc.exe
C:..Program Files..Common Files..Symantec Shared..ccEvtMgr.exe
C:..WINDOWS..system32..spoolsv.exe
C:..Program Files..Common Files..Apple..Mobile Device Support..bin..AppleMobileDeviceService.exe
C:..Program Files..Symantec..LiveUpdate..ALUSchedulerSvc.exe
C:..Program Files..Norton Internet Security..Norton AntiVirus..navapsvc.exe
C:..WINDOWS..system32..nvsvc32.exe
C:..Program Files..Common Files..Symantec Shared..CCPD-LC..symlcsvc.exe
C:..WINDOWS..System32..alg.exe
C:..WINDOWS..System32..svchost.exe
C:..Program Files..Google..GoogleToolbarNotifier..GoogleToolbarNotifier.exe
C:..WINDOWS..explorer.exe
C:..Program Files..Trend Micro..HijackThis..HijackThis.exe
C:..Documents and Settings..Owner..Desktop..VundoFix.exe

R0 - HKCU..Software..Microsoft..Internet Explorer..Main,Start Page = http://www.google.de/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:..Program Files..Adobe..Acrobat 5.0..Reader..ActiveX..AcroIEHelper.ocx
O2 - BHO: (no name) - {53E38CC0-5595-4484-912C-88B71C734E75} - C:..WINDOWS..system32..ssttr.dll
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:..Program Files..Common Files..Symantec Shared..AdBlocking..NISShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:..program files..google..googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:..Program Files..Google..GoogleToolbarNotifier..2.0.301.7164..swg.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:..Program Files..Norton Internet Security..Norton AntiVirus..NavShExt.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:..Program Files..Common Files..Symantec Shared..AdBlocking..NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:..Program Files..Norton Internet Security..Norton AntiVirus..NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:..program files..google..googletoolbar1.dll
O4 - HKLM......Run: [IgfxTray] C:..WINDOWS..system32..igfxtray.exe
O4 - HKLM......Run: [HotKeysCmds] C:..WINDOWS..system32..hkcmd.exe
O4 - HKLM......Run: [SoundMAXPnP] C:..Program Files..Analog Devices..Core..smax4pnp.exe
O4 - HKLM......Run: [ccApp] "C:..Program Files..Common Files..Symantec Shared..ccApp.exe"
O4 - HKLM......Run: [Symantec NetDriver Monitor] C:..PROGRA~1..SYMNET~1..SNDMon.exe /Consumer
O4 - HKLM......Run: [SunJavaUpdateSched] "C:..Program Files..Java..jre1.5.0_12..bin..jusched.exe"
O4 - HKLM......Run: [AceGain LiveUpdate] C:..Program Files..AceGain..LiveUpdate..LiveUpdate.exe
O4 - HKLM......Run: [BearShare] "C:..Program Files..BearShare..BearShare.exe" /pause
O4 - HKLM......Run: [QuickTime Task] "C:..Program Files..QuickTime..qttask.exe" -atboottime
O4 - HKLM......Run: [iTunesHelper] "C:..Program Files..iTunes..iTunesHelper.exe"
O4 - HKLM......Run: [NvCplDaemon] RUNDLL32.EXE C:..WINDOWS..system32..NvCpl.dll,NvStartup
O4 - HKLM......Run: [nwiz] nwiz.exe /install
O4 - HKLM......Run: [NvMediaCenter] RUNDLL32.EXE C:..WINDOWS..system32..NvMcTray.dll,NvTaskbarInit
O4 - HKLM......Run: [BMbb84dd45] Rundll32.exe "C:..WINDOWS..system32..mnhnjncn.dll",s
O4 - HKCU......Run: [MSMSGS] "C:..Program Files..Messenger..msmsgs.exe" /background
O4 - HKCU......Run: [swg] C:..Program Files..Google..GoogleToolbarNotifier..GoogleToolbarNotifier.exe
O4 - HKCU......Run: [Spanish] C:..Learn To Speak Russian Demo V3.2..Study Conversation.exe
O4 - HKCU......Run: [MySpaceIM] C:..Program Files..MySpace..IM..MySpaceIM.exe
O4 - HKCU......Run: [QdrModule12] "C:..Program Files..QdrModule..QdrModule12.exe"
O4 - HKCU......Run: [QdrPack12] "C:..Program Files..QdrPack..QdrPack12.exe"
O4 - HKUS..S-1-5-18......Run: [MySpaceIM] C:..Program Files..MySpace..IM..MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS...DEFAULT......Run: [MySpaceIM] C:..Program Files..MySpace..IM..MySpaceIM.exe (User 'Default user')
O4 - Global Startup: NETGEAR WG111v2 Smart Wizard.lnk = C:..Program Files..NETGEAR..WG111v2..WG111v2.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:..Program Files..Java..jre1.5.0_12..bin..ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:..Program Files..Java..jre1.5.0_12..bin..ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:..Program Files..Messenger..msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:..Program Files..Messenger..msmsgs.exe
O12 - Plugin for .spop: C:..Program Files..Internet Explorer..Plugins..NPDocBox.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/us/kavwebscan_unicode.cab
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packages/GSManager.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1005.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O20 - Winlogon Notify: ddcywur - ddcywur.dll (file missing)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:..Program Files..Common Files..Apple..Mobile Device Support..bin..AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:..Program Files..Symantec..LiveUpdate..ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:..Program Files..Common Files..Symantec Shared..ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:..Program Files..Common Files..Symantec Shared..ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:..Program Files..Common Files..Symantec Shared..ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:..Program Files..Common Files..Symantec Shared..ccSetMgr.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:..Program Files..Google..Common..Google Updater..GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:..Program Files..iPod..bin..iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:..Program Files..Norton Internet Security..ISSVC.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:..PROGRA~1..Symantec..LIVEUP~1..LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:..Program Files..Norton Internet Security..Norton AntiVirus..navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:..WINDOWS..system32..nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:..Program Files..Norton Internet Security..Norton AntiVirus..SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:..PROGRA~1..COMMON~1..SYMANT~1..SCRIPT~1..SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:..Program Files..Common Files..Symantec Shared..SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:..Program Files..Common Files..Symantec Shared..SPBBC..SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:..Program Files..Common Files..Symantec Shared..CCPD-LC..symlcsvc.exe

--
End of file - 8103 bytes
 
Get AVG or NOD32..... I've been using AVG And NOD32 (have 2 systems) and both haven't behaved odd sine day 1...

*Since...
 
Here's a prime exsample of some one pulling up a thread that's 3 years old. The OP posted just this one post and has not been back since.
 
Status
Not open for further replies.

Similar threads

XWrench3
hijack this scan
Replies
6
Views
2K
XWrench3
XWrench3
G
Computer slow and work in background
Replies
0
Views
2K
grecycle99
G
N
Laptop slowing down in function (internet and general apps)
Replies
1
Views
3K
Trotter
Trotter
M
computer suddenly slowed down.
Replies
0
Views
3K
mike3dp
M
N
Your computer appears to be correctly configured, but the device or resource (DNS server) is not responding"
Replies
0
Views
4K
nev
N
Back
Top Bottom