hi i was on my own pc last night and i went to dload from the site astalvista.box , after a second my search and destroy programm came up with the message computer infected or sumething like that .in a box it says reboot so i did ,the comp rebooted ta as far as windows is starting up ,and didnt go any further,plz help
u need to post Hjt log so we can see what's wrong with pc. http://forums.afterdawn.com/thread_view.cfm/263784 Do this instruction from step 3! We will fix then you're comp.
Yep, you can first try to scan with your av in safe mode as ddp said, but please post HjT-log after that.
i cant even start on safe mode as wen im booting up it gets to as far as windows is starting up ,but it just stays there doing nothing ,yet i can move my mouse about . ive tried all modes on startup,any ideas guys, and tnx for the replys
thank u for ure help i got back on it eventualy started in safe mode ,it was an infection in java vm,although i still cant get rid id of the infections as i dont have java in control panel,to delete the cache, igot this infection name and repair ere
Logfile of HijackThis v1.99.1 Scan saved at 20:47:50, on 04/12/2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\ISafe.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVTray.exe C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVRID.exe C:\Program Files\BroadJump\Client Foundation\CFD.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\HJT\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://radio-slut.org/ O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVTray.exe" O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVRID.exe" O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1133725941102 O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/virusinfo/webscan.cab O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\ISafe.exe O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe hope this is correct
Probably log is ok, strange that it looks clean 1.Do u have firewall? There's just no firewall in running processes. 2. Download ewido -> http://www.ewido.net/en/download/ Update, do complete system scan, remove all files that ewido find and post report here to analyse. 3. Update your windows. Get SP 2 -> http://windowsupdate.microsoft.com/ 4. U are using IE. I advise u to change into Firefox -> http://www.mozilla.com/firefox/ or Opera -> http://www.opera.com/
Not sure if anyone is seeing this thread but axell's advice saved me a bunch. I bought some new RAM and after installing it (coincidental), I could not get to login screen in xp pro SP2. I am a field engineer in IT and pride myself (does it go before fall?) on troubleshooting ability: I changed the power supply because I read that it's deterioration can slow things down; I blamed my new SATA drive (no viable reason) and because my Norton Antivirus Corp edition is always on, I did not in the least, suspect any viruses. In my favor, I have a copy of power quest desktop which can restore a drive to any state metal to metal and when I needed to reboot my PC, I had to use a 30 day old copy of my hard drive image. Long story short: I found this thread using google and downloaded the ewido prog and it found some ibm virus name that was f***g up my system. thanks dude, is the least I can say
