google results redirecting and anti virus xp 2008

Discussion in 'Windows - Virus and spyware problems' started by N7360, Sep 3, 2008.

  1. N7360

    N7360 Member

    Joined:
    Sep 3, 2008
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    11
    I've been having a major problem with this anti virus xp 2008 but I managed to get rid of it today. Now my google results are redirecting can anyone help? The virus was something called smitfaurd or something. I have windows defender, spy bot search and destroy, hijack this and some others. Spy bot comes up with altnet which has never caused a problem before and it keeps coming up with microsoft.windowsSecurityCenter.antivirusoverride.I've tried fixware out with no luck :/ Please help me take this out!






    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 23:45:04, on 03/09/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16705)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Apps\ActivBoard\nhksrv.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\libusbd-nt.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\system32\slserv.exe
    C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Internet Explorer\Iexplore.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LibUsb-Win32 - Daemon, Version 0.1.10.1 (libusbd) - http://libusb-win32.sourceforge.net - C:\WINDOWS\system32\libusbd-nt.exe
    O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Apps\ActivBoard\nhksrv.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
    O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - Unknown owner - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe (file missing)

    --
    End of file - 2984 bytes
     
    N7360, Sep 3, 2008
    #1
  2. cdavfrew

    cdavfrew Regular member

    Joined:
    May 19, 2008
    Messages:
    1,183
    Likes Received:
    0
    Trophy Points:
    46
    Hi N7360

    The problem you have with Spybot detecting something is not a big one. It is simply Spybot's opinion that a certain setting is not good, so it detects it. This is easily set later.

    However, I'm more interested in your malware problem. You said that it was Smitfraud? Have you run SmitfraudFix? If not, please follow the following instructions:

    1. Go here and download SmitfraudFix. Extract all the files to your desktop, it will create the folder SmitfraudFix.

    2. Restart your computer in Safe Mode. (Press F8 at boot, select "Safe Mode" and press Enter)

    3. Open the folder Smitfraudfix on your desktop and double-click on smitfraudfix.cmd. "Enter your Choice: (1,2,3,4,L,Q):" Select option 2. Wait for process to finish. (If prompted for: Registry cleaning - Do you want to clean the registry? Press Y, for Yes).

    4. It will check if your wininet.dll file is damaged, if so it will ask you to "Replace Infected File?" Press Y as Yes and press Enter.

    Please also give more information on how you removed Antivirus XP 2008.

    Best Regards :D
     
    cdavfrew, Sep 5, 2008
    #2

Share This Page