lesser-equity

Computer Juice Magazine
Go Back   Computer Juice > Computer Software > Virus, Spyware & Security
Reload this Page

Trojan

Register Site Spy Member List Donate Unanswered Posts Search Today's Posts Mark Forums Read Forum Rules



Reply
Page 1 of 3 1 23
 
Thread Tools
  #1  
Old 24th Oct 2008, 16:18
Member Group
  
Posts: 46
Default Trojan
I have a Trojan on my PC in the System32 files. I have AVG but just wondered how to get rid of it from AVG as when I click delete, I think it just deletes from the vault until the next scan when it's found again.
  #2  
Old 24th Oct 2008, 16:24
Donor Group
  
Posts: 2,145
Default Trojan
Seems like you will need to do more than just trying to delete with AVG, try taking a look at this thread.
__________________

My System: First OC

Processor(s):
Intel E2180 @ 2.85
Motherboard:
Gigabyte GA-P35-DS3L
RAM Memory:
2x1GB OCZ PC2-9200 reaper CL5
Graphics Card(s):
Gainward ATI 3850
Sound Card:
on board
Hard Drive(s):
Seagate Barracuda 7200.7 120GB
Optical Drive(s):
HITACHI DVD-ROM GD-2500
Case / PSU:
Corsair VX450
Cooling:
AC freezer7 Pro, 2x80mm, 1x90mm, 1x120mm
Network / Internet:
on board / supposedly 10Meg virgin cable
Monitor(s):
Viewsonic Vx922; Viewsonic VE702m
Operating System(s):
XP Home
  #3  
Old 25th Oct 2008, 04:17
Member Group
  
Posts: 46
Default Trojan
Ok, thank you. I will run HiJack This tomorrow :)
  #4  
Old 25th Oct 2008, 10:08
Moderator Group
  
Skill Level: Advanced
Posts: 6,744
Default Trojan
Please run all of the scans and post the logs. HijackThis usually isn't enough.
__________________
  #5  
Old 26th Oct 2008, 14:58
Member Group
  
Posts: 46
Default Trojan
I've ran SUPERAntiSpyware and got the log. I also ran AVG once more and it came up with six places that the Trojan has infected.

This is the SUPERAntiSpyware log:

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 10/26/2008 at 08:30 PM

Application Version : 4.21.1004

Core Rules Database Version : 3609
Trace Rules Database Version: 1595

Scan type : Complete Scan
Total Scan Time : 00:59:08

Memory items scanned : 430
Memory threats detected : 0
Registry items scanned : 4950
Registry threats detected : 0
File items scanned : 73876
File threats detected : 77

Trojan.Unknown Origin
C:\WINDOWS\mslagent\2_mslagent.dll
C:\WINDOWS\mslagent\mslagent.exe
C:\WINDOWS\mslagent\uninstall.exe
C:\WINDOWS\mslagent
C:\WINDOWS\system32\smp\msrc.exe
C:\WINDOWS\system32\smp

Adware.INetDelivery
C:\Program Files\Inet Delivery\inetdl.exe
C:\Program Files\Inet Delivery\intdel.exe
C:\Program Files\Inet Delivery
C:\Program Files\akl\akl.dll
C:\Program Files\akl\akl.exe
C:\Program Files\akl\uninstall.exe
C:\Program Files\akl\unsetup.exe
C:\Program Files\akl

Trojan.Fake-Drop/Gen
C:\WINDOWS\SYSTEM32\VBSYS2.DLL
C:\WINDOWS\SYSTEM32\AWTOOLB.DLL
C:\WINDOWS\SYSTEM32\SYSREQ.EXE
C:\WINDOWS\SYSTEM32\WINWGPX.EXE
C:\WINDOWS\SYSTEM32\BDN.COM
C:\WINDOWS\SYSTEM32\MSSECU.EXE
C:\WINDOWS\SYSTEM32\VCATCHPI.DLL
C:\WINDOWS\SYSTEM32\AKTTZN.EXE
C:\WINDOWS\SYSTEM32\WINSYSTEM.EXE
C:\WINDOWS\SYSTEM32\NEWSD32.EXE
C:\WINDOWS\SYSTEM32\EMESX.DLL
C:\WINDOWS\SYSTEM32\RUNDL1.EXE
C:\WINDOWS\SYSTEM32\ANTICIPATOR.DLL
C:\WINDOWS\SYSTEM32\THUN.DLL
C:\WINDOWS\SYSTEM32\THUN32.DLL
C:\WINDOWS\SYSTEM32\MSVCHOST.EXE
C:\WINDOWS\SYSTEM32\REGC64.DLL
C:\WINDOWS\SYSTEM32\REGM64.DLL
C:\WINDOWS\SYSTEM32\SSVCHOST.COM
C:\WINDOWS\SYSTEM32\SSVCHOST.EXE
C:\WINDOWS\SYSTEM32\TEMP#01.EXE
C:\WINDOWS\SYSTEM32\MSGP.EXE
C:\WINDOWS\SYSTEM32\MTR2.EXE
C:\WINDOWS\SYSTEM32\H@TKEYSH@@K.DLL
C:\WINDOWS\SYSTEM32\NETODE.EXE
C:\WINDOWS\SYSTEM32\MEDUP012.DLL
C:\WINDOWS\SYSTEM32\MEDUP020.DLL
C:\WINDOWS\SYSTEM32\SSURF022.DLL
C:\WINDOWS\SYSTEM32\MSNBHO.DLL
C:\WINDOWS\SYSTEM32\BSVA-EGIHSG52.EXE
C:\WINDOWS\SYSTEM32\PS1.EXE
C:\WINDOWS\SYSTEM32\HXIWLGPM.DAT
C:\WINDOWS\SYSTEM32\HXIWLGPM.EXE
C:\WINDOWS\SYSTEM32\TAACK.DAT
C:\WINDOWS\SYSTEM32\TAACK.EXE
C:\WINDOWS\SYSTEM32\MWIN32.EXE
C:\WINDOWS\SYSTEM32\VBIEWER.OCX
C:\WINDOWS\SYSTEM32\HOPROXY.DLL
C:\WINDOWS\SYSTEM32\WINLOGONPC.EXE
C:\WINDOWS\BDN.COM
C:\WINDOWS\MSSECU.EXE
C:\WINDOWS\WINSYSTEM.EXE
C:\WINDOWS\ITUNESMUSIC.EXE
C:\WINDOWS\A.BAT
C:\WINDOWS\BASE64.TMP
C:\WINDOWS\FVPROTECT.EXE
C:\WINDOWS\USERCONFIG9X.DLL
C:\WINDOWS\ZIP1.TMP
C:\WINDOWS\ZIP2.TMP
C:\WINDOWS\ZIP3.TMP
C:\WINDOWS\ZIPPED.TMP

Dpcproxy
C:\WINDOWS\SYSTEM32\DPCPROXY.EXE

Unclassified.Unknown Origin/System
C:\WINDOWS\SYSTEM32\PSOF1.EXE

Adware.Pacer D
C:\WINDOWS\SYSTEM32\PSOFT1.EXE

Trojan.Dluca-I
C:\WINDOWS\SYSTEM32\SNCNTR.EXE

Adware.Vundo-Variant/J
C:\WINDOWS\QRBGLTOS.DLL

Trojan.Net-MSV/VPS-Variant
C:\WINDOWS\GRFXBANOMOK.DLL

Adware.180solutions/Seekmo/Zango
C:\DOCUMENTS AND SETTINGS\GUEST\DESKTOP\SETUP.EXE

Adware.Tracking Cookie
C:\Documents and Settings\Guest\Cookies\guest@doubleclick[2].txt
C:\Documents and Settings\Guest\Cookies\guest@serving-sys[2].txt
C:\Documents and Settings\Guest\Cookies\guest@atdmt[2].txt
C:\Documents and Settings\Guest\Cookies\guest@tradedoubler[2].txt
C:\Documents and Settings\Guest\Cookies\guest@bs.serving-sys[2].txt
  #6  
Old 26th Oct 2008, 15:11
Member Group
  
Posts: 46
Default Trojan
MalwareByres Log:

Malwarebytes' Anti-Malware 1.30
Database version: 1324
Windows 5.1.2600 Service Pack 2

26/10/2008 23:09:02
mbam-log-2008-10-26 (23-09-02).txt

Scan type: Quick Scan
Objects scanned: 52045
Time elapsed: 4 minute(s), 36 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 1
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Documents and Settings\Guest\Local Settings\temp\ac8zt2 (Trojan.FakeAlert) ->

Quarantined and deleted successfully.

Files Infected:
C:\WINDOWS\egsf.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
  #7  
Old 26th Oct 2008, 16:27
Moderator Group
  
Skill Level: Advanced
Posts: 6,744
Default Trojan
Need the HijackThis log now
__________________
  #8  
Old 27th Oct 2008, 13:27
Member Group
  
Posts: 46
Default Trojan
Quote:
Originally Posted by jamesjon View Post
NOD32 is the best for trojan.
Care to expand?
  #9  
Old 27th Oct 2008, 13:35
Moderator Group
  
Skill Level: Advanced
Posts: 6,744
Default Trojan
Please just continue with posting the logs if you need help.
__________________
  #10  
Old 27th Oct 2008, 15:03
Member Group
  
Posts: 46
Default Trojan
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:01:07, on 27/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\Virgin Broadband\advisor\Broadbandadvisor.exe
C:\Program Files\TextBridge Pro Millennium\Bin\InstantAccess.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\sm56hlpr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\sistray.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Ulead Systems\Ulead Photo Express 3.0 SE\CalCheck.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Trust\Easy Webscan 19200\ScanPanel\ScnPanel.exe
C:\Program Files\FinePixViewerS\QuickDCF2.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\HijackThis\Analyse.exe.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: StumbleUpon Launcher - {145B29F4-A56B-4b90-BBAC-45784EBEBBB7} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\sw g.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: StumbleUpon Toolbar - {5093EB4C-3E93-40AB-9266-B607BA87BDC8} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [ntiMUI] C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [Broadbandadvisor.exe] "C:\Program Files\Virgin Broadband\advisor\Broadbandadvisor.exe" /AUTORUN
O4 - HKLM\..\Run: [InstantAccess] C:\Program Files\TextBridge Pro Millennium\Bin\InstantAccess.exe /h
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Comet Screensaver.lnk = C:\Program Files\Comet Screensaver\Comet Screensaver.exe
O4 - Startup: IMVU.lnk = C:\Program Files\IMVU\IMVUClient.exe
O4 - Startup: Accessories
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Ulead Photo Express 3.0 SE Calendar Checker.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 3.0 SE\CalCheck.exe
O4 - Global Startup: ScanPanel.lnk = C:\Program Files\Trust\Easy Webscan 19200\ScanPanel\ScnPanel.exe
O4 - Global Startup: Exif Launcher S.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: StumbleUpon PhotoBlog It! - res://StumbleUponIEBar.dll/blogimage
O9 - Extra button: StumbleUpon - {75C9223A-409A-4795-A3CA-08DE6B075B4B} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab56986.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary...n.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-GB/.../GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1177956484625
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab56986.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

--
End of file - 11086 bytes


I think the trojan(s) have came from my sister downloading games for her phone, I'm not sure, but they're infecting the restore now.

Please support this forum, donate towards our running costs.
Reply
Page 1 of 3 1 23

Similar Threads
Thread Thread Starter Forum Replies Last Post
TROJAN HORSE iana Virus, Spyware & Security 11 29th May 2008 00:40
Trojan Horse; Help!! Phil1706 Virus, Spyware & Security 4 17th Mar 2008 07:39
Anti-Trojan jfarr145 Virus, Spyware & Security 2 18th Jan 2008 00:12
Maybe trojan moyra Virus, Spyware & Security 5 8th Jan 2008 22:55
MSN Trojan mitchbeast Virus, Spyware & Security 9 20th Jun 2007 12:26

Tags
trojan

Bookmarks
Thread Tools



Arabic Bulgarian Chinese (Simplified) Chinese (Traditional) Croatian Czech Danish Dutch English Finnish French German Greek Hebrew Hungarian Italian Japanese Korean Norwegian Polish Portuguese Romanian Russian Serbian Slovak Spanish Swedish Thai Turkish

Copyright ©2006 - 2009 Computer Juice.
Contact - Sitemap - Tags - Privacy - Top

Powered by vBulletin® Copyright ©2000 - 2009 Jelsoft Enterprises Ltd. SEO by vBSEO ©2009, Crawlability, Inc.