need help busting this virus !

Viruses and worms
1

Hi everybody,

it happens only once a year, but again, I’ve got a virus. It suddenly appeared while on Firefox, then a crash and anti-virus programs pop-ups. typical trojan stuff. I did a full safe mode scan with Avast home edition and then Ad-aware, found some stuff, but not all as I see. i did a boot scan too. I’m also attaching a Hihack this! file, I know this can help.

Any support in this is greatly appreciated, as always.

Thanks.

2

You are running NOD32. You would seem to be in the wrong place:

http://www.wilderssecurity.com/forumdisplay.php?s=02187e31c187e279092622a1eec6731f&f=88

:wink:

As you’re here, what you need to do is to run these scans:

VundoFix
SmitFraudFix

SUPERAntiSpyware Free
Malwarebytes’ Anti-Malware

When you have finished, scan for out-of-date and insecure software using Secunia Online Software Inspector (OSI) and update any vulnerable software: this will help to prevent future infections.

3
You are running NOD32. You would seem to be in the wrong place:

http://www.wilderssecurity.com/forumdisplay.php?s=02187e31c187e279092622a1eec6731f&f=88

:wink:

My mistake, you have NOD32 and avast! You need to remove NOD32.

http://www.betterantivirus.com/nod32-antivirus-faqs/faqs/c1095623943.html#1170455686

4

hey,

first, thanks for your time.

I did a full scan with all theses apps twice. once in windows, once in safe mode. I did found many things, but can’t be sure if i’m totally clean. Here’s an update on hijack report.

5

O20 - AppInit_DLLs: zyxbpp.dll,C:\WINDOWS\system32\talogevi.dll

This looks like Vundo and it’s still active. Update Malewarebytes and SuperAntiSpyware and scan again.

6

Hi mizu & FwF,

These hijackthis items were checked and found not to be infected:
smss.exe
winlogon.exe
services.exe
lsass.exe
ati2evxx.exe
svchost.exe
aawservice.exe
aswupdsv.exe
ashserv.exe
explorer.exe
spoolsv.exe
ashdisp.exe
linksys easylink advisor.exe
nmctxth.exe
prunnet.exe
msnmsgr.exe
atkkbservice.exe
adskscsrv.exe
memoptimizer.exe
mdnsresponder.exe
dcpflics.exe
srvany.exe
lssrvc.exe
ctfmon.exe
linksysupdater.exe
tabuserw.exe
raysat_3dsmax2009_32server.exe
raysat_3dsmax9_32server.exe
pnkbstra.exe
java.exe
mysqld.exe
tablet.exe
nmsrvc.exe
squeez~1.exe
wisptis.exe
iexplore.exe
wlloginproxy.exe
googleupdate.exe
hijackthis.exe
xfire.exe
squeezetray.exe
orbitmxt.dll
grab.html
grab.html
writerbrowserextension.dll
xpnetdiag.exe
msmsgs.exe
adobelmsvc.exe
applemobiledeviceservice.exe
ati2sgag.exe
ashmaisv.exe
ashwebsv.exe
ehttpsrv.exe
ekrn.exe
fnplicensingservice.exe
idrivert.exe
ipodservice.exe
licence manager esd.exe
nmindexingservice.exe
tuneupdefragservice.exe

pol