Download TrojanHunter Now
Free 30-day trial!
Latest TrojanHunter Version:
TrojanHunter 5.0
Order Now
License file delivered within minutes.
Welcome, Guest. Please Login or Register.
Jan 8th, 2009, 1:25pm
   Mischel Internet Security Forum
   TrojanHunter
   TrojanHunter Scanner (Moderators: Helena, Gavin_Coe, Magnus)
   Pls Help unable to install TrojanHunter		 « Previous topic | Next topic »
Pages: 1 2 3  4 Reply Reply  Notify of replies Notify of replies   Send Topic Send Topic   Print Print
   Author  Topic: Pls Help unable to install TrojanHunter  (Read 1336 times)
dreamy1
Newbie
*





   
Email

Posts: 27
Pls Help unable to install TrojanHunter
« on: Jul 12th, 2007, 5:03pm »		 Quote Quote  Modify Modify
I had Trojan Hunter a while ago but it expired and I uninstalled it.  I 'm trying to install it again but everytime I try to download it I'm getting a message saying..  
 
"The files are corrupted.  Please obtain a new copy of the program"
 
There are also icons on my desktop that I can't delete from the previous trials.  I get a message..  
 
"Cannot delete TrojanHunter setup.  It is being used by another person or program.  Close any programs that might be using the file and try again."
 
But there is nothing open because it was uninstalled.
 
There are two users on my computer, me and my bf could it be that it's still active on his profile?
   
I'm slightly computer illiterate so please be patient.  Thanks for your help.
IP Logged
siliconman01
Global Moderator
*****



Trojans! Chew 'em Up, Spit 'em Out...

   


Gender: male
 Posts: 5960
Re: Pls Help unable to install TrojanHunter
« Reply #1 on: Jul 12th, 2007, 11:33pm »		 Quote Quote  Modify Modify
Welcome to the forum dreamy1  Cheesy
 
If you look in the Control Panel, is TrojanHunter in the Add or Remove Programs?  If so, then you need to uninstall it using Add/Remove Programs.  BE SURE that THGuard is closed down before uninstalling.  (That is the light blue rectangular icon with the red handle spy glass in your lower right systray).
 
If there is no TrojanHunter in the Add/Remove Programs in the control panel:
 
-  Reboot your computer into SAFE MODE
 
-  Delete the TrojanHunter icons from your desktop.
 
-  Locate the TrojanHunter folder at C:\Program Files\TrojanHunter 4.x  (x = 5 or 6).  Delete the entire TrojanHunter 4.x folder.  If you have more than one TrojanHunter folder, delete them all.  
 
-  Reboot back into Normal Mode.  
 
Download the latest 4.7.932 version of TrojanHunter from  
 
http://www.misec.net/products/TrojanHunterSetup.exe  
 
Install the latest version.
 
IP Logged
______
TrojanHunter V5.0.962...No. 1 AT in my Book and on my Box!
dreamy1
Newbie
*





   
Email

Posts: 27
Re: Pls Help unable to install TrojanHunter
« Reply #2 on: Jul 13th, 2007, 8:10am »		 Quote Quote  Modify Modify
Thanks for your quick reply.
 
I checked and there is nothing in add/remove programs.  All the original folders were deleted yesterday.  I tried to delete the icons in safe mode but I still got the same error message.  I downloaded from the link you posted but I still got the same results  Angry
 
Do you have any other suggestions?  
 
IP Logged
siliconman01
Global Moderator
*****



Trojans! Chew 'em Up, Spit 'em Out...

   


Gender: male
 Posts: 5960
Re: Pls Help unable to install TrojanHunter
« Reply #3 on: Jul 13th, 2007, 8:22am »		 Quote Quote  Modify Modify
I just downloaded the setup file from the USA server and also from the European server.  When I run the setup files, they are not being detected as corrupt and install just fine.  Hmmmm.... Huh
 
What icons are you attempting to delete from your desktop?  What name do they have?  Also what Windows Operating System are you using?
 
Would you please download and install Hijackthis as per the link below.  Then run a scan with it and post the scan log back here.
 
http://www.misec.net/forum/board/FAQ/1163329424
« Last Edit: Jul 13th, 2007, 8:26am by siliconman01 » IP Logged
______
TrojanHunter V5.0.962...No. 1 AT in my Book and on my Box!
redwolfe_98
Veteran
*****





   
Email

Gender: male
 Posts: 560
Re: Pls Help unable to install TrojanHunter
« Reply #4 on: Jul 13th, 2007, 9:54am »		 Quote Quote  Modify Modify
you could look in "task manager" to see if "THGuard.exe" is running, and close it if it is..  
 
to open "task manager", just rightclick on the bar at the bottom of your screen and then, from the menu that pops up, select "task manager"..
 
also, if you can, see if THGuard is autostarting, in the "registry".. if it is, you need to remove that regkey..
 
here is a simple utility, "startup control panel", that you can use for removing the regkey from "startup", in the registry, if necessary:
 
http://www.mlin.net/files/StartupCPL_EXE.zip
 
here is the link for the webpage where the program can be downloaded, if you would rather download it from there.. download the "stand-alone" version:
 
http://www.mlin.net/StartupCPL.shtml
 
to run "startup control panel", just unzip the zipped file that you downloaded and then doubleclick the "startup.exe" file.. the program will just run by itself without anything being installed..  
 
if you do find a THGuard regkey in "startup", in the registry, after you have removed it, reboot.. then see if there are any TH files leftover in c/program files/TrojanHunter and delete them if there are any.. then try installing TH 4.7..
 
« Last Edit: Jul 13th, 2007, 11:02am by redwolfe_98 » IP Logged
dreamy1
Newbie
*





   
Email

Posts: 27
Re: Pls Help unable to install TrojanHunter
« Reply #5 on: Jul 13th, 2007, 7:20pm »		 Quote Quote  Modify Modify
siliconman01,
 
I'm using Firefox.  The icons say TrojanHunterSetup and TrojanHunterSetup(2)
 
I downloaded HijackThis but when I get to analyze this I get a message saying it encountered a problem and needs to close.   I know my computer is infected and has some trojans I just can't get rid of them.  None of the antivirus software is working.  
 
  Sad
 
I will uninstall Hijack this and try again and let you know.
redwolfe_98,
 
I tried what you suggested there is no TH anywhere  
 
Thanks so much for all your help
 
ETA
I uninstalled and reinstalled HijackThis I even tried it in safe mode but I'm still getting the same thing when I click the analyse this button.  It encountered a problem and closes.   Cry  Can I just hit save log?  Will that still help you?  I won't do anything until you reply.  Thanks
« Last Edit: Jul 13th, 2007, 8:02pm by dreamy1 » IP Logged
siliconman01
Global Moderator
*****



Trojans! Chew 'em Up, Spit 'em Out...

   


Gender: male
 Posts: 5960
Re: Pls Help unable to install TrojanHunter
« Reply #6 on: Jul 14th, 2007, 12:04am »		 Quote Quote  Modify Modify
Quote:
Can I just hit save log?  Will that still help you?

 
I suspect that it has not scanned anything before it abruptly closes.
 
It sounds to me like you have a really big nasty on your system.
 
Please see if you can do this.  
 
1.  Go to the link below and download the trial SuperAntispyware.
 
http://www.superantispyware.com
 
2.  Install SuperAntiSpyware.  Be sure to update to its latest rules.  
 
3.  Reboot into SAFE MODE
 
4.  Run SuperAntispyware and let it clean what it can.
 
5.  Reboot back into SAFE MODE.
 
6.  Post back here the cleaning log of SuperAntiSpyware.  
 
-  Also see if you can do a remote scan with BitDefender.
 
1.  You must use Internet Explorer to access the BitDefender remote scanner.  It requires that an ActiveX be downloaded and installed.  
 
http://www.bitdefender.com/scan8/ie.html
« Last Edit: Jul 14th, 2007, 12:30am by siliconman01 » IP Logged
______
TrojanHunter V5.0.962...No. 1 AT in my Book and on my Box!
dreamy1
Newbie
*





   
Email

Posts: 27
Re: Pls Help unable to install TrojanHunter
« Reply #7 on: Jul 14th, 2007, 12:01pm »		 Quote Quote  Modify Modify
I downloaded SuperAnti Spyware but was unable to get it working.  I got the same error that I didn't pay a lot of attention to before when I was trying to open the Trojan Hunter icons.
 
When I tried to open the SuperAnti Spyware I get the error message...
 
C://Documents and settings\...\SuperAntiSpyware.exe is not a valid Win32 application.
 
« Last Edit: Jul 14th, 2007, 12:08pm by dreamy1 » IP Logged
siliconman01
Global Moderator
*****



Trojans! Chew 'em Up, Spit 'em Out...

   


Gender: male
 Posts: 5960
Re: Pls Help unable to install TrojanHunter
« Reply #8 on: Jul 14th, 2007, 1:26pm »		 Quote Quote  Modify Modify
Are you signed on using an account that has full administrator privileges?  If not you need to be working with an account that is a full administrator.
 
Download the SuperAntiSpyware setup file again using Internet Explorer and see if you can install SuperAntiSpyware.  I'm starting to think that your FireFox may be corrupted.  
 
 
Quote:
-  Also see if you can do a remote scan with BitDefender.  
 
1.  You must use Internet Explorer to access the BitDefender remote scanner.  It requires that an ActiveX be downloaded and installed.    
 
http://www.bitdefender.com/scan8/ie.html

 
Have you tried doing the remote scan with BitDefender?
« Last Edit: Jul 14th, 2007, 1:46pm by siliconman01 » IP Logged
______
TrojanHunter V5.0.962...No. 1 AT in my Book and on my Box!
dreamy1
Newbie
*





   
Email

Posts: 27
Re: Pls Help unable to install TrojanHunter
« Reply #9 on: Jul 14th, 2007, 6:02pm »		 Quote Quote  Modify Modify
Thank you silicon,
 
I checked my profile and it shows computer administrator. I am downloading everything through internet explorer because when I do it through firefox it downloads everything to the desktop and that doesn't seem to be working.  
 
I'm in the process of running bit defender.  My connection is extremely slow now and I keep getting disconnected so it's taking a long time.  
 
Thanks for all your help I really appreciate it
 
 Smiley
IP Logged
dreamy1
Newbie
*





   
Email

Posts: 27
Re: Pls Help unable to install TrojanHunter
« Reply #10 on: Jul 14th, 2007, 7:46pm »		 Quote Quote  Modify Modify
Thank you silicon,
 
I checked my profile and it shows computer administrator. I am downloading everything through internet explorer because when I do it through firefox it downloads everything to the desktop and that doesn't seem to be working.  
 
I'm in the process of running bit defender.  My connection is extremely slow now and I keep getting disconnected so it's taking a long time.  
 
Thanks for all your help I really appreciate it
 
 Smiley
IP Logged
siliconman01
Global Moderator
*****



Trojans! Chew 'em Up, Spit 'em Out...

   


Gender: male
 Posts: 5960
Re: Pls Help unable to install TrojanHunter
« Reply #11 on: Jul 14th, 2007, 11:47pm »		 Quote Quote  Modify Modify
Okay, please let us know what Bit Defender detects and repairs.  It should have a log that you can post back here.
IP Logged
______
TrojanHunter V5.0.962...No. 1 AT in my Book and on my Box!
dreamy1
Newbie
*





   
Email

Posts: 27
Re: Pls Help unable to install TrojanHunter
« Reply #12 on: Jul 15th, 2007, 5:34pm »		 Quote Quote  Modify Modify
Here are the results from the scan
 
C:\Documents and Settings\Gina\My Documents\bitscan.html
IP Logged
dreamy1
Newbie
*





   
Email

Posts: 27
Re: Pls Help unable to install TrojanHunter
« Reply #13 on: Jul 15th, 2007, 9:47pm »		 Quote Quote  Modify Modify
I finally got Hijack this working from a different site here is the log not sure if it's different than the bit defender but here it is.
 
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 4:46:06 PM, on 7/16/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal
 
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ACS.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Anti-Malware\a2service.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Toshiba\Power Management\CeEPwrSvc.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\TOSHIBA\Power Management\CePMTray.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\EzButton\EzButton.EXE
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
c:\Toshiba\Ivp\Swupdate\swupdtmr.exe
C:\toshiba\ivp\ism\ivpsvmgr.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Lexmark 3300 Series\lxccmon.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Tensons\Download Accelerator Manager\Free Edition\dam.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\RAMASST.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\lxcccoms.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Documents and Settings\Gina\Desktop\Downloads\Programs\HiJackThis_v2.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://downloads.yahoo.com/internetexplorer/welcome.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Tensons.Application.DownloadAcceleratorManager.BHO - {00000003-1118-11da-8cd6-0800200c9888} - mscoree.dll (file missing)
O2 - BHO: ThunderIEHelper - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\system32\xunleibho_v14.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {2FD62EA1-C8D6-442B-84D0-1F38E2E72F65} - C:\WINDOWS\system32\awtsr.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {938A8A03-A938-4019-B764-03FF8D167D79} - C:\WINDOWS\system32\ctfogrwg.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {DC192567-65F9-4AB6-ADB7-E13575F81726} - C:\WINDOWS\system32\ljjijij.dll (file missing)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
O4 - HKLM\..\Run: [CeEPOWER] C:\Program Files\TOSHIBA\Power Management\CePMTray.exe
O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [EzButton] C:\Program Files\EzButton\EzButton.EXE
O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [Pinger] C:\TOSHIBA\IVP\ISM\pinger.exe /run
O4 - HKLM\..\Run: [Notebook Maximizer] C:\Program Files\Notebook Maximizer\maximizer_startup.exe
O4 - HKLM\..\Run: [IVPServiceMgr] C:\toshiba\ivp\ism\ivpsvmgr.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [lxccmon.exe] "C:\Program Files\Lexmark 3300 Series\lxccmon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [Download Accelerator Manager Free Edition] C:\Program Files\Tensons\Download Accelerator Manager\Free Edition\dam.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [LXCCCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [a-squared] "C:\Program Files\a-squared Anti-Malware\a2guard.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [icq.com] rundll32.exe "C:\WINDOWS\system32\iivhdboi.dll",forkonce
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Download with DAM - C:\Program Files\Tensons\Download Accelerator Manager\Free Edition\addUrl.htm
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.toshiba.com
O15 - Trusted Zone: *.amaena.com
O15 - Trusted Zone: *.errorprotector.com
O15 - Trusted Zone: *.errorsafe.com
O15 - Trusted Zone: *.systemdoctor.com
O15 - Trusted Zone: *.winantispyware.com
O15 - Trusted Zone: *.winantivirus.com
O15 - Trusted Zone: *.winfixer.com
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by129fd.bay129.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wu web_site.cab?1164935327576
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O20 - Winlogon Notify: awtsr - C:\WINDOWS\system32\awtsr.dll
O20 - Winlogon Notify: jkkkhii - jkkkhii.dll (file missing)
O20 - Winlogon Notify: ljjijij - ljjijij.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\ACS.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: CeEPwrSvc - COMPAL ELECTRONIC INC. - C:\Program Files\Toshiba\Power Management\CeEPwrSvc.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: lxcc_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcccoms.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Swupdtmr - Unknown owner - c:\Toshiba\Ivp\Swupdate\swupdtmr.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
 
--
End of file - 15030 bytes
IP Logged
siliconman01
Global Moderator
*****



Trojans! Chew 'em Up, Spit 'em Out...

   


Gender: male
 Posts: 5960
Re: Pls Help unable to install TrojanHunter
« Reply #14 on: Jul 16th, 2007, 1:59am »		 Quote Quote  Modify Modify
Okay!  Progress has been made.  Cheesy  You still have some nasty, nasty stuff on your system.  Let's proceed now to get rid of it.  You should print out these instructions so that you can follow them with your browser closed down.
 
1.  Go to the link below and follow the instructions to make all your files and folders visible.
 
http://www.misec.net/forum/board/FAQ/1139610900
 
2.  Close your browser.
 
3.  Go to the Control Panel and click on Internet Options.  
 
4.  On the General tab, delete all your temporary internet files and cookies.  Then close the Internet Options window.  At this point be sure all open windows are closed, including your browsers.
 
5.  Open Hijackthis but do not run a scan.
 
-  Click on Open the Misc Tools Section.
 
-  Click on Delete a file on reboot.  Windows Explorer should open.
 
-  Navigate to the following file and select it.  C:\WINDOWS\system32\awtsr.dll (Note:  We want HJT to delete the file named awtsr.dll.  To select it, just double click on the file awtsr.dll.)
 
-  When you select that file, HJT will ask you to restart your computer.  Select Restart Later.
 
6.  Now run a scan with Hijackthis.  
 
7.  When the scan is completed, place a check mark in the box next to each of the items below.  BE SURE that only the items below are check marked.  
 

O2 - BHO: Tensons.Application.DownloadAcceleratorManager.BHO - {00000003-1118-11da-8cd6-0800200c9888} - mscoree.dll (file missing)
 
O2 - BHO: (no name) - {2FD62EA1-C8D6-442B-84D0-1F38E2E72F65} - C:\WINDOWS\system32\awtsr.dll
 
O2 - BHO: (no name) - {DC192567-65F9-4AB6-ADB7-E13575F81726} - C:\WINDOWS\system32\ljjijij.dll (file missing)
 
C:\Program Files\Yahoo!\Common\yiesrvc.dll  
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)  
 
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)  
 
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
 
O15 - Trusted Zone: *.amaena.com  
 
O15 - Trusted Zone: *.errorprotector.com  
 
O15 - Trusted Zone: *.errorsafe.com  
 
O15 - Trusted Zone: *.systemdoctor.com
 
O15 - Trusted Zone: *.winantispyware.com
 
O15 - Trusted Zone: *.winantivirus.com  
 
O15 - Trusted Zone: *.winfixer.com
 
O20 - Winlogon Notify: awtsr - C:\WINDOWS\system32\awtsr.dll  
 
O20 - Winlogon Notify: jkkkhii - jkkkhii.dll (file missing)  
 
O20 - Winlogon Notify: ljjijij - ljjijij.dll (file missing)

 
8.  On the lower left of the HJT window, click on Fix Checked.  Confirm and let it Fix the items.
 
9.  Close Hijackthis.
 
10.  IMMEDIATELY reboot your computer.
 
11.  Run another HJT scan and post the new log back here.
 
Also, I suspect that your HOSTS file may be damaged.  Please do this:
 
1.  Navigate to the following folder named etc and open it.
 
C:\Windows\System32\Drivers\etc
 
2.  Locate the file named HOSTS.  It will have no extension....just the name HOSTS.
 
3.  Right click on HOSTS and open it with NOTEPAD.
 
4.  Delete all the entries currently in the HOSTS file.
 
5.  Make a new one line entry that is  
 
127.0.0.1 localhost
 
6.  Save the new HOSTS file and exit NOTEPAD.  
 
7.  Reboot your computer again.  
 
IP Logged
______
TrojanHunter V5.0.962...No. 1 AT in my Book and on my Box!
Pages: 1 2 3  4 Reply Reply  Notify of replies Notify of replies   Send Topic Send Topic   Print Print

« Previous topic | Next topic »
Search
Members
Login
Register