[Trojan] Win32.EggDrop-AE And Win32:PoeBot

Author	All Replies
unhg join:2002-05-03 Cleveland, OH edit: April 7th, @08:32PM	[Trojan] Win32.EggDrop-AE And Win32:PoeBot My avast detect both of these but avast keeps popping back up reporting the problem again after i supposely deleted it from avast. Spybot didn't detect anything at all. All updated too. HJ Log Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 8:30:49 PM, on 4/7/2008 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Boot mode: Normal Running processes: C:\WINDOWS\NEW\System32\smss.exe C:\WINDOWS\NEW\system32\csrss.exe C:\WINDOWS\NEW\system32\winlogon.exe C:\WINDOWS\NEW\system32\services.exe C:\WINDOWS\NEW\system32\lsass.exe C:\WINDOWS\NEW\system32\svchost.exe C:\WINDOWS\NEW\System32\svchost.exe C:\WINDOWS\NEW\System32\svchost.exe C:\WINDOWS\NEW\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\NEW\system32\spoolsv.exe C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\WINDOWS\NEW\Explorer.EXE C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Analog Devices\SoundMAX\PmProxy.exe C:\WINDOWS\NEW\System32\hkcmd.exe C:\WINDOWS\NEW\TPPALDR.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\NEW\System32\ctfmon.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\NEW\system32\ZoneLabs\vsmon.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Trillian\trillian.exe C:\Program Files\Alwil Software\Avast4\ashSimp2.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\WINDOWS\NEW\System32\wbem\wmiprvse.exe O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Documents and Settings\ecoli2\Desktop\Freshman paper\Patch\IDMIECC.dll (file missing) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\NEW\System32\msdxm.ocx O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe O4 - HKLM\..\Run: [PmProxy] C:\Program Files\Analog Devices\SoundMAX\PmProxy.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\NEW\System32\hkcmd.exe O4 - HKLM\..\Run: [TPP Auto Loader] C:\WINDOWS\NEW\TPPALDR.EXE O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\NEW\System32\igfxtray.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\NEW\System32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\NEW\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\NEW\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\NEW\System32\ctfmon.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: Download All Links with IDM - C:\Documents and Settings\ecoli2\Desktop\Freshman paper\Patch\IEGetAll.htm O8 - Extra context menu item: Download with IDM - C:\Documents and Settings\ecoli2\Desktop\Freshman paper\Patch\IEExt.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\NEW\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\NEW\web\related.htm O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\NEW\system32\ZoneLabs\vsmon.exe -- End of file - 4690 bytes
	to forum · permalink · · 2008-04-07 20:07:10 ·
unhg join:2002-05-03 Cleveland, OH edit: April 8th, @01:00AM	»img221.imageshack.us/my.php?imag···pqd5.png A pic i took from Avast. Install AVG too and this is a screen from that »img91.imageshack.us/my.php?image=avgsj8.png I still have this backdrop virus even tho both detects it.
	to forum · permalink · · 2008-04-07 20:08:38 ·
bcastner Premium,MVM join:2002-09-25 Chevy Chase, MD clubs: ·Verizon Online DSL edit: April 9th, @08:07PM	reply to unhg You have XP without any Service Packs, and without any security updates. This is in the main why you become infected. It also explains why your posts in several security Forums about this computer have been ignored. Most of your infection is using security loopholes long closed by keeping XP up to date. In addition, at least one of your infections is a file injector, as seen in your AVAST screenshot. Format all drives and reinstall XP clean. No other cleanup step should be considered. It is time to flatten and reinstall the Operating System. When done, Enable the firewall; install an Antivirus program, update the antivirus program. Then head to Windows Update and install at least Service Pack 2 -- or given the timing of matters, the Release Candidate of Service Pack 3. Install every update offered that is listed as "Critical". -- ============ MS-MVP 2004 - -2008, ASAP Member *Users Helping Users*
	to forum · permalink · · 2008-04-09 20:04:26 ·
unhg join:2002-05-03 Cleveland, OH	I have 3 weeks left before i can good home. My laptop has to last me until i can transfer off some of my files before i can wipe out my OS.
unhg join:2002-05-03 Cleveland, OH	to forum · permalink · · 2008-04-11 02:20:07 ·


Sunday, 18-May 03:52:43	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact 8th year online! © 1999-2008 dslreports.com.republican-creole page compression OFF