michalko Posted June 7, 2006 Report Share Posted June 7, 2006 Hi,my northon antivirus removed several trojans like Adware.Winprotect or Howiper (not sure with the name here), but I still suspect that there is certain kind of rootkit still active as the system behaves strangely - long time to log on, some programs won't start (like lavasoft adaware installation binary crashes immediately), had even problems with runnin fixwareout.. nevertheless... I got these logs from both hijackthis and fixwareout. If you find anything suspicious please let me know...thanks in advanceMichalewido identified these twoC:\WINDOWS\SYSTEM32\CSZXQ.EXE 51,249 2006-06-06 C:\WINDOWS\SYSTEM32\DMMOW.EXE 44,088 2004-08-04as trojans as well and removed them... strange that NAV did not raise any alarmreport.txthijackthis.log.txt Link to post Share on other sites
Steamhead Posted June 12, 2006 Report Share Posted June 12, 2006 Hello Michalko Sorry for the delay. I am currently reviewing your log. In the meantime would you please do a couple things for me.Please go HERE to run Panda's ActiveScanOnce you are on the Panda site click the Scan your PC buttonA new window will open...click the Check Now buttonEnter your CountryEnter your State/ProvinceEnter your e-mail address and click sendSelect either Home User or CompanyClick the big Scan Now buttonIf it wants to install an ActiveX component allow itIt will start downloading the files it requires for the scan (Note: It may take a couple of minutes)When download is complete, click on My Computer to start the scanWhen the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location. Post the contents of the ActiveScan reportI would also like to see an Uninstall list.Open HijackThis, click Config, click Misc ToolsClick "Open Uninstall Manager"Click "Save List" (generates uninstall_list.txt)Click Save, copy and paste the results in your next post.Please post the Panda log, the Uninstall List log, and a new HJT log when finished. Link to post Share on other sites
Matt Posted July 11, 2006 Report Share Posted July 11, 2006 Inactive topic...If you still need help on this problem, contact me or one of the Moderators to re-open this up.Topic closed. Link to post Share on other sites
Recommended Posts