re-installed XP still have virus

Computing.Net > Forums > Security and Virus > re-installed XP still have virus

Computer Problems? Computing.Net has over 1,000,000 posts about all things technology related! Over 90% answered within 24 hours! Click here to get for your free account now!

re-installed XP still have virus

Name: Andrew Chng
Date: September 21, 2004 at 03:22:52 Pacific
OS: XP
CPU/Ram: 256

Comment:

Hi, I recently re-installed my XP due to its many spware, malware, worm, etc...
But after that, I still find some of them in my system. How do I get rid of it? Especially spoolsvc.exe, and notifynotebook.
Below is my log from HiJackThis.
Thanks guys...

Logfile of HijackThis v1.98.2
Scan saved at 6:19:32 PM, on 9/21/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\winsysi.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\System32\inmwsktfi.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\MSN Apps\Updater\01.02.3000.1001\zh-sg\msnappau.exe
C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashmaisv.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\a2\a2guard.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\MSN Messenger\MsnMsgr.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\PROGRA~1\MOZILL~2\firefox.exe
C:\Program Files\Internet Explorer\IEXPLORE.exe
C:\Documents and Settings\Andrew\My Documents\Roo\Programs\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.miw.com.sg/Mindef/Epay/eps/login/miw_mindef_eps.jsp
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.02.3000.1001\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\zh-sg\msntb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\zh-sg\msntb.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.exe /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.exe C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [AME_CSA] rundll32 amecsa.cpl,RUN_DLL
O4 - HKLM\..\Run: [WindowsRegKeys update] winsysi.exe
O4 - HKLM\..\Run: [Win32 System Spool] spoolsvc.exe
O4 - HKLM\..\Run: [windowsupdate2] inmwsktfi.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.3000.1001\zh-sg\msnappau.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [ashMaiSv] C:\PROGRA~1\ALWILS~1\Avast4\ashmaisv.exe
O4 - HKLM\..\RunServices: [WindowsRegKeys update] winsysi.exe
O4 - HKLM\..\RunServices: [Win32 System Spool] spoolsvc.exe
O4 - HKLM\..\RunServices: [windowsupdate2] inmwsktfi.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [WindowsRegKeys update] winsysi.exe
O4 - HKCU\..\Run: [Win32 System Spool] spoolsvc.exe
O4 - HKCU\..\Run: [a²] "C:\Program Files\a2\a2guard.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.exe" /background
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{8A9A7D96-6520-49B7-B5DE-F87F22A9E8AF}: NameServer = 192.169.34.181 203.120.90.40

Report Offensive Message For Removal

Sponsored Link

Ads by Google

Response Number 1

Name: Mark.UK
Date: September 21, 2004 at 04:21:50 Pacific

Reply:

Follow the advice from the replies in this post:
http://www.computing.net/security/wwwboard/forum/13715.html
M

Report Offensive Follow Up For Removal

Response Number 2

Name: indigian
Date: September 21, 2004 at 09:42:07 Pacific

Reply:

I'm surprised your HJT log has been allowed to stay?
http://hijackthis.de/index.php?langselect=english
Tt Lanfire
nf7-s v2.0
XP-m 2500@210x11
SP 97
512mb pc3200
Jou Jye 550w psu
FX5600
WDCaviar 60gb
Seagate Barracuda 80gb
;~}

Report Offensive Follow Up For Removal

if you have ubuntu on windows xp still have viruses? i have two OS (XP & 2000 server)in my system.How can I remove partitions an how can we re install xp if we do not have the setup	I have two operating systems on my computer, xp home and xp pro. I want to format xp and still have virus fix compaq armada m300 re-install xp
See More

firewall attacks , advice...

Read this is you have Win...

Post Locked

This post is quite old and has been locked from receiving new replies. Please create a new posting instead.

Go to Security and Virus Forum Home

Sponsored links

Ads by Google

Results for: re-installed XP still have virus

Virus and Trojans Re-installing

Summary

www.computing.net/answers/security/virus-and-trojans-reinstalling/13749.html

Can't Log In to re-installe

Summary

www.computing.net/answers/security/cant-log-in-to-reinstalle/25268.html

XP will not start!

Summary

www.computing.net/answers/security/xp-will-not-start/25696.html

From the Geek Dictionary
GPU - A "Graphics Processing Unit" is the componant used to output a vi...

Ask a Question!

Weekly Poll
Do you think suing spammers will make any difference?

Poll Finishes In 7 Days.
Discuss in The Lounge
Poll History

Recent Posts
3 Operating Systems

unistall ie8

Ideas for Software?

If I have integrated graphics can I upgrade?

My Printer wont connect to a network.

All Awaiting Reply

Tom's News
A Single Text Message Can Cripple Your iPhone

Apple Shoots Down Obama's Hope

Japan Thinking of Making Quiet Hybrids Noisy

iPhone 3GS Jailbroken, Unlocked

Man Shoots Up Apple Store

More Tom's Guide News

Tom's Games
Redneck Olympics

Tasty Planet

More Tom's Games

Data Recovery

Manufacturer List | About Us | Advertising Info | Contact Us
The information on Computing.Net is the opinions of its users. Such opinions may not be accurate and they are to be used at your own risk. Computing.Net cannot verify the validity of the statements made on this site. Computing.Net and Computing.Net LLC hereby disclaim all responsibility and liability for the content of Computing.Net and its accuracy.
PLEASE READ THE FULL DISCLAIMER AND LEGAL TERMS BY CLICKING HERE