iworm_attck_v122. o2a

Computing.Net > Forums > Windows 2000 > iworm_attck_v122. o2a

Original Message

Name: anj
Date: June 25, 2006 at 10:20:00 Pacific
Subject: iworm_attck_v122. o2a
OS: Windows 2000
CPU/Ram: don't know?
Model/Manufacturer: dell?

Comment:

Yeah I've got this apparently. I keep getting alerts in the bottom. They were different yesterday. When I opened Internet Explorer it would have which says "C:\WINNT\system32\shdoclc.dll/navcancl.htm"
and redirects to a malware removasl page.
I have tried:
- Ad-aware
- Microsoft Defender
- Microsoft Anti-Spyware
- Hijack This
- Symantec anti-virus client.
- Microsoft malware removal
and while I have found stuff, the problem persists. This is my Hijack this log:
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\CTSvcCDA.EXE
C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\hidserv.exe
C:\WINNT\system32\mgabg.exe
C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\wanmpsvc.exe
C:\Program Files\Verizon Online\WinPoET\WrOS.EXE
C:\WINNT\system32\MsPMSPSv.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\dcomcfg.exe
C:\WINNT\system32\atmclk.exe
C:\WINNT\system32\spool\drivers\w32x86\3\hpztsb07.exe
C:\Program Files\Verizon Online\WinPoET\winpppoverethernet.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
C:\WINNT\system32\CTHELPER.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\AIM95\aim.exe
C:\Program Files\Creative Professional\E-MU PatchMix DSP\EmuPatchMixDSP.exe
C:\WINNT\system32\ZoneLabs\vsmon.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\HiJackThis\HijackThis.exe
O2 - BHO: (no name) - {5f4c3d09-b3b9-4f88-aa82-31332fee1c08} - C:\WINNT\system32\hp100.tmp
O4 - HKCU\..\Run: [AIM (R)] C:\Program Files\AIM95\aim.exe -cnetwait.odl
O9 - Extra button: AIM (R) (HKLM)
thanks.

Report Offensive Message For Removal

Response Number 1

Name: don2006
Date: June 25, 2006 at 12:58:20 Pacific

Reply: (edit)

I hate symantec but they have a good web site. Look on their web site for removal instructions. If that doesn't help. Go into the registry yourself and the startup as well.
O2 - BHO: (no name) - {5f4c3d09-b3b9-4f88-aa82-31332fee1c08} -
That's the first thing that has to go.
regedit
HKLM
software
microsoft
windows
currentversion
run
A lot of stuff hides in there. The same w/ HKCU
If you know where viruses hide, you can remove them yourself sometimes. After you're done, uninstall symantec.

Report Offensive Follow Up For Removal


Virus problem: iworm_attck_v122.02a

Office 2000 .msi

Printing pro by laser jet...

Use following form to reply to current message:

Name: From My Computing.Net Settings E-Mail: From My Computing.Net Settings Subject: iworm_attck_v122. o2a

Comments:

  Homepage URL (*): 
Homepage Title (*): 
         Image URL:

Have you ever used OpenOffice?

Poll Finishes In 5 Days.
Discuss in The Lounge

memory upgrade

scene by scene

I CANNOT ACCESS FOLDER ON THe SERV

system restore and search problem

use of disk defragmenter?

All Posts Awaiting Replies