mIRC Home    About    Download    Register    News    Help

Print Thread
peerbot trojan #159499 18/09/06 01:08 AM
Joined: Aug 2006
Posts: 9
M
moofster Offline OP
Nutrimatic drinks dispenser
OP Offline
Nutrimatic drinks dispenser
M
Joined: Aug 2006
Posts: 9
i was told to use hijackthis.exe and save a log to post on a forum site so that is what i did. Can ne1 help me with this?

this is what i was told

<dreppy> there is a rbot/peerbot trojan on this computer addres
<dreppy> address
<dreppy> clean this computer to keep from getting glined
<dreppy> http://localhost.nl/~prysm/hijackthis.exe will get you a list of processes on your computer
<dreppy> look for the line that shows shell=explorer.exe virus-file.exe to find the name of the 'virus-file.exe


this is the log

Logfile of HijackThis v1.99.1
Scan saved at 6:58:16 PM, on 9/17/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\mIRC\download\Spy Sweeper\WRSSSDK.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\msdhcp.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\msdhcp.exe
C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\Trend Micro\Internet Security 12\TMAS_OE\TMAS_OEMon.exe
C:\PROGRA~1\MUSICM~1\MUSICM~3\MMDiag.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
C:\Program Files\Spyware Doctor\swdoctor.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\mIRC\mirc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Tyler\Local Settings\Temporary Internet Files\Content.IE5\S3FVI0P1\hijackthis[1].exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.myspace.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com
F2 - REG:system.ini: Shell=Explorer.exe msdhcp.exe
O1 - Hosts: 7.218.6.167 avp.com
O1 - Hosts: 49.47.47.215 ca.com
O1 - Hosts: 238.244.175.33 customer.symantec.com
O1 - Hosts: 141.203.198.8 dispatch.mcafee.com
O1 - Hosts: 60.58.16.199 download.mcafee.com
O1 - Hosts: 60.176.175.95 downloads1.kaspersky-labs.com
O1 - Hosts: 3.155.45.140 downloads2.kaspersky-labs.com
O1 - Hosts: 215.204.209.239 downloads3.kaspersky-labs.com
O1 - Hosts: 169.202.64.207 downloads4.kaspersky-labs.com
O1 - Hosts: 33.99.154.161 downloads-eu1.kaspersky-labs.com
O1 - Hosts: 63.24.102.218 downloads-eu2.kaspersky-labs.com
O1 - Hosts: 122.42.144.51 downloads-eu3.kaspersky-labs.com
O1 - Hosts: 168.233.165.87 downloads-eu4.kaspersky-labs.com
O1 - Hosts: 60.143.68.180 downloads-us1.kaspersky-labs.com
O1 - Hosts: 18.62.65.93 downloads-us2.kaspersky-labs.com
O1 - Hosts: 213.252.141.169 downloads-us3.kaspersky-labs.com
O1 - Hosts: 192.59.95.24 downloads-us4.kaspersky-labs.com
O1 - Hosts: 187.183.151.164 f-secure.com
O1 - Hosts: 160.84.124.239 ftp.avp.com
O1 - Hosts: 40.195.183.137 ftp.ca.com
O1 - Hosts: 183.250.175.197 ftp.customer.symantec.com
O1 - Hosts: 172.103.165.73 ftp.dispatch.mcafee.com
O1 - Hosts: 84.223.66.201 ftp.download.mcafee.com
O1 - Hosts: 148.174.235.61 ftp.downloads1.kaspersky-labs.com
O1 - Hosts: 29.200.142.211 ftp.downloads2.kaspersky-labs.com
O1 - Hosts: 144.135.58.142 ftp.downloads3.kaspersky-labs.com
O1 - Hosts: 233.239.185.209 ftp.downloads4.kaspersky-labs.com
O1 - Hosts: 58.237.3.171 ftp.downloads-eu1.kaspersky-labs.com
O1 - Hosts: 99.250.52.201 ftp.downloads-eu2.kaspersky-labs.com
O1 - Hosts: 230.38.102.203 ftp.downloads-eu3.kaspersky-labs.com
O1 - Hosts: 134.245.19.102 ftp.downloads-eu4.kaspersky-labs.com
O1 - Hosts: 193.6.233.140 ftp.downloads-us1.kaspersky-labs.com
O1 - Hosts: 228.238.174.21 ftp.downloads-us2.kaspersky-labs.com
O1 - Hosts: 193.80.144.16 ftp.downloads-us3.kaspersky-labs.com
O1 - Hosts: 194.16.28.182 ftp.downloads-us4.kaspersky-labs.com
O1 - Hosts: 234.31.42.57 ftp.f-secure.com
O1 - Hosts: 124.89.237.88 ftp.grisoft.com
O1 - Hosts: 87.219.9.113 ftp.kaspersky.com
O1 - Hosts: 62.91.75.138 ftp.kaspersky-labs.com
O1 - Hosts: 159.207.123.123 ftp.liveupdate.symantec.com
O1 - Hosts: 143.146.212.56 ftp.liveupdate.symantecliveupdate.com
O1 - Hosts: 9.55.151.95 ftp.mast.mcafee.com
O1 - Hosts: 43.65.212.24 ftp.mcafee.com
O1 - Hosts: 4.115.87.92 ftp.my-etrust.com
O1 - Hosts: 36.106.202.172 ftp.nai.com
O1 - Hosts: 254.189.137.240 ftp.networkassociates.com
O1 - Hosts: 99.76.55.82 ftp.norton.com
O1 - Hosts: 5.247.133.243 ftp.rads.mcafee.com
O1 - Hosts: 106.119.200.214 ftp.sandbox.norman.com
O1 - Hosts: 48.130.67.181 ftp.secure.nai.com
O1 - Hosts: 115.241.202.181 ftp.securityresponse.symantec.com
O1 - Hosts: 231.171.172.187 ftp.sophos.com
O1 - Hosts: 81.230.109.72 ftp.symantec.com
O1 - Hosts: 243.164.82.6 ftp.symantecliveupdate.com
O1 - Hosts: 175.233.213.29 ftp.symatec.com
O1 - Hosts: 219.144.226.223 ftp.trendmicro.com
O1 - Hosts: 22.202.135.85 ftp.uk.trendmicro-europe.com
O1 - Hosts: 22.156.249.81 ftp.update.symantec.com
O1 - Hosts: 193.246.150.143 ftp.updates.symantec.com
O1 - Hosts: 137.43.188.137 ftp.updates1.kaspersky-labs.com
O1 - Hosts: 207.107.44.106 ftp.updates2.kaspersky-labs.com
O1 - Hosts: 96.141.197.111 ftp.updates3.kaspersky-labs.com
O1 - Hosts: 54.58.90.16 ftp.updates4.kaspersky-labs.com
O1 - Hosts: 162.80.96.50 ftp.us.mcafee.com
O1 - Hosts: 7.153.193.87 ftp.viruslist.com
O1 - Hosts: 174.21.24.242 grisoft.com
O1 - Hosts: 16.133.134.110 kaspersky.com
O1 - Hosts: 114.249.17.246 kaspersky-labs.com
O1 - Hosts: 189.247.18.30 liveupdate.symantec.com
O1 - Hosts: 254.25.57.114 liveupdate.symantecliveupdate.com
O1 - Hosts: 88.39.172.20 mast.mcafee.com
O1 - Hosts: 108.17.65.223 mcafee.com
O1 - Hosts: 6.85.219.69 my-etrust.com
O1 - Hosts: 129.157.106.224 nai.com
O1 - Hosts: 44.186.27.90 networkassociates.com
O1 - Hosts: 188.68.36.185 norton.com
O1 - Hosts: 142.114.221.170 pandasoftware.com
O1 - Hosts: 163.141.243.86 rads.mcafee.com
O1 - Hosts: 78.124.104.211 sandbox.norman.com
O1 - Hosts: 93.80.59.95 secure.nai.com
O1 - Hosts: 176.213.109.205 securityresponse.symantec.com
O1 - Hosts: 40.14.181.100 sophos.com
O1 - Hosts: 55.21.137.161 symantec.com
O1 - Hosts: 155.216.102.142 symantecliveupdate.com
O1 - Hosts: 7.160.1.35 symatec.com
O1 - Hosts: 178.81.181.229 trendmicro.com
O1 - Hosts: 36.236.220.64 uk.trendmicro-europe.com
O1 - Hosts: 49.48.118.175 update.symantec.com
O1 - Hosts: 246.213.196.225 updates.symantec.com
O1 - Hosts: 212.224.49.76 updates1.kaspersky-labs.com
O1 - Hosts: 167.121.60.87 updates2.kaspersky-labs.com
O1 - Hosts: 81.172.187.177 updates3.kaspersky-labs.com
O1 - Hosts: 195.48.163.215 updates4.kaspersky-labs.com
O1 - Hosts: 36.114.45.241 us.mcafee.com
O1 - Hosts: 58.14.13.13 viruslist.com
O1 - Hosts: 55.246.148.208 virusscan.jotti.org
O1 - Hosts: 158.114.96.53 virustotal.com
O1 - Hosts: 72.54.6.105 www.avp.com
O1 - Hosts: 198.173.81.209 www.ca.com
O1 - Hosts: 54.87.125.231 www.customer.symantec.com
O1 - Hosts: 51.178.31.224 www.dispatch.mcafee.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O2 - BHO: GoogleAFE - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\GoogleAFE\GoogleAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "c:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~3\mimboot.exe
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Microsoft HDCP for NT] msdhcp.exe
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
O4 - HKLM\..\RunServices: [Microsoft HDCP for NT] msdhcp.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [OE_OEM] "C:\Program Files\Trend Micro\Internet Security 12\TMAS_OE\TMAS_OEMon.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Microsoft HDCP for NT] msdhcp.exe
O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\RunServices: [Microsoft HDCP for NT] msdhcp.exe
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab46479.cab
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (ZoneBuddy Class) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab32846.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10/ZPAChat.cab32846.cab
O16 - DPF: {95B5D20C-BD31-4489-8ABF-F8C8BE748463} (ZPA_HRTZ Object) - http://zone.msn.com/bingame/zpagames/zpa_hrtz.cab40641.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (StadiumProxy Class) - http://zone.msn.com/binframework/v10/StProxy.cab41227.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{642568FF-1B0F-42F3-B376-AF87C4971AE0}: NameServer = 192.168.2.1
O18 - Filter: text/html - (no CLSID) - (no file)
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\mIRC\download\Spy Sweeper\WRSSSDK.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe

Re: peerbot trojan #159500 18/09/06 01:51 AM
Joined: Aug 2004
Posts: 7,252
R
RusselB Offline
Hoopy frood
Offline
Hoopy frood
R
Joined: Aug 2004
Posts: 7,252
The file that's being detected as a trojan is msdhcp.exe

You should ensure that your anti-virus is up-to-date, and check that file and any others that came with it. I don't recognize the file, so I have no idea where you got it from. If you can identify which program it is associated with, you should check with the authors of that program and see if they have an update available.

Re: peerbot trojan #159501 18/09/06 01:57 AM
Joined: Mar 2004
Posts: 210
F
FNar Offline
Fjord artisan
Offline
Fjord artisan
F
Joined: Mar 2004
Posts: 210
Or post it where you were told to post it - the hijackthis support forum on which you were told to run hijackthis.

Re: peerbot trojan #159502 18/09/06 01:59 AM
Joined: Aug 2006
Posts: 9
M
moofster Offline OP
Nutrimatic drinks dispenser
OP Offline
Nutrimatic drinks dispenser
M
Joined: Aug 2006
Posts: 9
i was told to run it by dreppy on irc undernet he did not tell me where to post it so i thought to come here first.

Re: peerbot trojan #159503 19/09/06 03:51 PM
Joined: Sep 2003
Posts: 261
S
Scorpwanna Offline
Fjord artisan
Offline
Fjord artisan
S
Joined: Sep 2003
Posts: 261
And this has what to do with mIRC?

Re: peerbot trojan #159504 19/09/06 06:46 PM
Joined: Aug 2006
Posts: 9
M
moofster Offline OP
Nutrimatic drinks dispenser
OP Offline
Nutrimatic drinks dispenser
M
Joined: Aug 2006
Posts: 9
i can't log on to undernet because of some virus. however if yno-one here can help me then i guess i will have to find help somewhere else. thanks for taking the time to read over my problem though.

Re: peerbot trojan #159505 19/09/06 07:23 PM
Joined: Jan 2006
Posts: 108
F
Firestarter Offline
Vogon poet
Offline
Vogon poet
F
Joined: Jan 2006
Posts: 108
Dont know if you have already looked using Google but ~if~ it is msdhcp.exe that is the problem then have a look HERE
It may help or not.
Good luck
Firestarter

Re: peerbot trojan #159506 22/09/06 02:43 AM
Joined: Mar 2005
Posts: 74
K
KidSol Offline
Babel fish
Offline
Babel fish
K
Joined: Mar 2005
Posts: 74
Never run Hijackthis from temp or zip file
always make sure to create a folder for it on ur desktop so it will scan ur whole pc and it will create backup for the item u fix just incase u fix the wrong entry.

Re: peerbot trojan [Re: KidSol] #166281 08/12/06 04:16 PM
Joined: Feb 2006
Posts: 65
F
FaiNT Offline
Babel fish
Offline
Babel fish
F
Joined: Feb 2006
Posts: 65
msdhcp.exe IS the vruis, there will be no other copys of it but this, after removeing it, do a hard reboot (un pulg ur hd) and then u are good


known on irc as MrStonedOne
read my full post before replying or dont reply. tl;dr isn't allowed here
Re: peerbot trojan [Re: FaiNT] #166296 08/12/06 10:25 PM
Joined: Oct 2004
Posts: 8,327
Riamus2 Offline
Hoopy frood
Offline
Hoopy frood
Joined: Oct 2004
Posts: 8,327
You never have to unplug your hard drive to fix any virus issues. A "hard" reboot is turning off your computer and then turning it on, or else using the Reset button. A "soft" reboot is using Ctrl-Alt-Del to reboot, or using Windows' "reboot" option from the Start menu or the task manager or any other location, such as when a new program is installed and wants to reboot your computer.


Invision Support
#Invision on irc.irchighway.net