1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Antivirus wont update [HJT log]

Discussion in 'Malware and Virus Removal Archive' started by Liam42, 2006/01/07.

  1. 2006/01/07
    Liam42

    Liam42 Inactive Thread Starter

    Joined:
    2005/12/17
    Messages:
    2
    Likes Received:
    0
    The first indication of a problem was when the security centre (XP) flagged up a warning saying my AV was out of date and my computer was at risk, when I tried a manual update (I'm using Mcafee virusscan 8) which failed to retrieve update. I unistalled and reinstalled the program but had the same problem with the update, I have since tried various AV programs (trend micros 2006, spybot s&d, panda etc) and all behave in the same way i.e. the download and setup generally go ok (if a bit slow maybe) but at the first instance of use will not update, all give errors of a similar theme: cannot connect to server, internet connection unavailable, an error occured when connecting to the internet, check proxy settings etc. I have followed reams of advice from each AV companies site describing different ways round the problem all to no avail. None of the AV apps I've managed to run indicate any obvious problems, the closest I got to a decent scan with an up to date piece of sw was a DOS scanner from mcafee which again found nothing. The system is now running like a bucket with apps taking 10 mins to open or close and constantly having to switch off with the pwr button which is making it more difficult o get any kind of AV detection to work. So in summary anybody got any ideas how I can get a good solid AV to run with updates (assuming I've got a virus!) coz I'm trying everything I can to avoid a an OS reinstall, any help would be much appreciated (would an hjt log help?)......thanx
     
    Liam42,
    #1
  2. 2006/01/08
    PeteC

    PeteC SuperGeek Staff

    Joined:
    2002/05/10
    Messages:
    28,896
    Likes Received:
    389
    Liam42 - Welcome to the Board :)

    Post the HJT log :)
     
    PeteC,
    #2


  3. to hide this advert.

  4. 2006/01/09
    Liam42

    Liam42 Inactive Thread Starter

    Joined:
    2005/12/17
    Messages:
    2
    Likes Received:
    0
    hjt log

    Thanks for the welcome Petec, here's the log, thanks for the look:

    Logfile of HijackThis v1.99.1
    Scan saved at 21:32:51, on 09/01/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Ahead\InCD\InCDsrv.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\CTsvcCDA.EXE
    C:\PROGRA~1\TRENDM~1\INTERN~2\PcCtlCom.exe
    C:\WINDOWS\System32\svchost.exe
    C:\PROGRA~1\TRENDM~1\INTERN~2\Tmntsrv.exe
    C:\PROGRA~1\TRENDM~1\INTERN~2\tmproxy.exe
    C:\PROGRA~1\TRENDM~1\INTERN~2\TmPfw.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Trend Micro\Internet Security 2006\pccguide.exe
    C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe
    C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
    C:\WINDOWS\system32\dlcccoms.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\WinRAR\WinRAR.exe
    C:\DOCUME~1\Liam\LOCALS~1\Temp\Rar$EX00.328\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.clientapps.yahoo.com/...k/*http://uk.docs.yahoo.com/info/bt_side.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.red.clientapps.yahoo.com/customize/ie/defaults/su/ymsgr6/uk/*http://www.yahoo.co.uk
    R3 - Default URLSearchHook is missing
    O1 - Hosts: 69.299.33.21 bin.mcafee.com
    O1 - Hosts: 120.30.243.19 nai.com
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 2006\pccguide.exe "
    O4 - HKLM\..\Run: [DLCCCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll,_RunDLLEntry@16
    O4 - HKLM\..\Run: [dlccmon.exe] "C:\Program Files\Dell Photo AIO Printer 924\dlccmon.exe "
    O4 - HKCU\..\Run: [cosERVapj] tftialui.exe
    O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1110898560542
    O16 - DPF: {94EB57FE-2720-496C-B33F-D9353C6E23F7} (F-Secure Online Scanner 2.1) - http://support.f-secure.com/ols/fscax.cab
    O16 - DPF: {AD0B8220-7DA4-4C0A-8532-B25A9F631D3D} (VacPro.internazionale_ver10) - http://advnt01.com/dialer/internazionale_ver10.CAB
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
    O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/autocomplete.cab
    O16 - DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} (Toontown Installer ActiveX Control) - http://download.toontown.com/sv1.0.15.22/ttinst.cab
    O16 - DPF: {D19781C5-2051-44F8-8445-DDC82933C191} (VacPro.internazionale_ver11) - http://advnt01.com/dialer/internazionale_ver11.CAB
    O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} - http://fdl.msn.com/zone/datafiles/heartbeat.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{08920F07-27A9-4096-A8A4-BA3367EB06F2}: NameServer = 192.168.2.1
    O17 - HKLM\System\CCS\Services\Tcpip\..\{CAC59E20-9E8B-4539-9F26-F009244FA680}: NameServer = 192.168.2.1
    O17 - HKLM\System\CS1\Services\Tcpip\..\{08920F07-27A9-4096-A8A4-BA3367EB06F2}: NameServer = 192.168.2.1
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
    O23 - Service: dlcc_device - Unknown owner - C:\WINDOWS\system32\dlcccoms.exe
    O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~2\PcCtlCom.exe
    O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~2\Tmntsrv.exe
    O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~2\TmPfw.exe
    O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~2\tmproxy.ex


    Liam42
     
    Liam42,
    #3

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...