hi..my system is supposedly clean, but..

Discussion in 'malware problems & news' started by crypticsolution, Aug 9, 2006.

Thread Status:
Not open for further replies.
  1. crypticsolution

    crypticsolution Registered Member

    Joined:
    Aug 8, 2006
    Posts:
    17
    I feel like something's wrong..
    I'm on XP Home 2002 SP2

    I had a trojan infestation about a week ago, which has supposedly been cleaned up. They were Trojan horse Generic.XFV, Trojan horse Clicker.FR, Trojan horse Generic.XKS, Trojan horse Downloader.Zlob.BFD, Trojan horse Downloader.Agent.AQN, Trojan horse DNSChanger.A ...99 in all and AVG Free 7.1.405 quarantined all. Since then I've learned of some of the "new" threats, and I'm very concerned..
    I Have Done:
    Run Updated versions of: Ad-aware SE , Ewido 4.0, Spybot S&D, Windows Defender, MMSRT, FixWareout, & HijackThis.
    Also *While In Safe Mode* - Ewido 4.0, Spybot S&D.
    They all say I'm clean..

    Now - the little hour-glass (busy) icon next to the cursor appears for just an instant about every 30 seconds, as if a page was being refreshed, but even when no windows are open at all, IE or Windows.
    I have noticed up to nine different svchost.exe connections running as far as Ewido says. And two lsass.exe connections.
    IE seems a tiny bit sluggish as well, but barely noticeable.
    I have attached the list of trojans in my vault. I can produce Logs from Ewido or HijackThis if it helps.

    Any help would be greatly appreciated. Thank you.
     

    Attached Files:

  2. pykko

    pykko Registered Member

    Joined:
    Apr 27, 2005
    Posts:
    2,236
    Location:
    Romania...and walking to heaven
    Try running an online AV scanner (Bit Defender, Panda) or install NOD32 and scan your PC. ;)
     
  3. crypticsolution

    crypticsolution Registered Member

    Joined:
    Aug 8, 2006
    Posts:
    17
    thanks Pykko, I will look at those..
    I rebooted in safe mode and Scanned with AVG and once more with ewido, ewido just found a couple cookies 2o7, adopt.euroclick, ads.pointroll, questionmarket.. AVG found nothing after hour+ full scan..
    however my cursor doesn't blink the busy hourglass now..?...and at this moment seven svchost.exe connections are present.
    well, i'll go look at those..
     
  4. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
Loading...
Thread Status:
Not open for further replies.