Thread: suspected trojan viurs
View Single Post

  #1  
Old 06-25-2004, 03:07 PM
Freakinoldguy Offline
Junior Member
  
Join Date: Nov 2003
Posts: 8
suspected trojan viurs
Hi folks,

I've got a suspected trojan virus. The problem is that when I run panda scan nada zip nothing. I have run trojan hunter and it comes up with two suspected trojans I have run hijack this and tried removing this stuff with the system restore feature shut off nothing. I have taken the file C:\WINDOWS\atlpj.exe and tried incinerating it with system mechanic and still no luck. I can't even find out what trojan this is. Does anyone know what this thing is and how to get rid of it. BTW I had it before and formated and reloaded windows xp. I'd do it again but I'm running out of registration turns and don't want to phone redmond washington when I want to upgrade some stuff in the future.

Here's the hijack this profile.


Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\atlpj.exe
C:\Program Files\Panda Software\Panda Antivirus Platinum\Firewall\PavFires.exe
C:\Program Files\Panda Software\Panda Antivirus Platinum\pavsrv51.exe
C:\Program Files\Panda Software\Panda Antivirus Platinum\AVENGINE.EXE
C:\Program Files\Panda Software\Panda Antivirus Platinum\apvxdwin.exe
C:\Program Files\Panda Software\Panda Antivirus Platinum\pavProxy.exe
C:\WINDOWS\system32\sysqd.exe
C:\Program Files\iolo\System Mechanic 4 Professional\PopupStopper.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Some freakinoldguy\Local Settings\Temp\Temporary Directory 12 for hijackthis.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\wpbou.dll/sp.html#96676
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = res://wpbou.dll/index.html#96676
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = res://wpbou.dll/index.html#96676
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\wpbou.dll/sp.html#96676
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = res://wpbou.dll/index.html#96676
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\wpbou.dll/sp.html#96676
O2 - BHO: (no name) - {201166BC-FF75-D1B9-E36A-D1964D800CF1} - C:\WINDOWS\d3pw32.dll
O4 - HKLM\..\Run: [atlpj.exe] C:\WINDOWS\atlpj.exe
Thanks in advance

F.O.G.
Reply With Quote