• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
Sign in to follow this  
Followers 0
SimpleComplex

This keeps getting worse!!

6 posts in this topic

I posted here before, a week ago or so. Didn't receive a response so I'll try again with the new updates. I have now renewed my Norton AntiVirus and what I get is a repetitive warning message stating:

 

Norton AntiVirus has detected a virus on your computer.

 

Object name: C:\WINNT\SYSTEM32\SQLP.DLL

 

Virus name: Backdoor.trojan

 

Then I cycle through 6 warning windows, each one listed below, twice.

 

Action Taken: Unable to repair this file.

 

Action Taken: Unable to quarantine this file.

 

Action Taken: Access to the file was denied.

 

Next i changes the Object name to C:\WINNT\system32\sqlp.dll

 

same thing just small case and the whole thing goes through is cycle of six windows. A minute or two later, the whole thing starts over.

 

Can't find sqlp.dll in the system32 folder or any other folder. Well hidden I guess?

 

Can anyone help me with this mess? I have Ad-aware, Norton, CWShredder, Hijack This, AboutBuster and Spybot. And one SOB of an infiltrator.

Share this post


Link to post
Share on other sites

We need a closer look at what's happening.

Please download Hijack this

Copy it into its own folder, doubleclick HijackThis.exe, and hit "Scan".

 

When the scan is finished, the "Scan" button will change into a "Save Log" button.

Press that, save the log, do Ctrl-A to Select All, and copy its contents here. Most of what it lists will be harmless or even essential, don't fix anything yet.

Share this post


Link to post
Share on other sites

Id suggest your reboot in dos mode, and simply delete the from there, Type CD C:\ to go to your Hardrive then CD windows, CD System32 ect ect. Then when your in the folder type delete (Filename) My guess.

Share this post


Link to post
Share on other sites

Thanks, here's my hijack this log.

 

Logfile of HijackThis v1.97.7

Scan saved at 6:01:09 PM, on 7/20/2004

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINNT\System32\smss.exe

C:\WINNT\system32\winlogon.exe

C:\WINNT\system32\services.exe

C:\WINNT\system32\lsass.exe

C:\WINNT\system32\svchost.exe

C:\WINNT\System32\svchost.exe

C:\WINNT\Explorer.EXE

C:\WINNT\system32\spoolsv.exe

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\Program Files\Norton Internet Security\NISUM.EXE

C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\WINNT\GWMDMMSG.exe

C:\WINNT\GWHotKey.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\WINNT\System32\Ati2evxx.exe

C:\PROGRA~1\Iomega\System32\AppServices.exe

C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe

C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE

C:\Program Files\Common Files\Lanovation\PrismXL\PRISMXL.SYS

C:\PROGRA~1\NORTON~3\SPEEDD~1\nopdb.exe

C:\Program Files\Iomega\AutoDisk\ADService.exe

C:\Program Files\Microsoft Office\Office10\OUTLOOK.EXE

C:\Program Files\Microsoft Office\Office10\WINWORD.EXE

C:\Program Files\Microsoft Works\MSWorks.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Messenger\msmsgs.exe

C:\Documents and Settings\Owner\Desktop\HijackThis.exe

 

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

O2 - BHO: My Search BHO - {014DA6C1-189F-421a-88CD-07CFE51CFF10} - C:\Program Files\MySearch\bar\2.bin\S4BAR.DLL

O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: My &Search Bar - {014DA6C9-189F-421a-88CD-07CFE51CFF10} - C:\Program Files\MySearch\bar\2.bin\S4BAR.DLL

O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe

O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [GWMDMMSG] GWMDMMSG.exe

O4 - HKLM\..\Run: [GWMDMpi] C:\WINNT\GWMDMpi.exe

O4 - HKLM\..\Run: [Multi-function Keyboard] GWHotKey.exe

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"

O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1

O4 - HKCU\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O9 - Extra button: Messenger (HKLM)

O9 - Extra 'Tools' menuitem: Messenger (HKLM)

O9 - Extra button: WeatherBug (HKCU)

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

O16 - DPF: {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} (MiniBugTransporterX Class) - http://download.weatherbug.com/minibug/tri...Transporter.cab?

O16 - DPF: {9A57B18E-2F5D-11D5-8997-00104BD12D94} (compid Class) - http://support.gateway.com/support/serialharvest/gwCID.CAB

O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/...7645.6160416667

Share this post


Link to post
Share on other sites

Oh ya, it has also disabled the intrusion detection on my Norton Internet Security. It say's "driver initialazation failed". This happened a few days ago, a couple of weeks after initial infection of this, or at least the first bug.

 

Like I say, it keeps getting worse.

Share this post


Link to post
Share on other sites
Sign in to follow this  
Followers 0