[Grammarian-Bot]

Whenever I open my IE, the http://www.syssecuritysite.com/ website opens and says..

WARNING! YOUR SYSTEM IS VULNERABLE TO HACKERS' ATTACKS AND BREAKDOWNS!

Following is the process that my system has.
I've MCAffe, AVG and AD-Aware, all updated but none of them worked out.
Please tell me how can I get rid of this problem.


Logfile of HijackThis v1.99.1
Scan saved at 11:53:41 PM, on 7/3/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
D:\INSTAL~1\AVG\avgamsvr.exe
D:\INSTAL~1\AVG\avgupsvc.exe
D:\INSTAL~1\AVG\avgemc.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\WINDOWS\System32\wdfmgr.exe
D:\Installed Softwares\Virtual CD\System\vcdsecs.exe
C:\WINDOWS\Explorer.EXE
D:\Installed Softwares\Java\bin\jusched.exe
D:\INSTAL~1\AVG\avgcc.exe
C:\Program Files\McAfee.com\VSO\mcvsshld.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\McAfee.com\VSO\oasclnt.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\ctfmon.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Administrator\Start Menu\procexp.exe
D:\New\hijackthis\HijackThis.exe

O2 - BHO: IDMIEHlprObj Class - {0055C089-8582-441B-A0BF-17B458C2A3A8} - D:\Installed Softwares\Internet Download Manager\IDMIECC.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - D:\INSTAL~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: (no name) - {5f4c3d09-b3b9-4f88-aa82-31332fee1c08} - C:\WINDOWS\System32\hp106.tmp
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Installed Softwares\Java\bin\ssv.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - D:\INSTAL~1\SPYWAR~1\tools\iesdpb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\.. \Run: [SunJavaUpdateSched] D:\Installed Softwares\Java\bin\jusched.exe
O4 - HKLM\.. \Run: [AVG7_CC] D:\INSTAL~1\AVG\avgcc.exe /STARTUP
O4 - HKLM\.. \Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\.. \Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\.. \Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\.. \Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\.. \Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\.. \Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\.. \Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\.. \Run: [defender] C:\\dfndrb_2.exe
O4 - HKLM\.. \Run: [keyboard] C:\\kybrdb_2.exe
O4 - HKLM\.. \Run: [newname] C:\\nwnmb_2.exe
O4 - HKLM\.. \Run: [Windows Update Manager] win32.exe
O4 - HKLM\.. \Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\.. \Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\.. \RunServices: [Windows Update Manager] win32.exe
O4 - HKCU\.. \Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Installed Softwares\Office\Office10\OSA.EXE
O8 - Extra context menu item: Download All Links with IDM - D:\Installed Softwares\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - D:\Installed Softwares\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\INSTAL~1\Office\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Installed Softwares\Java\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Installed Softwares\Java\bin\ssv.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - D:\INSTAL~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\Installed Softwares\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\Installed Softwares\WinHTTrack\WinHTTrackIEBar.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/sh...1/mcinsctl.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/sh...26/mcgdmgr.cab
O17 - HKLM\System\CCS\Services\Tcpip\.. \{08C57AFE-11BF-44FE-A625-29A2DDE6DF43}: NameServer = 202.163.96.3 202.163.96.4
O17 - HKLM\System\CS2\Services\Tcpip\.. \{08C57AFE-11BF-44FE-A625-29A2DDE6DF43}: NameServer = 202.163.96.3 202.163.96.4
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - D:\INSTAL~1\AVG\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - D:\INSTAL~1\AVG\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - D:\INSTAL~1\AVG\avgemc.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - D:\Installed Softwares\Spyware Doctor\sdhelp.exe
O23 - Service: Virtual CD v4 Security service (VCDSecS) - H+H Software GmbH - D:\Installed Softwares\Virtual CD\System\vcdsecs.exe

[Northwind_Dagas]

This link should guide you in removal:
http://forums.maddoktor2.com/index.p...7901&hl=ridz+k

[Curlyben]

Did you also scan with the other apps I mentioned in your previous thread HERE ?

Here's a few other links that may help.

[NeedKarma]

As a side not:
It is never recommended to have more than one antivirus programs installed and running on the same machine.

[Grammarian-Bot]

Well... I've been using both MCAfee and avg together more more than a month and both of them have been great. I had no virus in my computer since I installed both of them. Previously when I had just MCAfee installed, I used to face a lot of virus problems. But now everything is fine but this new IE virus is creating a lot of problem.

But there is something very strange. When I connect to the internet, my computer slows down and as soon as I disable my mcafee the whole computer power comes back. Also when I connect to the internet, the mcafee always cather an ftp(file transfer protocol) virus. I don't know what the hell this antivirus is up to.

[shunned]

Wow. You have to AV progs running and you still got this malware?

[LTheobald]

Shunned - AV programs don't normally stop malware. Companies like McAfee normally have separate products to handle that.

But there is something very strange. when i connect to the internet, my computer slows down and as soon as i disable my mcafee the whole computer power comes back. also when i connect to the internet, the mcafee always cather an ftp(file transfer protocol) virus. i don't know what the hell this antivirus is upto.

I'm not surprised things like this are happening if you are running two anti-virus apps. They are probably locking each other out and slowing the PC down. That's what I seem to have found anyway.

As for that HijackThis log - it's fine according to this: http://hjt.networktechs.com . Maybe the spyware has been removed and you just need to reset your Internet Explorer homepage. You'd never see this happening on Firefox by the way :P

[Grammarian-Bot]

My Firefox is working just fine. Well I'll check my IE settings.