Member Panel

conversee

Hi all,

I was on here about a month ago with a marahton malware situation which was fixed, yay

! At that point I dumped my Norton Systemworks and dowloaded the AVG Antivirus plus firewall trial.

The bummer is that my trial malware protection subscription ran out like 1/2 a day before I realiized it :cry:. I immediately bought the subscription but now can not even find meniton of the firewall when I click the AVG icon. Arrgghh :banghead:. SO, I quickly downloaded Zonealarm so I would at least have something of a firewall running.

I ran the AVG antivirus program that I just bought the lisence for, Spyware Doctor and Adaware and none picked anything bad up. I saw meniton here that Panda Activescan was good so I gave it a whirl. From the Panda scan, it looks like I have a bunch of adware, a trojan and a dialer. Activescan claims to have deleted the trojan only.

I ran an HJT and the log is below along with the Panda Activescan log. ?Any help in disinfecting would be greatly appreciated!

conversee

Oh- maybe it would be of some help to list the malware prograsm I have to date:

cwshredder
aboutbuster
Hijack this
Spyware doctor
Adaware
AVG Antivirus
hoster
ccleaner
fixiefts
hsfix
ewido (does not work, though)
Autoruns

joe5

Welcome back Patti :-)

When you bought the AVG , did you by only the AV or the AVG Antivirus plus firewall ? If you only bought the AV then it is normal that the trial firewall doesn't show up anymore.

And most of the problems Panda points out are files in restore points (rp21 and rp59) , just delete those and there gone.

You can fix these with Hijackthis:

O4 - Global Startup: hpoddt01.exe.lnk = ?
O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} - http://download.abacast.com/download...basetup151.cab

And delete these files manually:

C:\WINDOWS\SYSTEM32\AUDIOSRV.exe
C:\WINDOWS\SYSTEM32\ADVPACK6.exe
C:\PROGRAM FILES\QuickSearch
C:\WINDOWS\sdkub32.exe

Also can you run an other onlinescan then Panda? like trendmicro or kaspersky , and post back the results. See for a link below.

conversee

joe5! Hi.

Thanks for taking thiis one!

I think I must have purahsed the AVG without the firewall. The trial was for the AVG antivirus plus firewall, so I thought that is what I was purchasing a liscence for. I have an email into them to see if I can fix the mistake and get the AVG plus firewall.

I ran the HJT you see in my first post, but am not sure which thing sot delete. Aslo, I am not sure what/where restore points is. As well, I wasn't sure if I needed to be in safe mode to fix objects that come up in HJT. All the steps form the last malware hunt are kind or a blur :lol:

As for

:\WINDOWS\SYSTEM32\AUDIOSRV.exe I deleted this, but there is also an audiosrv.dll as well the .exe- should I delete that?
C:\WINDOWS\SYSTEM32\ADVPACK6.exe I deleted this, but there is also an advpack.dll as well the .exe- shoud I delete that?
C:\PROGRAM FILES\QuickSearch Could not locate this in C:\Program Files
C:\WINDOWS\sdkub32.exe Colud not locate this in C:\WINDOWS

I am running the Kaspersky now and will psot it when finished as it is taking a while.

~:O)

conversee

I am "Typing challenged" and SERIOUSLY need to spellchek

joe5

Originally Posted by conversee

I ran the HJT you see in my first post, but am not sure which thing sot delete. Aslo, I am not sure what/where restore points is. As well,? I wasn't sure if I needed to be in safe mode to fix objects that come up in HJT. All the steps form the last malware hunt are kind or a blur? :lol:

Boot in safe mode (hit f8 when booting up) and fix these with hjt:

O4 - Global Startup: hpoddt01.exe.lnk = ?
O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} - http://download.abacast.com/download...basetup151.cab

And to remove those restore points:

Click the Start button.
Right-click My Computer, and then click Properties.
On the System Restore tab, check Turn off System Restore or Turn off System Restore on all drives.

After youre done with the cleanup you can enable it again.

:\WINDOWS\SYSTEM32\AUDIOSRV.exe? ? ? I deleted this, but there is also an audiosrv.dll? as well the .exe- should I delete that?
C:\WINDOWS\SYSTEM32\ADVPACK6.exe? ? I deleted this, but there is also an advpack.dll? as well the .exe- shoud I delete that?

Don't delete those , they are legit.

C:\PROGRAM FILES\QuickSearch? ? ? ? ? ? ? ? ?Could not locate this in C:\Program Files
C:\WINDOWS\sdkub32.exe? ? ? ? ? ? ? ? ? ? ? ? Colud not locate this in C:\WINDOWS

Make sure hidden files are set to show.

1.On the Tools menu in Windows Explorer, click Folder Options.
2.Click the View tab.
3.Under Hidden files and folders, click Show hidden files and folders.
4.If you see a warning message, click Yes.
5.Click Apply.
6.Click OK.

Member Panel

Sponsors and Ads

Live Tag Cloud