Free PC Performance Scan

Member Panel

Remember me ?

Forgot password?   

Join the PC Help Forum Team

Join PC Help Forum on Facebook

Join the PCHF Distributed Computing Teams

Try the NEW PC Help Forum Dark style

Link to PCHF from other parts of the Internet
PC Forum PC Help Forum » Security & Safety » [Fixed] Hijackthis! Logs » [Resolved] Here are some logs of an infected pc #10

[Fixed] Hijackthis! Logs - [Resolved] Here are some logs of an infected pc #10 posted in the Security & Safety forums; here are some log files:...

JOIN US NOW to remove these Ads

Post New Thread  Reply
  #1  
Old 12-06-2005
Bronze Member
  
Join Date: Nov 2005
Posts: 76
sumodeluxe - See this Members User comments on their Profile page
Default [Resolved] Here are some logs of an infected pc #10
here are some log files:
Attached Files
File Type: log hijackthis.log (5.1 KB, 4 views)
File Type: txt Scan report_20051206.txt.txt (28.8 KB, 1 views)


  #2  
Old 12-06-2005
joe5's Avatar
Elite Member
My PC
 
Join Date: Jun 2005
Location: Netherlands
Posts: 9,036
joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page
Default
First uninstall SurfAccuracy in add/remove programs if present.

Then boot in safemode and fix these with hjt:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {D7611E37-D7AF-8D5B-8BDF-D22896553693} - C:\WINDOWS\system32\zvpwbq.dll
O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe
O4 - HKLM\..\Run: [SurfAccuracy] C:\Program Files\SurfAccuracy\SAcc.exe
O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} (Installer Class) - http://www.ysbweb.com/ist/softwares/...sb_regular.cab
O16 - DPF: {F919FBD3-A96B-4679-AF26-F551439BB5FD} - http://winfixer.com/pages/scanner/Wi...nerInstall.cab


Open a DOS command prompt window (form Start->Programs->Accessories) and enter the following commands:
cd "%WinDir%\System"
regsvr32 /u "\Program Files\ISTbar\istbar.dll"


Then delete the files/folders in bold and run Ccleaner.


Reboot and post a new hjt log please.


__________________
- PCHF Team. - (NL) - Mal-ware Eradicator! -
  #3  
Old 12-07-2005
Bronze Member
  
Join Date: Nov 2005
Posts: 76
sumodeluxe - See this Members User comments on their Profile page
Default
i just installed microsoft antispy ware after i posted those logs and i was unable to find those logs in HJT. But here is the current log.
Attached Files
File Type: log hijackthis.log (7.5 KB, 2 views)


  #4  
Old 12-07-2005
ladygreenwitch's Avatar
HR Director
My PC
 
Join Date: Jul 2005
Location: Bay Area California
Posts: 5,778
PC Experience: PC Illiterate
ladygreenwitch - See this Members User comments on their Profile page ladygreenwitch - See this Members User comments on their Profile page ladygreenwitch - See this Members User comments on their Profile page ladygreenwitch - See this Members User comments on their Profile page ladygreenwitch - See this Members User comments on their Profile page ladygreenwitch - See this Members User comments on their Profile page ladygreenwitch - See this Members User comments on their Profile page ladygreenwitch - See this Members User comments on their Profile page ladygreenwitch - See this Members User comments on their Profile page ladygreenwitch - See this Members User comments on their Profile page ladygreenwitch - See this Members User comments on their Profile page
Default
Hey Sumo,

One of the problems is that you are running both the Microsoft and Norton AV programs at the same time. You can have them both on to scan with but you need to choose one or the other to run all of the time.

You can fix these with HJT, deleting the files in bold.

O4 - HKCU\..\Run: [Chhtao] C:\WINDOWS\system32\??anregw.exe
O4 - HKCU\..\Run: [Aida] "C:\Program Files\rdso\eetu.exe" -vt mtx
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
Run CCleaner again, and then post another HJT log.

Look forward to your reply,

TTFN

LGW
  #5  
Old 12-07-2005
joe5's Avatar
Elite Member
My PC
 
Join Date: Jun 2005
Location: Netherlands
Posts: 9,036
joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page
Default
WOW , two new infections in three hours time. :shocked:


Anyway , also fix this entry:

O16 - DPF: {F919FBD3-A96B-4679-AF26-F551439BB5FD} - http://winfixer.com/pages/scanner/Wi...nerInstall.cab


__________________
- PCHF Team. - (NL) - Mal-ware Eradicator! -

Reply
Satellite TV on your PC - over 3000 Channels! Click Here!

Bookmarks

« [Fixed] bandwidth problems! | [Resolved] HijackThis Log »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are On

Similar Threads
Thread Thread Starter Forum Replies Last Post
[Fixed] Somebody Help me! iexplore problems due to spyware! Osiris09 [Fixed] Hijackthis! Logs 110 02-25-2006 01:43 AM
[Resolved] 20 infected processes..154 infected registrys! brent [Fixed] Hijackthis! Logs 15 11-27-2005 11:37 AM
[FIXED] Yet more malware.... Anyone have time to help delete it? conversee [Fixed] Hijackthis! Logs 26 09-26-2005 12:35 AM
Worm spoofs Google on infected PCs. joe5 Security Watch 0 09-20-2005 05:02 PM
[Tech News] MPAA sifts through tracker logs for lawsuit ammo merlin The Lounge 2 08-29-2005 09:32 PM

Contact Us - PC Help Forum - Site Map - Privacy Statement - Top
All times are GMT +1. The time now is 06:07 AM.
Powered by vBulletin
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
SEO by vBSEO 3.2.0 RC7
All Graphics & Content Copyright © 2004-2008 - PC Help Forum.com


Back to Top