Scan your PC for Errors

Member Panel

Remember me ?

Forgot password?   

Join the PC Help Forum Team

Join PC Help Forum on Facebook

Join the PCHF Distributed Computing Teams

Try the NEW PC Help Forum Dark style

Link to PCHF from other parts of the Internet
PC Forum PC Help Forum » Security & Safety » [Fixed] Hijackthis! Logs » [Resolved] I have returned!!

[Fixed] Hijackthis! Logs - [Resolved] I have returned!! posted in the Security & Safety forums; Alright, here is the new log. But one thing I wanted to ask is, that firewall keeps poping up saying "such and such is trying to access the internet." and ...

JOIN US NOW to remove these Ads

Post New Thread  Reply
Page 2 of 3 < 1 2 3 >
  #8  
Old 12-14-2005
Elite Member
  
Join Date: Aug 2005
Posts: 426
PC Experience: Some Experience
PraiseJah - See this Members User comments on their Profile page
Send a message via AIM to PraiseJah
Default
Alright, here is the new log. But one thing I wanted to ask is, that firewall keeps poping up saying "such and such is trying to access the internet." and then asks me if I want to allow it. I have no idea whether or not to allow this thing or that thing to access it. I mean I know to allow my internet browser and stuff like that but some programs I have no clue.
Attached Files
File Type: log hijackthis.log (7.3 KB, 2 views)


__________________
PCHF Rules
  #9  
Old 12-14-2005
joe5's Avatar
Elite Member
My PC
 
Join Date: Jun 2005
Location: Netherlands
Posts: 9,036
joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page
Default
Almost clean , just one virus left.


Download Pocket Killbox:
http://www.atribune.org/downloads/KillBox.exe

Boot in safemode again and fix this one with hjt:

O4 - Global Startup: winlogin.exe

Start Killbox and place a tick next to [x]delete on reboot.
Copy this list into the windows clipboard:


C:\WINNT\System32\win32sockdrv.dll
C:\WINNT\System32\yuetyutr.dll
C:\WINNT\System32\winlogin.exe

Back in Killbox go > file > paste from clipboard,
Click the red highlighted X button and say yes to the prompt, then click OK.

Exit Killbox and restart your PC.

And for the firewall most of the time you can permit internet access , but you should almost always block server access.
You can allow all the apps you know and trust internet access , and putt a tick in "always perform this action" then for that app you never get asked again.

When you start an app for the first time it will probebly ask for internet access to check for updates or something , if you don't know what it is , try blocking (without placing a tick in "always perform this action") and see if youre app still works ok , then you can keep it blocked.


__________________
- PCHF Team. - (NL) - Mal-ware Eradicator! -
  #10  
Old 12-14-2005
Elite Member
  
Join Date: Aug 2005
Posts: 426
PC Experience: Some Experience
PraiseJah - See this Members User comments on their Profile page
Send a message via AIM to PraiseJah
Default
I tried to get rid of that one in HJT but it wont let me, it says to go into task manager to turn it off and it says that its a critical operation and wont let me turn it off.


__________________
PCHF Rules
  #11  
Old 12-14-2005
Elite Member
  
Join Date: Aug 2005
Posts: 426
PC Experience: Some Experience
PraiseJah - See this Members User comments on their Profile page
Send a message via AIM to PraiseJah
Default
oh, I dont know if this is because of that virus or not but whenever I try to copy something from wordperfect to my xanga (havent tested it other places) it freezes and I have to end the process. . . its not cool.


__________________
PCHF Rules
  #12  
Old 12-14-2005
joe5's Avatar
Elite Member
My PC
 
Join Date: Jun 2005
Location: Netherlands
Posts: 9,036
joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page
Default
Originally Posted by PraiseJah
I tried to get rid of that one in HJT but it wont let me, it says to go into task manager to turn it off and it says that its a critical operation and wont let me turn it off.

Did you boot in safemode? And in the taskmanager , there are two almost identical services winlogin.exe and winlogon.exe (in youre case atm) , you would want to kill the first.


__________________
- PCHF Team. - (NL) - Mal-ware Eradicator! -
  #13  
Old 12-15-2005
Elite Member
  
Join Date: Aug 2005
Posts: 426
PC Experience: Some Experience
PraiseJah - See this Members User comments on their Profile page
Send a message via AIM to PraiseJah
Default
I only see one, and its not the one you said I should kill.


__________________
PCHF Rules
  #14  
Old 12-15-2005
joe5's Avatar
Elite Member
My PC
 
Join Date: Jun 2005
Location: Netherlands
Posts: 9,036
joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page joe5 - See this Members User comments on their Profile page
Default
I just found some info wich seems to indicate that Trend micro's online scan can remove this virus , try that first:

http://housecall.trendmicro.com/


__________________
- PCHF Team. - (NL) - Mal-ware Eradicator! -

Reply
Satellite TV on your PC - over 3000 Channels! Click Here!
Page 2 of 3 < 1 2 3 >

Bookmarks

« [Resolved] Sniper Mcaffee Problems | [Resolved] Hijack this log »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are On

Contact Us - PC Help Forum - Site Map - Privacy Statement - Top
All times are GMT +1. The time now is 06:03 AM.
Powered by vBulletin
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
SEO by vBSEO 3.2.0 RC7
All Graphics & Content Copyright © 2004-2008 - PC Help Forum.com


Back to Top