36 tasks open

Status
Not open for further replies.

Stacey

Posts: 123   +0
It's me yet again, Stacey. My desk top computer at home must have alot of nasties. What link do I go to to post the hijack log. I am working off my lap top, since the other one is :( mad at me, for being dumb.
 
Thank you

Hi Howard. Nice to see you back. I am in class right now, Computers (Ha!Ha!) As soon as I get home I will do that post for you. Thanks again for your help.
Stacey
 
HJT Log

Hi.
Sorry for the delay. If you get a chance would you please take a look. I appreciate any help.
Stacey
 
HJT Log

Good Morning Howard. I have attached the log. Thank you for taking the time to help me.
Stacey

I started gooling the log, yet I keep getting confused (not that hard). Norton Symantec needs to go!
 
You`re running an outdated version of HJT. See HERE for the latest version.

Run HJT with no other programmes open(except notepad). Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).

O16 - DPF: {19B6C07F-7AA5-4170-88A9-EF184DC2EC40} - http://38.144.58.94/install.cab

O20 - AppInit_DLLs:

Click on the fix checked button.

Close HJT and reboot your system.

Download the following antivirus and firewall programmes.

AVG free or Avast antivirus programmes.

Zonealarm or Kerio free firewall programmes.

Then, go and read this post HERE and follow the instructions for removing Symantec/Norton.

Once Symantec/Norton has been completely uninstalled, install whichever firewall programme you chose, followed by whichever antivirus programme you chose. Reboot your computer the required number of times and run the antivirus updates.

Post a fresh HJT log.

Regards Howard :)

This thread is for the use of Stacey only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Thank you Howard. I will work on that later tonight when I get home. Your the best and I am so glad your here.
 
I clicked and let HijackThis fix the two items you said. I down loaded and ran the lastest version of HijackThis, you suggested. The Reply is not letting me attach the new log.
I have also removed Norton crap; dowloaded AVG antivirus, AVG spyware, and zone alarm. I am hoping all is going to look well.
 
I have removed your previous HJT log. Hopefully, you`ll now be able to attach a fresh HJT log.

Regards Howard :)

This thread is for the use of Stacey only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Hi Howard! I will post the log later on today when I get home from work. It seems after I installed the Zone alarm the computer slowed, I may have two fire walls running. I have to look into that too. Thank you once again, and I will post log ASAP.
Stacey
 
Nerw Log

Here is a new log that I have just run. If you have a chance could you let me know how it looks.
 
Your HJT log is clean. However, it appears there`s still a Symantec/Norton service running.

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

I suggest you read this post HERE and follow the instructions.

You can post a fresh HJT log after you`re done, if you like.

Regards Howard :)

This thread is for the use of Stacey only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
New Log

Norton has been removed from the computer, via the removal tool. I have attached the new log.
 
Your HJT log is clean.

Turn off system restore.(XP/ME only) See how HERE.

Now, turn system restore back on. This will have deleted all your old restore points and any nasties that are in them. It will also have created a new, clean restore point.

If you have any further virus/spyware problems, please post in this thread.

Regards Howard :)

This thread is for the use of Stacey only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
CD instalation Virus?

Hello, It is me again. I am hoping for some help with a log. I am triing to clean my fiance`s computer and I am having a hard time getting SE and AVG spyware to load. Every now and then I am getting a blue screen telling me there is a memory issue and there is a driver problem. It seems the disk drive is not being recognized. He purchased a disk for GM automotive repair on Ebay and when he installed it the problems began.
 
Run HJT with no other programmes open. Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).

O2 - BHO: (no name) - {77701e16-9bfe-4b63-a5b4-7bd156758a37} - (no file)

O2 - BHO: msnhlp32.msn_hlp - {EEFBE5D6-FEFF-4CB4-AA26-6A464090CB89} - C:\WINDOWS\System32\msnhlp32.dll (file missing)

Click on the fix checked button.

Close HJT.

Other than the above, your friends HJT log is clean.

I suggest your friend tries a system restore to before he installed the problem software.

Regards Howard :)

This thread is for the use of Stacey only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Howard here is the new log. I have been tring to download the AVG Spyware and SE Personal, it seems I am not able to do so. Is there something that I may be doing wrong.
 
That HJT log is clean, unless the 017 entries are not from your friends ISP, in which case they should be fixed.

If you`re still concerned over malware, I suggest you post a Combofix log as per step12 of these instructions.

Since the problems only started when your friend installed new software, it seems likely that it`s the cause of the problems and that`s why I recommended a system restore to before the new software was installed.

Regards Howard :)
 
Thank your for your time, Howard. I am not sure he knew about system restore. I have attached the logs. I am still not able to get SE Personal, any suggestions.

Also; how do I find out wht the IP address is?
 
Wow, it seems your friends sytem is riddled with malware.

1. Please download The Avenger by Swandog46 from HERE. Save it to your Desktop and extract it.

2. Download the attached avengerscript.txt and save it to your desktop. The Avenger script is attached to the bottom of this post.

Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.

3. Now, start The Avenger program by double clicking on its icon on your desktop.

Under "Script file to execute" choose "Load script from file".
Now click on the folder icon which will open a new window titled "open Script File"
navigate to the file you have just downloaded, click on it and press open
Now click on the Green Light to begin execution of the script
Answer "Yes" twice when prompted.

4. The Avenger will automatically do the following:

It will Restart your computer. ( In cases where the code to execute contains "Drivers to Unload", The Avenger will actually restart your system twice.)
On reboot, it will briefly open a black command window on your desktop, this is normal.
After the restart, it creates a log file that should open with the results of Avenger’s actions. This log file will be located at C:\avenger.txt
The Avenger will also have backed up all the files, etc., that you asked it to delete, and will have zipped them and moved the zip archives to C:\avenger\backup.zip.

5. Please attach the content of c:\avenger.txt into your reply.

Then, go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly. In your friends case, as many of the instructions as possible.

Post fresh HJT, AVG Antispyware and Combofix logs as attachments into this thread, only after doing the above.

Also, let me know the results of the AVG Antirootkit scan.

Regards Howard :)

This thread is for the use of Stacey only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Everything looks clean there.

Perhaps the problem really isn`t caused by malware and is more to do with the software that was installed prior to the start of the problems.

Tell your friend to try a system restore.

Regards Howard :)

This thread is for the use of Stacey only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Status
Not open for further replies.
Back