TechSpot

Asking for a look through logs please ;)

By Jacal
Jun 26, 2007
  1. Just ran a scan because my computer was running rather slow. So i followed the precedure and have attached the required logs.
     
  2. raybay

    raybay TS Evangelist Posts: 7,241   +9

    Several problems: There are better people on this formum for reading HijackThis.logs so you will see more and better advice.

    sistem.sys is usually evidence of the Worm Win32 Eliles and other worms.

    Your system is loaded with detection and scan software that is probably in conflict allowing other problems to slip through... I see Symantec Internet Security, SpyBot, AVG AntiSpyware, AVG AntiVirus, no AVG Root kit.
    You will need to setting of the software you want to protect you... one good antivirus program and one good antispyware program are better than three.
    Look through the forum on spyware to see possible methods to fix the problems you have.
     
  3. Jacal

    Jacal TS Rookie Topic Starter Posts: 83

    You Saw AVG Anti-virus, that cannot be right for i never installed the anti-virus program to being with based off the instructions in the virus/malware/trojan removal instructions. Also i did install the AVG Root-Kit, sorry i never posted its result.
    The result that was that no root-kits were found. Also prior to following the removal instructions, Norton Internet Security 2007 was the only thing installed.
    So i do not see possible reasons for there to be a conflict. I am sorry to say.

    I do agree with your statement of there being a possible conflict between the softwares now, but as i said before prior to the removal instructions, Norton said there was no virus active which was clearly not the case, and since Norton was the only program of that nature at the time, there should be no possible way in which a conflict could take place.
     
  4. kitty500cat

    kitty500cat TS Evangelist Posts: 2,154   +6

    Run HijackThis with no other programs open and have it do a scan. Place a check in the little box next to the following items (if there):
    O4 - HKUS\S-1-5-18\..\Run: [Tok-Cirrhatus] (User 'SYSTEM')

    O4 - HKUS\.DEFAULT\..\Run: [Tok-Cirrhatus] (User 'Default user')

    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present

    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present

    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present

    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions
    present

    O8 - Extra context menu item: &Search - [http]edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZSzed044YYJM_ZB

    Click the Fix Checked button. Close HJT.

    Now go into Add/Remove Programs in your Control Panel and remove anything having to do with MyWebSearch.

    If you have any flash drives that you've used recently (i.e. since your computer was infected), insert them now. Scan all drives on your system for the filename sxs.exe and delete all instances found. Then leave your flash drive(s) connected and scan all drives with ComboFix and AVG Antispyware, and post their logs. Also scan with HijackThis and post a fresh log. Scan all drives with AVG Antirootkit and post the results here.

    Regards :)

    This thread is for the use of Jacal only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our Security and the Web forum.
     
  5. momok

    momok TS Rookie Posts: 2,265

    Hi,

    In addition to the above HijackThis entries, do fix this too.

    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

    Also, I do not see any firewall running on your system. That is definitely not recommend.
    Here are some recommended firewalls. Please use one and only one. Using more than one is not recommended as it will hog your system resources.
    Zonealarm
    Kerio
    Comodo

    PS. I would suggest you uninstall Norton though unless you are a huge fan of it.


    Regards,
    Your friendly momok =)

    This thread is for the use of Jacal only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...