Combo/Hijack Log. Please see if I have threats!

Status
Not open for further replies.
J

jimrny

Posts: 9   +0
I am having some nasty spyware!

gomyhits.com

and redirection when I click on links in google! What could it be?!
 

Attachments

  • Combo.txt
    14.2 KB · Views: 6
  • hijackthis.log
    4.2 KB · Views: 5
Someone will help you shortly

This time may vary, TechSpot members are helping others voluntarily so hang in there. Also I'll check back later. If no response.
 
Hi,

Have you followed the instructions in the thread kimsland provided? Be sure to provide fresh logs in your next reply. Thanks.
 
(Moderator edit: There is no need to quote a post directly above yours when replying.)
I have. I used tool 1, tool 2 and 3 links weren't working. I used combofix in safemode, and then avg on the start up including hijackthis.
 
Hi,

Since you have gone through the removal thread instructions, what are the results of the anti rootkit scan?
  1. Open notepad and copy/paste the text in the quote box below into it (all except the word QUOTE):

    File::
    C:\WINDOWS\system32\drivers\tcpip.sys.flg
    C:\WINDOWS\system32\drivers\sptd7245.sys
    Folder::
    C:\WINDOWS\system32\ardCo01
    C:\Temp\cEeer12
    Click to expand...
  2. Save this as CFScript on the desktop.
  3. Referring to the image below, drag CFScript (hold the left mouse button while dragging the file) and drop it (release the left mouse button) into ComboFix.exe.
    CFScript.gif

  4. ComboFix will begin to execute, just follow the prompts. After reboot (in case it asks to reboot), it shall produce a log for you. Post that log (Combofix.txt) in your next reply.
    Note: Do not mouseclick combofix's window while it is running. That may cause your system to hang

Thereafter, please post fresh HJT and AVG Antispyware logs and the resultant ComboFix log from the above instructions as attachments into this thread.


Regards,
momok =)

This thread is for the use of jimrny only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our Security and The Web forum.
 
Hi,

That is not a complete HijackThis logfile; please run a scan and post a new one in your next reply. The rest of your logs look clean.

Regards,
momok
 
Oh sorry, here you go.

Btw, after all the scans my daemon tools is not working anymore. This is the error I get when initializing the program.

"Initialization error. This program requires at least Windows 2000 with SPTD 1.21 or higher. Kernal bugger must be deactivated."
 
Hi,

Your logs look clean now.

  1. Please download and run CCleaner via step 9 of the instructions HERE.

  2. Delete all files in AVG Antispyware Quarantine folder. (located in C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Quarantine)

  3. Turn off system restore (XP/ME only). Learn how to do that HERE.
    This will remove all the remaining nasties from your old restore points.

  4. After that turn system restore back on.
    This would have created a new safe and clean restore point for your system.

  5. Often times, an infection can occur again not due to the incompetence of programs, but because of user habits.
    May I recommend you to read this article.
    This can help to prevent future infections.

With regards to your daemon tools, I'm not sure what could be the cause. Perhaps you could post a new thread in the misc tools section with the exact details and error message to ask for advice.Should you have any further problems, please post in this thread.


Regards,
momok =)

This thread is for the use of jimrny only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Thread closed. Should the original starter require it to be reopened, please PM a mod.
 
Status
Not open for further replies.

Similar threads

Shawn Knight
iRobot redefines value with the new sub-$300 Roomba Combo Essential
Replies
1
Views
87
NumberNine
NumberNine
E
I have been taken over by a software called Astanda using XML to Log everything and roaming to an SQL server.
Replies
0
Views
481
eriksnyman1
E
Shawn Knight
Google fully discontinues cache links in Search
Replies
9
Views
529
Tinderbox
Tinderbox

Latest posts

Back