TechSpot

Double check

By Pc Noob4life
May 3, 2006
  1. Hey,
    I recently sent in a log of HJT last week and had been badly infected with trojan and worms. did all the things u instructed me to do such as format etc. So now just to double check that im in the clear can u have a look at me log plz. thanks
     
  2. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Boot into safe mode. See how HERE. http://www.bleepingcomputer.com/forums/tutorial61.html

    Turn off system restore.(XP/ME only) See how HERE. http://www.bleepingcomputer.com/forums/tutorial56.html

    In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how HERE. http://www.bleepingcomputer.com/forums/tutorial62.html

    Open your task manager, by holding down the ctrl and alt keys and pressing the delete key.

    Click on the processes tab and end process for(if there).

    INS3DT.EXE

    Close task manager.

    Run HJT with no other programmes open. Have HJT fix the following, by placing a tick in the little box next to(if there).

    O4 - HKLM\..\Run: [Ins3DT] D:\INSTALL4\INS3DT.EXE

    O17 - HKLM\System\CCS\Services\Tcpip\..\{57F85FE7-7631-4F20-A197-408F96BA21B3}: NameServer = 194.72.0.98 194.74.65.68 Only fix this entry, if it doesn`t belong to your ISP.

    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

    Click on the fix checked button.

    Close HJT.

    Locate and delete the following bold file(if there).

    D:\INSTALL4\INS3DT.EXE

    Reboot into normal mode and turn system restore back on.

    I see that you have installed AVG antivirus. You should also install a firewall programme, such as Zonealarm free. You can get it HERE.

    Regards Howard :)
     
  3. Pc Noob4life

    Pc Noob4life TS Rookie Topic Starter Posts: 18

    Unsure about ISP

    Hey Howard, what if:

    O17 - HKLM\System\CCS\Services\Tcpip\..\{57F85FE7-7631-4F20-A197-408F96BA21B3}: NameServer = 194.72.0.98 194.74.65.68

    Is something to do with my ISP as i am unsure about it. Im with BT and i didnt set up any ISP server stuff. Thanks
     
  4. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    In that case, go ahead and let HJT fix it. If your internet then doesn`t work just restore that entry by doing the following.

    Run HJT and click on the config button. Click on the Backups button. Tick the little box next to the entry you wish to restore and click on the restore button.

    Reboot your computer.

    Regards Howard :)
     
  5. Pc Noob4life

    Pc Noob4life TS Rookie Topic Starter Posts: 18

    HJT log again....

    hey howard, Ive done your instructions and i think its all running ok now. the O17 HKLM i think is something to do with my ISP cause i couldnt go online after removing it so ihad to reinstall and its come back. Can u take a quick look at the HJT log plz and let me know how it is. Thanks
     
  6. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    You should`ve posted this in the thread you already had running, rather than opening a new thread.


    Your HJT log Is clean.

    Regards Howard :)

    Edit: I have merged this thread with your existing one.
     
  7. Pc Noob4life

    Pc Noob4life TS Rookie Topic Starter Posts: 18

    Cheers mate, really appreciate the help. keep up the good work!
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...