Help viruses :(

[neel4life]

can someone pls tell me wat to delete unable to acces certain sites such as www.hi5.com HIJ log attached...

 

[howard_hopkinso]

Hello and welcome to Techspot.

Go HERE and follow the instructions exactly.

Post a fresh HJT log, only after doing the above.

Regards Howard :wave: :wave:

 

[fastco]

You HJT log looks pretty clear. There is one entry ALCMTR.EXE which is an information gathering program used by Realtek but it's not evil. If it bothers you you can go here http://www.bleepingcomputer.com/tutorials/tutorial101.html and follow the How to Remove instructions. There is one entry in HJT you can remove:
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll (file missing)
Everything else looks OK to me.

 

[neel4life]

i deleted O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll (file missing)

Also ran the checks howard forwarded..have had Spybot S&D and Adware Personal since i've had this PC..ran VX2 adware shows system clean..CWShredder shows no hijacks present..ewido is still scanning taking a while now :| so far think its only found couple cookies...errm recieved winantivirus pro pop ups a couple weeks back thought i fixed that but ran spybot S&D keep gettin 2 entries of disabled anti virus and firewall...keep fixing but keeps coming bak..idont think the hijack log shows entries of this not sure repostin fresh hijack log after making changes...they look the same not sure...

But still cant think of a reason why this would stop me going to certain websites...usually gud with stf like this...confused :S

 

[altheman]

Check your hosts file (C:\windows\system32\drivers\etc\) for entries with the loopback address (127.0.0.1)

 

[neel4life]

checked no loopback address although ewido has just found a trojan called small?!? still scanning....

 

[neel4life]

scan completed only the 1 trojan "small" still cant access www.hi5.com and other sites it isnt a internet settings problem can only think of it being a type of virus...not sure..any ideas??

 

[howard_hopkinso]

Open your task manager, by holding down the ctrl and alt keys and pressing the delete key.

Click on the processes tab and end process for(if there).

ALCMTR.EXE

Close task manager.

Run HJT with no other programmes open. Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank

O4 - HKLM\..\Run: [farstone] NULL

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

Click on the fix checked button.

Locate and delete the the following bold file.

ALCMTR.EXE You will need to search your system for this file and delete all instances of it.

Reboot your system.

Other than the above, your HJT log is clean.

Regards Howard

 

[neel4life]

did all the above..thanks for ur help posted log after made changes...still cant get on websites can u think of any reason 4 this?

 

[howard_hopkinso]

I can`t find anything in your HJT log that would account for your problems.

I advise you to contact your ISP and ask them if there are having any problems.

Regards Howard