debonair247
Posts: 13 +0
The HFT list looks like Chinese Algebra to me. Please Advise!
Hi, I Need An Interpreter For My HJT Log
- Thread starter debonair247
- Start date
- Status
howard_hopkinso
Posts: 21,238 +17
Hello and welcome to Techspot.
Your system is infected with a variety of nasties.
Very Important: Before deciding whether you should clean or reformat your system, go and read this thread HERE and decide what it is you want to do.
If after reading the above, you wish to clean your system, do the following.
Go to add remove programmes in your control panel and uninstall anything to do with(if there)
Image ActiveX Object
Close control panel.
Then, go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.
Post fresh HJT and AVG Antispyware logs as attachments into this thread, only after doing the above.
Regards Howard :wave: :wave:
This thread is for the use of debonair247 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Your system is infected with a variety of nasties.
Very Important: Before deciding whether you should clean or reformat your system, go and read this thread HERE and decide what it is you want to do.
If after reading the above, you wish to clean your system, do the following.
Go to add remove programmes in your control panel and uninstall anything to do with(if there)
Image ActiveX Object
Close control panel.
Then, go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.
Post fresh HJT and AVG Antispyware logs as attachments into this thread, only after doing the above.
Regards Howard :wave: :wave:
This thread is for the use of debonair247 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
debonair247
Posts: 13 +0
Help! Encountering Roadblocks in removal steps
Greetings:
When I reach the SmithFraudFix, my computer (Xp OS) doesnt' reboot in to Safe Mode by tapping nor holding down the F8key, in order to start the Clean process. Please Advise!
So far, after running CCleaner, and installing AVG Anti-Spy, Ad-Aware, and SFFix, my System Alert Pop-ups and Active X Objects are no longer active and present. Wow!
But I need to proceed thru the remaining steps, I know.
Thanx
Greetings:
When I reach the SmithFraudFix, my computer (Xp OS) doesnt' reboot in to Safe Mode by tapping nor holding down the F8key, in order to start the Clean process. Please Advise!
So far, after running CCleaner, and installing AVG Anti-Spy, Ad-Aware, and SFFix, my System Alert Pop-ups and Active X Objects are no longer active and present. Wow!
But I need to proceed thru the remaining steps, I know.
Thanx
howard_hopkinso
Posts: 21,238 +17
I have merged your new thread into this one. Please continue to post in this thread.
What happens when you try and enter safe mode?
Regards Howard
This thread is for the use of only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
What happens when you try and enter safe mode?
Regards Howard
This thread is for the use of only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
debonair247
Posts: 13 +0
Safe Mode Reply
My computer simply starts back up in normal mode. Nothing changes when I tap on or hold down the F8 key.
My computer simply starts back up in normal mode. Nothing changes when I tap on or hold down the F8 key.
howard_hopkinso
Posts: 21,238 +17
debonair247
Posts: 13 +0
Scan Results & Logs
I was able to run/clean SFfix in normal mode. All programs operated properly, except Ad-Aware stopped and froze its scanning process at a file in "docs & settings" folder. I attempted this twice, but, I needed to cancel to close it out. Other then that, everything else worked fine.
Thanx
I was able to run/clean SFfix in normal mode. All programs operated properly, except Ad-Aware stopped and froze its scanning process at a file in "docs & settings" folder. I attempted this twice, but, I needed to cancel to close it out. Other then that, everything else worked fine.
Thanx
howard_hopkinso
Posts: 21,238 +17
Run HJT with no other programmes open. Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).
O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - (no file)
O4 - Startup: Reboot.exe
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZNxmk121YYUS
O9 - Extra button: Instant Buzz - {066040F0-5018-4E15-8AA0-81D36136D989} - C:\WINDOWS\system32\shdocvw.dll
O16 - DPF: {321F38B6-7E5F-470E-B58C-927523B7AF92} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1069_em_XP.cab
O16 - DPF: {5F4D3335-3194-4167-85AE-E7325F2695EF} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1068_em_XP.cab
O16 - DPF: {AA59202C-5E41-48FC-AF7D-324F5FD6A9F1} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1070_em_XP.cab
O16 - DPF: {BFC9677B-8006-4336-9D49-2C797AEFCB9E} - http://akamai.downloadv3.com/binaries/EGDAccess/EGDACCESS_1058_XP.cab
Click on the fix checked button.
Close HJT and reboot your system.
Post a fresh HJT log and let me know if you`re still having problems.
Regards Howard
This thread is for the use of debonair247 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - (no file)
O4 - Startup: Reboot.exe
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZNxmk121YYUS
O9 - Extra button: Instant Buzz - {066040F0-5018-4E15-8AA0-81D36136D989} - C:\WINDOWS\system32\shdocvw.dll
O16 - DPF: {321F38B6-7E5F-470E-B58C-927523B7AF92} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1069_em_XP.cab
O16 - DPF: {5F4D3335-3194-4167-85AE-E7325F2695EF} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1068_em_XP.cab
O16 - DPF: {AA59202C-5E41-48FC-AF7D-324F5FD6A9F1} - http://scripts.dlv4.com/binaries/egaccess4/egaccess4_1070_em_XP.cab
O16 - DPF: {BFC9677B-8006-4336-9D49-2C797AEFCB9E} - http://akamai.downloadv3.com/binaries/EGDAccess/EGDACCESS_1058_XP.cab
Click on the fix checked button.
Close HJT and reboot your system.
Post a fresh HJT log and let me know if you`re still having problems.
Regards Howard
This thread is for the use of debonair247 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
debonair247
Posts: 13 +0
HJT Log After 'Fixed Problems'
It appears that ALL of my malware, adware, spyware, and ware-ever else has been eliminated.
It appears that ALL of my malware, adware, spyware, and ware-ever else has been eliminated.
howard_hopkinso
Posts: 21,238 +17
Your HJT log is now clean.
Turn off system restore.(XP/ME only) See how HERE.
Now, turn system restore back on. This will have deleted all your old restore points and any nasties that are in them. It will also have created a new, clean restore point.
If you have any further virus/spyware problems, please post in this thread.
Regards Howard
This thread is for the use of debonair247 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Turn off system restore.(XP/ME only) See how HERE.
Now, turn system restore back on. This will have deleted all your old restore points and any nasties that are in them. It will also have created a new, clean restore point.
If you have any further virus/spyware problems, please post in this thread.
Regards Howard
This thread is for the use of debonair247 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
debonair247
Posts: 13 +0
Sure Thing
Thank you for your tech-pertise... it's all worth following thru your instructions to completion. Much props and gratitude.
DT
Thank you for your tech-pertise... it's all worth following thru your instructions to completion. Much props and gratitude.
DT
debonair247
Posts: 13 +0
Help, More Pop-ups!
Greetings:
Most of the malware, adware, and spyware pop-ups I had are gone, but, I am still getting a pop-up for DriveCleaner, and this other pop-up comes up right before I log into a my yahoo mail (but its screen window is blank):
http://em.gad-network.com/eas?cu-70&login=672125&mediad_prefix, etc... windows explorer
Please Advise!
Thanx
Greetings:
Most of the malware, adware, and spyware pop-ups I had are gone, but, I am still getting a pop-up for DriveCleaner, and this other pop-up comes up right before I log into a my yahoo mail (but its screen window is blank):
http://em.gad-network.com/eas?cu-70&login=672125&mediad_prefix, etc... windows explorer
Please Advise!
Thanx
tomrca
Posts: 924 +3
from spybot forum:I am using SpybotS&D for the last 1.5 years and it is removing most malwares,adwares,spywares successfully and I have put my appreciation in CNET's download.com forum also.I have updated it uptodate,but the following malwares/adwares still remain undetected:-
trafficwaypointcash.com/access.php,emoctionsplanet.com,avatarsplanet.com,
~Hotsexy girls Internet Explorer~,~Crazygirls internet Explorer~,amaena.com,
burstnet.com,em.gad -network.com. These are all opened in IE only,forcibly through 'epass-key.com/?' with an id=4321&nums=N011WWG1Z-
Why SpybotS&D cannot detect these and remove?
Can SpybotS&D give new detection rules for invasion of such malwares ?
Thanks,BMENON.
clear all url's
i would have thought that avg antispyware cleaned that one. run blacklight http://www.f-secure.com/blacklight/
trafficwaypointcash.com/access.php,emoctionsplanet.com,avatarsplanet.com,
~Hotsexy girls Internet Explorer~,~Crazygirls internet Explorer~,amaena.com,
burstnet.com,em.gad -network.com. These are all opened in IE only,forcibly through 'epass-key.com/?' with an id=4321&nums=N011WWG1Z-
Why SpybotS&D cannot detect these and remove?
Can SpybotS&D give new detection rules for invasion of such malwares ?
Thanks,BMENON.
clear all url's
i would have thought that avg antispyware cleaned that one. run blacklight http://www.f-secure.com/blacklight/
howard_hopkinso
Posts: 21,238 +17
Download the Autoruns programme from HERE. When the programme runs, click options and make sure the "Hide Microsoft Entries" is ticked. Click the file menu and select refresh. Click the save icon and save the Autoruns log to wherever you want.
Attach the Autoruns log here, as well as a fresh HJT log.
Regards Howard
This thread is for the use of debonair247 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Attach the Autoruns log here, as well as a fresh HJT log.
Regards Howard
This thread is for the use of debonair247 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
debonair247
Posts: 13 +0
Attached: AutoRun Log & Fresh HJT Log
Here's my new AutoRun Log & Fresh HJT Log.
Thanx
Here's my new AutoRun Log & Fresh HJT Log.
Thanx
howard_hopkinso
Posts: 21,238 +17
Run HJT and click the Config button, followed by the Misc Tools button. Click the Open Uninstall manager button. Click the Save List button and save to wherever you want. Close HJT and attach the list here.
Regards Howard
This thread is for the use of debonair247 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Regards Howard
This thread is for the use of debonair247 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
debonair247
Posts: 13 +0
HJT Uninstall List
Here's the uninstall list.
Here's the uninstall list.
howard_hopkinso
Posts: 21,238 +17
Download the AVG Antirootkit programme. Disconnect from the net and install the programme, then restart your computer.
Run the programme and click the "Perform in-depth search." Allow AVG to complete the scan. The AVG scanner will give the "Rootkit path"
* Select the Rootkit Driver by placing a checkmark against it and click "Remove selected items." Next, agree for the terms and conditions that is displayed by AVG and click "OK" to reboot the PC. Reconnect to the net.
Download and run the Blacklight programme. Follow all the instructions carefully.
Let me know the results of the above rootkit scans
Regards Howard
This thread is for the use of debonair247 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Run the programme and click the "Perform in-depth search." Allow AVG to complete the scan. The AVG scanner will give the "Rootkit path"
* Select the Rootkit Driver by placing a checkmark against it and click "Remove selected items." Next, agree for the terms and conditions that is displayed by AVG and click "OK" to reboot the PC. Reconnect to the net.
Download and run the Blacklight programme. Follow all the instructions carefully.
Let me know the results of the above rootkit scans
Regards Howard
This thread is for the use of debonair247 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
debonair247
Posts: 13 +0
Rootkit Results
The AVG rootkit found and removed 5 root paths.
The BLBeta rootkit eliminator found NO hidden root paths.
The AVG rootkit found and removed 5 root paths.
The BLBeta rootkit eliminator found NO hidden root paths.
howard_hopkinso
Posts: 21,238 +17
So, how`s your system running now?
Regards Howard
Regards Howard
debonair247
Posts: 13 +0
So far, so good!
So far, no pop-ups. But I'll see how it goes and keep you posted after about 24 hrs.
Thanx a million, Howard.
So far, no pop-ups. But I'll see how it goes and keep you posted after about 24 hrs.
Thanx a million, Howard.
howard_hopkinso
Posts: 21,238 +17
That`s good news.
If you have any further virus/spyware problems, please post in this thread.
Regards Howard
This thread is for the use of debonair247 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
If you have any further virus/spyware problems, please post in this thread.
Regards Howard
This thread is for the use of debonair247 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
debonair247
Posts: 13 +0
Sure Thing
I'll be in touch tomorrow... thanx.
I'll be in touch tomorrow... thanx.
debonair247
Posts: 13 +0
No more pesky pop-ups!
It's been 24 hrs and I have received NO more pop-ups.
Thanx again Howard.
It's been 24 hrs and I have received NO more pop-ups.
Thanx again Howard.
- Status
