TechSpot

Hijackthis logfile posted.....

By amazerhp
Nov 19, 2007
  1. i m very thankful to u guys for helping me.... thanks a lot ... u guyz rock.... jus let me know what all things have to be fixed
     
  2. AlbertLionheart

    AlbertLionheart TechSpot Chancellor Posts: 2,026

    Couple of little things here but nothing really nasty at first sight:
    fix the following, restart and post a new hijackthis log
    O4 - HKLM\..\Policies\Explorer\Run: [status] present
    O4 - HKLM\..\Policies\Explorer\Run: [winlogon] C:\heap41a\svchost.exe C:\heap41a\std.txt
    O4 - Global Startup: Reset.lnk = C:\WINDOWS\repair\reset.bat
    O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe (file missing)
     
  3. amazerhp

    amazerhp TS Rookie Topic Starter

    new log file

    hey ... thanks buddy... i have posted the new log file...
     
  4. AlbertLionheart

    AlbertLionheart TechSpot Chancellor Posts: 2,026

    Looks good - what was the problem or was this just a check??
     
  5. amazerhp

    amazerhp TS Rookie Topic Starter

    hi albertlionheart... when i double click on my harddrive it gives an error msg sayin that..... please go to the control panel and install and configure system components... and if i right click it gives some ascii character in the first row....
    the error is still there.... can u tell me wats the problem with my pc....
    regards, amazerhp
     
  6. AlbertLionheart

    AlbertLionheart TechSpot Chancellor Posts: 2,026

    OK - so go to control panel > system > hardware > device manager and tell us which of the listed items has either a red or yellow mark against it?
     
  7. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Hello and welcome to Techspot.

    Your system is infected with some real nasty malware.

    You`ve also run a crack that alters the security of your registry. C:\WINDOWS\repair\reset.bat

    The best advice I can give you, is to reformat and reinstall from scratch.

    However, if this is not possible, then we can try and clean your system, but I cannot guarantee success.

    Very Important: Before deciding whether you should clean or reformat your system, go and read this thread HERE and decide what it is you want to do.

    If after reading the above, you wish to clean your system, do the following.

    Go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.

    Post fresh HJT, AVG Antispyware and Combofix logs as Attachments into this thread, only after doing the above.

    Also, let me know the results of the Panda Antirootkit scan.

    Regards Howard :wave: :wave:

    This thread is for the use of amazerhp only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  8. AlbertLionheart

    AlbertLionheart TechSpot Chancellor Posts: 2,026

    Hi Howard
    this intrigues me - the second hijackthis log shows clean and the reset.bat has been removed.
     
  9. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Though the second HJT log does look clean, the fact that the infected files from the first HJT log were not deleted, means the infection is still on the system.

    Add to that the irreparable damage that`s been done to the registry by the running of the crack C:\WINDOWS\repair\reset.bat and I believe the best way to proceed is a re-format. Simply removing the crack, won`t have fixed the registry, as the damage was done, the moment the crack was run.

    The bat file will contain the following, or something very like it.

    @echo off
    Rem: Brought to you by: By the best, The only
    Rem: people that did it.
    Rem: AngelDeath, Epyx, Slanchoca, DopeWeasel, Meph.
    Rem: The now Famous 5.
    batch.cmd
    inuse.exe security %systemroot%\system32\config\security /y >nul

    I certainly wouldn`t have run any such nonsense on my system.

    Add to all the above, the fact that amazerhp is having problems with his system and a reformat and reinstall is probably the best way to proceed and will in all likelyhood solve his problems.

    Regards Howard :)

    This thread is for the use of amazerhp only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  10. AlbertLionheart

    AlbertLionheart TechSpot Chancellor Posts: 2,026

    Gotcha - and thanks for the explanation, Howard!
     
  11. amazerhp

    amazerhp TS Rookie Topic Starter

    Logfile posted

    please help me guys....
    have posted hijackthis logfile.... n start up list too...
    help me
     
  12. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Threads merged.

    Your system is badly infected. In fact, it`s even more infected now than it was in your first HJT log.

    You now have two choices.

    Follow all the instructions I gave you in my post#7 of this thread and post the requested log files etc.

    Or, reformat the system.

    Regards Howard :)

    This thread is for the use of amazerhp only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  13. amazerhp

    amazerhp TS Rookie Topic Starter

    hijack this logfile

    i m not able to install.. avg antivirus... n my system reboots frequently.... so please help me... hav posted the hijackthis log file n startup list... thanku
     
  14. momok

    momok TS Rookie Posts: 2,265

    Hi,

    I suggest you do the following before doing anything else

    Important: Please read this thread HERE before deciding if you should CLEAN or FORMAT your system

    Should you decide to that cleaning your system is the best option, please go to Viruses/Spyware/Malware, preliminary removal instructions and follow the steps given.
    Do follow all the instructions exactly.

    Thereafter, please post fresh HijackThis, AVG Antispyware and Combofix logs as attachments into this thread.
    Post only the relevant and requested logs.

    Our experts here will tend to your queries thereafter.

    Also, please provide the results of the Antirootkit scan


    Regards,
    momok =)

    This thread is for the use of amazerhp only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our Security and The Web forum.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...