TechSpot

HijackTis logfile

By mystiqu
May 27, 2007
  1. [Edit: updated hijackthis log file]
    Hi all

    After 1 year of misuse (my younger brothers and sisters computer) it´s time to clean (or at least try to) this system!

    I´m currently following the "cleaning guide" in this forum, and here is a hijackthis logfile for you :)

    I have already removed an extremly nasty rootkit infection which almost caused me to give up and format the disk: Backdoor.Rustock.B

    Great guide btw!!

    Thanks in advance

    [Edit]
    Following removers executed:

    AdAware
    AVG Anti-rootkit
    AVG Antispyware
    AVG Antivirus (Full system scan)
    Combofix
    CrapCleaner
    Error Killer
    Look2Me Destroyer
    SmitFraudFix 2.188
    Spybot S&D
    Spyware Dr
    Virtual Be Gone
    Vundofix

    [/Edit]

    /Mikael
     
  2. kitty500cat

    kitty500cat TS Evangelist Posts: 2,154   +6

    Hi and welcome to TechSpot.

    Run HijackThis and scan with it. Place a check in the box next to the following entries (if there):

    R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)

    O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)

    O21 - SSODL: siren.dll - {72817324-5351-131a-57ed-92d682644311} - (no file)

    Click the Fix Checked button and then close HijackThis.

    Now go and read the Viruses/spyware/malware, preliminary removal instructions. Follow all the instructions exactly.

    Post fresh HJT, ComboFix, and AVG Antispyware logs as attachments into this thread, only after doing the above. Also post here the results of the AVG Antirootkit scan.

    Regards :)

    This thread is for the use of mystiqu only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our Security and the Web forum.
     
  3. mystiqu

    mystiqu TS Rookie Topic Starter

    New log files

    Hi - Thanks for the reply!

    I have followed all the steps and attached new log files from hjt, avg antispyware and combofix.

    AVG anti-rootkit did not find anything.

    Regards
    Mikael
     

    Attached Files:

  4. kitty500cat

    kitty500cat TS Evangelist Posts: 2,154   +6

    Please visit this link http://virusscan.jotti.org/
    * Click the Browse... button
    * Navigate to the following files:
    C:\WINDOWS\system32\Partizan.exe
    C:\dumdvdkernl.sys
    C:\WINDOWS\system32\lttdll.dll
    C:\WINDOWS\system32\pureplug.dll
    C:\WINDOWS\system32\lttusb.dll

    * Click Open
    * Please let me know the results.
     
  5. mystiqu

    mystiqu TS Rookie Topic Starter

    So far so good

    Hi - sorry for the late reply!

    But here are the results:

    C:\WINDOWS\system32\Partizan.exe : Nothing Found
    C:\dumdvdkernl.sys : Nothing Found
    C:\WINDOWS\system32\lttdll.dll : Nothing Found
    C:\WINDOWS\system32\pureplug.dll : Nothing Found
    C:\WINDOWS\system32\lttusb.dll : Nothing Found

    So far so good - anything else you want me to do?

    Btw, thanks for all the help! :)


    Regards
    Mikael
     
  6. kitty500cat

    kitty500cat TS Evangelist Posts: 2,154   +6

    Please have Jotti check the following file yet:

    C:\WINDOWS\system32\reboot.exe

    Let me know what you find out on that. If that's good, your system is clean.

    Regards :)
     
  7. mystiqu

    mystiqu TS Rookie Topic Starter

    Clean and 100 times faster

    Hi

    The file was clean :)

    Btw - The computer is aobut 100 times faster and more responsive now than is was a few days ago... feels like I just reinstalled windows or something :)

    Thanks for all the help!

    Regards
    Mikael
     
  8. kitty500cat

    kitty500cat TS Evangelist Posts: 2,154   +6

    No problem mate. :)

    Have HijackThis fix the following inactive entry yet:

    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

    Turn off system restore (XP/ME only). See how HERE
    This will remove all the remaining nasties from your old restore points.

    Now turn system restore back on.
    This will create a new safe and clean restore point for your system.

    Often times, an infection can occur again not due to the incompetence of programs, but because of user habits.
    May I recommend you to read this article. This can help to prevent future infections.

    Regards :)

    This thread is for the use of mystiqu only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our Security and the Web forum.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...