TechSpot

HJT logs, of HJT, AVG anti spyware, combo fix logs as Mr Howards

By hacsan
May 5, 2007
  1. HJT,AVG anti spyware, combo fix logs as Mr Howards said, explorer error help required

    Dear Howard,

    Thanks for your such a detailed help guide, indeed it is an effort which needs to be appreciated. i thank you a lot.

    i have taken all the steps as you mentioned and now waiting for the response so i can put things on normal track.

    there are three attatchments, of Hjt, Avg anti spyware, and combo fix. i have not yet fix the Hijack log files, waiting for any response..

    second problem i am facing is that my internet options does not allow me to change the default settings of internet explorer, whenever i open internet explorer it takes me to the same web page and then i receive a message from AVG anitvirus that VB.asd virus has been healed, and i can not change the settings as i told you beceause the internet option settings are disable.

    and lastly my hard disk D: partiton does not open with window explorer, whenever i double click it, windows open a dialouge box asking me to choose a programe to open with, but that disk is accessable with folder options, or through right clicking start button and explore.
     

    Attached Files:

  2. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Hello and welcome to Techspot.

    You might want to copy and paste these instructions into a notepad file. Then you can have the file open in safe mode, so you can follow the instructions easier.

    Boot into safe mode, under your normal user name(NOT THE ADMINISTRATOR ACCOUNT). See how HERE.

    In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how HERE.

    Open your task manager, by holding down the ctrl and alt keys and pressing the delete key.

    Click on the processes tab and end process for(if there).

    svchost32.exe<Not to be confused with svchost.exe
    dap74.exe
    toolbar.exe
    rebates.exe

    Close task manager.

    Run HJT with no other programmes open(except notepad). Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).

    O4 - HKLM\..\Run: [Task Manager] C:\WINDOWS\system\svchost.exe

    O4 - HKLM\..\Run: [Yahoo Messenger] C:\WINDOWS\system\svchost32.exe

    Click on the fix checked button.

    Close HJT.

    Locate and delete the following bold files and/or directories(if there).

    C:\WINDOWS\system\svchost.exe<this is nasty and is added by malware, it`s also running from the wrong location.
    C:\WINDOWS\system\svchost32.exe<As above.
    D:\EasyDrive\DAP<Delete the entire folder as it`s infected with adware and a downloader.

    Reboot into normal mode and rehide your protected OS files.

    Post fresh HJT and Combofix logs.

    Regards Howard :wave: :wave:

    This thread is for the use of hacsan only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  3. hacsan

    hacsan TS Rookie Topic Starter

    Brillient Mr howard, Fresh HJT, and combo fix logs

    Thaky you Mr haward, i had a pleasure of doing and taking controll of proceedings under my skin beceause of the instructions told by you, i have not yet run the explorer not even double clicked my partion D:\ to not to activate any thing hiding or embeded.

    here are the fresh logs, please have a look.

    cheers:)
     
  4. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Everything looks fine now.

    Unless you`re still having problems, you should be good to go.

    Turn off system restore.(XP/ME only) See how HERE.

    Now, turn system restore back on. This will have deleted all your old restore points and any nasties that are in them. It will also have created a new, clean restore point.

    If you have any further virus/spyware problems, please post in this thread.

    Regards Howard :)

    This thread is for the use of hacsan only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  5. hacsan

    hacsan TS Rookie Topic Starter

    Oh great-- every thing is fine

    Dear howard,


    it is exciting to have things back on normal, it was great experiencing talking to you, i thank you very much with the core of my heart, for such a professional assistance.

    cheers.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...