TechSpot

infected by spyware etc - please help - hjt log

By speedfreek
Mar 1, 2005
  1. Hi

    I followed all of the procedures in the main ppost about hijack this but I'm still having problems.

    I've attached my hikack this log file. Help very much appreciated
     
  2. RealBlackStuff

    RealBlackStuff TS Rookie Posts: 8,165

    Boot in Safe Mode
    Switch System restore OFF
    Press ctrl/alt/del and in Taskmanager try to STOP:

    addfy.exe
    netpv.exe

    Next, run HJT and let it 'fix':
    C:\WINDOWS\system32\addfy.exe
    C:\WINDOWS\system32\netpv.exe
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\kmkuw.dll/sp.html#75034
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\kmkuw.dll/sp.html#75034
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\kmkuw.dll/sp.html#75034
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\kmkuw.dll/sp.html#75034
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\kmkuw.dll/sp.html#75034
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\kmkuw.dll/sp.html#75034
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\kmkuw.dll/sp.html#75034
    R3 - Default URLSearchHook is missing
    O2 - BHO: (no name) - {4EEA0A70-4D17-292B-4EC2-483BFC6A677F} - C:\WINDOWS\sdkes.dll
    O4 - HKLM\..\Run: [netpv.exe] C:\WINDOWS\system32\netpv.exe
    O23 - Service: Network Security Service - Unknown - C:\WINDOWS\system32\addfy.exe

    When done, delete the bold files. When a directory-name is bold, delete everything in it, including that directory itself.
    Boot normal. When all OK, switch System Restore back on.
     
  3. speedfreek

    speedfreek TS Rookie Topic Starter

    This is what I got now. Appears to have worked. Many many thanks oh wise one!
     
  4. speedfreek

    speedfreek TS Rookie Topic Starter

    And yes it was a lovely day for a guinness. I had a nice cool pint myself today to wash down a dirty burger. Good times!
     
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.