TechSpot

Infected by us0105.exe I think. Help!

By top_model_guy
Sep 30, 2007
  1. Last night I was looking through torrents and came across a file I wanted; the site asked for an email address (I provided it like a novice) and then I never was able to get the torrent but instead other windows requesting survey fill outs. Neither my ZoneAlarm or AVG protected me, but from ZoneAlarm looking at programs I noticed that the file us0105.exe was accessed around the time that my computer was taken over--I am no longer able to access task manager nor control panel nor the general documents and settings folder--and in addition Bonjour service became active in the running programs under ZoneAlarm. I really need your help; the virus or whatever it is said that another user was making copies of my hard drive. I have attached a HJT log. Thanks in advance guys: you are always so helpful.
     
  2. Spyder_1386

    Spyder_1386 TS Rookie Posts: 498

    hey top_model_guy. Follow the steps on this page

    http://www.techspot.com/vb/topic58138.html . lol sorry i don't know how to post it with the "here" thingy yet, as u can see i'm still in training.

    I'm sure that once you've completed them your pc will be squeeky clean.

    Spyder_1386 :)
     
  3. top_model_guy

    top_model_guy TS Rookie Topic Starter Posts: 79

    I have just completed step 12 and here are the logs that it says to post. I think that alot of things have been removed from my system and I finally have access to the control panel, and administrator's documents and settings, etc. Just have to finish the rest of the steps (that guide has really helped:))
     
  4. Rik

    Rik Banned Posts: 3,814

    Will this

    C:\Program Files\Prevx2\PXConsole.exe

    Uninstall via add remove programs?

    If so, uninstall it.

    There is a little more that needs doing yet.



    This thread is for the use of top_model_guy only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  5. top_model_guy

    top_model_guy TS Rookie Topic Starter Posts: 79

    Just completed all of the steps. Here are the 3 logs. I hope I'm clean: if not I still may need your help! :) Thanks!
     
  6. Rik

    Rik Banned Posts: 3,814

    Only 2 minor problems show in your HJT log.

    Run HJT with no other programmes open. Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).

    O2 - BHO: (no name) - orer - (no file)
    O2 - BHO: (no name) - rsion - (no file)


    Click on the fix checked button.

    Close HJT.

    Let me know how your system is runnung and if you still have any problems.


    This thread is for the use of top_model_guy only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  7. top_model_guy

    top_model_guy TS Rookie Topic Starter Posts: 79

    Here's the newest log I've done. I hope everything is cleared up now. My next question is: Do I need to keep all these programs the guide called for? Previous to this I did have ZoneAlarm and AVG Security Center--the free stuff. I ask because these programs seem to consume alot of space together. Also I've had this problem for a while, but it isn't too major; I'd just like to know how can I configure ZoneAlarm so it won't block internet explorer--it does not always do this, but if my browser hasn't been active for a while it does. My solution to it is to open firefox and then somehow internet explorer regains internet access. Thanks!
     
  8. Rik

    Rik Banned Posts: 3,814

    Your log looks clean you are good to go.

    You need to choose 1 firewall and 1 virus scanner, any more of each and you may have problems. Spyware scanners on the other hand don't tend to conflict with one another so you can have several.

    Keep whichever software you trust or whichever seemed to get the best results.

    Let me know how your system is running and post back here it you should have any problems.



    This thread is for the use of top_model_guy only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...