also @ TechSpot: IBM's Watson conquers Jeopardy, cancer and now customer service

My log

Discussion in 'Virus and Malware Removal' started by frosty_65, Apr 10, 2007.

  1. frosty_65 Newcomer, in training

    OS: Vista Home Premium

    Problem: None that I know of.

    More 411: Followed sticky preliminary removal instructions.

    Didnt work: AVG Antispyware, combofix.exe, Look2Me-Destroyer

    Everything came back clean nothing found on my system but i do not understand HJT logs. So there probably problems that i don't know of.


    Thank you
    frosty_65, Apr 10, 2007
    #1

  2. howard_hopkinso Newcomer, in training Posts: 25,949   +16

    Please visit this link http://virusscan.jotti.org/
    * Click the Browse... button
    * Navigate to the following file %WINDIR%\SMINST\launcher.exe
    * Click Open
    * Please let me know the results.

    Regards Howard :)

    This thread is for the use of frosty_65 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
    howard_hopkinso, Apr 10, 2007
    #2

  3. frosty_65 Newcomer, in training

    Found Nothing! That is good right?

    Thanks
    frosty_65, Apr 10, 2007
    #3

  4. momok Newcomer, in training Posts: 2,272

    I find the following entries a little fishy. Do you know what they are Howard?

    O13 - Gopher Prefix:
    O17 - HKLM\System\CCS\Services\Tcpip\..\{BC1206EB-AE85-4833-901F-16AFF14E1757}: NameServer = 66.75.164.90,66.75.164.89
    O17 - HKLM\System\CCS\Services\Tcpip\..\{FF1DAC66-051C-4416-B731-D639D6385BB1}: NameServer = 66.75.164.90,66.75.164.89

    From what I know, O17 entries are lop.com domain hijackers, not safe to have if the ips contained in them are not the user's own ISP domain.

    O13 entries are IE DefaultPrefix hijacks. Several sites I checked with recommended fixing O13 entries always.
    momok, Apr 10, 2007
    #4

  5. howard_hopkinso Newcomer, in training Posts: 25,949   +16

    frosty_65: In that case, your HJT log is clean.

    momok: 017 entries are usually safe except when they are part of a hijacker.(see the other thread you replied to.)

    Not all 013 entries are nasty and in frosty_65`s case the 013 entry is perfectly legit and is part of Windows Vista.

    If you have any further virus/spyware problems, please post in this thread.

    Regards Howard :)

    This thread is for the use of frosty_65 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
    howard_hopkinso, Apr 10, 2007
    #5

  6. frosty_65 Newcomer, in training

    Thank you both for your help. Will post if I have any concerns. Thanks Again!
    frosty_65, Apr 10, 2007
    #6
     
Topic Status:
Not open for further replies.

Add New Comment

Social Login & Guest Posting

TechSpot Members
Login here or sign up for free,
it takes about a minute.
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.