TechSpot

My logs

By Canaydia
Mar 10, 2009
  1. Hello everyone, i have come across the iamfamous virus on my friends computer, this is my first attempt at removing multiple virus's from a computer. I have followed the instructions on this website and it has told me to post the logs to the three antivirus's used. So here they are. Can anybody tell me if i have done it properly by looking at the logs?
     
  2. BillAllen55

    BillAllen55 TS Maniac Posts: 368

    A begining

    It appears as if this would be a start in getting things straightened out. Other experts would be able to advise you more specifically.
    I would start by checking to fix this items in your hijackthis! program.
    good luck

    O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
    Unnecessary (deactivated) entry that can be fixed. coIEPlg.dll - Browser plugin related with Norton_Confidential, http://www.symantec.com/en/me/home_homeo ffice/products/sysreq.jsp?pcid=ts&pvid=n co

    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    Unnecessary (deactivated) entry that can be fixed. This entry was classified from our visitors as good.

    O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
    Unnecessary (deactivated) entry that can be fixed. This entry was classified from our visitors as good.

    O4 - HKLM\..\Run: [TEPA.exe] "C:\Program Files\TELUS\eProtect Advisor\TEPA.exe" /AUTORUN
    It seems that the name of this program is the same as the name of the file. In the most cases this is the result of trojans. To be sure, you should check this file.

    O4 - HKLM\..\Run: [ContentTransferWMDetector.exe] C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe
    It seems that the name of this program is the same as the name of the file. In the most cases this is the result of trojans. To be sure, you should check this file.

    O17 - HKLM\System\CCS\Services\Tcpip\..\{79A32DBC-FEC9-45D4-AE0F-203C49003642}: NameServer = 85.255.112.39,85.255.112.40
    Do you know the IP or Domain '85.255.112.39,85.255.112.40'? If not, fix this entry.

    O17 - HKLM\System\CCS\Services\Tcpip\..\{F1AF064C-AC39-4403-9C45-34A8A432A2C4}: NameServer = 85.255.112.39,85.255.112.40
    Do you know the IP or Domain '85.255.112.39,85.255.112.40'? If not, fix this entry.

    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.112.39,85.255.112.40
    Do you know the IP or Domain '85.255.112.39,85.255.112.40'? If not, fix this entry.

    O17 - HKLM\System\CS1\Services\Tcpip\..\{79A32DBC-FEC9-45D4-AE0F-203C49003642}: NameServer = 85.255.112.39,85.255.112.40
    Do you know the IP or Domain '85.255.112.39,85.255.112.40'? If not, fix this entry.

    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.39,85.255.112.40
    Do you know the IP or Domain '85.255.112.39,85.255.112.40'? If not, fix this entry.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...