also @ TechSpot: Verizon doubles FiOS speeds to 300Mbps, prices to increase

TechSpot
Collaborate in the cloud with Office, Exchange, SharePoint, and Lync.
Microsoft Office 365. Pay-as-you-go starting at $8/user/month. Begin your free trial now.

new here, can someone check my log :)

Discussion in 'Virus and Malware Removal' started by RST531, Nov 1, 2007.

Thread Status:
Not open for further replies.

  1. RST531 Newcomer, in training

    first off, great site. i did the whole clean up and it went smooth. so here is my log and text files. can someone check them out and let me know what file i should fix with hijackthis.exe. thank in advance
    RST531, Nov 1, 2007
    #1

  2. Bobbye Helper on the Fringe

    RST531, I don't do the hijack logs- someone will be along to review the logs. But as a matter of information, what 'clean up' are you referring to? Additionally, are you having a problem with your system that might indicate you have malware? Or are you just looking for someone to help to streamline the system?
    Bobbye, Nov 1, 2007
    #2

  3. RST531 Newcomer, in training

    ok sorry about that. the clean up was "Viruses/Spyware/Malware, preliminary removal instructions" the 15 step process.
    link here: techspot.com/vb/topic58138 (cant post links yet)

    Well my comp was acting up, i was getting pop up saying my sytem needed virus program so i closed it and then this will happen 3 more times and an hour or more later the same series of pop ups will happen again. that was the first i noticed i had a prob. and also for web searches i would get redirect to this website something like web-prayers com. so i did the above process and it seems to work now but i wanna confirm it to be safe. also i wanted my comp to be alil more streamlined since its work computer.
    RST531, Nov 1, 2007
    #3

  4. howard_hopkinso Newcomer, in training

    Hello and welcome to Techspot.

    You haven`t attached a Combofix log as per the instructions. Nor have you let us know the results of the Panda Antirootkit scan.

    Run HJT with no other programmes open(except notepad). Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).

    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://cshelpdesk/start.asp?user=ppolague

    O2 - BHO: (no name) - {18637589-64B3-4E6C-9D57-0FA0D96A840B} - (no file)

    O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)

    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

    O2 - BHO: (no name) - {F01720C0-6026-4C2A-90F4-F081BF246A85} - C:\WINDOWS\system32\awvww.dll (file missing)

    O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)

    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/dim2/default/popcaploader_v6.cab

    Click on the fix checked button.

    Close HJT and reboot your system.

    Post fresh HJT and Combofix logs, as well as the results of the Panda Antirootkit scan.

    Regards Howard :wave: :wave:

    This thread is for the use of RST531 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
    howard_hopkinso, Nov 1, 2007
    #4

  5. RST531 Newcomer, in training

    ok sorry about the combofix log (mistaken the vundo text as the combofix text) attached now.

    and for the Panda Antirootkit, it didnt find or do anything. and attached is the new HJT log.

    and again thanks for taken the time to check my stuff out. :wave:
    RST531, Nov 1, 2007
    #5

  6. howard_hopkinso Newcomer, in training

    Your HJT log is clean.

    Open notepad and copy/paste the text in the code box below into it:
    NOTE* make sure to only highlight and copy what is inside the quote box nothing out side of it.
    Also ..

    Pay particular attention to this :-

    Make sure the word File:: is on the first line of the text file you save (no blank line above it, & no space in front of it)
    Code:


    Save this as CFScript.txt

    Then drag the CFScript.txt into ComboFix.exe as you see in the screenshot below.

    [IMG]

    This will start ComboFix again. After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply.

    Let me know if you`re still having problems.

    Regards Howard :)

    This thread is for the use of RST531 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
    howard_hopkinso, Nov 1, 2007
    #6

  7. RST531 Newcomer, in training

    ok here is the new combofix.txt.

    and i think everything is fine. the problems that usually happened, hasnt so far. but i wanna get some experienced advice to be sure i didnt miss anything.
    RST531, Nov 1, 2007
    #7

  8. howard_hopkinso Newcomer, in training

    Use the following script in Combofix as last time.

    Once done, delete the C:\Qoobox folder.

    Turn off system restore.(XP/ME only) See how HERE.

    Now, turn system restore back on. This will have deleted all your old restore points and any nasties that are in them. It will also have created a new, clean restore point.


    If you have any further virus/spyware problems, please post in this thread.

    Regards Howard :)

    This thread is for the use of RST531 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
    howard_hopkinso, Nov 1, 2007
    #8

  9. RST531 Newcomer, in training

    great! thanks for all the help.

    This thread is now closed: If you need this thread unlocking, please pm a moderator with a link to the thread.

    Only the original thread starter can do this. Anyone else, will be ignored.
    RST531, Nov 1, 2007
    #9
Thread Status:
Not open for further replies.