A challenge for you: nightmare log

Status
Not open for further replies.
U

uzumaki

Posts: 10   +0
Recently I received a "non working" PC for free. From the picture linked below, you can guess why it wasn't working.

DSC01714.jpg
DSC01720.jpg
DSC01719.jpg
DSC01718.jpg
DSC01716.jpg
DSC01717.jpg
DSC01715.jpg

After it was cleaned and done, I was able to boot it and it seemed "fine" hardware wise but at software level it is obvious the PC is badly infested. The size of the log file alone scares me.

I'm inclined to just forget about it and reformat the hard drive. Except I don't have the install CD for this PC and I can't find the hidden partition so it's probably on separate CDs rather than built into the PC like most later HP and Compaq PCs were. The Win XP CD I have are retail version and probably won't work with the XP key that is on the PC case.
 

Attachments

  • hijackthis.log
    9.4 KB · Views: 5
Actually, your HJT log isn`t that bad at all, certainly not as far as any nasties are concerned.

You might want to copy and paste these instructions into a notepad file. Then you can have the file open in safe mode, so you can follow the instructions easier.

Turn off system restore.(XP/ME only) See how HERE.

Boot into safe mode, under your normal user name(NOT THE ADMINISTRATOR ACCOUNT). See how HERE.

In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how HERE.

Go to add remove programmes in your control panel and uninstall anything to do with(if there).

ALURIA~1 or Alura spyware eliminator.
ASE

Close control panel.

Open your task manager, by holding down the ctrl and alt keys and pressing the delete key.

Click on the processes tab and end process for(if there).

ASEserv.exe

Close task manager.

Run HJT with no other programmes open(except notepad). Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mi.gov

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://boards.babycenter.com/n/pfx/forum.aspx?webtag=bcus6346

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

O2 - BHO: CWinAffiliateIEExtension Object - {E8EAEB34-F7B5-4C55-87FF-720FAF53D841} - C:\Program Files\Common Files\midaddle\midaddle.dll (file missing)

O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

O15 - Trusted Zone: http://ad.searchsquire.com

O15 - Trusted Zone: http://search.searchsquire.com

O15 - Trusted Zone: http://update.searchsquire.com

O15 - Trusted Zone: http://www.searchsquire.com

O15 - Trusted Zone: .searchsquire.com[/url]

O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} - http://www.nick.com/common/groove/gx/GrooveAX.cab

O16 - DPF: {93829908-07C2-44A2-95DB-F78F201A9B48} - http://adblock.linkz.com/APHelper.dll

O16 - DPF: {D8EE8DC0-F193-11D0-B1E5-08005A885319} (MicroX Persistent Mainframe Display Control) - https://calltaking2.workathomeagent.net/walldata/curVersion/hostexpress.cab

O16 - DPF: {E7D2588A-7FB5-47DC-8830-832605661009} (Live Collaboration) - http://livenj02.rightnowtech.com/7502-b145h/rnl/java/RntX.cab

O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} - http://download.abacast.com/download/files/abasetup141.cab

O23 - Service: Aluria Spyware Eliminator Service (ASEService) - Unknown owner - C:\PROGRA~1\ALURIA~1\ASE\ASEserv.exe

Click on the fix checked button.

Close HJT.

Locate and delete the following bold files and/or directories(if there).

C:\PROGRA~1\ALURIA~1<Delete the entire folder.

Reboot into normal mode, turn system restore back on and rehide your protected OS files.

Go HERE and follow the instructions for downloading, installing and running AVG Antispyware.

Post a fresh HJT log as well as an AVg Antispyware log.

Regards Howard :)

This thread is for the use of uzumaki only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
latest log from Hijackthis.

I went ahead and dumped Norton in favor of AVG antivirus and spyware tools. Both reported clean though I had to run the spyware tool 3 times to clean out junk.
 
Getting rid of Norton was in my opinion a good move. It`s a resource hog and isn`t very good at killing viruses either.

There`s still a bit of the Aluria Spyware Eliminator running which needs to be stopped.

Click start/run and type services.msc into the run box and press the enter key.

When the window appears, maximise it. Double click on the following services(if there) and select stop if they are running. Set the startup type to disabled. Click apply/ok for each service you disable.

Aluria Spyware Eliminator Service (ASEService)<The service name can be either the main name or the name in brackets.

Close the services window.

Locate and delete the following bold files and/or directories(if there).

C:\PROGRA~1\ALURIA~1<Delete the entire folder. If you can`t delete it, then boot into safe mode and delete it.

Other than the above, your HJT log is clean.

Regards Howard :)

This thread is for the use of uzumaki only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Hmmm... I don't see Aluria anywhere. Not in the task manager, not in the Program folder, and not in add/remove program. They show up only in service.msc so it may be an obsolete entry? I searched the entire hard drive for ase and aluria and found a couple broken shortcuts in the Start menu, nowhere else.

It's been set to disabled anyway.
 
In that case, you`re good to go mate.

If you have any further virus/spyware problems, please post in this thread.

Regards Howard :)

This thread is for the use of uzumaki only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Recently I received a "non working" PC for free. From the picture linked below, you can guess why it wasn't working.

DSC01714.jpg
DSC01720.jpg
DSC017....
Click to expand...

You need to clean out your computer! :D
 
Status
Not open for further replies.

Similar threads

Scorpus
Nvidia app launches in beta: Nvidia's new GPU control panel is much faster, no log in...
2
Replies
28
Views
620
RaXelliX
R
Cal Jeffrey
You can now use your Android device as a webcam in Windows 11
Replies
3
Views
217
Cal Jeffrey
Cal Jeffrey
David Matthews
Microsoft introduces game hubs for PC gamers
Replies
6
Views
173
GoldenGoat
GoldenGoat

Latest posts

Back