Could you please have a look at my log?

By Marco Scourtis ยท 4 replies
Apr 24, 2006
  1. hello everyone my name is marco and i am an archaeologist student.
    i accidentally came across a trojan virus that is not deleting from my pc. I stumbled acrooss your forums and followed/downloaded all the info and programs you give.
    So after failing to remove the virus i got hijack this and this is my log

    i would be very gratefull if you could have a look at it
    thanks in advance

  2. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Hello and welcome to Techspot.

    Boot into safe mode. See how HERE.

    Turn off system restore.(XP/ME only) See how HERE.

    In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how HERE.

    Open your task manager, by holding down the ctrl and alt keys and pressing the delete key.

    Click on the processes tab and end process for(if there).


    Close task manager.

    Run HJT with no other programmes open. Have HJT fix the following, by placing a tick in the little box next to(if there).

    O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll

    O4 - HKCU\..\Run: [Calpjwih] C:\WINDOWS\?dobe\w?auclt.exe

    O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) -
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) -
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) -
    O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) -
    O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) -

    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

    O20 - Winlogon Notify: winuns32 - winuns32.dll (file missing)

    Click on the fix checked button.

    Close HJT.

    Locate and delete the following bold files(if there).


    Reboot into safe mode and turn system restore back on.

    Regards Howard :wave: :wave:
  3. Marco Scourtis

    Marco Scourtis TS Rookie Topic Starter

    Thank you for the swift reply, Do i have to fix all the files you listed or just the bold/udnerlined one?

    also by locate the file do you mean manually locating and deleting?

    thanks for welcome too = )

  4. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    I mean you should go to the following directory and delete the bold entries.


    Follow all the instructions I posted. In the order they are given.

    Regards Howard :)
  5. Marco Scourtis

    Marco Scourtis TS Rookie Topic Starter

    Ok i have followed the instruction to the word, some of the things didnt match like I could not find the process to end it, nor find the folders in C drive. However everything seemed fine, As i booted up no virus warning came up, and i decided to run Avg. Avg detects 2 viruses still : !update.exe and !update-3595(1),00000.

    Any advide or action on this please

    Marco Scourtis
Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...