Had some nasties, HJT log help

By Panthr
Sep 12, 2006
  1. Howdy everyone. It seems I was a little hasty in my clicking and started a whole chain of events that resulted in two days of lost work time. Got no one to blame but myself and the putz(s) who design these little bits of 'joy'. I had so many vir warnings and drive activity that I just unplugged the network cable.

    Anywho, I read up a bit in this forum and GIS results. It looks like I invited ISMON, ISNOTIFY, ISMINI and INHOST on in and they went to work. Thankfully the boss didn't walk by as the adult ads were pushed to my desktop :blush:

    I ran Norton, AdAware, Spybot, Kaspersky Online, SmitFraudFix, VirtmundoBeGone, Stinger, back to Adaware and Spybot then HJT. I think I'm clean, things seem to be running ok right now.

    Could I get a second opinion? Attached are the various log files.

    Thanks mucho,

    View attachment 8755

    View attachment 8756

    View attachment 8757

    View attachment 8758

    View attachment 8759

    Oops forgot the SmitFraudFix log. This was the most successful removal tool in my situation.

    View attachment 8763
  2. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Hello and welcome to Techspot.

    Run HJT with no other programmes open. Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).

    R3 - Default URLSearchHook is missing

    O17 - HKLM\System\CCS\Services\Tcpip\..\{ECB99710-B0D9-4FA6-8BEA-E9C410EE6400}: NameServer =<Only fix this, if it doesn`t belong to your ISP.

    O20 - Winlogon Notify: winier32 - winier32.dll (file missing)

    Click on the fix checked button.

    Close HJT.

    Other than the above, your HJT log is clean.

    If you have anyfurther virus/spyware problems, please post in this thread.

    Regards Howard :wave: :wave:

    This thread is for the use of Panthr only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...