Hijack this log!
- Thread starter maki_pg
- Start date
kitty500cat
Posts: 1,391 +6
Hello and welcome to TechSpot.
It seems like there is just a bunch of adware, maybe a little spyware, infections, in which case you might as well not reformat.
Anyway, have HJT fix these entries (if there):
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.cg.ac.yu:8080<--fix this only if you didn't set this proxy yourself or if you don't know what it is
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 89.188.32.*;<local><--fix this only if you didn't set this proxy yourself or if you don't know what it is
O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\Program Files\DAP\DAPIEBar.dll
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\PROGRA~1\DAP\DAP.EXE
Now go into Add/Remove programs in Control Panel and delete anything relating to DAP or the DAP toolbar.
Now boot into safe mode, under your normal user name (not the administrator account). See how HERE.
Go into C:\Program Files and delete the entire DAP folder (if there).
Now reboot into normal mode.
Finally, please read the Viruses/spyware/malware, preliminary removal instructions. Follow all the instructions exactly, then post fresh HJT, Combofix, and AVG Antispyware logs as attachments into this thread. Also post here the results of the AVG Antirootkit scan.
Regards
This thread is for the use of maki_pg only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in the Security and the Web forum.
It seems like there is just a bunch of adware, maybe a little spyware, infections, in which case you might as well not reformat.
Anyway, have HJT fix these entries (if there):
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.cg.ac.yu:8080<--fix this only if you didn't set this proxy yourself or if you don't know what it is
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 89.188.32.*;<local><--fix this only if you didn't set this proxy yourself or if you don't know what it is
O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\Program Files\DAP\DAPIEBar.dll
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\PROGRA~1\DAP\DAP.EXE
Now go into Add/Remove programs in Control Panel and delete anything relating to DAP or the DAP toolbar.
Now boot into safe mode, under your normal user name (not the administrator account). See how HERE.
Go into C:\Program Files and delete the entire DAP folder (if there).
Now reboot into normal mode.
Finally, please read the Viruses/spyware/malware, preliminary removal instructions. Follow all the instructions exactly, then post fresh HJT, Combofix, and AVG Antispyware logs as attachments into this thread. Also post here the results of the AVG Antirootkit scan.
Regards
This thread is for the use of maki_pg only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in the Security and the Web forum.
Re:
Hi Kitty,
Thank you very much for your reply and welcome note!
I followed all instructions in your reply, it took some time to finish all that, and here are all results/reports in attachments.
Notes:
- I couldn't perform complete scan with online scanner from your instructions
- Tool4 :Look2Me-Destroyer - also couldn't be performed
- AVG anti-rootkit report had no files
Waiting for your answer and additional instructions/suggestions!
All the best,
Maki
Hi Kitty,
Thank you very much for your reply and welcome note!
I followed all instructions in your reply, it took some time to finish all that, and here are all results/reports in attachments.
Notes:
- I couldn't perform complete scan with online scanner from your instructions
- Tool4 :Look2Me-Destroyer - also couldn't be performed
- AVG anti-rootkit report had no files
Waiting for your answer and additional instructions/suggestions!
All the best,
Maki
kitty500cat
Posts: 1,391 +6
Your HJT log is clean with the exception of a few things I wasn't sure about.
Do you know anything about the following entries? It seems they might belong to a university Internet connection or something; if they don't belong to your ISP or your university, you should delete them:
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.cg.ac.yu:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 89.188.32.*;<local>
O17 - HKLM\System\CCS\Services\Tcpip\..\{0B229583-C1D7-41C3-9352-22A9D50CE044}: NameServer = 89.188.32.60,89.188.32.20
O17 - HKLM\System\CS1\Services\Tcpip\..\{0B229583-C1D7-41C3-9352-22A9D50CE044}: NameServer = 89.188.32.60,89.188.32.20
Other than that, all your logs are clean.
If you have any more virus/spyware problems, please post in this thread.
Regards
This thread is for the use of maki_pg only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in the Security and the Web forum.
Do you know anything about the following entries? It seems they might belong to a university Internet connection or something; if they don't belong to your ISP or your university, you should delete them:
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.cg.ac.yu:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 89.188.32.*;<local>
O17 - HKLM\System\CCS\Services\Tcpip\..\{0B229583-C1D7-41C3-9352-22A9D50CE044}: NameServer = 89.188.32.60,89.188.32.20
O17 - HKLM\System\CS1\Services\Tcpip\..\{0B229583-C1D7-41C3-9352-22A9D50CE044}: NameServer = 89.188.32.60,89.188.32.20
Other than that, all your logs are clean.
If you have any more virus/spyware problems, please post in this thread.
Regards
This thread is for the use of maki_pg only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in the Security and the Web forum.
kitty500cat
Posts: 1,391 +6
Thanks.
It seems there are a lot more Security and the Web threads right now, and there's definitely some nasty malware around too. Sometimes, when I'm reading a log, I'm not sure whether to laugh or just cry.
This one wasn't heavily infected though.
Regards
It seems there are a lot more Security and the Web threads right now, and there's definitely some nasty malware around too. Sometimes, when I'm reading a log, I'm not sure whether to laugh or just cry.
This one wasn't heavily infected though.
Regards
kitty500cat
Posts: 1,391 +6
Like trying to clean my brother's laptop...anyway, we better let maki_pg have his thread back...
kitty500cat said:Your HJT log is clean with the exception of a few things I wasn't sure about.
Do you know anything about the following entries? It seems they might belong to a university Internet connection or something; if they don't belong to your ISP or your university, you should delete them:
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.cg.ac.yu:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 89.188.32.*;<local>
O17 - HKLM\System\CCS\Services\Tcpip\..\{0B229583-C1D7-41C3-9352-22A9D50CE044}: NameServer = 89.188.32.60,89.188.32.20
O17 - HKLM\System\CS1\Services\Tcpip\..\{0B229583-C1D7-41C3-9352-22A9D50CE044}: NameServer = 89.188.32.60,89.188.32.20
Other than that, all your logs are clean.
If you have any more virus/spyware problems, please post in this thread.
Regards
This thread is for the use of maki_pg only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in the Security and the Web forum.
Hi! Thanx once again
Yes, that is a University Internet connection.
I just wanted to ask if it is enough/too much to be protecetd with Kaspersky, Zone Alarm and AVG Antispyware? Can all this low pc performance? Should I check Resident shield in AVG AS check as active?
@kitty500cat - Like trying to clean my brother's laptop...anyway, we better let maki_pg have his thread back...
Juest easy, I'm not so possesive
Regards from Montenegro!
kitty500cat
Posts: 1,391 +6
No, that's fine to be protected with all of them, unless Kaspersky has an integrated firewall; then you probably wouldn't have to use ZoneAlarm.
I think you don't need to have the resident shield enabled in AVG AS.
It is recommended to run Spybot - Search & Destroy and Ad-aware SE Personal as well. You don't need to have any of their active shields enabled, but it's good to have them to scan with whenever you need them.
Regards
This thread is for the use of maki_pg only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
I think you don't need to have the resident shield enabled in AVG AS.
It is recommended to run Spybot - Search & Destroy and Ad-aware SE Personal as well. You don't need to have any of their active shields enabled, but it's good to have them to scan with whenever you need them.
Regards
This thread is for the use of maki_pg only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
kitty500cat
Posts: 1,391 +6
That HijackThis log is clean.
If you have any more virus/spyware problems, please post in this thread.
Regards
If you have any more virus/spyware problems, please post in this thread.
Regards
howard_hopkinso
Posts: 21,238 +17
Hello and welcome to Techspot.
Your HJT log is clean mate.
If you have any further virus/spyware problems, please post in this thread.
Regards Howard :wave: :wave:
BTW: Well done kitty500cat
This thread is for the use of maki_pg only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Your HJT log is clean mate.
If you have any further virus/spyware problems, please post in this thread.
Regards Howard :wave: :wave:
BTW: Well done kitty500cat
This thread is for the use of maki_pg only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
kitty500cat
Posts: 1,391 +6
Thanks, Howard.
Isn't DAP adware though?
Isn't DAP adware though?
howard_hopkinso
Posts: 21,238 +17
Dap used to be add supported, but as far as I`m aware, that`s no longer the case. However, I stand to be corrected on that, if anyone knows better.
Regards Howard
Regards Howard
howard_hopkinso
Posts: 21,238 +17
Thanks wolfram. It appears you`re quite right. the free version is still add supported.
In that case maki_pg should get rid of it and use another download manager such as the Stardownloader.
Regards Howard
In that case maki_pg should get rid of it and use another download manager such as the Stardownloader.
Regards Howard
howard_hopkinso
Posts: 21,238 +17
Go to add remove programmes in your control panel and uninstall anything to do with(if there).
DAP
Close control panel.
Run HJT with no other programmes open(except notepad). Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
Click on the fix checked button.
Close HJT.
Locate and delete the following bold files and/or directories(if there).
C:\Program Files\DAP
Reboot your computer.
Regards Howard
This thread is for the use of maki_pg only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
DAP
Close control panel.
Run HJT with no other programmes open(except notepad). Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
Click on the fix checked button.
Close HJT.
Locate and delete the following bold files and/or directories(if there).
C:\Program Files\DAP
Reboot your computer.
Regards Howard
This thread is for the use of maki_pg only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
howard_hopkinso
Posts: 21,238 +17
That`s a clean HJT log.
If you have any further virus/spyware problems, please post in this thread.
Regards Howard
This thread is for the use of maki_pg only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
If you have any further virus/spyware problems, please post in this thread.
Regards Howard
This thread is for the use of maki_pg only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Latest posts
-
TSMC unveils plans for giant AI chips to meet surging compute demands- justarando replied
-
Windows Remote Desktop Protocol contains a login backdoor Microsoft refuses to fix- George Pearson replied
-
UK could require solar panels on most new homes by 2027- brucek replied
