HJT logs, of HJT, AVG anti spyware, combo fix logs as Mr Howards

[hacsan]

HJT,AVG anti spyware, combo fix logs as Mr Howards said, explorer error help required

Dear Howard,

Thanks for your such a detailed help guide, indeed it is an effort which needs to be appreciated. I thank you a lot.

I have taken all the steps as you mentioned and now waiting for the response so I can put things on normal track.

there are three attatchments, of Hjt, Avg anti spyware, and combo fix. I have not yet fix the Hijack log files, waiting for any response..

second problem I am facing is that my internet options does not allow me to change the default settings of internet explorer, whenever I open internet explorer it takes me to the same web page and then I receive a message from AVG anitvirus that VB.asd virus has been healed, and I can not change the settings as I told you beceause the internet option settings are disable.

and lastly my hard disk D: partiton does not open with window explorer, whenever I double click it, windows open a dialouge box asking me to choose a programe to open with, but that disk is accessable with folder options, or through right clicking start button and explore.

 

[howard_hopkinso]

Hello and welcome to Techspot.

You might want to copy and paste these instructions into a notepad file. Then you can have the file open in safe mode, so you can follow the instructions easier.

Boot into safe mode, under your normal user name(NOT THE ADMINISTRATOR ACCOUNT). See how HERE.

In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how HERE.

Open your task manager, by holding down the ctrl and alt keys and pressing the delete key.

Click on the processes tab and end process for(if there).

svchost32.exe<Not to be confused with svchost.exe
dap74.exe
toolbar.exe
rebates.exe

Close task manager.

Run HJT with no other programmes open(except notepad). Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).

O4 - HKLM\..\Run: [Task Manager] C:\WINDOWS\system\svchost.exe

O4 - HKLM\..\Run: [Yahoo Messenger] C:\WINDOWS\system\svchost32.exe

Click on the fix checked button.

Close HJT.

Locate and delete the following bold files and/or directories(if there).

C:\WINDOWS\system\svchost.exe<this is nasty and is added by malware, it`s also running from the wrong location.
C:\WINDOWS\system\svchost32.exe<As above.
D:\EasyDrive\DAP<Delete the entire folder as it`s infected with adware and a downloader.

Reboot into normal mode and rehide your protected OS files.

Post fresh HJT and Combofix logs.

Regards Howard :wave: :wave:

This thread is for the use of hacsan only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[hacsan]

Brillient Mr howard, Fresh HJT, and combo fix logs

Thaky you Mr haward, i had a pleasure of doing and taking controll of proceedings under my skin beceause of the instructions told by you, i have not yet run the explorer not even double clicked my partion D:\ to not to activate any thing hiding or embeded.

here are the fresh logs, please have a look.

cheers

 

[howard_hopkinso]

Everything looks fine now.

Unless you`re still having problems, you should be good to go.

Turn off system restore.(XP/ME only) See how HERE.

Now, turn system restore back on. This will have deleted all your old restore points and any nasties that are in them. It will also have created a new, clean restore point.

If you have any further virus/spyware problems, please post in this thread.

Regards Howard

This thread is for the use of hacsan only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[hacsan]

Oh great-- every thing is fine

Dear howard,


it is exciting to have things back on normal, it was great experiencing talking to you, i thank you very much with the core of my heart, for such a professional assistance.

cheers.