My HJT Log - Please help! :(

[Destroid]

Hello,

I contracted some new spyware, which has slowed my computer down substantially, and keeps giving me an annoying pop-up that other spywares have been detected. I followed this link to try and fix the problem myself:
https://www.techspot.com/vb/topic70827.html

I did correct the problem partially....the pop-up isn't there anymore, but still there's a flashing icon in the taskbar that keeps telling me that there is still some sort of spyware on my machine. I have used programs such as McAfee, Spybot and Clamwin, but none of them seems to have detected anything. Would you please help me correct this problem?

Please find my HJT log attached to this post. Thank you!

Best Regards,

Destroid

 

[howard_hopkinso]

Hello and welcome to Techspot.

You might want to copy and paste these instructions into a notepad file. Then you can have the file open in safe mode, so you can follow the instructions easier.

Boot into safe mode, under your normal user name(NOT THE ADMINISTRATOR ACCOUNT). See how HERE.

In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how HERE.

Go to add remove programmes in your control panel and uninstall anything to do with(if there).

Video Access ActiveX Object

Close control panel.

Run HJT with no other programmes open(except notepad). Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).

O2 - BHO: (no name) - {A6ACAE64-F798-4930-AD86-BD3FB32038DB} - C:\Program Files\Video Access ActiveX Object\isadd.dll

O2 - BHO: IEHlprObj Class - {CD4C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files\Go!Zilla\GoIEHlp.dll (file missing)

O3 - Toolbar: Protection Bar - {84938242-5C5B-4A55-B6B9-A1507543B418} - C:\Program Files\Video Access ActiveX Object\iesplugin.dll

Click on the fix checked button.

Close HJT.

Locate and delete the following bold files and/or directories(if there).

C:\Program Files\Video Access ActiveX Object<Delete the entire folder.

Reboot into normal mode and rehide your protected OS files.

Go HERE and follow the instructions exactly.

Post fresh HJT and AVG Antispyware logs as attachments into this thread, only after doing the above.

Also, let me know the results of the AVG Antirootkit scan.

Regards Howard :wave: :wave:

This thread is for the use of Destroid only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[Destroid]

Infection still present

Hi Howard,

I followed the instructions that you have posted here, and unfortunately, the flashing icon is still present on the taskbar - apparently the spyware infection is still there. Please find the most recent logs of the HJT scan and the AVG scan attached to this post. Thanks once again for all your assistance.

Best regards,

Destroid

PS: The AVG scan report was 168 KB, and the max allowed attachment size on these forums is 100 KB. So I broke it up into two different files (parts 1 and 2) to attach it to this message.

 

[howard_hopkinso]

Eeverything in your AVG Antispyware log says it`s ignored. This means you didn`t change the action to quarantine objects. Neither have you run the Ccleaner programme as per the instructions.

Go back to THIS thread and follow the instructions for Ccleaner and AVG Antispyware. You might also want to take a look at this pictorial guide to AVG Antispyware.

Post a fresh HJT log as well as another AVG Antispyware log.

Regards Howard

This thread is for the use of Destroid only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[Destroid]

Please find the new AVG report attached to this post. I did run the ccleaner this time. I have already uploaded the HJT log from last night in the previous post. If you do want me to run the HJT again, what entries do you want me to look for this time?

Best Regards,

Destroid

 

[howard_hopkinso]

Delete all files in AVG Antispyware quarantine.

Then, post a fresh HJT log.

Regards Howard

This thread is for the use of Destroid only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.