Almost clean, almost

Re: Hijack This, Panda and Bitdefender logs, HELP!

Welcome to MGs.

Do you have the full log from BitDefender? What you posted only gives the names of the malware but not where it found them. Normal logs always show the path and name of the file that is deemed to be malware.

 

Re: Hijack This, Panda and Bitdefender logs, HELP!

Don't worry about it now but didn't you just save the full log to a file when first run?

 

Re: Hijack This, Panda and Bitdefender logs, HELP!

Your HJT log does not really indicate any malware problems. Are you having any?

A few minor things can be fixed from the Panda log.

The below file can be deleted:
C:\WINDOWS\SYSTEM32\MYDLL.dll


Copy the bold text below to notepad. Save it as fixme.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

You may want to also run this KazaaBegone
Since I can see remnants of Kazaa having been on this PC.

 

Re: Hijack This, Panda and Bitdefender logs, HELP!

Most of what is in your BitDefender log is just saying the files are clean. However, it would be a good idea to dump the Norton AntiVirus Quarantine folder to make sure all the bad stuff is removed.

 

Re: Hijack This, Panda and Bitdefender logs, HELP!

Did you install or do you use InstallShield\Professional yourself. It is a valid application?

 

Re: Hijack This, Panda and Bitdefender logs, HELP!

If your answer was no to my last message then just let KazaaBeGone remove those because they all probably came with the install of Kazaa's P2P crap.

See: http://vil.mcafeesecurity.com/vil/content/v_101107.htm

 

Re: Hijack This, Panda and Bitdefender logs, HELP!

You don't need it then and it is not part of normal Windows.

See the below for additinal info about MediaLoads:
http://www.doxdesk.com/parasite/DownloadWare.html
http://www3.ca.com/securityadvisor/pest/pest.aspx?id=453073183

Just let the tool fix the stuff found.

 

Re: Hijack This, Panda and Bitdefender logs, HELP!

It probably has to do with the below that you or someone else using the PC downloaded:
O16 - DPF: {F54C1137-5E34-4B95-95A5-BA56D4D8D743} (Secure Delivery) - http://www.gamespot.com/KDX/zd/kdx.cab

It is a legit entry but may no longer be supported by GameSpot. See the below:

GameSpot DLX Secure Delivery Plug-In

 

Re: Hijack This, Panda and Bitdefender logs, HELP!

You're welcome!

Use the following to remove Windows Messenger: Disable/Remove Windows Messenger

You don't need it and it has been known to allow popups to occur on PCs. This is not the same thing as MSN Messenger which is more secure.

First look in Add/Remove programs for Kontiki or Secure Delivery and uninstall in found. Now have HJT fix the below line:
O16 - DPF: {F54C1137-5E34-4B95-95A5-BA56D4D8D743} (Secure Delivery) - http://www.gamespot.com/KDX/zd/kdx.cab

Please download the attach GetRunKey120.zip to your PC someplace you can locate it. Then extract the files from the ZIP. Locate the getrunkey.bat file and double click on it to run it. It will create a file named runkeys.txt in the root of drive C: (C:\runkeys.txt) . This log will also popup in a notepad window which your can just close. Upload the runkeys.txt file here as an attachment.

Now also attach a new HJT log. I want to make sure nothing else has found its way into your PC.

 

Re: Hijack This, Panda and Bitdefender logs, HELP!

Let's get an installed programs list from HijackThis too.
Run HijackThis, click Open the Misc Tools section
Click "Open Uninstall Manager"
Click "Save List" (generates uninstall_list.txt)
Click Save, to save it to a file where you can find it.
Upload this file as an attachment too.

 

Re: Hijack This, Panda and Bitdefender logs, HELP!

Oh and just a note, the below is where Kontiki's uninstall is now but this may be for a newer version and also it may not even be installed on your system anymore anyway.

http://help.kontiki.com/enduser/category.jsp;jsessionid=78F2C7724FBFF425622A8727DEFBE947?node=11742

 

Re: Hijack This, Panda and Bitdefender logs, HELP!

When you uninstall Secure Delivery, it removed the O16 line.

You look to be clean. Are you having any other malware issues?

 

Re: Hijack This, Panda and Bitdefender logs, HELP!

Just looking at your HJT log can tell you what they are for. Take a look. Notice that they are from Iomega. Probably you have Zip drive.

If you are not having any other malware problems, it is time to go back to step 1 of the READ & RUN ME to Disable System Restore which will flush your Restore Points. Then reboot and enable System Restore to create a new clean Restore Point.

After that, you should work thru the below link:

How to Protect yourself from malware!

 

Re: Hijack This, Panda and Bitdefender logs, HELP!

You're welcome! Make sure you work thru the How to protect thread.

 

Re: Hijack This, Panda and Bitdefender logs, HELP!

You may need to just take ownership of the registry key and then you should be able to remove it.

 

Re: Hijack This, Panda and Bitdefender logs, HELP!

Just in case you don't know what "take ownership" means:

Right click on the key name to highlight it and select Permission menu option. Then in the Security windows. Click Advanced . Now click on each user (one at a time) and click the Edit button. The make sure everyone has a check mark on "full control". Then press apply and ok and attempt to delete the key again.

 

Re: Hijack This, Panda and Bitdefender logs, HELP!

When you set it to Full control, everything underneath should automatically be check (i.e., full control).

Try the above again and also the Ad-Aware scan but first do the below:

Right click on the MS Antispyware icon in the system tray and select Shutdown Microsoft Antispyware and approve the shut down when it asks you.

If Ad-Aware still shows it, post the Ad-Aware log the shows exactly what it is finding.

Also tell me if you see the following:
C: \ Program Files\Altnet
C:\Altnet
C:\My Altnet Shares

Also please download RegSrch.zip

Unzip the archive to your desktop and double click on the VBS file.
(If your AntiVirus alerts, allow the script to run.

Now enter altnet

Press 'OK'

The search will run for a while then alert you when it is finished. Press 'OK' and copy the contents of the WordPad window and attach it in this thread.

 

Re: Hijack This, Panda and Bitdefender logs, HELP!

You have not followed the instructions in the READ ME properly. As a result, you do not have the proper version or Ad-Aware SE. You were supposed to check all of our links to make sure you have the correct versions. Is there anything else that may not be updated properly? Check to make sure.

Start by downloading and installing and updating the correct version of Ad-Aware SE.
Then do the below:


Right click on the MS Antispyware icon in the system tray and select Shutdown Microsoft Antispyware and approve the shut down when it asks you.

Copy the bold text below to notepad. Save it as fixme.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

No run the new Ad-Aware SE 1.06 and see if Altnet is still detected.

 

Re: Hijack This, Panda and Bitdefender logs, HELP!

That's the same registry key as in the list in my registry patch that was merged in.

Are you sure MS Antispyware was shutdown first before applying the patch?

 

Re: Hijack This, Panda and Bitdefender logs, HELP!

No! Do you have Administraor priviledges on the account you are logged in with?

 

Re: Hijack This, Panda and Bitdefender logs, HELP!

Where I was headed in my last message was this:

I want you to boot in safe mode and login to the Administrator account.

Then run regedit and navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Altnet

Try what we did in message # 28 to set the Permissions so that you (the Administrator) have full control. Then try to delete it.

If that does not work, back up in the registry to have the below key selected:

HKEY_LOCAL_MACHINE\SOFTWARE

That's one level higher now try to take full control over the Software key. Once you have full control of the Software key then try to delete the Altnet key.

Let me know the results. You have to make sure you get control/permissions set properly and you will be able to delete this key. The only reason Ad-Aware and the previous edits did not work is due to a permissions setting being incorrect.

 

Re: Hijack This, Panda and Bitdefender logs, HELP!

My last message said to do the steps in safe mode!

 

Re: Hijack This, Panda and Bitdefender logs, HELP!

Okay just let me know if that works. If not, we will have to give another scanner a try. I have used it in the past and it has sometimes worked. I was trying to avoid installing another tool.

If necessary download, install, and update this trial of Spysweeper

Then run a scan with it and save the log. Attach the log here later. Also let me know if it was successful at removing Altnet.

 

Re: Hijack This, Panda and Bitdefender logs, HELP!

Let's discuss that later when hopefully we get this last item removed.

Did you complete all steps in the How to protect thread?