Hijack log help needed!!!

butterfly12 · Oct 13, 2005

I have run the smitrem.exe in safe mode, followed by ewido and ad-aware SE scans. It seems that the apparent pests are gone for good, but the putter is still a little slow in functioning than before. Please take a look at the following hijackthis log and let me know what else I can do.

Edit by chaslang: Read Me not run! Inline log removed

Shadow_Puter_Dude · Oct 13, 2005

HijackThis log are posted as ATTACHMENTS, never pasted in to your post.

Run HijackThis and fix teh following lines:

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: (no name) - {702EA91C-1ACF-4772-8078-18F2B2EE1031} - (no file)
Click to expand...

Your operating system is seriously out of date and must be updated after we are finished.

Please go back and follow the instructions in this thread:URL=http://forums.majorgeeks.com/showthread.php?t=35407]READ & RUN ME FIRST Before Asking for Support[/URL]

Make sure you check version numbers and get all updates.

- Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.

butterfly12 · Oct 13, 2005

Hi, thank u for your reply. Here is what I've done so far...
I had followed all of the instructions on the READ AND RUN ME site,

RavAntivirus found no viruses
BidDefender found the following:

Scanned File

Status

C:\Program Files\Norton AntiVirus\Quarantine\0B496916.dll=>(Quarantine-2)

Infected with: Win32.Nsag.B

C:\Program Files\Norton AntiVirus\Quarantine\0B496916.dll=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\0B496916.dll=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\124A2725.exe=>(Quarantine-2)

Infected with: Trojan.Downloader.Adload.A

C:\Program Files\Norton AntiVirus\Quarantine\124A2725.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\124A2725.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\124D5122.exe=>(Quarantine-2)

Infected with: Trojan.Downloader.Adload.A

C:\Program Files\Norton AntiVirus\Quarantine\124D5122.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\124D5122.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\125A7914.exe=>(Quarantine-2)

Infected with: Trojan.Downloader.IstBar.IJ

C:\Program Files\Norton AntiVirus\Quarantine\125A7914.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\126A4B02.dll=>(Quarantine-2)

Infected with: Trojan.Downloader.Dyfuca.DD

C:\Program Files\Norton AntiVirus\Quarantine\126A4B02.dll=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\126A4B02.exe=>(Quarantine-2)

Infected with: Trojan.Downloader.Dyfuca.DX

C:\Program Files\Norton AntiVirus\Quarantine\126A4B02.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\126A4B02.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\126E74FE.exe=>(Quarantine-2)

Infected with: Trojan.Downloader.Dyfuca.DX

C:\Program Files\Norton AntiVirus\Quarantine\126E74FE.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\126E74FE.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\12711EFA.dll=>(Quarantine-2)

Detected with: Application.Adware.Sidefind.A

C:\Program Files\Norton AntiVirus\Quarantine\12711EFA.dll=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\12711EFA.dll=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\127448F7.dll=>(Quarantine-2)

Detected with: Application.Adware.Sidefind.B

C:\Program Files\Norton AntiVirus\Quarantine\127448F7.dll=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\127448F7.dll=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\2BC055FA.exe=>(Quarantine-2)

Infected with: Trojan.Downloader.Istbar.JF

C:\Program Files\Norton AntiVirus\Quarantine\2BC055FA.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\2BC055FA.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\3C6B3D10.dll=>(Quarantine-2)

Infected with: Trojan.Downloader.Istbar.FH

C:\Program Files\Norton AntiVirus\Quarantine\3C6B3D10.dll=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\3C6B3D10.dll=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\48C16AE8.exe=>(Quarantine-2)

Infected with: Trojan.Downloader.Istbar.KS

C:\Program Files\Norton AntiVirus\Quarantine\48C16AE8.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\48C16AE8.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\48C73EE1.dll=>(Quarantine-2)

Detected with: Application.Adware.Sidefind.A

C:\Program Files\Norton AntiVirus\Quarantine\48C73EE1.dll=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\48C73EE1.dll=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\48C73EE1.exe=>(Quarantine-2)

Infected with: Trojan.Downloader.Istbar.JD

C:\Program Files\Norton AntiVirus\Quarantine\48C73EE1.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\48C73EE1.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\48CE12DA.exe=>(Quarantine-2)

Infected with: Trojan.Downloader.Istbar.JD

C:\Program Files\Norton AntiVirus\Quarantine\48CE12DA.exe=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\48CE12DA.exe=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\4E7109F6.dll=>(Quarantine-2)

Infected with: Trojan.Downloader.Dyfuca.DD

C:\Program Files\Norton AntiVirus\Quarantine\4E7109F6.dll=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\5A0145F4.dll=>(Quarantine-2)

Detected with: Application.Adware.Sidefind.B

C:\Program Files\Norton AntiVirus\Quarantine\5A0145F4.dll=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\5A0145F4.dll=>(Quarantine-2)

Deleted

C:\Program Files\Norton AntiVirus\Quarantine\72643296.htm=>(Quarantine-2)

Infected with: Exploit.Html.MhtRedir.Gen

C:\Program Files\Norton AntiVirus\Quarantine\72643296.htm=>(Quarantine-2)

Disinfection failed

C:\Program Files\Norton AntiVirus\Quarantine\72643296.htm=>(Quarantine-2)

Deleted

Spybot Search and Destroy was done is Safe Mode and found no infections
CCcleaner found nothing as well (in safe mode)

Attached is the latest hijack report. Let me know if I am clean now.

Shadow_Puter_Dude · Oct 14, 2005

Run HijackThis and Fix the following:

O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - blank (file missing)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
Click to expand...

Other than those lines your HijackThis log is clean,

You appear to be running the original unpatched version of Windows XP, this represents a serious security risk. Your system should be brought up-to-date. You need to install Service Pack 2 for XP and install all critical updates since the release of SP2. Please run Windows Update and bring your system Up2Date.

Log in or Sign up

Hijack log help needed!!!

butterfly12 Private E-2

Shadow_Puter_Dude MG Authorized Malware Fighter

butterfly12 Private E-2

Attached Files:

hijackthis.log last.txt

Shadow_Puter_Dude MG Authorized Malware Fighter