Spyware problem

hkchute · Feb 14, 2005

i got spyware....
i ran all the programs whihc were in the stickey thread

then i thought all was ok and left my pc on and today i got those problems back
according to spybot i have: haxdoor-h and a tibs porn dialer.....
how do i get rid of them

chaslang · Feb 14, 2005

First, please follow ALL the steps in this Sticky thread READ ME FIRST BEFORE ASKING FOR SUPPORT: Basic Spyware, Trojan And Virus Removal
If you already have any of the programs linked in the tutorial please double check your version to make sure you have the latest one and that you have any/all updates for the programs.

NOTE: In order to resolve the issues you are having it is very important that you at least try to perform all the steps as outlined. If you have any difficulty please post back letting us know what steps you have completed, what you found while doing the scans if anything and details about any problems you have encountered in completing the steps. The more details you can provide the better.

After doing ALL of the above if you still have a problem:

Make sure you have HijackThis 1.99 and follow the guidelines on where to install it and how to post a log as an attachment. This is all covered in the sticky thread NO HIJACK THIS LOG FILES BEFORE READING THIS: HJT Tutorial & LOG File Posting

Now post a HijackThis log as an attachment to your message (Do not post the log inline). All running programs should be closed, including your web browser, e-mail. Close before running Hijack This!

To repeat: Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the downloaded ZIP file. Place it in its own folder, for example C:\Program Files\HJT

Then download: http://www.atribune.org/downloads/HSFix.zip
Extract the tool from the ZIP File to a folder you can easily find (preferably in its own folder - like c:\HSFix). It should have a ReadME included with instructions on how to run it and how to collect the log it produces.

Please run the tool as directed and attach the log it produces.

PhilliePhan · Feb 14, 2005

chaslang said:

Then download: http://www.atribune.org/downloads/HSFix.zip Extract the tool from the ZIP File to a folder you can easily find (preferably in its own folder - like c:\HSFix). It should have a ReadME included with instructions on how to run it and how to collect the log it produces.

Click to expand...

Hey Chas,

The README doesn't have complete instructions. . . . My bad!!

So, to add to your instructions:
Please boot to Safe Mode, open the HSFix Tool folder and DoubleClick hsfix.bat and let it run. It will produce a log here - C:\hslog.txt

Note that the tool should be run in Safe Mode.

PP

chaslang · Feb 14, 2005

Thanks for the input PP.

hkchute · Feb 16, 2005

hey i ran the hsfix and they couldnt delete some files... you can see in the log
and here is my hijack log ( i hope i posted it correctly)

thanks

chaslang · Feb 16, 2005

Did you run hsfix.bat after booting to safe mode?

Also download the latest HijackThis: HijackThis 1.99.1

And with no browsers running, use HJT to fix the below lines:

O4 - HKLM\..\Run: [Systems Restart] Rundll32.exe snim.dll, DllRegisterServer
O18 - Filter: text/html - {B72F75B8-93F3-429D-B13E-660B206D897A} - (no file)
O18 - Filter: text/plain - {B72F75B8-93F3-429D-B13E-660B206D897A} - (no file)

Log in or Sign up

Spyware problem

hkchute Private E-2

chaslang MajorGeeks Admin - Master Malware Expert Staff Member

PhilliePhan Guest

chaslang MajorGeeks Admin - Master Malware Expert Staff Member

hkchute Private E-2

Attached Files:

hijackthis.log

hslog.txt

chaslang MajorGeeks Admin - Master Malware Expert Staff Member