Joe_London
(HijackThis Helper)
Sat May 03 2008 09:38 AM
Re: Please check kids HJT Log

OK Pete,

You didn't post the computers speck, e.g. the make model cpu type, RAM etc.

Best to print these instructions before starting.

I assume you are going to install AVG 8 Free once you've done a bit of tidying up and my suggestions are based on that assumption. If you have other intentions come back before proceeding and let me know.

First download AVG 8 Free to your Desktop but do not install it yet.

1. Click on the following link to download the appropriate Norton Removal Tool. Please follow the instructions carefully.

Norton Removal Tool and Instructions

2. After you have successfully run the Norton Removal Tool, please restart your computer.

Please go to the add/remove utility in the control panel and uninstall all the following:

AVG Free Edition
Ad-Aware 2007
LimeWire 4.14.10
LiveReg (Symantec Corporation)
LiveUpdate 1.80 (Symantec Corporation)
Messenger Plus! 3
Spybot - Search & Destroy
SpywareBlaster 4.0


For your information Limewire is one of the main sources of infection we find on here, basically its like leaving your front door open in a high crime area and going on holiday.
Mesenger Plus when installed or updated with the sponsors stuff usually infects your computer with a lop infection.
The Norton/Symantec stuff I assume is no longer used and the others may conflict with the new AVG 8 Free.

Open Hijackthis, take another scan and place a checkmark next to these entries.


O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'Default user')
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
09 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/games/hamsterball/en/raptisoftgameloader.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
Fix this optional, no need to have this running:

O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
If this isn't the latest version update the programme. Do not allowit to run at startup.

Close all open Windows except Hijackthis and click on "fix Checked".

Open Windows Explorer, Locate and delete the following item(s), if present. Make sure you're able to view system and hidden files/ folders:

files...
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\PROGRAM FILES\Grisoft\AVGFRE~1\avgcc.exe
C:\Windows\alcxmntr.exe

folders...
C:\PROGRA~1\SPYBOT Search & Destroy
C:\PROGRAM FILES\Grisoft
C:\Program Files\Lavasoft
C:\Program Files\MessengerPlus! 3
C:\PROGRAM FILES\Grisoft

-

Note that some of these file(s) may or may not be present. If present, and cannot be deleted because they're 'in use', try deleting them from "Safe Mode".

Reboot the Computer.

Install the new AVG 8 Free and move the setup to the new AVG folder on the hard drive.

Now run the updated Ccleaner.
Then run AVG 8 Free and send anything it finds to the virus vault, including infections, spyware and warnings.

post the log/report which you have to manually save.

Select "All files" and please save it as a .txt file to your desktop.

Post the following:
  1. A new Hijackthis log (All user accounts)
  2. Another Uninstall List.
  3. The AVG 8 free Report.


This may not remove all the infections present. It is important that you post back and complete the fix.

Please post in this thread for further review and evaluation.
Please provide details of any problems you encountered whilst performing the above steps & update us on how the Computer is running.

Joe.

Contact Us | Privacy statement Main website
Hitwise Top 10 Award Winner - Jan-Mar 2005

About us | Contact us | Link to us | Terms & Conditions | Privacy Policy
© Copyright IPC Media Limited, All rights reserved