|
|
Joe_London
HijackThis Helper
Reg'd: Tue
Posts: 11783
Loc: London
|
Re: Kindly check my hijack this log
Mon Sep 01 2008 02:30 PM
|
|
|
|
I hadn't noticed before but you are running Hijackthis from your Desktop which is wrong. Please uninstall the current version, you can reinstall it again later if we need it.
Quote:
it does indeed look like combofix has cured the problem of the temp files.
Thats good.
Looking at the malwarebytes report you will need to run it again to remove this:
Quote:
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OLE\DRam prosessor (Trojan.Agent) -> Not selected for removal.
make sure you enable the removal of this entry please and then post a new report.
Quote:
Secondly I could not find
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u in the hijackthis log.
Combofix may have removed it. No problem there.
Quote:
Thirdly could not uninstall Java(TM) 6 Update 3 as i get Windows message "This action is only valid for products currently installed"
You should try re-installing Hijackthis correctly and use that to remove this entry. Here are the full install instructions.
Download HJTInstall.exe to your desktop.- Double-click HJTInstall.exe icon on your desktop to start the installation.
- By default it will install to C:\Program Files\Trend Micro\Hijack This.
Open Hijackthis,
Misc Tools Section| Open Unistall Manager.
A list of the entries in Add/remove programs will appear.
Highlight the entry below and then click "delete this entry".
Java(TM) 6 Update 3
Quote:
and fourthly should I do anything about this key that you previously noticed
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = plimus.com,www.plimus.com,regnow.com,www.regnow.com,
Not at this point because its not dangerous and I'm not completely in the picture regarding your Internet connection.
Quote:
The pc is working but does seem different and seems to be struggling to connect to certain sites eg yahoo but this could be just coincidental I suppose.Anyway many thanks once again.
It seems to me you would need to do a complete review of the system as you appear to have an enormous amount of programmes on there. Also you have a lot of stuff running and all of this uses up resources and slows the computer speed down. A lot of the stuff seems to relate to computer tweaks etc which may or may not be required, only you can say.
As I said above I'm not fully in the picture regarding your Internet connection either.
I also recommend a review of your securities.
Let me know if you need any advice regarding the above reviews.
Copy this page to *Notepad* and save to your desktop for reference as you will not have any browsers open while you are carrying out portions of these instructions.
It's IMPORTANT to carry out the instructions in the sequence listed below.
1. Close any open browsers.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
Open *notepad*
Copy and paste all the text in the quotebox below into it:
Quote:
KillAll::
ADS::
C:\windows\system32
Registry::
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\Program Files\\LimeWire\\LimeWire.exe"=-
"C:\\Program Files\\EMCO Malware Destroyer\\MalwareDestroyer.exe"=-
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"20747:TCP"=-
"20747:UDP"=-
"58970:TCP"=-
"58970:UDP"=-
Save this as CFScript.txt, in the same location as ComboFix.exe which is on the Desktop.
If the image isn't visible Click Here to view.
Referring to the picture above, drag CFScript.txt into ComboFix.exe
This reactivates Combofix. Again follow the prompts.
It will create another System restore point.
When finished, it shall produce a log for you at C:\ComboFix.txt
Copy and paste the ComboFix.txt along with a fresh HijackThis log in your next reply.
*Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall*
Post the following:
- Another Uninstall List.
- The Malwarebytes log.
- The Combofix log
This may not remove all the infections present. It is important that you post back and complete the fix.
Please post in this thread for further review and evaluation.
Please provide details of any problems you encountered whilst performing the above steps & update us on how the Computer is running.
Joe.
--------------------
If I've helped you and saved you money please consider a donation to support my work :
Member of UNITE and ASAP.
|
|
|
|
Previous
Index
Next
Flat
Edit
Reply
Quote
