Software > Computer viruses and spyware

Can someone please look at my HJT log?

<< < (3/4) > >>

dl65:
darthie .......  I have just had a look as someone had reported this post .....  In any event , it would appear that there are at the least several entries you should fix using hijackthis.......

Please mark for removal the following:

O3 - Toolbar: (no name) - {00000000-0000-0000-0000-000000000001} - (no file)

O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -    *****this entry is the result of a trojan.

Before you mark these items for removal , perhaps you could answer these questions:
Do you have your settings arranged so that all the hidden files are displayed ?
Is your system restore ...... On or Off ?
Have you run a anti-virus and anti-spyware scan in safe mode ?

let us know

dl65  ::)

evilfantasy:
You should also turn off Spybots Tea Timer during malware removal so it will not block any of the fixes.

* Run Spybot and click Mode
* Select Advanced Mode.
* Then click Tools and select Resident.
* Now in the right window pane, uncheck TeaTimer.
* Also while this is open, in the left column now select IE Tweaks
* And then in the right pane make sure all the Miscellaneous locks are unchecked.
* Exit Spybot.

Broni:

--- Quote ---I think some of it keeps reattaching itself though
--- End quote ---
Don't worry. It's normal. In some cases, not everything can be removed at once. Sometimes, some other tools are needed, as well. I'll be back little bit later to continue.

Broni:
You didn't answer an important question, if you're using any firewall!

Now, before we'll do more HJT fixes, you need to proceed with one more step.

Print out following instructions:

1. Restart to Safe Mode.

2. Go Start>Run, type in:
services.msc
Hit Enter.

3. Find following service:
- Print Spooler Service
Right click on it, click Properties
At Startup type line, click on drop-down menu, and click on Disabled
Click OK.
Close Services window.

4. Go Start>Run, type in:
regedit
Hit Enter.
Registry Editor will open.
Go File>Export, and save your registry to know location.
Go Edit>Find. Find window will open.
In Find what box paste following:
1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB
Click Find next button.
Right click on found entry, and click Delete. Disregard warning.
Press F3 key (Find Next) to make sure there are no more occurrences of the above entry.
If they are, repeat Delete action.
Keep hitting F3 key until no more findings happen.
Close Registry Editor.

5. Restart in Normal Mode.

6. Post new HJT log.

dl65:
Broni.....  I have noticed that you are directing darthie to go into the registry and delete entries. 
On the off- chance that they are not aware of what damage could occur if the wrong thing is altered or deleted in the registry, don't you think it advisable to have them back-up the registry before they follow your directions.


dl65  ::)

Navigation

[0] Message Index

[#] Next page

[*] Previous page