HijackThis Log - please review
-
HijackThis Log - please review
Below is my log file after running spybot. Could you please tell me which files to delete?
I was getting this added to each use of my web browser res://shdoclc.dll/DNSERROR.HTM#
After this has been review could you please delete, it looks like it might tell the public too much about my computer.
Thanks in advance.
Logfile of HijackThis v1.99.1
Scan saved at 9:32:04 AM, on 6/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16441)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\eFax Messenger 4.1\J2GDllCmd.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\G oogleToolbarNotifier.exe
C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Google\Web Accelerator\googlewebaccclient.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
C:\PROGRA~1\MICROS~2\Office10\OUTLOOK.EXE
C:\WINDOWS\system32\dllhost.exe
C:\PROGRA~1\MICROS~2\Office10\OUTLOOK.EXE
C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Macromedia\Dreamweaver 8\Dreamweaver.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
F:\Software\hijackthis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=25040
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,AutoConfigURL = http://localhost:9100/proxy.pac
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.5.19.dll
O2 - BHO: Google Web Accelerator Helper - {69A87B7D-DE56-4136-9655-716BA50C19C7} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: IE Developer Toolbar BHO - {CC7E636D-39AA-49b6-B511-65413DA137A1} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Google Web Accelerator - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [eFax 4.1] "C:\Program Files\eFax Messenger 4.1\J2GDllCmd.exe" /R
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\RunOnce: [SpybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKCU\..\Run: [admincfg.exe] C:\WINDOWS\system32\admincfg.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\G oogleToolbarNotifier.exe
O4 - Startup: WinMySQLadmin.lnk = G:\MySQL\msql4\bin\winmysqladmin.exe
O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: eFax 4.1.lnk = C:\Program Files\eFax Messenger 4.1\J2GTray.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Run Google Web Accelerator.lnk = C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: IE Developer Toolbar - {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www.costcophotocenter.com/CostcoActivia.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1135311703953
O16 - DPF: {6F750200-1362-4815-A476-88533DE61D0C} (Ofoto Upload Manager Class) - http://www.kodakgallery.com/download...1/axofupld.cab
O16 - DPF: {845C260B-A44B-49A3-86A6-71430B3000A0} (TeleVoxAudioPlayer.TVoxAudioPlayer) - https://www.mytelevox.com/mytestresu...udioPlayer.CAB
O16 - DPF: {90051A81-3018-4826-8B38-DD60B6B53F9C} (Snapfish File Upload ActiveX Control) - http://www.costcophotocenter.com/CostcoUpload.cab
O16 - DPF: {E7D2588A-7FB5-47DC-8830-832605661009} (Live Collaboration) - http://livenj01.custhelp.com/7540-b3.../java/RntX.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: MySql - Unknown owner - G:/MySQL/msql4/bin/mysqld-nt.exe (file missing)
-
1. Download this file - COMBOFIX
2. Double click combofix.exe & follow the prompts.
3. When finished, it will produce a log for you. Post that log in your next reply
Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall.
Post a new hijackthis log also please.
-
ComboFix 07-06-13 - F:\Software\ComboFix.exe
"User" - 2007-06-12 12:32:19 - Service Pack 2 NTFS
((((((((((((((((((((((((( Files Created from 2007-05-12 to 2007-06-12 )))))))))))))))))))))))))))))))
2007-06-12 12:30 49,152 --a------ C:\WINDOWS\nircmd.exe
2007-06-10 10:41 <DIR> d-------- C:\Program Files\PowerZip
2007-06-05 20:47 2,560 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys
2007-06-05 20:47 2,432 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2007-06-05 20:47 <DIR> d-------- C:\Program Files\Picasa2
2007-06-04 19:27 <DIR> d-------- C:\Program Files\PowerISO
2007-05-25 22:27 <DIR> d-------- C:\Program Files\iTunes
2007-05-25 16:33 <DIR> d-------- C:\boilsoft_tmp
2007-05-25 16:32 <DIR> d-------- C:\dvd
2007-05-25 16:30 <DIR> d-------- C:\Program Files\Boilsoft AVI Converter
2007-05-25 10:54 <DIR> d-------- C:\DOCUME~1\User\APPLIC~1\CopyTrans
2007-05-25 10:53 <DIR> d-------- C:\Program Files\WindSolutions
2007-05-24 21:36 <DIR> d-------- C:\Program Files\AviSynth 2.5
2007-05-24 21:36 <DIR> d-------- C:\Program Files\Avi2Dvd
2007-05-24 15:31 <DIR> d-------- C:\Program Files\WinMPG VideoConvert
2007-05-14 08:07 <DIR> d-------- C:\Program Files\MagicISO
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
2007-06-12 18:10:39 -------- d-----w C:\Program Files\SpywareBlaster
2007-06-11 22:08:17 -------- d-----w C:\Program Files\WS_FTP Pro
2007-06-09 16:24:05 2,560 ----a-w C:\WINDOWS\system32\BitCometRes.dll
2007-06-09 16
15 -------- d-----w C:\Program Files\BitComet
2007-06-08 15:17:04 -------- d-----w C:\Program Files\iPod
2007-06-07 01:59:44 -------- d-----w C:\Program Files\Google
2007-06-04 16:06:38 -------- d-----w C:\DOCUME~1\User\APPLIC~1\CoreFTP
2007-05-31 02:00:07 175,512 ----a-w C:\DOCUME~1\User\APPLIC~1\GDIPFONTCACHEV1.DAT
2007-05-25 00:29:57 -------- d-----w C:\Program Files\Apple Software Update
2007-05-24 21:53:31 -------- d-----w C:\Program Files\BitTorrent
2007-05-18 16:32:00 -------- d-----w C:\Program Files\Forms To Go
2007-05-10 21:49:52 -------- d-----w C:\DOCUME~1\User\APPLIC~1\Media Player Classic
2007-05-10 21:49:18 -------- d-----w C:\Program Files\XP Codec Pack
2007-05-10 21:16:20 -------- d-----w C:\Program Files\Yahoo!
2007-05-04 17:08:53 -------- d-----w C:\Program Files\QuickTime
2007-04-30 20:47:52 -------- d-----w C:\DOCUME~1\User\APPLIC~1\Allume Systems
2007-04-30 20:47:35 -------- d--h--w C:\Program Files\InstallShield Installation Information
2007-04-30 20:44:59 -------- d-----w C:\Program Files\Allume Systems
2007-04-18 16:12:23 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll
2007-03-27 01:39:14 20,480 ----a-w C:\WINDOWS\system32\ac3config.exe
2007-03-17 13:43:01 292,864 ----a-w C:\WINDOWS\system32\winsrv.dll
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}=C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx [2001-04-16 17:39]
{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}=C:\Program Files\BitComet\tools\BitCometBHO_1.1.5.19.dll [2007-05-18 11:17]
{69A87B7D-DE56-4136-9655-716BA50C19C7}=C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll [2007-01-29 20:22]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 03:43]
{AA58ED58-01DD-4d91-8333-CF10577473F7}=c:\program files\google\googletoolbar3.dll [2007-01-20 00:55]
{CC7E636D-39AA-49b6-B511-65413DA137A1}=C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll [2007-03-01 15:05]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-04-17 02:50]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 14:42]
"RemoteControl"="C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" [2003-12-08 18:35]
"eFax 4.1"="C:\Program Files\eFax Messenger 4.1\J2GDllCmd.exe" [2005-12-16 16:59]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="C:\Program Files\Google\Gmail Notifier\gnotify.exe" [2005-07-15 14:48]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-04-27 09:41]
"PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [2007-04-09 05:23]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2007-05-01 23:08]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-06-01 16:51]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"PowerBar"="" []
"admincfg.exe"="C:\WINDOWS\system32\admincfg.e xe" [2006-08-14 15:32]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 05:00]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\G oogleToolbarNotifier.exe" [2007-01-31 22:58]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\runonce]
"SpybotSnD"="C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
Contents of the 'Scheduled Tasks' folder
2007-06-12 00:50:00 C:\WINDOWS\tasks\AppleSoftwareUpdate.job
2007-06-08 09:24:00 C:\WINDOWS\tasks\System Diagnostic.job
2007-06-12 02:52:03 C:\WINDOWS\tasks\User_Feed_Synchronization-{5085761A-CE27-46CE-B742-C3EC4662E137}.job
************************************************** ************************
catchme 0.3.721 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-06-12 12:35:42
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
PowerBar = ????<????4@?h??????w????h???Z??w(???*??wt?@?l?@?xI n?????????????????????????,??????????????????????w ????g??w0??w????*??w???w?????4@????????????w????l? @????????w????t?@???h?????????l?@?l?@????????w???? t?@?????l?@?8?@?l?@?3??s????????????????????8?@?_? ?s8?@?8?@
scanning hidden files ...
scan completed successfully
hidden files: 0
************************************************** ************************
Completion time: 2007-06-12 12:36:17
--- E O F ---
-
Well nothing is showing anywhere.
Do an online scan (scan only tool) with Kaspersky WebScanner
[Internet Explorer required]
Click on Kaspersky Online Scanner
You will be prompted to install an ActiveX component from Kaspersky, Click Yes.- The program will launch and then begin downloading the latest definition files:
- Once the files have been downloaded click on NEXT
- Now click on Scan Settings
- In the scan settings make sure that the following are selected:
- Scan using the following Anti-Virus database:
- Extended (if available otherwise Standard) - Scan Options:
- Scan Archives
- Scan Mail Bases
- Click OK
- Now under select a target to scan:
- This program will start and scan your system.
- The scan will take a while so be patient and let it run.
- Once the scan is complete it will display if your system has been infected.
- Now click on the Save as Text button:
- Save the file to your desktop.
Post the results of the scan back here please and a new hijackthis log.
