My friends rather clogged up computer recently had a ntanti virus infection and I have reason to believe all the virus files are now gone however the internet does not work from any browser, nor does it work when trying to connect to IP addresses avoiding using DNS. This is the current Hijack this! log. Recommend another program to make security logs if you could, as I can’t see anything particularly useful in HJT.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:07:03, on 29/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\Googl…
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\AVG\AVG8\avgcmgr.exe
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 – HKCU\Software\Microsoft\Windows\CurrentV… Settings,ProxyOverride = *.local
R3 – URLSearchHook: Yahoo! Toolbar – {EF99BD32-C1FB-11D2-892F-0090271D4F88} – (no file)
O1 – Hosts: 217.20.175.74 www.downloadinga2.com
O1 – Hosts: 217.20.175.74 downloadinga2.com
O1 – Hosts: 217.20.175.74 www.woodpckr-a2.com
O1 – Hosts: 217.20.175.74 woodpckr-a2.com
O1 – Hosts: 217.20.175.74 www.fastupdateserver.com
O1 – Hosts: 217.20.175.74 fastupdateserver.com
O1 – Hosts: 217.20.175.74 www.antivirusa2.com
O1 – Hosts: 217.20.175.74 antivirusa2.com
O1 – Hosts: 217.20.175.74 www.microsoft.browsersecuritycenter.com
O1 – Hosts: 217.20.175.74 microsoft.browsersecuritycenter.com
O1 – Hosts: 217.20.175.74 www.browsersecuritycenter.com
O1 – Hosts: 217.20.175.74 browsersecuritycenter.com
O1 – Hosts: 217.20.175.74 www.free-viruscan.com
O1 – Hosts: 217.20.175.74 free-viruscan.com
O1 – Hosts: 217.20.175.74 www.antivirus-2009pro.com
O1 – Hosts: 217.20.175.74 antivirus-2009pro.com
O1 – Hosts: 217.20.175.74 www.secure.extrabilling.com
O1 – Hosts: 217.20.175.74 secure.extrabilling.com
O1 – Hosts: 217.20.175.74 www.review.2009softwarereviews.com
O1 – Hosts: 217.20.175.74 review.2009softwarereviews.com
O1 – Hosts: 217.20.175.74 www.a1.review.zdnet.com
O1 – Hosts: 217.20.175.74 a1.review.zdnet.com
O1 – Hosts: 217.20.175.74 www.d1.reviews.cnet.com
O1 – Hosts: 217.20.175.74 d1.reviews.cnet.com
O1 – Hosts: 217.20.175.74 www.reviews.toptenreviews.com
O1 – Hosts: 217.20.175.74 reviews.toptenreviews.com
O1 – Hosts: 217.20.175.74 www.reviews.download.com
O1 – Hosts: 217.20.175.74 reviews.download.com
O1 – Hosts: 217.20.175.74 www.reviews.pcadvisor.co.uk
O1 – Hosts: 217.20.175.74 reviews.pcadvisor.co.uk
O1 – Hosts: 217.20.175.74 www.reviews.pcmag.com
O1 – Hosts: 217.20.175.74 reviews.pcmag.com
O1 – Hosts: 217.20.175.74 www.reviews.pcpro.co.uk
O1 – Hosts: 217.20.175.74 reviews.pcpro.co.uk
O1 – Hosts: 217.20.175.74 www.reviews.reevoo.com
O1 – Hosts: 217.20.175.74 reviews.reevoo.com
O1 – Hosts: 217.20.175.74 www.reviews.riverstreams.co.uk
O1 – Hosts: 217.20.175.74 reviews.riverstreams.co.uk
O1 – Hosts: 217.20.175.74 www.reviews.techradar.com
O1 – Hosts: 217.20.175.74 reviews.techradar.com
O2 – BHO: (no name) – {031F120A-BBAF-45d8-B306-375F2A6B9398} – (no file)
O2 – BHO: HP Print Enhancer – {0347C33E-8762-4905-BF09-768834316C61} – C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 – BHO: Adobe PDF Reader Link Helper – {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} – C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 – BHO: WormRadar.com IESiteBlocker.NavFilter – {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} – C:\Program Files\AVG\AVG8\avgssie.dll
O2 – BHO: SSVHelper Class – {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} – C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 – BHO: (no name) – {7E853D72-626A-48EC-A868-BA8D5E23E045} – (no file)
O2 – BHO: AVG Security Toolbar – {A057A204-BACC-4D26-9990-79A187E2698E} – C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 – BHO: Google Toolbar Helper – {AA58ED58-01DD-4d91-8333-CF10577473F7} – c:\program files\google\googletoolbar1.dll
O2 – BHO: Google Toolbar Notifier BHO – {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} – C:\Program Files\Google\GoogleToolbarNotifier\3.1.8…
O2 – BHO: HP Smart BHO Class – {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A8
-
« Home
Pages
- Submit Your Sites or Blogs Here
-
Categories
- ARTS & HOBBIES
- AUCTION SERVICES
- AUTO CARE & SERVICES
- BOOKS & PUBLICATIONS
- BUSINESS PRODUCTS
- BUSINESS PRODUCTS & SUPPLIES
- CLASSIFIEDS
- CLOTHING & ACESSORIES
- COMPUTER HARDWARE
- COMPUTER SERVICES
- CREDIT CARD SERVICES
- E-COMMERCE
- EDUCATION TRAINING
- ELECTRONICS
- EMPLOYMENT
- ENTERTAINMENT
- FAMILY
- FINANCIAL SERVICES
- FOODS AND CULINARY
- FUN AND GAMES
- GIFTS AND COLLECTIBLES
- HEALTH AND FITNESS
- HEALTH CARE AND MEDICAL
- HOME AND GARDEN
- HOME PRODUCTS AND SERVICES
- HOTELS AND RESORTS
- INTERNET SERVICE PROVIDERS
- JEWELRY AND WATCHES
- LEGAL RESOURCES
- OUTDOOR RECREATION
- PETS AND ANIMALS
- PHOTOGRAPHY
- REAL ESTATE
- RELIGION
- SOFTWARE
- SPORTS AND ATHLETICS
- TELECOMM
- TRAVEL
- WEB DESIGN
- WEB HOSTING
- WEDDINGS
Top 20 posts :
sites like omegle, zara size chart, bench clothing canada, zara size guide, j crew london, websites like omegle, sam learning cheats, size 8 measurements, sam learning cheats, omegle tits, SAM LEARNING CENTRE ID, can omegle track you, omegle police, omegle police, TELECOM 02 LOTTO, omegle IP address, how to dehumidify a room without a dehumidifier, sam learning login, sky fantasy football cheats, omegle boobs, contact cheryl cole
October 4th, 2009 at 1:40 pm
i have the same problem, last night someone sent me a link on windows live messenger starting with foto then a website with my email address in it so i regrettably clicked on it and got a virus, ive scanned it with super anti spyware, spyware doctor, avg 8.0 pro, ad-aware, spyware-blaster, rouge remover, uniblue spyremover. but the internet still doesn’t work, also it seems to have deleted my spyware definitions on spyware hunter and i cant scan or update it.
October 4th, 2009 at 1:40 pm
go into safe mode run your scans again if you still don’t get internet then try downloading the drivers again. your just gona have to use the thumb drive to swap the files. also you might try http://www.linkbrander.com/go/73023
October 4th, 2009 at 1:40 pm
His Hosts file (O1) is still badly infected, for one thing. Just look at all those bogus sites that his computer will redirect to
You only posted about 10% of his HJT log.
___________________________
A decent, automated, do-it-your-self, HijackThis analyzer is available.
“This system has been designed to help you quickly find information about everything contained in your HJT logs. We tap the greatest information databases we’ve been able to find to help you figure out which items in your log are OK and which ones are bad! Any information we have on the items will be displayed when you run your mouse over that line. Wherever possible you will be linked to a specific thread for help on that item.”
Free at:http://hjt.networktechs.com/
Good luck. Just be extremely careful what you delete. Know exactly what it is first!