Can anyone please help me with HIJACKTHIS LOG?!
Started by
wandy_lee
, Apr 13 2005 09:25 PM
#16
Posted 06 May 2005 - 08:02 PM
#17
Posted 06 May 2005 - 08:30 PM
I'm BACK~~
The scanned report as follow:
Scan started at 07/05/2005 12:08:34 PM
Scanning memory...
Scanning boot sectors...
Scanning files...
C:\WINDOWS\system32\drivers\delprot.sys - VirTool:WinNT/Ispro.B -> Infected
Scanned
============================
Objects: 37057
Directories: 2443
Archives: 914
Size(Kb): -2088480
Infected files: 1
Found
============================
Viruses found: 1
Suspicious files: 0
Disinfected files: 0
Mail files: 374
Thank you~~
The scanned report as follow:
Scan started at 07/05/2005 12:08:34 PM
Scanning memory...
Scanning boot sectors...
Scanning files...
C:\WINDOWS\system32\drivers\delprot.sys - VirTool:WinNT/Ispro.B -> Infected
Scanned
============================
Objects: 37057
Directories: 2443
Archives: 914
Size(Kb): -2088480
Infected files: 1
Found
============================
Viruses found: 1
Suspicious files: 0
Disinfected files: 0
Mail files: 374
Thank you~~
#18
Posted 06 May 2005 - 09:00 PM
Welcome back
- Download Pocket Killbox from. Here
- Paste the full file path (C:\WINDOWS\system32\drivers\delprot.sys ) in the box
- click on Delete on Reboot.
- Next click on the button with the red circle and an X in the middle. You will get a message saying "File with be deleted on next reboot, Process and Reboot now?" Click "Yes"
- Run another scan with RAV and post back what it finds please.
Let us know how you make out
#19
Posted 08 May 2005 - 06:43 PM
This is the report..
Scan started at 09/05/2005 9:47:35 AM
Scanning memory...
Scanning boot sectors...
Scanning files...
C:\WINDOWS\system32\drivers\delprot.sys - VirTool:WinNT/Ispro.B -> Infected
Scanned
============================
Objects: 37534
Directories: 2445
Archives: 916
Size(Kb): -2087308
Infected files: 1
Found
============================
Viruses found: 1
Suspicious files: 0
Disinfected files: 0
Mail files: 376
The virus is still active.....
Scan started at 09/05/2005 9:47:35 AM
Scanning memory...
Scanning boot sectors...
Scanning files...
C:\WINDOWS\system32\drivers\delprot.sys - VirTool:WinNT/Ispro.B -> Infected
Scanned
============================
Objects: 37534
Directories: 2445
Archives: 916
Size(Kb): -2087308
Infected files: 1
Found
============================
Viruses found: 1
Suspicious files: 0
Disinfected files: 0
Mail files: 376
The virus is still active.....
#20
Posted 08 May 2005 - 09:37 PM
Reboot to SAFE MODE and search for the following
C:\WINDOWS\system32\drivers\delprot.sys
If found delete it, Please let me know if you find it,
Run another scan with ActiveScan please, Make sure you check the 'Disinfect automatically' option in Active scan
C:\WINDOWS\system32\drivers\delprot.sys
If found delete it, Please let me know if you find it,
Run another scan with ActiveScan please, Make sure you check the 'Disinfect automatically' option in Active scan
#21
Posted 09 May 2005 - 05:47 PM
I found the "C:\WINDOWS\system32\drivers\delprot.sys " in the Safe Mode~~
and deleted it..!!
now I am doing the Active Scan~~be back soon~~
IM BACK~~
The report as follow:
Incident Status Location
Spyware:Spyware/BetterInet No disinfected C:\WINDOWS\CERES.DLL
Adware:Adware/ISearch No disinfected C:\WINDOWS\deskbar.ini
Adware:Adware/ExactSearch No disinfected Windows Registry
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\User\Desktop\l2mfix\backup.zip[ddtmsft.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\User\Desktop\l2mfix\backup.zip[dhghelp.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\User\Desktop\l2mfix\backup.zip[dprpsetu.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\User\Desktop\l2mfix\backup.zip[e6202gfmg62a2.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\User\Desktop\l2mfix\backup.zip[en60l1jm1.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\User\Desktop\l2mfix\backup.zip[fplq0335e.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\User\Desktop\l2mfix\backup.zip[fvsrch.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\User\Desktop\l2mfix\backup.zip[gktext.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\User\Desktop\l2mfix\backup.zip[gp6sl3j71.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\User\Desktop\l2mfix\backup.zip[gp8ul3l91.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\User\Desktop\l2mfix\backup.zip[hN23msp.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\User\Desktop\l2mfix\backup.zip[iawdial.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\User\Desktop\l2mfix\backup.zip[jtr4079qe.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\User\Desktop\l2mfix\backup.zip[l44qleh51h4.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\User\Desktop\l2mfix\backup.zip[lnbmp90n.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\User\Desktop\l2mfix\backup.zip[mvrul9991.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\User\Desktop\l2mfix\backup.zip[n4l8le3u1h.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\User\Desktop\l2mfix\backup.zip[o2840clqefqe0.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\User\Desktop\l2mfix\backup.zip[r4p80e7ueh.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\User\Desktop\l2mfix\backup.zip[t0r8la9u1d.dll]
Spyware:Spyware/BetterInet No disinfected C:\WINDOWS\ceres.dll
Adware:Adware/ISearch No disinfected C:\WINDOWS\delprot.ini
Adware:Adware/ISearch No disinfected C:\WINDOWS\deskbar.ini
Adware:Adware/Look2Me No disinfected C:\WINDOWS\Temp\upd201.exe
and deleted it..!!
now I am doing the Active Scan~~be back soon~~
IM BACK~~
The report as follow:
Incident Status Location
Spyware:Spyware/BetterInet No disinfected C:\WINDOWS\CERES.DLL
Adware:Adware/ISearch No disinfected C:\WINDOWS\deskbar.ini
Adware:Adware/ExactSearch No disinfected Windows Registry
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\User\Desktop\l2mfix\backup.zip[ddtmsft.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\User\Desktop\l2mfix\backup.zip[dhghelp.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\User\Desktop\l2mfix\backup.zip[dprpsetu.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\User\Desktop\l2mfix\backup.zip[e6202gfmg62a2.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\User\Desktop\l2mfix\backup.zip[en60l1jm1.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\User\Desktop\l2mfix\backup.zip[fplq0335e.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\User\Desktop\l2mfix\backup.zip[fvsrch.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\User\Desktop\l2mfix\backup.zip[gktext.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\User\Desktop\l2mfix\backup.zip[gp6sl3j71.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\User\Desktop\l2mfix\backup.zip[gp8ul3l91.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\User\Desktop\l2mfix\backup.zip[hN23msp.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\User\Desktop\l2mfix\backup.zip[iawdial.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\User\Desktop\l2mfix\backup.zip[jtr4079qe.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\User\Desktop\l2mfix\backup.zip[l44qleh51h4.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\User\Desktop\l2mfix\backup.zip[lnbmp90n.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\User\Desktop\l2mfix\backup.zip[mvrul9991.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\User\Desktop\l2mfix\backup.zip[n4l8le3u1h.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\User\Desktop\l2mfix\backup.zip[o2840clqefqe0.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\User\Desktop\l2mfix\backup.zip[r4p80e7ueh.dll]
Adware:Adware/Look2Me No disinfected C:\Documents and Settings\User\Desktop\l2mfix\backup.zip[t0r8la9u1d.dll]
Spyware:Spyware/BetterInet No disinfected C:\WINDOWS\ceres.dll
Adware:Adware/ISearch No disinfected C:\WINDOWS\delprot.ini
Adware:Adware/ISearch No disinfected C:\WINDOWS\deskbar.ini
Adware:Adware/Look2Me No disinfected C:\WINDOWS\Temp\upd201.exe
Edited by wandy_lee, 09 May 2005 - 06:19 PM.
#22
Posted 09 May 2005 - 07:09 PM
Good job!
*Click Here to download Killbox by Option^Explicit.
*Extract the program to your desktop and double-click on its folder, then double-click on Killbox.exe to start the program.
*In the killbox program, select the Delete on Reboot option.
*Open the text file with these instructions in it, and copy the file names below to the clipboard by highlighting them and pressing Control-C:
*Return to Killbox, go to the File menu, and choose "Paste from Clipboard".
*Click the red-and-white "Delete File" button. Click "Yes" at the Delete on Reboot prompt. Click "No" at the Pending Operations prompt.
Let me know is nortons still finding any problems ?
*Click Here to download Killbox by Option^Explicit.
*Extract the program to your desktop and double-click on its folder, then double-click on Killbox.exe to start the program.
*In the killbox program, select the Delete on Reboot option.
*Open the text file with these instructions in it, and copy the file names below to the clipboard by highlighting them and pressing Control-C:
C:\WINDOWS\CERES.DLL C:\WINDOWS\deskbar.ini C:\WINDOWS\ceres.dll C:\WINDOWS\delprot.ini C:\WINDOWS\deskbar.ini C:\WINDOWS\Temp\upd201.exe
*Return to Killbox, go to the File menu, and choose "Paste from Clipboard".
*Click the red-and-white "Delete File" button. Click "Yes" at the Delete on Reboot prompt. Click "No" at the Pending Operations prompt.
Let me know is nortons still finding any problems ?
#23
Posted 10 May 2005 - 09:34 PM
NO MORE VIRUS~~~~Norton scanned...no virus~~~ You're the best!! Thank you very much~~~
#24
Posted 10 May 2005 - 09:43 PM
Your very welcome wandy_lee
How is it running ?
Please use the following suggestion to help prevent reinfection
Download the following program, For keeping crap off your system to begin with
Prevent the installation of ActiveX-based spyware, adware, browser hijackers, dialers, and other potentially unwanted pests. Block spyware/tracking cookies in Internet Explorer and Mozilla/Firefox. Restrict the actions of potentially dangerous sites in Internet Explorer.
Download Spyware Blaster
Keep Ad-aware and Spybot handy, Check them for updates prior to running and run them weekly
Same with your Anti Virus,
For an added check run an online virus scan, you can use one of the 2 below,
TrendMicro's HouseCall
ActiveScan
Be sure and give the Temp folders a cleaning out now and then as well, Make sure after you clean your Temp files to empty out your Recycle bin as well.
For ease use the following program
Download and install Cleanup
Run "Cleanup" and when it has finished, Reboot
Remeber to Check Windows for updates
Probably a good time to create a new restore point See Here Name it clean or something like that,
How is it running ?
Please use the following suggestion to help prevent reinfection
Download the following program, For keeping crap off your system to begin with
Prevent the installation of ActiveX-based spyware, adware, browser hijackers, dialers, and other potentially unwanted pests. Block spyware/tracking cookies in Internet Explorer and Mozilla/Firefox. Restrict the actions of potentially dangerous sites in Internet Explorer.
Download Spyware Blaster
Keep Ad-aware and Spybot handy, Check them for updates prior to running and run them weekly
Same with your Anti Virus,
For an added check run an online virus scan, you can use one of the 2 below,
TrendMicro's HouseCall
ActiveScan
Be sure and give the Temp folders a cleaning out now and then as well, Make sure after you clean your Temp files to empty out your Recycle bin as well.
For ease use the following program
Download and install Cleanup
Run "Cleanup" and when it has finished, Reboot
Remeber to Check Windows for updates
Probably a good time to create a new restore point See Here Name it clean or something like that,
#25
Posted 10 May 2005 - 09:48 PM
One more problem here~~
The window firewall is not turned on, not able to turn on, thats why the spyware, adware & viruses can just sneak into my com..actually, not sneak in.. but just upload stuff into my com and start havin fun with it...
Any idea how to turn on the window fire wall at all??
The window firewall is not turned on, not able to turn on, thats why the spyware, adware & viruses can just sneak into my com..actually, not sneak in.. but just upload stuff into my com and start havin fun with it...
Any idea how to turn on the window fire wall at all??
#26
Posted 10 May 2005 - 09:56 PM
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users