Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Loadingsite.com issues. Driveing me INSANE!


  • Please log in to reply

#1
Jask32

Jask32

    New Member

  • Member
  • Pip
  • 7 posts
I somehow got a trojan droper/downloader last night. I'm pretty good with handeling computers and know better to not get these things. Anyways it downloaded even more adware, spyware, and trojans. It was doing it at the speed of light I tell ya. I had so many runing processes that my amd64 bit was lagging. After staying up all night and my computer omost fryed, I got rid of omost every trojan and adware. The only thing that is left is this freaking loadingsite.com BS that spams me with ADs every 2 secs. I even got the guys home phone number who owns the site, called him and gave him a peice of my mind :tazz:

Like I said, being zerged to death by this crap my log is going to be small.

Logfile of HijackThis v1.99.1
Scan saved at 5:04:35 PM, on 6/22/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\Ati2evxx.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\system32\spoolsv.exe
H:\WINDOWS\system32\Ati2evxx.exe
H:\WINDOWS\Explorer.EXE
H:\WINDOWS\system32\vidctrl\vidctrl.exe
H:\Program Files\AIM\aim.exe
H:\Program Files\Internet Explorer\iexplore.exe
H:\Program Files\Ventrilo\Ventrilo.exe
H:\WINDOWS\system32\rundll32.exe
H:\Program Files\Internet Explorer\iexplore.exe
H:\Program Files\Internet Explorer\iexplore.exe
H:\WINDOWS\system32\NOTEPAD.EXE
H:\Documents and Settings\Imp\Desktop\New Comp Dls\backups\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.blizzard.com/
O4 - HKLM\..\Run: [tsvcin] H:\WINDOWS\system32\n20050308.EXE
O4 - HKLM\..\Run: [Nsv] H:\WINDOWS\system32\nsvsvc\nsvsvc.exe
O4 - HKLM\..\Run: [vidctrl] H:\WINDOWS\system32\vidctrl\vidctrl.exe
O4 - HKCU\..\Run: [AIM] H:\Program Files\AIM\aim.exe -cnetwait.odl
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - H:\Program Files\AIM\aim.exe
O20 - Winlogon Notify: Reliability - H:\WINDOWS\system32\l80ulid9180.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - H:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - H:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - H:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - H:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

Thanks for the help!
  • 0

Advertisements


#2
tj416

tj416

    Visiting Staff

  • Member
  • PipPipPip
  • 323 posts
Hi Jask32,

Since HijackThis does not scan the entire system and only certain areas are scanned to help diagnose the presence of undetected malware in some of the telltale places it hides. It is extremely important that you run a full system scan tool like Ad-aware SE and Spybot S&D. I would like to START with those steps and finish the cleanup of strays or undetected items with HJT. I have provided instructions on how to run scan with Ad-aware SE and Spybot S&D in this post.

1) Download, install, update and run a scan with Spybot S&D:
  • Download and Install Spybot S&D, accepting the Default Settings.
  • In the Menu Bar at the top of the Spybot window you will see 'Mode'. Make certain that 'default mode' has a check mark beside it.
  • Close ALL windows except Spybot S&D
  • Click the button to ‘Search for Updates’ and then download and install all available Updates.
  • Next click the button ‘Check for Problems’
  • When Spybot is complete, it will be showing ‘RED’ entries bold 'Black' entries and ‘GREEN’ entries in the window.
  • Make certain there is a check mark beside all of the RED entries ONLY.
  • Choose ‘Fix Selected Problems’ and allow Spybot to fix the RED entries.
  • REBOOT to complete the scan and clear memory.
2) Download, install, update, configure and run a scan with Ad-aware SE:
  • Download and Install Ad-Aware SE, keeping the default options. However, some of the settings will need to be changed before your first scan.
  • Close ALL windows except Ad-Aware SE.
  • Click on the‘world’ icon at the top right of the Ad-Aware SE window and let AdAware SE update the reference list for the adware and malware.
  • Once the update is finished click on the ‘Gear’ icon (second from the left at the top of the window) to access the preferences/settings window:
    • In the ‘General’ window make sure the following are selected in green:
      • Under Safety:
        • Automatically save log-file
        • Automatically quarantine objects prior to removal
        • Safe Mode (always request confirmation)
      • Under Definitions:
        • Prompt to update outdated definitions - set the number of days
    • Click on the ‘Scanning’ button on the left and select in green :
      • Under Driver, Folders & Files:
        • Scan Within Archives
      • Under Select drives & folders to scan:
        • choose all hard drives
      • Under Memory & Registry: all green
        • Scan Active Processes
        • Scan Registry
        • Deep Scan Registry
        • Scan my IE favorites for banned URL’s
        • Scan my Hosts file
    • Click on the ‘Advanced’ button on the left and select in green:
      • Under Shell Integration:
        • Move deleted files to recycle bin
      • Under Logfile Detail Level: (all green)
        • include addtional object information
        • DESELECT - include negligible objects information
        • include environment information
      • Under Alternate Data Streams:
        • Don't log streams smaller than 0 bytes
        • Don't log ADS with the following names: CA_INOCULATEIT
    • Click the ‘Tweak’ button and select in green:
      • Under ‘Scanning Engine’:
        • Unload recognized processes during scanning
        • Scan registry for all users instead of current user only
      • Under ‘Cleaning Engine’:
        • Let Windows remove files in use at next reboot
      • Under Log Files:
        • Include basic Ad-aware SE settings in logfile
        • Include additional Ad-aware SE settings in logfile
        • Please do not check: Include Module list in logfile
  • Click on ‘Proceed’ to save the settings.
  • Click ‘Start’
  • Choose 'Perform Full System Scan'
  • DESELECT "Search for negligible risk entries", as negligible risk entries (MRU's) are not considered to be a threat.
  • Click ‘Next’ and Ad-Aware SE will scan your hard drive(s) with the options you have selected and clean automatically.
  • If Ad-Aware SE finds bad entries, you will receive a list of what it found in the window
  • Save the log file when it asks and then click ‘Finish’
  • REBOOT to complete the removal of what Ad-Aware SE found.
3) Prepare in your reply:
  • A fresh HijackThis log.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP