Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works

Possible OIN Raping ? [CLOSED]

  • This topic is locked This topic is locked

Atrophic Spin

Atrophic Spin

    New Member

  • Member
  • Pip
  • 1 posts
Good morning,

I searched quite a bit about this infection that I think I hvae on my desktop computer - I don't know too much about the technical aspect of the computer itself but I do know that I use my home PC for work and my productivity level has dropped drastically due to whatever is attacking my pc.

I have a HJT file at the bottom if any of you care to attack it as though its about to get on a plane with explosives in its shoes ( it would be greatly appreciated).

I'm actually typing this from a laptop I have because my pc does some things that make it impossible to even try to fix with spy bot or clean up or anything like that - almost like it senses when I either turn on the wireless router or run an anti spyware program...

I'll start up my pc and after everything is loaded, it's almost like a delayed reaction - then I hear the window intor sound - instead of when you start up right away - and it sounds almost like it is sped up a little --- I usualy have about a good 2 minues before I can hear my hard drive go silent and everything freekes - the mouse won't move and the keyboard is no help either -

If I tart up without the wireless router on it gives me maybe a good 5 minutes instead - still does the whole delayed thing but doesn't freeze up right away -
so I will try to run something to catch what maybe eating away My and my computers last bit of sanity... But Alas... ANything that I choose to run freezes and I have to hard boot it to start all over ---

I've also noticed that in my add remove programs there is this thing called OIN?
I can't remove it no matter what I try -

Anyway - here's the log file because I'm pretty sure it will make more sense than te rambling that just ensued --

Thanks for all your help in advance...


Logfile of HijackThis v1.99.1
Scan saved at 12:32:03 PM, on 8/25/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\Documents and Settings\Ellyssa Ackerman\Local

O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} -
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} -
O4 - HKLM\..\Run: [MSConfig]
C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} -
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} -
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage
Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. -
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. -
O23 - Service: AntiVir Update (AVWUpSrv) - Unknown owner - C:\Program
Files\AVPersonal\AVWUPSRV.EXE (file missing)
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. -
C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation -
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Unknown owner -
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe (file missing)
  • 0



  • Guest
Hi Atrophic Spin

Please read through the instructions before you start (you may want to print this out).

Please set your system to show all files; please see here if you're unsure how to do this.

Please download and install AD-Aware se.
Click Here on how setup and use it - please make sure you update it first. Don't run yet.

Download Pocket Killbox and unzip it; save it to your Desktop. We may need it later.

Download Ewido Trojan’s and malware remover http://www.ewido.net/en/download/
This setup contains the free as well as the plus-version of the ewido security suite. After the installation, a free 14-day test version containing all the extensions of the plus-version will be activated. At the end of the test phase, the extensions of the plus version are deactivated and the freeware version can be used unlimited times. The purchased license code of the plus version can be entered at any time.
Ewido will auto-udate. Don't run yet

Reboot into Safe Mode: please see here if you are not sure how to do this.

Run Ewido full scan. Save the scan.log and post the log.

Clear out the files in the Prefetch folder. Go to start> run> type into the box Prefetch and delete all the files in that folder.

Please go offline, close all browsers and any open Windows, making sure that only HijackThis is open. Scan and when it finishes, put an check in the boxes, only next to these following items:
F1 - win.ini: run=fntldr.exe
O19 - User stylesheet: C:\WINDOWS\Web\tips.ini
O19 - User stylesheet: C:\WINDOWS\hh.htt (HKLM)

Click on Fix Checked when finished and exit HijackThis.

Run Ad-aware se let it remove all it finds

Clean out temporary and TIF files. Go to Start > Run and type in the box: cleanmgr. Let it scan your system for files to remove. Make sure all are checked and then press *ok* to remove:

Run killbox and click the radio button that says Delete a file on reboot. For each of the files you could not delete, paste them one at a time into the full path of file to delete box and click the red circle with a white cross in it.
The program will ask you if you want to reboot; say No each time until the last one has been pasted in whereupon you should answer (Yes.)
F1 - win.ini: run=fntldr.exe

Let the system reboot as normal.

Please download, install and run this disk cleanup utility called Cleanup version 4.0!: http://downloads.ste...p/CleanUp40.exe
It will get rid of any malware which may be hiding in your temp folders ( a common hiding place). You will also regain a massive amount of disk space. Here is a tutorial which describes its usage: http://www.bleepingc...tutorial93.html
Check the custom settings to your liking under options, but be sure to delete temporary files and temporary internet files for all user profiles. Also, cleanout the prefetch folder and the recycle bin.When the scan has finnished click the close button
When prompted the system will log off to let it clean out the remaining files. when the log screen shows log back on and continue the fix.

Please run the following free, online virus scans.
Please post the log From Panda virus scan. We will need them to remove previous infections that have left files on your system.

Run HijackThis and post the new log.

Kc :tazz:
  • 0


  • Guest
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0

Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP