Thread: Need help with trojans
View Single Post
  #2 (permalink)   Top
Old 19th May 2009, 08:17 PM
evilfantasy's Avatar
evilfantasy evilfantasy is offline evilfantasy has a Profile Picture
Security Team
  
Join Date: Dec 2007, 2,555 posts.
Location: Tulsa, OK
Reputation: evilfantasy will become famous soon enoughevilfantasy will become famous soon enough
Open HijackThis and select Do a system scan only

Vista users right click on HijackThis and select Run as Administrator. (you will receive a UAC prompt, please allow it)

Place a check mark next to the following entries: (if there)
  • O1 - Hosts: ::1 localhost
  • O1 - Hosts: 94.232.248.66 browser-security.microsoft.com
  • O1 - Hosts: 94.232.248.66 antivirsystem.com
  • O1 - Hosts: 94.232.248.66 Antivirus System PRO Powerfull PC Protection
  • O2 - BHO: (no name) - {ABC71DAD-EFCF-4BDF-BFD5-3251CC361274} - c:\windows\system32\wjbkchl.dll (file missing)
  • O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
  • O4 - HKLM\..\Policies\Explorer\Run: []
  • O4 - HKUS\S-1-5-19\..\RunOnce: [] (User 'LOCAL SERVICE')
  • O4 - HKUS\S-1-5-20\..\RunOnce: [] (User 'NETWORK SERVICE')
  • O4 - HKUS\S-1-5-18\..\RunOnce: [] (User 'SYSTEM')
  • O4 - HKUS\.DEFAULT\..\RunOnce: [] (User 'Default user')
  • O15 - Trusted Zone: http://*.trymedia.com (HKLM)
  • O20 - Winlogon Notify: wyqiokml - wjbkchl.dll (file missing)
.
Important: Close all open windows except for HijackThis and then click Fix checked.

Once completed, exit HijackThis.

----------

Download ComboFix© by sUBs from one of the below links. Be sure top save it to the Desktop.

Link #1
Link #2

**Note: It is important that it is saved directly to your Desktop

Close any open Web browsers. (Firefox, Internet Explorer, etc) before starting ComboFix.

Temporarily disable your antivirus and any antispyware real time protection before performing a scan. Click this link to see a list of security programs that should be disabled and how to disable them.

Double click combofix.exe & follow the prompts.
Vista users Right-Click on ComboFix.exe and select Run as administrator (you will receive a UAC prompt, please allow it)
When finished ComboFix will produce a log for you.
Post the ComboFix log in your next reply.

Important: Do not mouseclick ComboFix's window while it is running. That may cause it to stall.

Remember to re-enable your antivirus and antispyware protection when ComboFix is complete.

If you have problems with ComboFix usage, see How to use ComboFix
__________________
.

ƃolq s’ʎsɐʇuɐɟlıʌǝ
Reply With Quote