Jump to content

little eagle

Trusted Malware Techs
  • Content Count

    188
  • Joined

  • Last visited

About little eagle

  • Rank
    Member
  • Birthday 03/24/1958

Contact Methods

  • Website URL
    http://www.nutnworks.com/
  • ICQ
    0

Profile Information

  • Gender
    Male

Previous Fields

  • Teams:
    Nothing Selected
  1. little eagle

    Vista: The First 6 Months

    Well I do, I have had vista on my desktop for 6 months and only got it to boot 3 times. Now that I got my wife a laptop with XP (her favorite) and the network set up I can now boot up the vista hard drive that I don't have any trouble with, anytime I want
  2. little eagle

    my HJT log

    Since your issues appear to be resolved, I will now close this topic and move it to the Solved HJT Logs. Should you need it reopened for any reason, please PM one of the members of the Trusted HJT Advisors
  3. little eagle

    my HJT log

    Sorry for the delayed responce. You log is clean how is it running. Can this thread be closed ?
  4. little eagle

    please help

    Since there has been no reply in some time I will now close this topic and move it to the Solved HJT Logs. Should you need it reopened for any reason, please PM one of the members of the Trusted HJT Advisors
  5. little eagle

    HijackThis Log

    Since there has been no reply in some time I will now close this topic and move it to the Solved HJT Logs. Should you need it reopened for any reason, please PM one of the members of the Trusted HJT Advisors
  6. little eagle

    my HJT log

    Spybot S&D lets you kill the 04's, the startups. Start Spybot click mode at the top left, make sure that advanced mode is checked. Then click on tools on the lower left. Then system startup, to the right is a double arrow bar click it to expand. Now clicking on a value you will get a description of the command line. Removing the green check mark will stop the startup. Should you decide that you need or want it back just replace the check mark. Restarting your PC will complete the change. These are Not required can be started manually if necessary. O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
  7. little eagle

    my HJT log

    Please follow a few tips to remain malware free: Make sure you keep your Windows OS current by visiting Windows update occasionaly to download and install any critical updates and service packs. With out these you are leaving the backdoor open. Also download, install and keep updated- Antivirus Software (and use only one): Free for home users: avast! 4 Home Edition Download AVG free version 7.0 AVG free version v6.0 updates ended 12/31/04 AntiVir Personal Edition Adjust your browser settings: Change your(active x) settings in IE. With IE open go to tools, internet options, security tab. Click on the internet globe, then custom level. Set the first option "download signed active x controls" to prompt, the next two to disable. Read more: Internet Explorer Privacy & Security Settings Working with Internet Explorer 6 Security Many exploits are directed at Internet Explorer, you dont have to use it. Try a different browser: Like Firefox, And Thunderbird for controling spam in your e-mail. Install a firewall. A firewall will control what comes in from the internet and what leaves your computer to the internet. A firewall will also alert you when a application trys to connect to the internet from your computer, this is a good way to catch crapware or trojans, trying to connect out bound from your computer- whats that and why does it need a internet connection? You can deny it access it until more investigation is done. Zone Alarm is a free and easy to use firewall, that will provide in and outbound protection. Microsoft XP firewall only provides inbound protection, but is not as robust as third party firewalls, Be sure to run only >one< firewall.If you use another, be sure to disable XP's built in firewall.A inexpensive NAT hardware router with SPI (firewall)would be even better,along with a software firewall. Zone Alarm Kerio Personal Firewall Outpost Firewall Download, install and update before using:(if these are constantly finding malware, then you need to make some changes) Ad-Aware SE Personal edition Spybot Search and destroy Becarful with spyware "removers and scanners"-- there are many "rogue/suspect" programs that "claim to remove" spyware. Other programs to consider: SpywareBlaster IE-SPYAD AntiTrojan software to fill in the gap: a2 free Ewido Security Suite Trojan Hunter (30 day trial version) Learn More: Tony's article So how did I get infected in the first place? How to Secure (and Keep Secure) My (New) Computer(s) Home Computer Security Wilders Security Advisors Watch what you download, and where you download it from. Many programs come bundled with "extra" crapware you may not want. Make sure you know what it is you will be downloading and installing. Visit the makers website, learn more about the program, Does the program you want come bundled with other "3rd party" programs? What do the 3rd party programs do? Will they deliver ads? Track your surfing habits?.You may be installing more than you think, Read the EULA agreement, you know that paragraph of stuff you "agree to" before the software installs? Stay away from warez and crack sites. Becarful what you download from file sharing networks.If you are not sure, scan it with your Antivirus app. A small file (in KB) is probably not what you think it is. Some p2p clients also install 3rd party stuff you probably dont want.
  8. little eagle

    please help

    Should you need instructions for ; Scan with Spybot S&D and Ad-Aware Click the link above. Make sure you keep your Windows OS current by visiting Windows update
  9. little eagle

    please help

    Should you need instructions for ; Showing hidden files and folders in Windows. Reboot in safe mode. How to set up a HijackThis folder correctly to make backups. Scan with Spybot S&D and Ad-Aware Click the links above. Please download and install this disk cleanup utility called Cleanup! Don't run it yet. Alternate download link. It will get rid of any malware which may be hiding in your temp folders. You will also regain a massive amount of disk space. Here is a tutorial which describes its usage. Close all Browser and Program Windows and have HijackThis fix the following. Do this by checking the box beside each and then clicking on Fix checked. R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.websearch.com/ie.aspx?tb_id=50245 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.websearch.com/ie.aspx?tb_id=50245 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = res://C:\PROGRA~1\Toolbar\toolbar.dll/sa R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.websearch.com/ie.aspx?tb_id=50245 R3 - Default URLSearchHook is missing O2 - BHO: (no name) - {8952A998-1E7E-4716-B23D-3DBE03910972} - C:\PROGRA~1\Toolbar\toolbar.dll O3 - Toolbar: &Search Toolbar - {339BB23F-A864-48C0-A59F-29EA915965EC} - C:\PROGRA~1\Toolbar\toolbar.dll O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe O4 - HKLM\..\Run: [TBPS] C:\PROGRA~1\Toolbar\TBPS.exe O15 - Trusted Zone: http://www.bankofamerica.com O15 - Trusted Zone: http://www.hotmail.com O15 - Trusted Zone: http://www.neteller.com O15 - Trusted Zone: http://login.passport.net O15 - Trusted Zone: http://www.raketracker.com O15 - Trusted Zone: http://www.twoplustwo.com O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/MediaAcc.../bridge-c18.cab O16 - DPF: {AED98630-0251-4E83-917D-43A23D66D507} (WebHandler Class) - http://activex.microgaming.com/DLhelper/ve...n7/dlhelper.cab O18 - Protocol: tpro - {FF76A5DA-6158-4439-99FF-EDC1B3FE100C} - C:\PROGRA~1\Toolbar\toolbar.dll Reboot in safe mode. Then click start>my computer>local disk (then follow the path) or Using Windows Explorer, locate the following files/folders, and delete them: Delete the folder(s) listed C:\Program Files\Viewpoint C:\PROGRA~1\Toolbar Run Cleanup! Reboot and Rescan with HJT and post a new log here. Also please describe how your computer behaves now.
  10. little eagle

    my HJT log

    Should you need instructions for ; Showing hidden files and folders in Windows. Reboot in safe mode. How to set up a HijackThis folder correctly to make backups. Scan with Spybot S&D and Ad-Aware Click the links above. Close all Browser and Program Windows and have HijackThis fix the following. Do this by checking the box beside each and then clicking on Fix checked. O2 - BHO: (no name) - {00D6A7E7-4A97-456f-848A-3B75BF7554D7} - (no file) O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\system32\P2P Networking\P2P Networking.exe /AUTOSTART O8 - Extra context menu item: &Search - http://ka.bar.need2find.com/KA/menusearch.html?p=KA O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) - Reboot in safe mode. Then click start>my computer>local disk (then follow the path) or Using Windows Explorer, locate the following files/folders, and delete them: Delete the folder(s) listed C:\WINDOWS\system32\P2P Networking Reboot and Rescan with HJT and post a new log here.
  11. little eagle

    just making sure i am not infected

    Since there has been no reply in some time I will now close this topic and move it to the Solved HJT Logs. Should you need it reopened for any reason, please PM one of the members of the Trusted HJT Advisors
  12. little eagle

    Spy Sheriff - Can't Get rid of iy

    Since there has been no reply in some time I will now close this topic and move it to the Solved HJT Logs. Should you need it reopened for any reason, please PM one of the members of the Trusted HJT Advisors
  13. little eagle

    HijackThis Log

    Nothing major. But it would be nice to know what you deleted with Hijackthis Close all programs leaving only HijackThis running. Place a check against each of the following, Click on Fix Checked when finished and exit HijackThis. R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
  14. little eagle

    just making sure i am not infected

    Should you need instructions for ; Showing hidden files and folders in Windows. Reboot in safe mode. How to set up a HijackThis folder correctly to make backups. Scan with Spybot S&D and Ad-Aware Click the links above. Please download and install this disk cleanup utility called Cleanup! Don't run it yet. Alternate download link. It will get rid of any malware which may be hiding in your temp folders. You will also regain a massive amount of disk space. Here is a tutorial which describes its usage. Reboot in safe mode. Close all Browser and Program Windows and have HijackThis fix the following. Do this by checking the box beside each and then clicking on Fix checked. F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe O2 - BHO: ICOOExternal Class - {0519A9C9-064A-4cbc-BC47-D0EACD581477} - C:\Program Files\ICOO Loader\addons\icooue.dll O2 - BHO: ICOODManager Class - {465A59EC-20E5-4fca-A38A-E5EC3C480218} - C:\Program Files\ICOO Loader\addons\icoou.dll O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - C:\Program Files\Need2Find\bar\1.bin\ND2FNBAR.DLL (file missing) O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file) O2 - BHO: (no name) - {D2003837-CDA7-E79C-4D69-9251605A6928} - C:\Program Files\cdmweb\ojhoqpqdyw.dll (file missing) O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file) O4 - HKLM\..\Run: [iST Service] C:\Program Files\ISTsvc\istsvc.exe Then click start>my computer>local disk (then follow the path) or Using Windows Explorer, locate the following files/folders, and delete them: Delete the following file(s) listed. C:\WINDOWS\Nail.exe Delete the folder(s) listed C:\Program Files\ICOO Loader C:\Program Files\Need2Find C:\Program Files\ISTsvc Run Cleanup! Reboot and Rescan with HJT and post a new log here. Also please describe how your computer behaves now.
  15. little eagle

    Spy Sheriff - Can't Get rid of iy

    Launch Notepad (start > run > “notepad”), and copy/paste the box below into a new text file. Select “all files” in the “save as type” field. Save it as FindFile.bat and save it on your Desktop. Locate FindFile.bat on your Desktop and double-click on it. It will open Notepad with some text in it. Please post the text here.
×