WE'RE SURE THAT YOU'LL LOVE US!
Hey there! 
Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. 
Join 93084 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.
Try What the Tech -- It's free!
Hjt Question
Started by
MrCharlie
, Mar 19 2004 05:55 PM
5 replies to this topic
#1
MrCharlie
-
- Malware Team
-
- 2,949 posts
SuperMember
Posted 19 March 2004 - 05:55 PM
Register to Remove
#2
Guest_Newkid_*
Guest_Newkid_*
-
- Guests
Posted 19 March 2004 - 08:05 PM
Seems baddie at first look....You need to post the complete HJT Log in order to get correct assistance on it.
#3
Budfred
-
- Visiting Fellow
-
- 791 posts
Malware hound
- Interests:++
Posted 20 March 2004 - 01:55 AM
It certainly looks like it is trying to look like a couple of legit files and that usually suggests bad.... You can check in Properties for the file. If it is clearly garbage, remove it. If it looks like it could be legit, post the info you find so we can see how it holds up. You can also rename the file with BAK extension and see if it makes any difference since it won't execute with that extension. You have to reboot to check it out...
Budfred
Post a complaint about malware here!!
MS MVP 2006 and ASAP Member since 2004
"So how did I get infected in the first place?"
Post a complaint about malware here!!
MS MVP 2006 and ASAP Member since 2004
"So how did I get infected in the first place?"
#4
MrCharlie
-
- Malware Team
-
- 2,949 posts
SuperMember
Posted 22 March 2004 - 05:57 PM
I was helping someone else out, but they never got back to me so I don't have any info on that file but it certainly looks bad. The original problem was a dialer , www.seksdialer.com , and a shortcut called Teen Seks movie on the desktop. Here's what I found and had him fix:
R3 - Default URLSearchHook is missing
O4 - Startup: startit.exe
O4 - HKLM\..\Run: [System Restores] C:\WINDOWS\svahost.exe
C:\WINDOWS\System32\dlloc.exe
#5
Budfred
-
- Visiting Fellow
-
- 791 posts
Malware hound
- Interests:++
Posted 22 March 2004 - 06:33 PM
If you are planning to do a lot of helping out with logs, you might want to apply to be admitted to the Classroom.... Check here for details:
http://forums.tomcoy...?showtopic=1421
http://forums.tomcoy...?showtopic=1421
Budfred
Post a complaint about malware here!!
MS MVP 2006 and ASAP Member since 2004
"So how did I get infected in the first place?"
Post a complaint about malware here!!
MS MVP 2006 and ASAP Member since 2004
"So how did I get infected in the first place?"
#6
MrCharlie
-
- Malware Team
-
- 2,949 posts
SuperMember
Posted 24 March 2004 - 07:29 PM
OK, I'll look into it. I've been posting on www.annoyances.org for the last 2 years or so, mostly in the 98 and ME forums, also just started helping in the Spyware/Security forum at www.computing.net.
With all the spy/adware problems and hijackers I should expand my knowledge, I do find it very interesting and challenging.
I try to read all the post here and learn from them.
Thanks alot - MrC
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
