Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HiJackThis log Question?.


  • Please log in to reply
5 replies to this topic

#1 bluesjunior

bluesjunior

  • Members
  • 761 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:20 PM

Posted 05 February 2009 - 06:54 AM

My PC is an AMD Athlon XP2400+, with 1GB of RAM. I use Comodo CIS, Comodo BoClean and SpyWareBlaster as real time protection. I also have SAS, MBAM and A2 installed as on demand antimalware scanners. I usually run a couple of scans weekly with them on a rota basis updating them manually as I use them. I use Firefox as my default browser and only use IE7 for MSN updates which are set to notify but do not install. I use AutoRuns to keep a check on my Start up entries and use Secunia and FileHippo for latest updates etc. All of my programs are kept up to date.

A couple of times in the last month or so I noticed when I went to manually update Spywareblaster that some of the IE7 and Restricted sites protection had been removed. I re-applied the protection and did a scan with SAS which found nothing and then A2 which only found two tracking cookies in Firefox profiles. As I check updates for Spywareblaster almost daily I knew the above mentioned hadn't been unprotected long. I did wonder though what could do this. Yesterday I did a full scan with MBAM which found a trojan in the Veoh Web Player. I deleted it and immediately uninstalled Veoh from my PC. I thought that would be the end of it but last night when I signed in I found that although CIS had started, Comodo BoClean had not and I started it manually, I then opened Spywareblaster to find that again some of the IE7 and Restricted entries had there protection removed. i again re-applied them and then did a search of my PC for any remaining Veoh entries. Although I thought I had removed them all from my Program Files and hidden files on the initial uninstallation the search none the less turned up about 14 entries. Before removing them I looked to see where they were and found that three of them were in IE7, two as active X controls and one on the toolbar. I then went to IE7 and disabled them there in tools. I next ran a scan with HiJack This and deleted the Veoh entry there as well and then rebooted my PC. On signing into my PC this morning everything so far seems to be working well but later this afternoon I will do a repeat scan with MBAM.

My question is this. when I was reading my HiJack This log last night the only other entry that I couldn't explain was one which was written as the following,
024-desktop component 0:(no name)-(no file)
I am assuming that this is a left over from some program or other on my PC and is now gone but would like a confirmation to be sure before I delete it. Thanks to anyone taking the time to read this and offer any advice.
Motherboard: Gigabyte GA-MA770T-UD3, CPU: AMD Athlon II X3 450 Processor, Memory: OCZ 4GB (2x2GB) DDR3 1333MHz,Graphics: PowerColor HD 5750 1GB GDDR5,
PSU: Corsair 430W CX PSU 4x SATA 1x PCI-E, Hard Drive:Samsung SpinPoint F3 500GB Hard Drive SATAII 7200rpm 16MB Cache.

BC AdBot (Login to Remove)

 


#2 bluesjunior

bluesjunior
  • Topic Starter

  • Members
  • 761 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:20 PM

Posted 05 February 2009 - 02:22 PM

What does the faded blue "briefcase" at the side of this post mean?. Have I posted in the wrong forum?.
Motherboard: Gigabyte GA-MA770T-UD3, CPU: AMD Athlon II X3 450 Processor, Memory: OCZ 4GB (2x2GB) DDR3 1333MHz,Graphics: PowerColor HD 5750 1GB GDDR5,
PSU: Corsair 430W CX PSU 4x SATA 1x PCI-E, Hard Drive:Samsung SpinPoint F3 500GB Hard Drive SATAII 7200rpm 16MB Cache.

#3 KoanYorel

KoanYorel

    Bleepin' Conundrum


  • Staff Emeritus
  • 19,461 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:65 miles due East of the "Logic Free Zone", in Md, USA
  • Local time:12:20 PM

Posted 05 February 2009 - 03:02 PM

At the bottom of most forum pages you will see a key that explains what the icons mean.

Look at the bottom here http://www.bleepingcomputer.com/forums/f/103/am-i-infected-what-do-i-do/
The only easy day was yesterday.

...some do, some don't; some will, some won't (WR)

#4 DaChew

DaChew

    Visiting Alien


  • Members
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:12:20 PM

Posted 05 February 2009 - 03:55 PM

Go to start -> control panel -> Display properties -> Desktop -> Customize Desktop... -> Web tab, then uncheck and delete everything you find in there (except for "My current home page"),

Also remove the checkmark from the the Lock Desktop Items box if it is checked.
Apply.
Apply and Exit Display properties.


you might try this
Chewy

No. Try not. Do... or do not. There is no try.

#5 Animal

Animal

    Bleepin' Animinion


  • Site Admin
  • 35,079 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Where You Least Expect Me To Be
  • Local time:09:20 AM

Posted 05 February 2009 - 04:38 PM

What does the faded blue "briefcase" at the side of this post mean?. Have I posted in the wrong forum?.

If you follow KoanYorel's link you will see the image here:
Posted Image

It means there are no new replies to your post.

The Internet is so big, so powerful and pointless that for some people it is a complete substitute for life.
Andrew Brown (1938-1994)


A learning experience is one of those things that say, "You know that thing you just did? Don't do that." Douglas Adams (1952-2001)


"Imagination is more important than knowledge. Knowledge is limited. Imagination circles the world." Albert Einstein (1879-1955)


Follow BleepingComputer on: Facebook | Twitter | Google+

#6 bluesjunior

bluesjunior
  • Topic Starter

  • Members
  • 761 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:20 PM

Posted 06 February 2009 - 04:25 AM

Silly me not seeing that at the bottom of the page!!.

Da Chew, I tried your solution and it worked ok. There was some little icon in the box which I deleted. I never saw anything about Home Page so deleted the icon, applied and okayed and when I checked the HiJack This log it was also gone from there as well, so thanks a lot.
Motherboard: Gigabyte GA-MA770T-UD3, CPU: AMD Athlon II X3 450 Processor, Memory: OCZ 4GB (2x2GB) DDR3 1333MHz,Graphics: PowerColor HD 5750 1GB GDDR5,
PSU: Corsair 430W CX PSU 4x SATA 1x PCI-E, Hard Drive:Samsung SpinPoint F3 500GB Hard Drive SATAII 7200rpm 16MB Cache.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users