[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 318
  • Last Modified:

xuron

Anyone know what this is it cannot be fixed by spybot. Seems to be German. It is on a friends comp.

Thanks.

123nitab
0
123nitab
Asked:
123nitab
  • 4
  • 3
1 Solution
 
rossfingalCommented:
Here's a start - don't know if this can be fixed -
at least we get some more information -
Hi!

Download HijackThis (version 1.99.1) from:
http://www.gatesofdelirium.com/ee/tools/
Place it into a folder of it's own - something like:
C:\HJT\hijackthis.exe or C:\Program Files\HJT\hijackthis.exe
Do not run it directly from the "Zip" file, a "temp" folder, or the Desktop.
HijackThis makes "backups" and it's good to have them in a centralized location.

With all browser windows closed - run HijackThis and
copy and paste the log file into the Analysis site here:
http://www.hijackthis.de/en

Click on the "Analyze" button; and when the analysis is done -
Click on the "Save Analysis" button -
A page will be generated with your saved analysis -
Post a LINK to that page back here.

We'll take a look at it!  :)

Please, do not post your log file here!

Here's the Experts-Exchange guidelines on posting HijackThis logs:
http://www.experts-exchange.com/Web/Browser_Issues/Q_21149514.html

Good luck!
RF
0
 
Rich RumbleSecurity SamuraiCommented:
Turn off system restore if using XP or winME
http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm
Try using Ad-Aware, Spy-bot, and M$ Anti-spyware utilities.
-rich
0
 
123nitabAuthor Commented:
http://www.hijackthis.de/index.php#anl
I tried the lsp
mswsoc
winrnr
newdot
rsvpsp

which should I remove.

Thanks so much.

nita
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
rossfingalCommented:
Don't remove anythig yet!
Your link is to the HijackThis Analysis site - not to the page it generates
for your specific log file.

Rf
0
 
123nitabAuthor Commented:
Sorry Rf when I click on the site it goes to my generated page and when I try again I get the same:
http://www.hijackthis.de/index.php#anl

I create the log paste to the site you mentioned then copy the adress bar.

I am so happy to have you helping me I remember your help from before thank you so much.

Juanita
0
 
rossfingalCommented:
Hi!

Make sure that Spybot S & D is updated -

Go into Spybot > Update
Click on "Search for Updates"
Check everything found
One of the updates should be for:
"Advanced detection library"
Click on "Download Updates"

Configure it according to:
http://www.bleepingcomputer.com/forums/tutorial43.html
-----------------------
When you go to the Analysis site -
Copy and paste the HJT log into the window -
Below the window click on the "Analyze" button.
When the analysis is done, toward the bottom,
you'll see a "Save Analysis" button -
Click on that button and a new page will be generated with the saved analysis.
That page is the LINK we need.

RF
0
 
123nitabAuthor Commented:
I went to save analisis. The adress bar is transparant and does not show the address. The title has part of the address.
Can I post the short analysis it shows the newdot entries?

The xuron has left if you want Ross I could close this question and we could move to the other problem. My other question is titled lsp fic. This was a typo for fix.

Thanks so much,

Juanita
0
 
123nitabAuthor Commented:
http://www.hijackthis.de/logfiles/4f718a029b5b7ddd32ffe6a5654e0977.html

Ok I did it! I emailed the file to me then reanalyed it and here is the site thanks.

Nita
0

Featured Post

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now