DAL Computer Help - View Single Post - [Resolved]Please help to checl hijackthis log !!

supreme · #3 (**permalink**) 14-05-2009, 06:36 AM

thanks broni advise....

Below here the log from SuperAntiSpyware

================================================== =====

SUPERAntiSpyware Scan Log
SUPERAntiSpyware.com - AntiAdware, AntiSpyware, AntiMalware!

Generated 05/14/2009 at 12:56 PM

Application Version : 4.26.1002

Core Rules Database Version : 3892
Trace Rules Database Version: 1840

Scan type : Complete Scan
Total Scan Time : 00:18:36

Memory items scanned : 216
Memory threats detected : 0
Registry items scanned : 3837
Registry threats detected : 12
File items scanned : 12588
File threats detected : 34

Trojan.Downloader-SVCHost/Fake
HKLM\System\ControlSet001\Services\HWDect
C:\WINDOWS\SYSTEM32\INETSRV\SVCHOST.EXE
HKLM\System\ControlSet001\Enum\Root\LEGACY_HWDect
HKLM\System\ControlSet003\Services\HWDect
HKLM\System\ControlSet003\Enum\Root\LEGACY_HWDect
HKLM\System\CurrentControlSet\Services\HWDect
HKLM\System\CurrentControlSet\Enum\Root\LEGACY_HWD ect

Trojan.Unclassified/RegSVR-Fake
HKLM\System\ControlSet001\Services\RemoteRegistry
C:\WINDOWS\SYSTEM32\REGSVR.EXE
HKLM\System\ControlSet001\Enum\Root\LEGACY_RemoteR egistry
HKLM\System\ControlSet003\Services\RemoteRegistry
HKLM\System\ControlSet003\Enum\Root\LEGACY_RemoteR egistry
HKLM\System\CurrentControlSet\Services\RemoteRegis try
HKLM\System\CurrentControlSet\Enum\Root\LEGACY_Rem oteRegistry

Adware.Tracking Cookie
C:\Documents and Settings\Administrator\Cookies\administrator@atdmt[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@media 6degrees[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@stats e.webtrendslive[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@msnpo rtal.112.2o7[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@micro softwindows.112.2o7[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@bs.se rving-sys[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@inter click[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@doubl eclick[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@servi ng-sys[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@fastc lick[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@micro softinternetexplorer.112.2o7[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ad.yi eldmanager[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@doubl eclick[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@adtec h[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@forum s.msexchange[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@overt ure[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@media plex[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@atdmt[2].txt
C:\Documents and Settings\sql\Cookies\sql@ad.abr.tbn[1].txt
C:\Documents and Settings\sql\Cookies\sql@ad.rich1.adbn[1].txt
C:\Documents and Settings\sql\Cookies\sql@ad.600.tbn[1].txt
C:\Documents and Settings\sql\Cookies\sql@ad.tbn[2].txt
C:\Documents and Settings\sql\Cookies\sql@ad.top1.adbn[1].txt
C:\Documents and Settings\sql\Cookies\sql@ad.agava.tbn[1].txt
C:\Documents and Settings\sql\Cookies\sql@ad.popup.tbn[1].txt
C:\Documents and Settings\sql\Cookies\sql@ad.text.tbn[1].txt
C:\Documents and Settings\sql\Cookies\sql@engine.adnet[2].txt
C:\Documents and Settings\sql\Cookies\sql@hotlog[1].txt
C:\Documents and Settings\sql\Cookies\sql@tns-counter[1].txt
C:\Documents and Settings\sql\Cookies\sql@webfile[2].txt
C:\Documents and Settings\sql\Cookies\sql@yadro[1].txt

Trojan.SVCHost/Fake
C:\DOCUMENTS AND SETTINGS\SQL\MY DOCUMENTS\PROXYHUNTER\SVCHOST.EXE
================================================== =====