|
Answer» and here's a fresh log of HJT
[recovering disk space -- ATTACHMENT deleted by admin]Download HostsXpert (http://www.majorgeeks.com/Hoster_d4626.html) and then follow the steps below:
* Unzip HostsXpert.zip
* It will create a folder named HostsXpert in whatever folder you extract it to.
* Run HostsXpert.exe by double clicking on it.
* click the MAKE Writeable? button.
* click Restore Microsoft's Hosts File and then click OK.
* Click the X to exit the program
Post new HJT log.all the help is really much appreciated guys
here's the new log for HJT
[recovering disk space -- attachment deleted by admin]*** Are you familiar with Windows Vista Ultimate Keygen? I'm aware, it's a torrent download, but my question is, if you downloaded it, and why do you need to run it on Windows XP?
*** Download, and run CTFMON-Remover: http://www.gerhard-schlager.at/en/projects/ctfmonremover/
The CTFMON-Remover helps you removing the annoying CTFMON.EXE from your Windows OPERATING system. The program is easy to use and displays whether the CTFMON.EXE is installed and running or not. If it was found then you can remove it within seconds. Just in case that you need the CTFMON sometime in the future there is ALSO an option to restore the original one.
Note:The CTFMON.EXE is among other things responsible for changing the language schema of your keyboard (e.g. for switching between the German and English keyboard layout). So in case you are using this feature you shouldn't remove or disable the CTFMON.EXE!
1. Print this post out, since you won't have an access to it, at some point.
2. Close all windows, except for HijackThis.
3. Put a checkmark next to the following HijackThis entries (some entries will be checkmarked to disable unnecessary startups; in those cases [marked with *], no actual program will be removed):
- O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
- *O4 - HKLM\..\Run: [win.exe] G:\Windows Vista Ultimate Keygen.exe
- *O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
- *O4 - HKCU\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
- *O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
- *O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
- *O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
- *O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
- *O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
- O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Register/Branding/olr3313/OCX/flashax.cab
- *O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
4. Click on Fix checked button.
5. Restart computer.
6. Post new HijackThis log.*** Are you familiar with Windows Vista Ultimate Keygen? I'm aware, it's a torrent download, but my question is, if you downloaded it, and why do you need to run it on Windows XP?
so is that where it came from........ a neighbour was round using my computer a few days ago whilst i was at work and later that night told me they had been searching / researching stuff on vista ultimate !!!!!!!!
now i know what she was doing....... god *censored* BEEAAATCCCHHHH
i'll be givin her a mouthful (literally )this is the new HJT log
[recovering disk space -- attachment deleted by admin]Quote now i know what she was doing....... god *censored* BEEAAATCCCHHHH LOOOOOOOOOOOOOOOL
Delete Windows Vista Ultimate Keygen.exe file from G:\ drive, whatever G is.
When done...
Your computer is clean
1. Download, and install CCleaner: http://www.ccleaner.com/download/builds. Get "Slim" version.
Read CCleaner instruction here: http://www.jahewi.nl/ccleaner/ccleaner.html.
Run CCleaner.
2. Turn off System Restore:
- Windows XP:
1. Click Start.
2. Right-click the My Computer icon, and then click Properties.
3. Click the System Restore tab.
4. Check "Turn off System Restore".
5. Click Apply.
6. When turning off System Restore, the existing restore points will be deleted. Click Yes to do this.
7. Click OK.
- Windows Vista:
1. Click Start.
2. Right-click the Computer icon, and then click Properties.
3. Click on System Protection under the Tasks column on the left side
4. Click on Continue on the "User Account Control" window that pops up
5. Under the System Protection tab, find Available Disks
6. Uncheck the box for any drive you wish to disable system restore on (in most cases, drive "C:")
7. When turning off System Restore, the existing restore points will be deleted. Click "Turn System Restore Off" on the popup window to do this.
8. Click OK
3. Restart computer.
4. Turn System Restore on.
5. (optional) Download, and install free version of ThreatFire: http://www.threatfire.com/. It'll give you an extra protection against malwares. It won't interfere with your antivirus program
6. Read "So how did I get infected in the first place?": http://www.castlecops.com/postlite7736-.html
7. Let me know, how your computer is doing.
thx a million guys , I couldn't have done it without you guys
totally sorted !!!! 1 more thing , the programs you have recommended to download and install are they all OK to leave on my system or should i save 'em somewhere where i have easy access to 'em ( on a stick )I'm glad, your computer is back to normal
Did you talk to your neighbour, yet?...LOL
Leave those programs on your computer. You may occasionally run a scan with Superantispyware, and Malwarebytes.
Do NOT touch HJT, though, unless asked to. If you PLAY with it, you may end up with unbootable computer.
|
