Digit Technology Discussion Forum - View Single Post

swatkat · 10-06-2005, 08:09 PM

Download McAfee Stinger.

Boot in SAFE MODE.

Run HijackThis and click Do only a System scan.
Then put a check mark infront of below listed entries:-

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://10.1.0.1/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://10.1.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: 213.219.251.78 www.google.com
O1 - Hosts: 213.219.251.78 google.com
O1 - Hosts: 213.219.251.78 www.google.co.uk
O1 - Hosts: 213.219.251.78 google.co.uk
O1 - Hosts: 213.219.251.78 www.google.ca
O1 - Hosts: 213.219.251.78 google.ca
O1 - Hosts: 213.219.251.78 www.google.es
O1 - Hosts: 213.219.251.78 google.es
O1 - Hosts: 213.219.251.78 www.google.de
O1 - Hosts: 213.219.251.78 google.de
O1 - Hosts: 213.219.251.78 www.google.fr
O1 - Hosts: 213.219.251.78 google.fr
O1 - Hosts: 213.219.251.78 www.google.com.au
O1 - Hosts: 213.219.251.78 google.com.au
O1 - Hosts: 213.219.251.79 www.yahoo.com
O1 - Hosts: 213.219.251.79 yahoo.com
O1 - Hosts: 66.218.75.184 mail.yahoo.com
O1 - Hosts: 213.219.251.81 astalavista.com
O1 - Hosts: 213.219.251.81 www.astalavista.com
O1 - Hosts: 213.219.251.81 astalavista.box.sk
O1 - Hosts: 213.219.251.81 www.astalavista.box.sk
O1 - Hosts: 213.219.251.81 cracks.com
O1 - Hosts: 213.219.251.81 www.cracks.com
O1 - Hosts: 213.219.251.80 www.msn.com
O1 - Hosts: 213.219.251.80 msn.com
O1 - Hosts: 213.219.251.80 search.msn.com
O1 - Hosts: 213.219.251.80 www.search.msn.com
O1 - Hosts: 213.219.251.80 go.com
O1 - Hosts: 213.219.251.80 www.go.com
O4 - HKLM\..\RunServices: [Microsoft--Updates] sxvhost.exe
O4 - HKLM\..\RunServices: [ccUpdate] ccUpdate.exe
O4 - HKLM\..\RunServices: [Window Monitor] winmon32.exe
O4 - HKLM\..\RunServices: [Windows Monitor] winmon.exe
O4 - HKCU\..\RunServices: [Microsoft--Updates] sxvhost.exe
O4 - HKCU\..\RunServices: [Window Monitor] winmon32.exe
O4 - HKCU\..\RunServices: [Windows Monitor] winmon.exe
O15 - Trusted IP range: http://10.1.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{8EE8998F-3B71-45D9-914B-A4B146FE148C}: NameServer = 10.1.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{AE185498-9F07-409E-B027-B40884407DA3}: NameServer = 10.1.0.1

Close all other open programs except Hijackthis and click the button Fix in HijackThis.

Exit from HijackThis. Delete these files:-
sxvhost.exe
ccUpdate.exe
winmon32.exe
winmon.exe

Run Stinger,

Click "Add" and here type the Hard Disk Drive names manually (for example, C:\) and click OK.
Repeat this step so that all the partitions are added.
Then click "Scan Now"

10-06-2005, 08:09 PM	#2 (permalink)
swatkat Human Spambot Join Date: Mar 2004 Location: India Posts: 2,033	Re: Please chk my HijackThis log file Download McAfee Stinger. Boot in SAFE MODE. Run HijackThis and click Do only a System scan. Then put a check mark infront of below listed entries:- R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://10.1.0.1/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://10.1.0.1 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: 213.219.251.78 www.google.com O1 - Hosts: 213.219.251.78 google.com O1 - Hosts: 213.219.251.78 www.google.co.uk O1 - Hosts: 213.219.251.78 google.co.uk O1 - Hosts: 213.219.251.78 www.google.ca O1 - Hosts: 213.219.251.78 google.ca O1 - Hosts: 213.219.251.78 www.google.es O1 - Hosts: 213.219.251.78 google.es O1 - Hosts: 213.219.251.78 www.google.de O1 - Hosts: 213.219.251.78 google.de O1 - Hosts: 213.219.251.78 www.google.fr O1 - Hosts: 213.219.251.78 google.fr O1 - Hosts: 213.219.251.78 www.google.com.au O1 - Hosts: 213.219.251.78 google.com.au O1 - Hosts: 213.219.251.79 www.yahoo.com O1 - Hosts: 213.219.251.79 yahoo.com O1 - Hosts: 66.218.75.184 mail.yahoo.com O1 - Hosts: 213.219.251.81 astalavista.com O1 - Hosts: 213.219.251.81 www.astalavista.com O1 - Hosts: 213.219.251.81 astalavista.box.sk O1 - Hosts: 213.219.251.81 www.astalavista.box.sk O1 - Hosts: 213.219.251.81 cracks.com O1 - Hosts: 213.219.251.81 www.cracks.com O1 - Hosts: 213.219.251.80 www.msn.com O1 - Hosts: 213.219.251.80 msn.com O1 - Hosts: 213.219.251.80 search.msn.com O1 - Hosts: 213.219.251.80 www.search.msn.com O1 - Hosts: 213.219.251.80 go.com O1 - Hosts: 213.219.251.80 www.go.com O4 - HKLM\..\RunServices: [Microsoft--Updates] sxvhost.exe O4 - HKLM\..\RunServices: [ccUpdate] ccUpdate.exe O4 - HKLM\..\RunServices: [Window Monitor] winmon32.exe O4 - HKLM\..\RunServices: [Windows Monitor] winmon.exe O4 - HKCU\..\RunServices: [Microsoft--Updates] sxvhost.exe O4 - HKCU\..\RunServices: [Window Monitor] winmon32.exe O4 - HKCU\..\RunServices: [Windows Monitor] winmon.exe O15 - Trusted IP range: http://10.1.0.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{8EE8998F-3B71-45D9-914B-A4B146FE148C}: NameServer = 10.1.0.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{AE185498-9F07-409E-B027-B40884407DA3}: NameServer = 10.1.0.1 Close all other open programs except Hijackthis and click the button Fix in HijackThis. Exit from HijackThis. Delete these files:- sxvhost.exe ccUpdate.exe winmon32.exe winmon.exe Run Stinger, Click "Add" and here type the Hard Disk Drive names manually (for example, C:\) and click OK. Repeat this step so that all the partitions are added. Then click "Scan Now" __________________ http://swatrant.blogspot.com/