1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Admin rights have been revoked and HiJack log

Discussion in 'Virus & Other Malware Removal' started by webnoob, Sep 24, 2008.

Thread Status:
Not open for further replies.
  1. webnoob

    webnoob Thread Starter

    Joined:
    Sep 24, 2008
    Messages:
    1
    Hello,

    When I started my computer this morning I had no backdrop for windows and cannot add one using Right CLick properties. Also, I cannot access task manager as it says I dont have permission (yes I am admin on this machine) Below is my log..

    Thanks for help in advance

    ;***********************************************************************************************************************************************************************************
    ANALYSIS: 2008-09-24 17:23:32
    PROTECTIONS: 1
    MALWARE: 21
    SUSPECTS: 3
    ;***********************************************************************************************************************************************************************************
    PROTECTIONS
    Description Version Active Updated
    ;===================================================================================================================================================================================
    AVG Anti-Virus Free 8.0 Yes Yes
    ;===================================================================================================================================================================================
    MALWARE
    Id Description Type Active Severity Disinfectable Disinfected Location
    ;===================================================================================================================================================================================
    00000431 adware/ist.istbar Adware No 1 Yes No hkey_current_user\software\microsoft\errlook
    00040467 adware/elitebar Adware No 1 Yes No hkey_classes_root\clsid\{0b682cc1-fb40-4006-a5dd-99edd3c9095d}
    00040467 adware/elitebar Adware No 1 Yes No HKEY_LOCAL_MACHINE\software\classes\CLSID\{0B682CC1-FB40-4006-A5DD-99EDD3C9095D}
    00046190 adware/slagent Adware No 0 Yes No c:\windows\mslagent
    00063168 spyware/dluca Spyware No 1 Yes No c:\windows\system32\sncntr.exe
    00063665 adware/pacimedia Adware No 0 Yes No c:\windows\system32\psoft1.exe
    00063665 adware/pacimedia Adware No 0 Yes No c:\windows\system32\psof1.exe
    00063665 adware/pacimedia Adware No 0 Yes No c:\windows\system32\ps1.exe
    00101314 adware/intdel Adware No 0 Yes No c:\program files\inet delivery
    00132710 dialer.xd Dialers No 0 Yes No c:\windows\system32\vbsys2.dll
    00132710 dialer.xd Dialers No 0 Yes No HKEY_LOCAL_MACHINE\software\classes\CLSID\{54645654-2225-4455-44A1-9F4543D34545}
    00132710 dialer.xd Dialers No 0 Yes No hkey_classes_root\clsid\{54645654-2225-4455-44a1-9f4543d34545}
    00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Allan Gaunt\Cookies\[email protected][1].txt
    00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Allan Gaunt\Cookies\[email protected][2].txt
    00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\Allan Gaunt\Cookies\[email protected][2].txt
    00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\Allan Gaunt\Cookies\[email protected][1].txt
    00169287 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\Allan Gaunt\Cookies\[email protected][3].txt
    00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Allan Gaunt\Cookies\[email protected][2].txt
    00186469 Cookie/Reliablestats TrackingCookie No 0 Yes No C:\Documents and Settings\Allan Gaunt\Application Data\Mozilla\Firefox\Profiles\csmvrsu2.default\cookies.txt[stats1.reliablestats.com/]
    00186469 Cookie/Reliablestats TrackingCookie No 0 Yes No C:\Documents and Settings\Allan Gaunt\Application Data\Mozilla\Firefox\Profiles\csmvrsu2.default\cookies.txt[stats1.reliablestats.com/]
    00186469 Cookie/Reliablestats TrackingCookie No 0 Yes No C:\Documents and Settings\Allan Gaunt\Application Data\Mozilla\Firefox\Profiles\csmvrsu2.default\cookies.txt[stats1.reliablestats.com/]
    00186469 Cookie/Reliablestats TrackingCookie No 0 Yes No C:\Documents and Settings\Allan Gaunt\Application Data\Mozilla\Firefox\Profiles\csmvrsu2.default\cookies.txt[stats1.reliablestats.com/]
    00207936 Cookie/Adviva TrackingCookie No 0 Yes No C:\Documents and Settings\Allan Gaunt\Cookies\[email protected][2].txt
    00329272 Cookie/Systemdoctor TrackingCookie No 0 Yes No C:\Documents and Settings\Allan Gaunt\Application Data\Mozilla\Firefox\Profiles\csmvrsu2.default\cookies.txt[www.systemdoctor.com/]
    00351416 Cookie/Systemdoctor TrackingCookie No 0 Yes No C:\Documents and Settings\Allan Gaunt\Application Data\Mozilla\Firefox\Profiles\csmvrsu2.default\cookies.txt[.systemdoctor.com/]
    00351416 Cookie/Systemdoctor TrackingCookie No 0 Yes No C:\Documents and Settings\Allan Gaunt\Application Data\Mozilla\Firefox\Profiles\csmvrsu2.default\cookies.txt[.systemdoctor.com/]
    00351416 Cookie/Systemdoctor TrackingCookie No 0 Yes No C:\Documents and Settings\Allan Gaunt\Application Data\Mozilla\Firefox\Profiles\csmvrsu2.default\cookies.txt[.systemdoctor.com/]
    00351416 Cookie/Systemdoctor TrackingCookie No 0 Yes No C:\Documents and Settings\Allan Gaunt\Application Data\Mozilla\Firefox\Profiles\csmvrsu2.default\cookies.txt[.systemdoctor.com/]
    00383955 Joke/Bluescreen Jokes No 0 Yes No C:\System Volume Information\_restore{876ECB03-0691-43D4-93B3-9A07BCFDEB8B}\RP507\A0118302.scr
    00512523 Adware/Zango Adware No 0 Yes No C:\WINDOWS\Downloaded Program Files\ClientAX.dll
    01048936 Generic Malware Virus/Trojan No 0 Yes No C:\Program Files\GameSpy Arcade\Services\_common\PortraitLoader.dll
    01048936 Generic Malware Virus/Trojan No 0 Yes No D:\Games\GameSpy Arcade\Services\_common\PortraitLoader.dll
    03548684 Adware/RogueAntimalware2008 Adware No 0 Yes No C:\System Volume Information\_restore{876ECB03-0691-43D4-93B3-9A07BCFDEB8B}\RP507\A0118366.vbs
    03548684 Adware/RogueAntimalware2008 Adware No 0 Yes No C:\System Volume Information\_restore{876ECB03-0691-43D4-93B3-9A07BCFDEB8B}\RP507\A0118317.vbs
    03548684 Adware/RogueAntimalware2008 Adware No 0 Yes No C:\Documents and Settings\Allan Gaunt\Local Settings\Temp\.tt1.tmp.vbs
    ;===================================================================================================================================================================================
    SUSPECTS
    Sent Location /
    ;===================================================================================================================================================================================
    No D:\Downloads\Graphic & Media\Protected.Music.Converter.zip[Protected.Music.Converter.0.99b.softarchive.net.Porte.exe][Protected.Music.Converter.0.99b.softarchive.net.Porte.exe][PMConvert.exe]
    No D:\Games\GameSpy Arcade\gslan.dll /
    No D:\Graphic & Media\WMA-MP3.com\Protected Music Converter\Portected.exe[D:\Graphic & Media\WMA-MP3.com\Protected Music Converter\Portected.exe][PMConvert.exe]
    ;===================================================================================================================================================================================
    VULNERABILITIES
    Id Severity Description /
    ;===================================================================================================================================================================================
    ;===================================================================================================================================================================================
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/752952

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice