Tech Support Forum - View Single Post - backdoor.hupigon, comp slowdown, broken Firefox

sUBs · 10-03-2007, 02:36 PM

Do a HijackThis scan & place a check next to these items and select "Fix checked":

O17 - HKLM\System\CCS\Services\Tcpip\..\{0F8A980E-4837-41E0-B5A1-BDE56CDF7711}: NameServer = 85.255.113.141,85.255.112.145
O17 - HKLM\System\CCS\Services\Tcpip\..\{36BF306B-97D5-4F0A-93D0-F811D75521EE}: NameServer = 85.255.113.141,85.255.112.145
O17 - HKLM\System\CCS\Services\Tcpip\..\{477EA422-D9E6-4368-8567-28E1D5FF01CA}: NameServer = 85.255.113.141,85.255.112.145
O17 - HKLM\System\CCS\Services\Tcpip\..\{869117BB-73C1-4B64-86EC-EE9334021664}: NameServer = 85.255.113.141,85.255.112.145
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\..\{0F8A980E-4837-41E0-B5A1-BDE56CDF7711}: NameServer = 85.255.113.141,85.255.112.145
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222

---------------

1. Download & Save this file to Desktop -> http://download.bleepingcomputer.com...a/ComboFix.exe

2. Double click on combofix.exe & follow the prompts.

3. When finished, it shall produce a log for you. Post that & a fresh Hijackthis log in your next reply

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall

10-03-2007, 02:36 PM	#3 (permalink)
sUBs Asst Manager Security, Expert Analyst, Moderator, Security Team; Rangemaster, Moderator, TSF Academy Join Date: May 2005 Posts: 24,489 OS: N/A	Re: backdoor.hupigon, comp slowdown, broken Firefox Do a HijackThis scan & place a check next to these items and select "Fix checked": O17 - HKLM\System\CCS\Services\Tcpip\..\{0F8A980E-4837-41E0-B5A1-BDE56CDF7711}: NameServer = 85.255.113.141,85.255.112.145 O17 - HKLM\System\CCS\Services\Tcpip\..\{36BF306B-97D5-4F0A-93D0-F811D75521EE}: NameServer = 85.255.113.141,85.255.112.145 O17 - HKLM\System\CCS\Services\Tcpip\..\{477EA422-D9E6-4368-8567-28E1D5FF01CA}: NameServer = 85.255.113.141,85.255.112.145 O17 - HKLM\System\CCS\Services\Tcpip\..\{869117BB-73C1-4B64-86EC-EE9334021664}: NameServer = 85.255.113.141,85.255.112.145 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222 O17 - HKLM\System\CS1\Services\Tcpip\..\{0F8A980E-4837-41E0-B5A1-BDE56CDF7711}: NameServer = 85.255.113.141,85.255.112.145 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222 --------------- 1. Download & Save this file to Desktop -> http://download.bleepingcomputer.com...a/ComboFix.exe 2. Double click on combofix.exe & follow the prompts. 3. When finished, it shall produce a log for you. Post that & a fresh Hijackthis log in your next reply Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall __________________ Question - what have you done for the community today?