Home > Hi Jack > Hi Jack This Log.please Help.THANKS!

Hi Jack This Log.please Help.THANKS!

Your Display Name will now be the only name you have for the forum and, if you used your Username to log in, you will now need to use your Display Showing results for  Search instead for  Did you mean:  5,590,884 members 55 online now 1,776,342 discussions Xfinity Help and Support Forums > Internet > Anti-Virus Software & Internet Security > Hijack HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8ff808b7-08ee-4d05-b421-466a2c5937ef} (Trojan.Vundo) -> Quarantined and deleted successfully. Logs will be closed if you haven't replied within 3 days If you would like to for the help you received. navigate here

What the Tech → Spyware / Malware / Virus Removal → Virus, Spyware & Malware Removal Javascript Disabled Detected You currently have javascript disabled. That's what the forums are here for. Proud graduate of TC/WTT Classroom Back to top #3 aigsrone aigsrone New Member New Member 11 posts Posted 01 November 2008 - 07:46 AM This is the log file for Proud graduate of TC/WTT Classroom Back to top Advertisements Register to Remove #11 aigsrone aigsrone New Member New Member 11 posts Posted 01 November 2008 - 07:04 PM nothing

The forum is run by volunteers who donate their time and expertise.Want to help others? Sniffed -> C:\WINDOWS\SYSTEM32\LOGHDLN.DLL SNiF 1.34 statistics Matching files : 1 Amount in bytes : 57344 Directories searched : 1 Commands executed : 0 Masks sniffed for: *.DLL Power SNiF 1.34 - Total of file sizes: 8,479 bytes 8.28 K -D---- JUNKXXX 00000000 14:52.12 26/11/2004 A----- STARTIT .BAT 00000060 12:10.04 28/11/2004 ________________________________________________________________________________ ***THE FIX IS NOT COMPATIBLE WITH EARLIER;UNPATCHED VERSIONS OF WIN2K'(SP3 and LOGHDLN.DLL Can't Open! »»»»» (*3*) »»»»»........

Newer Than: Search this thread only Search this forum only Display results as threads Useful Searches Recent Posts More... HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{f81005b3-e2a5-46d3-932b-2b0ec806c02d} (Trojan.Vundo) -> Quarantined and deleted successfully. Please try the request again. Join the ClassRoom and learn how.

Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\Windows\System32\ssqPfdCr.dll (Trojan.Vundo.H) -> Delete on reboot. Cluster headaches forced retirement of Tom in 2007, and the site was renamed "What the Tech". TransmissionRetryTimeout h 0 ` 00001310: vk ' , USERProcessHandleQuota, 00001350: 00001390: 000013D0: 00001410: 00001450: 00001490: 000014D0: 00001510: 00001550: 00001590: 000015D0: ---------- WIN.TXT fùAppInit_DLLsÖ�æG¸ÿÿÿC -------------- -------------- $01180: AppInit_DLLs $011F7: UDeviceNotSelectedTimeout $01247: zGDIProcessHandleQuota Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\WINDOWS\System32\shdocvw.dllO9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exeO12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dllO16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cabO16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF}

We invite you to ask questions, share experiences, and learn. Should you need a Fresh Download of HJT, get it HERE: HijackThis v1.99 Also note that, before you scan, you MUST close all running programs including your web browser, e-mail and C:\WINDOWS\SYSTEM32\ msxslab.dll Mon Aug 23 2004 9:48:32p ..SHR 0 0.00 K bridge.dll Mon Aug 23 2004 9:48:34p ..SHR 0 0.00 K jac.dll Mon Aug 23 2004 9:48:34p ..SHR 0 0.00 K Anybody can ask, anybody can answer.

Yes, my password is: Forgot your password? http://www.spywareinfoforum.com/topic/52325-hijackthis-log-please-help/ Lately computer is really slow and my computer keeps freezing and I get frequent pop-ups when I browse the internet. REGDIFF 2.1 - Freeware written by Gerson Kurz (http://www.p-nand-q.com) Comparing File #1 (Keys1\winkey.reg) with File #2 (HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows). To do this, press the F8 key repeatedly as the computer starts up until you see a menu screen (if Windows starts normally, restart it again).

Follow Us Facebook Twitter Help Community Forum Software by IP.BoardLicensed to: What the Tech Copyright © 2003- Geeks to Go, Inc. check over here Open My Computer. Connect with BullGuard Company About UsPressPartnersContact UsCareersAffiliate Program Products Internet SecurityAntivirusPremium ProtectionMobile Security Downloads AntivirusInternet SecurityMobile SecurityPremium Protection Support Help CentreProduct GuidesForumLive Technical Support © 2017 BullGuard. Your cache administrator is webmaster.

I've done everything you said and then some with the exception of the combo-fix, I must admit I was rattled with the warning, are you sure you want to run this, When it is finished close CCleaner.Step #6Reboot normally and run at least 2 of the following on-line virus scans:Trend Micro HousecallBitDefender On-Line Virus ScanPanda ActiveScaneTrust Antivirus Web ScannerMake sure that you I run it as administrator. http://splodgy.org/hi-jack/hi-jack-log-help.php Several functions may not work.

Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/cha...v45/yacscom.cab O16 - DPF: {58CDB34C-B4D7-418B-A0FB-C4C8A01C2F0E} - http://diy.51.net/download/diybar.cab O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/200404...meInstaller.exe O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1119865498363 O16 - DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} (DLC Class) - Username Forum Password I've forgotten my password Remember me This is not recommended for shared computers Sign in anonymously Don't add me to the active users list Privacy Policy

Jump Consistently helpful members with best answers are invited to staff.

See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF ProfilePath: C:\Users\Iyke\AppData\Roaming\Mozilla\Firefox\Profiles\8jsgblzf.default FF DefaultSearchEngine: Startpage HTTPS FF SelectedSearchEngine: Startpage HTTPS FF Homepage: https://duckduckgo.com/ FF Keyword.URL: user_pref("keyword.URL", ""); FF Plugin: @adobe.com/FlashPlayer

C:\Windows\System32\dbguegrf.dll (Trojan.Vundo) -> Quarantined and deleted successfully. Value does not match ________________________________ »»Comparing *saved* key with *original*... Join 91131 other members! Sniffed -> C:\WINDOWS\SYSTEM32\LOGHDLN.DLL Sniffed -> C:\WINDOWS\SYSTEM32\DPWSOCKX.DLL Sniffed -> C:\WINDOWS\SYSTEM32\MSASN1.DLL SNiF 1.34 statistics Matching files : 3 Amount in bytes : 172032 Directories searched : 1 Commands executed : 0 Masks sniffed

Richard Cranium, Jan 5, 2005 #1 PhilliePhan Guest Hi RC, I'm not too familiar with Win98 and this may be a settings issue along the lines of resetting Web settings. Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Common\ycomp5_1_6_0.dllO2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dllO2 - BHO: IEProxyHelperObj Class - {43DF16FD-D9ED-4c9e-B14A-F3236A12C649} - C:\Program Files\MusicNow\IEProxyHelper.dllO2 - BHO: Google Toolbar Helper C:\Windows\System32\khFyVpPi.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. weblink I checked my hosts file - it's only got one entry in it.Below is my hijackthis log.

Thank you for your patience   Please read the complete post first, you should copy and paste this post to a new text Document or print it.[/b}   Disconnect from Internet If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine. If you have expertise in working with smartphones, we urge you to contact an administrator about the possibility of becoming part of the staff after we review your credentials. Note: If you are having difficulty properly disabling your protective programs, or are unsure as to what programs need to be disabled, please refer to the information available through this link

Share this post Link to post Share on other sites Gnmpf burn Malware burn Trusted Advisor 4,487 posts Location:Germany Interests:Most active in: Resolved or inactive Malware Removal :D Posted September Uncheck the Hide protected operating system files (recommended) option. Macboatmaster replied Feb 10, 2017 at 4:04 PM cant change language M4RC310 replied Feb 10, 2017 at 4:01 PM Wifi can't be enabled plodr replied Feb 10, 2017 at 3:57 PM User is a member of group \Everyone.

User is a member of group BUILTIN\Users. We recommend Gmail.   The notifications won't even be in your Spam folder - they just go down a black hole. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs SZ HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\DeviceNotSelectedTimeout SZ 15 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\GDIProcessHandleQuota DWORD 00002710 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Spooler SZ yes HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\swapdisk SZ HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\TransmissionRetryTimeout SZ 90 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\USERProcessHandleQuota DWORD 00002710 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows AppInit_DLLs = (*** C:\WINDOWS\SYSTEM32\LOGHDLN.DLL +++ File read error \\?\C:\WINDOWS\System32\LOGHDLN.DLL +++ File read error »»»»» (*2*) »»»»»........

Make sure the "Save as type:" is "All Files (*.*)" and save it to your desktop. All Rights Reserved. Reboot your computer normally, start HijackThis and perform a new scan. Please help.

Please use them so that others may benefit from your questions and the responses you receive.OldTimer Back to top Back to Virus, Trojan, Spyware, and Malware Removal Logs 0 user(s) are C:\Windows\System32\troplpxe.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it. Thanks so much in advance for any assistance!!!Logfile of HijackThis v1.99.1Scan saved at 12:01:13 AM, on 6/9/2005Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Symantec Shared\ccProxy.exeC:\Program