Home > Hijack This > HiJack This + DDS Log

HiJack This + DDS Log

There is a file that I would like to take a look at though.Install ERUNTThis tool will create a complete backup of your registry. AV: McAfee VirusScan Enterprise *Enabled/Updated* {918A2B0B-2C60-4016-A4AB-E868DEABF7F0} . ============== Running Processes =============== . Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site. Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: facemoods Toolbar - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files\facemoods.com\facemoods\1.4.17.3\facemoodsTlbr.dll O3 - Toolbar: Babylon his comment is here

Please continue to review my answers until I tell you your machine appears to be clear. After downloading the tool, disconnect from the internet and disable all antivirus protection. Web Scanner;avast! OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 01272009_122610-VirusTotal Scan:File core.zip received on 01.29.2009 15:08:22 (CET) Antivirus Version Last Update Result a-squared 4.0.0.93 2009.01.29 - AhnLab-V3 5.0.0.2 2009.01.29 - AntiVir https://www.bleepingcomputer.com/forums/t/254730/hijack-thisdds-logs/

Please uninstall your current version through Add/Remove Programs. Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dllTB: Windows Live Toolbar: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dllTB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dllTB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No FileTB: {07B18EA9-A523-4961-B6BB-170DE4475CCA} - No FileEB: {32683183-48a0-441b-a342-7c2a440a9478} - No FileuRun: [MSMSGS] AV: McAfee VirusScan Enterprise *Enabled/Updated* {918A2B0B-2C60-4016-A4AB-E868DEABF7F0} . ============== Running Processes =============== .

Click "Next" to start the scan. http://donatelife.net/register-now/ Back to top #3 teacup61 teacup61 Bleepin' Texan! Show Ignored Content As Seen On Welcome to Tech Support Guy! Under Scanner Options make sure the following are checked (leave all others unchecked): Close browsers before scanning.

I will working be on your Malware issues, this may or may not, solve other issues you have with your machine. Stay logged in Sign up now! If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff A text file will open in your default text editor.

Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dllO3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dllO3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\tbVuz1.dllO4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exeO4 - HKLM\..\Run: Logged In training at Malware Removal UniversityNote: No Reply Within 3 Days Will Result In Your Topic Being Closed!Never Give Up Against Fighting Malware, and towards the girl I love, Alaina it will be closed! Since being acquired by TrendMicro, HijackThis has not been regularly updated.

Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. https://forums.malwarebytes.com/topic/90880-hijack-this-log/ Let it run uninterrupted to completion. February 10, 2017, 04:53:26 PM Welcome, Guest. Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2005-11-26 352920]R4 aawservice;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\aawservice.exe [2008-5-12 611664]R4 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-3-31 20560]R4 avast!

If you have since resolved the original problem you were having, we would appreciate you letting us know. this content Mail Scanner;avast! No input is needed, the scan is running.Notepad will open with the results.Follow the instructions that pop up for posting the results.Close the program window, and delete the program from your It's better to be sure and safe than sorry.

Hope this helps.-the OTMoveIt log========== SERVICES/DRIVERS ==========Unable to stop service MyWebSearchService .========== FILES ==========File/Folder c:\progra~1\mywebs~1\bar\1.bin\mwssvc.exe not found. Newer Than: Search this thread only Search this forum only Display results as threads Useful Searches Recent Posts More... Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2005-11-26 254040]R3 avast! weblink uStart Page = hxxp://search.babylon.com/home?AF=17164 2fly2letgo, Apr 16, 2011 #2 2fly2letgo Thread Starter Joined: Apr 16, 2011 Messages: 3 .

Search - file:///c:\program files\yahoo!\Common/ycsrch.htmIE: Show All Original Images - c:\program files\slipstream web accelerator\gui_resource.dll/327IE: Show Original Image - c:\program files\slipstream web accelerator\gui_resource.dll/328IE: Yahoo! &Dictionary - file:///c:\program files\yahoo!\Common/ycdict.htmIE: Yahoo! &Maps - file:///c:\program files\yahoo!\Common/ycmap.htmIE: Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dllBHO: NoExplorer - No FileBHO: PBlockHelper Class: {4115122b-85ff-4dd3-9515-f075bede5eb5} - c:\program files\slipstream web accelerator\PBHelper.dllBHO: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - No FileBHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.5.0_07\bin\ssv.dllBHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No FileBHO: Malware creators can exploit the lesser security of older versions.

Short URL to this thread: https://techguy.org/991816 Log in with Facebook Log in with Twitter Log in with Google Your name or email address: Do you already have an account?

Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2005-11-26 352920]R4 aawservice;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\aawservice.exe [2008-5-12 611664]R4 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-3-31 20560]R4 avast! RP249: 11/13/2008 5:00:19 AM - Software Distribution Service 3.0 RP250: 11/16/2008 8:13:55 AM - System Checkpoint RP251: 11/18/2008 1:42:19 AM - System Checkpoint RP252: 11/19/2008 4:13:27 PM - Installation RP253: 11/19/2008 Even for an advanced computer user. Antivirus;avast!

Loading... Keep in mind that this practice may be the source of your current malware infestation.Reference... Search - file:///c:\program files\yahoo!\Common/ycsrch.htmIE: Show All Original Images - c:\program files\slipstream web accelerator\gui_resource.dll/327IE: Show Original Image - c:\program files\slipstream web accelerator\gui_resource.dll/328IE: Yahoo! &Dictionary - file:///c:\program files\yahoo!\Common/ycdict.htmIE: Yahoo! &Maps - file:///c:\program files\yahoo!\Common/ycmap.htmIE: check over here A notification will appear that "Quarantine and Removal is Complete".

Antivirus CCleaner (remove only) CDex extraction audio CleanUp! Back to top #3 MicheleBarr-Burkett MicheleBarr-Burkett Topic Starter Members 15 posts OFFLINE Gender:Female Location:Gifford, PA Local time:05:53 PM Posted 27 January 2009 - 09:04 AM Here is the DDS log. Yes, my password is: Forgot your password? Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exeO23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\DiskeeperLite\DKService.exeO23 - Service: Google Updater Service (gusvc) - Google - C:\Program

Make sure everything has a checkmark next to it and click "Next". If you are running on Vista, right click on the file and choose Run As Administrator.Copy the lines in the codebox below. uTorrent Conduit EngineuTorrentBar Toolbar As long as you have the P2P program(s) installed, per Forum Policy, I can offer you no further assitance.If you choose NOT to remove the program(s)...indicate that Hijacked home page+virus (?) Rockfx, Jul 24, 2016, in forum: Virus & Other Malware Removal Replies: 14 Views: 654 Rockfx Jul 26, 2016 In Progress Slither.io on home page dinosaur1, Jun

antivirus 4.8.1351 [VPS 090902-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}============== Running Processes ===============C:WINDOWSsystem32Ati2evxx.exeC:WINDOWSsystem32svchost -k DcomLaunchsvchost.exeC:WINDOWSSystem32svchost.exe -k netsvcssvchost.exesvchost.exeC:WINDOWSsystem32ZoneLabsvsmon.exeC:WINDOWSsystem32Ati2evxx.exeC:WINDOWSExplorer.EXEC:Program FilesAvastaswUpdSv.exeC:Program FilesAvastashServ.exeC:WINDOWSsystem32spoolsv.exesvchost.exeC:WINDOWSsystem32svchost.exe -k hpdevmgmtC:WINDOWSSystem32svchost.exe -k HPZ12C:WINDOWSSystem32svchost.exe -k HPZ12C:Program FilesCommon FilesNew BoundaryPrismXLPRISMXL.SYSC:WINDOWSsystem32svchost.exe Check all items to be backed up in the default location and click OK.You can find a complete guide to using the program here:http://www.larshederer.homepage.t-online.de/erunt/erunt.txtWhen we are finished with fixing your computer antivirus 4.8.1290 [VPS 090111-1] *On-access scanning enabled* (Updated)FW: Sunbelt Personal Firewall *disabled*============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcssvchost.exesvchost.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Lavasoft\Ad-Aware\aawservice.exeC:\Program Files\Alwil Software\Avast4\aswUpdSv.exeC:\Program Files\Alwil Software\Avast4\ashServ.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\AOL\ACS\AOLAcsd.exeC:\Program Files\Executive Software\DiskeeperLite\DKService.exeC:\WINDOWS\System32\svchost.exe -k imgsvcC:\Program Files\Alwil If you are asked to reboot the machine choose Yes.

I would be glad to take a look at your log and help you with solving any malware problems. Are you looking for the solution to your computer problem? Back to top #6 MicheleBarr-Burkett MicheleBarr-Burkett Topic Starter Members 15 posts OFFLINE Gender:Female Location:Gifford, PA Local time:05:53 PM Posted 29 January 2009 - 09:27 AM Here's all the info you If there are several logs, click the current dated log and press View log.

Navigation [0] Message Index SpyWare BeWare! Due to a few misunderstandings, I just want to make it clear that this site provides only an online analysis, and not HijackThis the program. Messenger Yahoo! Back to top BC AdBot (Login to Remove) BleepingComputer.com Register to remove ads #2 thcbytes thcbytes Malware Response Team 14,790 posts OFFLINE Gender:Male Local time:04:53 PM Posted 18 September

Click the "Close" button to leave the control center screen. Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dllO2 - BHO: PBlockHelper Class - {4115122B-85FF-4DD3-9515-F075BEDE5EB5} - C:\Program Files\SlipStream Web Accelerator\PBHelper.dllO2 - BHO: (no name) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - (no file)O2 - BHO: SSVHelper Class - No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. The backups will be stored at C:\WINDOWS\erdnt, and will not be deleted when ERUNT is uninstalled.Download and Run OTMoveITPlease download OTMoveIt3 by OldTimer to your desktop.