Home > Hijack This > HiJack This - IS2010

HiJack This - IS2010

And reset everything after. Back to top Back to Virus, Trojan, Spyware, and Malware Removal Logs 0 user(s) are reading this topic 0 members, 0 guests, 0 anonymous users Reply to quoted postsClear BleepingComputer.com I do not know if this is significant, but Malwarebytes asked me to restart my computer after the scan, so I clicked yes and while shutting down, my computer froze at I have checked the known changes to registry and only found one entry that shouldn't have been there. his comment is here

AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help! Site Changelog Community Forum Software by IP.Board Sign In Use Facebook Use Twitter Need an account? inphinity04-02-2010, 08:56 AMI encountered a PC with this the other day, scanned & cleaned with MBAM and NOD32, then had to edit the userinit registry key, found in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\Cu rrentVersion\Winlogon The HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. https://forums.techguy.org/threads/hijack-this-is2010.899012/

patrik Site Admin Posts: 9290Joined: Sun Jan 08, 2006 1:11 pm Top Reply with quote Re: My PC Protector and IS2010 by outdoorsjunkie » Sat Feb 13, 2010 8:28 pm I haven't been able to determine what the software is attempting to do but the best thing to do is format your computer and reload your O/S. or read our Welcome Guide to learn how to use this site. I didn't click the utilities options but have done that now.

Back to top #13 miekiemoes miekiemoes Malware Killer Dog Malware Response Team 19,420 posts OFFLINE Gender:Female Location:Belgium Local time:10:45 PM Posted 22 January 2010 - 08:51 AM Since this issue Please contact the MyBB Group for support. Hopefully you guys can help me get rid of this. Chikara05-02-2010, 04:14 AMYep, that is certainly what it was/is.

linw05-02-2010, 03:08 PMCombofix didn't even fix it in spite of deleting about 20 files (numerically named exes from system32 directory). I have tried to rid my computer of these with little success. I then downloaded this program in the toolbar because it really looked like Windows. http://www.bleepingcomputer.com/forums/t/285130/removed-is2010-left-damaged-to-internet-lspfix-required-logsdetails/ HiJack This - IS2010 Discussion in 'Virus & Other Malware Removal' started by JustMe2, Jan 30, 2010.

When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note) The log is automatically saved by MBAM and can be viewed by If it's necessary I will put it back up upon request. -- End of file - 13539 bytes Last edited: Jan 10, 2010 Unsheathed 171, Jan 10, 2010 #1 johnb35 Guess it is a hopeless case if all the scanners I have run can't find the rogues. Request blocked.

Newer Than: Search this thread only Search this forum only Display results as threads Useful Searches Recent Posts More... Product Registration.lnk - C:\Program Files\Common Files\Logishrd\eReg\SetPoint\eReg.exe[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]"AppInit_DLLS"="c:\windows\system32\kopobizo.dll c:\windows\system32\rehotiza.dll,nisinupo.dll"[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]C:\WINDOWS\system32\Ati2evxx.dll [2006-09-26 90112][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]C:\WINDOWS\system32\avgrsstx.dll [2009-12-04 12464][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2009-07-20 72208][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]ginotoyan - {85cc6566-9ce7-4870-bee7-2159bd484988} - Click here it's easy and free. C:\Documents and Settings\HelpAssistant\Start Menu\Internet Security 2010.lnk (Rogue.InternetSecurity2010) -> Quarantined and deleted successfully.

Using the site is easy and fun. http://splodgy.org/hijack-this/hijack-this-log-hello-can-u-help-me.php Same exact laptops, Different... 'Captcha verification' didn't show... To do this click Thread Tools, then click Subscribe to this Thread. It's called Internet Security 2010, and it looked really legitimate.

Post that log in your next reply Note: Do not mouseclick combofix's window whilst it's running. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged And I'll check it out. weblink Product Registration.lnk = C:\Program Files\Common Files\Logishrd\eReg\SetPoint\eReg.exeO4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exeO4 - Global Startup: Digital Line Detect.lnk = ?O4 - Global Startup: Logitech SetPoint.lnk =

C:\Program Files\InternetSecurity2010\IS2010.exe (Rogue.InternetSecurity2010) -> Unloaded process successfully. Everyone else please begin a New Topic, after following the steps outlined here: http://www.techsupportforum.com/f50/...lp-305963.html __________________ Practice Safe Surfing** PC Safety and Security--What Do I Need? ** Because what you don't know, Anyways, here's the log: Malwarebytes' Anti-Malware 1.44 Database version: 3510 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 1/10/2010 10:08:57 AM mbam-log-2010-01-10 (10-08-57).txt Scan type: Full Scan (C:\|) Objects scanned: 258949

HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\settdebugx.exe (Rogue.Installer) -> Quarantined and deleted successfully.

Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: SSVHelper notagain Guest Laptop is infected and is now useless, everything is blocked « on: January 19, 2010, 08:43:05 PM » Just ran into a problem today. smss32.exe, helper32.dll, winlogon32.exe etc but none are there. AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help!

Anyway, this system is still loading gambling sites. Thanks again!Jan Back to top #12 miekiemoes miekiemoes Malware Killer Dog Malware Response Team 19,420 posts OFFLINE Gender:Female Location:Belgium Local time:10:45 PM Posted 13 January 2010 - 01:45 PM Hi,Good When the scan is complete, click OK, then Show Results to view the results. check over here Back to top #5 janpie janpie Topic Starter Members 6 posts OFFLINE Local time:04:45 PM Posted 13 January 2010 - 10:16 AM Thanks.

Same error when attempting to update malwarebytes, but the quick scan ran.