Home > Hijack This > Hijack This Log Any Help Would Be Great

Hijack This Log Any Help Would Be Great

rdrake, Aug 6, 2008 #5 2oldGeek Active member Joined: Jun 16, 2005 Messages: 3,682 Likes Received: 34 Trophy Points: 78 Five minutes with Google revealed that many Vista users have experienced Just right click on them and delete thats it. Reply With Quote Quick Navigation Software Forum Top Site Areas Settings Private Messages Subscriptions Who's Online Search Forums Forums Home Forums News and Announcements News and Announcements Broadband & Networking General This works with XP and I see no reason it will not with Vista. weblink

Logfile of HijackThis v1.99.1 Scan saved at 16:07:14, on 22/01/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE If persistent spyware is bogging down your computer, you might need HijackThis. Yes, my password is: Forgot your password? Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dllO3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.0311.0\msneshellx.dllO3 - Toolbar: AOL Radio Toolbar

It is almost guaranteed that some of the items in your HijackThis logs will be legitimate software and removing those items may adversely impact your system or render it completely inoperable. oader3.cabO16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Fac ... You might want to get process explorer from SysInternals to try to determine what is causing that pop-up Goodbye, Mittens (1992-2008).

Pressing the Scan button generates a log of dozens of items, most of which are just customizations. Close auto runs and then run spybot to finish up that last ditch scan clean up using it. Other things that show up are either not confirmed safe yet, or are hijacked (i.e. The logs that you post should be pasted directly into the reply.

Close all windows and stop any running programs. Now and again, sometimes every couple of minutes, sometimes every couple hours, I get a small pop-up "program" or sorts. O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context Advanced Search Forum Security Discussions Spyware / Adware Any Help Would Be Appreciated - hijackthis log If this is your first visit, be sure to check out the FAQ by clicking

By continuing to use this site, you are agreeing to our use of cookies. Moved from AII ~BP Back to top BC AdBot (Login to Remove) BleepingComputer.com Register to remove ads #2 Elise Elise Bleepin' Blonde Malware Study Hall Admin 59,165 posts ONLINE You can always have HijackThis fix these, unless you knowingly put those lines in your Hosts file.The last item sometimes occurs on Windows 2000/XP with a Coolwebsearch infection. Yes, my password is: Forgot your password?

Logs can take some time to research, so please be patient with me. http://www.speedguide.net/forums/showthread.php?247840-HijackThis-log-any-help-would-be-great Have HijackThis fix them.O14 - 'Reset Web Settings' hijackWhat it looks like: O14 - IERESET.INF: START_PAGE_URL=http://www.searchalot.comWhat to do:If the URL is not the provider of your computer or your ISP, have Stay logged in Sign up now! Register a free account to unlock additional features at BleepingComputer.com Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers.

I am sure this was never your intention but as somebody who has supported you for 7 years I am shocked that after 57 views not one reply from you guys. http://splodgy.org/hijack-this/hijack-this-log-can-someone-have-a-look-please.php In fact, quite the opposite. Run MalwareBytes and remove whatever it finds. If you didn't add the listed domain to the Trusted Zone yourself, have HijackThis fix it.O16 - ActiveX Objects (aka Downloaded Program Files)What it looks like: O16 - DPF: Yahoo!

Download HiJackThis v2.0.4 Download the Latest version of HiJackThis, direct from our servers. Advertisements do not imply our endorsement of that product or service. Twitter Facebook Email RSS Donate Home Latest Entries FAQ Contact Us Search Hijackthis Log Analyzer Frequently Asked Questions: What is Hijackthis? check over here Hijackthis log.

Here is my hijackthis: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 8:02:21 PM, on 8/3/2008 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16681) Boot mode: Normal Running You can use our analyzer to help you determine good and bad entries, and can also take the url given above your results and post it to many malware forums for Run ccleaner to remove all junk and crap from your temp files etc..

You also may need admin priv.

Contact Us Help Home Top RSS Terms and Rules about rootkit activity and are asked to fully scan your system...click NO.Now click the Scan button. regards, Elise "Now faith is the substance of things hoped for, the evidence of things not seen." Follow BleepingComputer on: Facebook | Twitter | Google+| lockerdome Malware analyst @ In HijackThis 1.99.1 or higher, the button 'Delete NT Service' in the Misc Tools section can be used for this.

Tech Support Guy is completely free -- paid for by advertisers and donations. If it asks you to insert a CD, do it if you have one, otherwise we’ll have to go to another plan…. 2oldGeek, Aug 6, 2008 #11 (You must log Site Changelog Community Forum Software by IP.Board Sign In Use Facebook Use Twitter Need an account? this content Please try again.

the CLSID has been changed) by spyware. I think I may have some sort of embedded program from another download. If you're not already familiar with forums, watch our Welcome Guide to get started. So I tried again using several different programs as well as the ones you suggested and was double checking to see if anything might still be showing.

Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. Register Help Remember Me? Show Ignored Content As Seen On Welcome to Tech Support Guy! Clicking Info on Selected Item tells you why the entry was flagged as suspicious, but not whether it's actually malware.

If the name or URL contains words like 'dialer', 'casino', 'free_plugin' etc, definitely fix it. Very few legitimate programs use it (Norton CleanSweep uses APITRAP.DLL), most often it is used by trojans or agressive browser hijackers.In case of a 'hidden' DLL loading from this Registry value n7gmo46c.exe) and allow the gmer.sys driver to load if asked.Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.GMER Items listed at HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ ShellServiceObjectDelayLoad are loaded by Explorer when Windows starts.