Home > Hijack This > Hijack This Log Of My Sister's Computer

Hijack This Log Of My Sister's Computer

HijackThis log of sister's computer - Internet Antivirus Pro Started by vanzan , Apr 29 2009 08:47 AM This topic is locked 2 replies to this topic #1 vanzan vanzan Members Showing results for  Search instead for  Did you mean:  5,590,909 members 48 online now 1,776,370 discussions Xfinity Help and Support Forums > Internet > Anti-Virus Software & Internet Security > HJT See how HERE. Doing so will change the names of the infected files (as youhave already fuond out). http://splodgy.org/hijack-this/hijack-this-log-my-sister-s-computer-this-time.php

Run for your lives!" -Randy Quaid in Kingpin JAG Posts: 670 Gender: Location: On the shores of Lake Erie Joined:Jul 2009 Re: Okay smart people, I need some help. May 2, 2006 #3 howard_hopkinso TS Rookie Posts: 24,177 +19 Your sisters HJT log is now clean. Pool 2 - http://download.games.yahoo.com/games/clients/y/pote_x.cabO20 - Winlogon Notify: OptimalLayout - C:\WINDOWS\system32\enj8l11u1.dllO23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeO23 - Service: Symantec Password Validation (ccPwdSvc) - If there is some abnormality detected on your computer HijackThis will save them into a logfile. http://www.techspot.com/community/topics/hijack-this-log-for-my-sisters-computer.49302/

With the help of this automatic analyzer you are able to get some additional support. Good luck & Peace! Anyway, here's her Hijackthis log:Logfile of HijackThis v1.99.1Scan saved at 12:10:07 PM, on 5/9/2005Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\rundll32.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\Program Files\Norton AntiVirus\navapsvc.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Norton

Panda has a hotfix posted as well as a link to updated drivers. 0 Kudos Posted by keke64 ‎06-18-2007 06:51 PM Regular Contributor View All Member Since: ‎07-09-2004 Posts: 136 Message Hold F8 at startup and you should be able to select Safe Mode with Networking.Good luck! I have talked to idiots a thousand times, but only once to the insane..."Mark TwainI am not a Comcast employee, I am a paying customer just like you!I am an XFINITY my whole computer is infected.

Yes, my password is: Forgot your password? Facebook Google+ Twitter YouTube Subscribe to TechSpot RSS Get our weekly newsletter Search TechSpot Trending Hardware The Web Culture Mobile Gaming Apple Microsoft Google Reviews Graphics Laptops Smartphones CPUs Storage Cases Miscellaneous remants appeared to have been removed.3.I found out tonight, from my niece, that her AOL Instant Messenger still works on that machine - if that means anything (?)Will have to http://www.bleepingcomputer.com/forums/t/223186/hijackthis-log-of-sisters-computer-internet-antivirus-pro/ HiJackThis log included! « Reply #2 on: Jul 29, 2010, 06:39 AM » the main problem is you're running XP Media Centre Edition.

I am a paying customer just like you! I have talked to idiots a thousand times, but only once to the insane..."Mark TwainI am not a Comcast employee, I am a paying customer just like you!I am an XFINITY After downloading the tool, disconnect from the internet and disable all antivirus protection. REG.EXE VERSION 3.0 HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Offline Files REG_SZ {750fdf0e-2a26-11d1-a3ea-080036587f03} HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Open With REG_SZ {09799AFB-AD67-11d1-ABCD-00C04FC30936} HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Open With EncryptionMenu REG_SZ {A470F8CF-A1E8-4f65-8335-227475AA5C46} HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Symantec.Norton.Antivirus.IEContextMenu REG_SZ {5345A4D5-41EB-4A2F-9616-CE1D4F6C35B2} HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Yahoo!

I have talked to idiots a thousand times, but only once to the insane..."Mark TwainI am not a Comcast employee, I am a paying customer just like you!I am an XFINITY http://www.hijackthis.de/ Logged -Mitch Dolphin (I work for Cyrus now)"Hey everybody, there's a shitcloud comin'! Thos files are not going to change. Generated Fri, 10 Feb 2017 14:04:12 GMT by s_wx1219 (squid/3.5.23)

Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll (file missing)O9 - Extra button: ComcastHSI - {669B269B-0D4E-41FB-A3D8-FD67CA94F646} - http://www.comcast.net/ (file missing)O9 - Extra button: Support - {8828075D-D097-4055-AA02-2DBFA9D85E8A} - http://www.comcastsupport.com/ (file missing)O9 - Extra button: have a peek at these guys I appreciate the help. It is running extremely slow, beyond slow. Run for your lives!" -Randy Quaid in Kingpin JAG Posts: 670 Gender: Location: On the shores of Lake Erie Joined:Jul 2009 Re: Okay smart people, I need some help.

If the files are changing every time you reboot then let's do this. Mark it as an accepted solution!I am not a Comcast employee.Was your question answered?Mark it as a solution! 0 Kudos Posted by keke64 ‎06-16-2007 06:27 PM Regular Contributor View All Member Pool 2 - http://download.games.yahoo.com/games/clients/y/pote_x.cabO20 - Winlogon Notify: policies - C:\WINDOWS\system32\dnp2017oe.dllO23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeO23 - Service: Symantec Password Validation (ccPwdSvc) - check over here or read our Welcome Guide to learn how to use this site.

mkv, ect you shouldn`t of had a problem.maybe try a disk cleanup and then disk defrag just to see if it helps.my suggestion if you`re going to download movies, find a C:\WINDOWS\system32\npkcsvc.exe C:\WINDOWS\system32\angelex.exe C:\PROGRA~1\AWS\WEATHE~1\Weather.exe C:\PROGRA~1\DAP\DAP.EXE C:\Program Files\DAP\dapextie2.htm C:\Program Files\DAP\dapextie.htm C:\PROGRA~1\SOFTWA~1\soproc.exe -pack DAP C:\Program Files\AWS\WeatherBug\Weather.exe 1 C:\Program Files\DAP\DAP.EXE" /STARTUP Reboot into normal mode and turn system restore back on. For information on the program click here.We ask that you post publicly so people with similar questions may benefit from the conversation.Was your question answered?

Terms of Use Privacy Policy Licensing Advertise International Editions: US / UK India Log in or Sign up Tech Support Guy Home Forums > Security & Malware Removal > Virus &

For information on the program click here.We ask that you post publicly so people with similar questions may benefit from the conversation.Was your question answered? Logfile of Trend Micro HijackThis v2.0.4Scan saved at 16:59:54, on 05/08/2010Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Intel\Wireless\Bin\EvtEng.exeC:\Program Files\Intel\Wireless\Bin\S24EvMon.exeC:\Program Files\Intel\Wireless\Bin\WLKeeper.exeC:\WINDOWS\system32\LEXBCES.EXEC:\WINDOWS\system32\LEXPPS.EXEC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Avira\AntiVir Desktop\sched.exeC:\Program Files\Common Files\Apple\Mobile Device It beats running down a 30 ft. When the scan is finished, a message will pop up and a logfile will have been created on the desktop.The logfile is named 'Startup Programs' by default and will be located

Preview post Submit post Cancel post You are reporting the following post: Hello all...Please Help - Hijackthis log included This post has been flagged and will be reviewed by our staff. Mail REG_SZ {5464D816-CF16-4784-B9F3-75C0DB52B499} HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8} REG_SZ Start Menu Pin Active setup "Find activesetup", version1, launched at: 14:41 Operating System: Windows XP SP2 HKLM\Software\Microsoft\Active Setup\Installed Components\ ">{22d6f312-b0f6-11d0-94ab-0080c74c7e95}\(Default)" Several functions may not work. http://splodgy.org/hijack-this/hijack-this-help-another-computer.php HiJackThis log included!

thanks much! When I go to test hers out, I unplug it from the laptop and plug it in to hers. I have rebooted and this is my new logfile:Logfile of HijackThis v1.99.1Scan saved at 6:52:53 PM, on 5/9/2005Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\rundll32.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\Symantec Click here to Register a free account now!

and type "msconfig" and shut off non-essential start-up processes and services (Looks like you have a lot running).