Home > Hijack This > Hijack This Log - Suspected Malware

Hijack This Log - Suspected Malware

Data type: NT EMF 1.008. When finished, it shall produce a log for you. Yes, my password is: Forgot your password? The following error occurred: The operation was canceled by the user. . weblink

ATTK Suspicious Files and Information Collector - The ATTK Suspicious Files and Information Collector is available for 32-bit and 64-bit computers. Make sure it is set to Immediate Email Notification, then click Proceed.In the meantime please note the following:Any recommendations made are for your computer problems only and should NOT be used FileDescription : AOLHostManager InternalName : AOLHostManager LegalCopyright : © 2005 America Online, Inc. Client computer: \\ALEX-PC.

OriginalFilename : CeTray.EXE Comments : James Kang #:29 [ltmoh.exe] FilePath : C:\Program Files\ltmoh\ ProcessID : 2096 ThreadCreationTime : 9-18-2006 11:30:16 PM BasePriority : Normal FileVersion : 1.73B ProductVersion : 1.73B ProductName Location: : S-1-5-21-2659621552-3824407948-3610085530-1006\software\microsoft\office\11.0\common\open find\microsoft office word\settings\save as\file name mru Description : list of recent documents saved by microsoft word MRU List Object Recognized! Go Back Trend MicroAccountSign In  Remember meYou may have entered a wrong email or password. Right now it only shows the time, volume, power, internet connection, and symantec; before, at the very least, I would see Ad-aware after enabling and opening the program.

Please start a New Thread if you're having a similar issue.View our Welcome Guide to learn how to use this site. Plainfield, New Jersey, USA ID: 2   Posted November 8, 2012 Welcome to the forum.HJT isn't used anymore...it's unreliable and out dated.If your having issues with the computer please state them Note 1: Do not mouseclick combofix's window while it's running. All rights reserved.

D: is CDROM () ==== Disabled Device Manager Items ============= ==== System Restore Points =================== RP640: 4/7/2010 5:38:15 PM - Installed DirectX RP641: 4/8/2010 6:29:17 PM - System Checkpoint RP642: 4/9/2010 Click on the brand model to check the compatibility. Required *This form is an automated system. http://www.sevenforums.com/system-security/362512-suspected-malware-hijackthis-log-analysis.html Type : File Data : A0013073.exe TAC Rating : 10 Category : Malware Comment : Object : C:\System Volume Information\_restore{0C1D1238-A1EF-43EA-9ACF-9240DDBA7386}\RP94\ FileVersion : 1,0,5,0 ProductVersion : 1,0,5,0 ProductName : WinAntiVirus Pro Pro

Type : File Data : A0012012.exe TAC Rating : 10 Category : Malware Comment : Object : C:\System Volume Information\_restore{0C1D1238-A1EF-43EA-9ACF-9240DDBA7386}\RP94\ FileVersion : 0, 1, 24, 0 ProductVersion : 0, 1, 24, Thanks so much. All rights reserved. I will take care not to knowingly suggest courses of action that might damage your computer.

Choose an item from the list (if checkboxes are present chek all of them). Attempting to delete C:\WINDOWS\system32\qpqss.ini2C:\WINDOWS\system32\qpqss.ini2 Has been deleted! FileDescription : File System Filter Driver InternalName : FOPN LegalCopyright : © 2005 WinSoftware. Type : IECache Entry Data : [email protected][1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:141 Value : Cookie:[email protected]/ Expires : 9-17-2011 1:42:24 PM LastSync : Hits:141 UseCount :

Some good free antivirus programs include:AVG FreeAvast! http://splodgy.org/hijack-this/hijack-this-not-working-have-malware.php I'd appreciate any and all help. --- Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 8:53:06 PM, on 3/20/2012 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16421) OriginalFilename : PCheck.dll WinAntiVirusPro Object Recognized! All rights reserved.

Knowing which tool to use at the right time may be a key in making your computer behave normally. It also uses no system resources, run it once and you're all set. FileDescription : WinAntiVirus Pro 2006 InternalName : WinAntiVirusPro2006.exe LegalCopyright : © 2006 WinSoftware Inc. http://splodgy.org/hijack-this/hijack-this-log-malware.php Whilst Internet Explorer is not a bad browser, almost every exploit crafted is targeted to take advantage of an IE weakness. 0 Back to Virus, Spyware, Malware Removal · Next Unread

All rights reserved. OriginalFilename : spoolsv.exe #:17 [acsd.exe] FilePath : C:\PROGRA~1\COMMON~1\AOL\ACS\ ProcessID : 1924 ThreadCreationTime : 9-18-2006 11:29:44 PM BasePriority : Normal #:18 [aluschedulersvc.exe] FilePath : C:\Program Files\Symantec\LiveUpdate\ ProcessID : 1960 ThreadCreationTime : 9-18-2006 OriginalFilename : AOLServiceHost.exe #:43 [iexplore.exe] FilePath : C:\Program Files\Internet Explorer\ ProcessID : 3560 ThreadCreationTime : 9-19-2006 12:05:53 AM BasePriority : Normal FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 6.00.2900.2180 ProductName : Microsoft®

OriginalFilename : FOPN.SYS WinAntiVirusPro Object Recognized!

Post that log in your next reply, along with a fresh HijackThis log after running both tools Back to top #5 kmac1185 kmac1185 Newbie Members 8 posts Posted 22 September 2006 RP754: 6/24/2010 12:51:50 AM - Installed Opera 10.54. Gringo I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me KnowIf I Have Not Replied To One Of My Topics If you still have any problems let me know and we will work on diagnosing those through other means.

OriginalFilename : CeEPwrSvc.EXE Comments : James Kang #:20 [cfsvcs.exe] FilePath : C:\Program Files\TOSHIBA\ConfigFree\ ProcessID : 2004 ThreadCreationTime : 9-18-2006 11:29:44 PM BasePriority : Normal FileVersion : 5, 0, 0, 7 ProductVersion However, for digitally signed ransomware processes, the tool will not be able to stop the process completely but it can minimize it. It finds and removes persistent or difficult-to-clean security threats that can lurk deep within your operating system. http://splodgy.org/hijack-this/hijack-this-log-suspect-malware.php http://i29.tinypic.com/of0o7t.jpg Haven't been able to access the message board since then.

All rights reserved. Type : IECache Entry Data : [email protected][1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:29 Value : Cookie:[email protected]/ Expires : 9-15-2007 8:06:52 PM LastSync : Hits:29 UseCount : It has done this 2 time(s). OriginalFilename : SPBBCSvc.exe #:15 [symlcsvc.exe] FilePath : C:\Program Files\Common Files\Symantec Shared\CCPD-LC\ ProcessID : 1652 ThreadCreationTime : 9-18-2006 11:29:29 PM BasePriority : Normal FileVersion : 1.9.1.826 ProductVersion : 1.9.1.826 ProductName : Symantec

Suspected malware/spyware with symantec & hijackthis log Started by redserpent128 , Mar 20 2012 08:18 PM Page 1 of 2 1 2 Next This topic is locked 28 replies to this C:\DFRDEC8.tmp C:\Install.exe c:\programdata\Roaming c:\programdata\Roaming\Intel\Wireless\Settings\Settings.ini c:\windows\system32\Thumbs.db . . ((((((((((((((((((((((((( Files Created from 2012-03-01 to 2012-04-01 ))))))))))))))))))))))))))))))) . . 2012-04-01 22:46 . 2012-04-01 22:46 -------- d-----w- c:\users\Alex\AppData\Local\temp 2012-04-01 22:46 . 2012-04-01 22:46 -------- Sign Up All Content All Content Advanced Search Browse Forums Guidelines Staff Online Users Members More Activity All Activity My Activity Streams Unread Content Content I Started Search More Malwarebytes.com Malwarebytes LegalCopyright : Copyright © 2006 WinSoftware, Inc OriginalFilename : vspf_hk.sys WinAntiVirusPro Object Recognized!

OriginalFilename : AIM.EXE #:40 [aolhostmanager.exe] FilePath : C:\Program Files\Common Files\AOL\1137470343\ee\ ProcessID : 1456 ThreadCreationTime : 9-18-2006 11:32:42 PM BasePriority : Normal FileVersion : 1.3.5.0 ProductVersion : 1.3.5.0 ProductName : AOL Service This is very helpful in removing unwanted ads caused by unnecessary program installed on your computer. FileDescription : CeEPwrSvc Module InternalName : CeEPwrSvc LegalCopyright : Copyright 2002-2004 Compal Electronic Inc.