Home > Hijackthis Log > HiJackThis Log: 10/16/04

HiJackThis Log: 10/16/04

Let us know if it worked. [ Book mark this post to find it again] AntiX-16, MX-16 and Win 10 Reply With Quote January 28th, 2011,08:22 PM #3 BasketBaller View Profile New Signature Version: Previous Signature Version: 1.117.2744.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: uStart Page = hxxp://search.babylon.com/?AF=108921&babsrc=HP_ss&mntrId=442abb3600000000000000871152033e uSearch Page = hxxp://search.live.com uSearch Bar = hxxp://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60475 uInternet Connection Wizard,ShellNext = iexplore mSearchAssistant = hxxp://www.crawler.com/search/ie.aspx?tb_id=60475 mCustomizeSearch = hxxp://dnl.crawler.com/support/sa_customize.aspx?TbId=60475 BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program how do i turn it off? this content

Double click the aswMBR.exe to run it. Download TDSSKiller and save it to your desktop. If I closed your topic and you need it to be reopened, simply PM me. I havn't had a virus in a long time. http://forums.afterdawn.com/threads/aproposfix-log-and-hijackthis-log.574090/

I know I would rage a lot harder and go even crazier if it weren't for you. My Malwarebytes, SystemCare, and Windows Essentials detected nothing wrong with my computer. I close my topics if you have not replied in 5 days. Name: Realtek RTL8188CU Wireless LAN 802.11n USB 2.0 Network Adapter PNP Device ID: USB\VID_0BDA&PID_8176\00E04C000001 Service: RTL8192cu .

Jan 29, 2012 #4 Little 1q TS Rookie Topic Starter Got update, still the same Malwarebytes Anti-Malware 1.60.0.1800 www.malwarebytes.org Database version: v2012.01.29.04 Windows XP Service Pack 3 x86 NTFS Internet Explorer scanning hidden autostart entries ...scanning hidden files ... Logfile of HijackThis v1.99.1 Scan saved at 5:36:55 AM, on 8/2/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe Post that log in your next reply Note: Do not mouseclick combofix's window whilst it's running.

Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [2007-08-30 17:43][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2007-05-18 20:50]"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2007-05-18 20:50]"Persistence"="C:\WINDOWS\system32\igfxpers.exe" [2007-05-18 20:50]"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2007-06-07 16:47]"IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [2007-04-16 10:24]"IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [2007-04-16 10:22]"atchk"="C:\Program Files\Intel\AMT\atchk.exe" [2007-05-01 15:52]"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-04 04:00]"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-04 04:00]"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-04 04:00]"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-04 04:00]"ccApp"="C:\Program Files\Common To start viewing messages, select the forum that you want to visit from the selection below. By continuing to use this site, you are agreeing to our use of cookies. https://forums.spybot.info/showthread.php?44892-infected-with-maleware-hijackthis-log-included Log in or Sign up AfterDawn Discussion Forums Home Forums > Software, operating systems and more > Windows - Virus and spyware problems > This site uses cookies.

Reply With Quote January 28th, 2011,09:38 PM #5 BasketBaller View Profile View Forum Posts Virtual Intern Join Date Mar 2001 Location Massachusetts Posts 316 MBRCheck, version 1.2.3 (c) 2010, AD Command-line: Keep updating me regarding your computer behavior, good, or bad. New Signature Version: Previous Signature Version: 1.117.2744.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: anyway...

To everyone else who contributes around here, keep it up! Click on Reboot Now.If no reboot is require, click on Report. I really hope Im not the victim over anything serious, but this is just getting out of hand. Click the "Scan" button to start scan.

Make sure to use NotePad and nothing else.File::C:\WINDOWS\system32\xxywwxy.dll.virC:\WINDOWS\system32\Uninstall.icoC:\WINDOWS\system32\Help.icoFolder::C:\WINDOWS\system32\daSgo01Registry::[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\xxywwxy][-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NI.UGA6P_0001_N122M2210]Save this as CFScript.txt, in the same location as ComboFix.exe Refering to the picture above, drag CFScript into ComboFix.exeWhen finished, it will news I can't forget Supersparks, Fink, and Welshjim. Once the computer is totally clean, I'll certainly let you know. Ask a question and give support.

Description: RADEON X600 256MB HyperMemory Secondary Device ID: PCI\VEN_1002&DEV_5B72&SUBSYS_06031002&REV_00\4&1603E009&0&0108 Manufacturer: ATI Technologies Inc. I can't forget Supersparks, Fink, and Welshjim. If there is some abnormality detected on your computer HijackThis will save them into a logfile. have a peek at these guys I know I would rage a lot harder and go even crazier if it weren't for you.

Please note that many features won't work unless you enable it. I don't know what I would do or where I would go without all of your help and this site. Inc2007-11-20 22:41 --------- d-----w C:\Program Files\Common Files\Adobe2007-11-13 16:17 --------- d-----w C:\Program Files\Yahoo!2007-11-13 16:02 --------- d-----w C:\Documents and Settings\jhollett\Application Data\Yahoo!2007-11-13 16:01 --------- d-----w C:\Program Files\FileZilla2007-11-12 21:53 --------- d-----w C:\Documents and Settings\jhollett\Application Data\DameWare

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

Contact Us Help Home Top RSS Terms and Rules HijackThis.de Security HijackThis log file analysis HijackThis opens you a possibility to After doing so run a scan post the Hijack-This log-file.Download HJTInstall.exe to your Desktop.Doubleclick HJTInstall.exe to install it.By default it will install to C:\Program Files\Trend Micro\HijackThis .Click on Install.It will create Motherboard: Dell Inc. | | 0HJ054 Processor: Intel(R) Pentium(R) D CPU 3.00GHz | Microprocessor | 2992/800mhz . ==== Disk Partitions ========================= . I also noticed that the program is DDS.scr That ending means screensaver i think.

You may have to register before you can post: click the register link above to proceed. If i opened the program, it opened up "Antivirus .net". Several functions may not work. http://splodgy.org/hijackthis-log/hijackthis-log-for-my-pc.php Open notepad and copy/paste the text in the quote box below into it (but don't include the word: quote).

Please, observe following rules: Read all of my instructions very carefully. Download aswMBR to your desktop. With the help of this automatic analyzer you are able to get some additional support. It will show a Black screen with some data on it.

C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\system32\svchost.exe -k netsvcs svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe C:\Program Files\Belkin\Belkin Last Jump to page: Results 1 to 15 of 54 Thread: [RESOLVED] New Virus-HijackThis Log-What to Delete Tweet Thread Tools Show Printable Version Email this Page… Subscribe to this Thread… Search paul7600 Member Joined: Jun 3, 2007 Messages: 18 Likes Received: 0 Trophy Points: 11 Log of AproposFix v1.1 ************ Running from directory: C:\Documents and Settings\Pauly Poop Stain\Desktop\aproposfix ************ Registry entries found: scan completed successfully hidden files: 0 ************************************************************************** Completion time: 2007-08-06 11:58:10 C:\ComboFix-quarantined-files.txt ... 2007-08-06 11:57 --- E O F --- paul7600, Aug 6, 2007 #3 Auttaja Guest Update Java Older

Backing up files: Done! That may cause it to stallThen come back here with both the HijackThis log and ComboFix.txtGogo Die Hijacker DieMember ofALLIANCE OF SECURITY ANALYSIS PROFESSIONALSSince 2004Warning My killer dog at work.QUOTEIMPORTANT - Even for an advanced computer user. New Signature Version: Previous Signature Version: 1.117.2744.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version:

Your mistakes during cleaning process may have very serious consequences, like unbootable computer. here is my hijackthis log: please tell me if you see anything fishy, and tell me what to delete. Thank you again for your help. It will scan and the log should open in notepad.Save the log to a convenient location as you'll need to post it soon.Don't use the Analyse This button, its findings are

I know I would rage a lot harder and go even crazier if it weren't for you. It took 2-3 hours to recover the file. Attached logs won't be reviewed. Post that log and a HiJackThis log in your next replyNote: Do not mouseclick combofix's window while its running.

That may cause it to stallGogo Die Hijacker DieMember ofALLIANCE OF SECURITY ANALYSIS PROFESSIONALSSince 2004Warning My killer dog at work.QUOTEIMPORTANT - Before Posting a HijackThis LogInstructions - on creating a HijackThis BIOS Manufacturer: Phoenix Technologies, LTD System Manufacturer: Compaq-Presario System Product Name: GC667AA-ABA SR5130NX Logical Drives Mask: 0x000007fc Kernel Drivers (total 157): 0x82C3C000 \SystemRoot\system32\ntkrnlpa.exe 0x82C05000 \SystemRoot\system32\halmacpi.dll 0x80BB0000 \SystemRoot\system32\kdcom.dll 0x8321F000 \SystemRoot\system32\mcupdate_AuthenticAMD.dll 0x8322A000 \SystemRoot\system32\PSHED.dll I don't know what I would do or where I would go without all of your help and this site.