Home > This Log > Hijack This Log File.this PC Is FUBAR!

Hijack This Log File.this PC Is FUBAR!

Contents

Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/v45/yacscom.cab O16 - DPF: {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} (MiniBugTransporterX Class) - http://download.weatherbug.com/minibug/tricklers/AWS/MiniBugTransporter.cab? That will create a folder named New Folder, which you can rename to "HJT" or "HijackThis". Please advise me as to what I need to do next. Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet O4 - HKCU\..\Run: [Weather] C:\PROGRA~1\AWS\WEATHE~1\Weather.exe 1 O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0 O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O6 http://splodgy.org/this-log/hijack-this-log-file-help-please.php

Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yse/ymmapi_416.dll O16 - DPF: {A48D0309-8DA3-41AA-98E4-89194D471890} (Pulse V5 ActiveX Control) - http://www.pulse3d.com/players/english/5.2/win/PulsePlayer5.2AxWin.cab O16 - DPF: {B24F0664-7DDA-40B6-B38C-A4FD68DE8685} (CentraDownloaderCtl Class) - http://prod1.centra.com/SiteRoots/main/Install/CentraDownloader.cab O16 If you need this topic reopened, please request this by sending me a PM with the address of the thread. Log In Remember Me? Started by mmaatttt , Nov 25 2007 02:44 AM Prev Page 2 of 2 1 2 Please log in to reply 29 replies to this topic #21 HJThis HJThis Advanced Member http://www.hijackthis.de/

Hijackthis Log Analyzer

Forgot your Password? Download this file - combofix.exe 2. Checking service configuration:The start type of EventSystem service is OK.The ImagePath of EventSystem service is OK.The ServiceDll of EventSystem service is OK.Windows Autoupdate Disabled Policy: ============================Windows Defender:==============WinDefend Service is not running. It may take a while to follow all the procedures but it should get things running a little smoother:Cleanup StepsHope this helps.Grif Flag Permalink This was helpful (0) Back to Computer

Adobe Reader out of Date! ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbam.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 1 % ````````````````````End of Log`````````````````````` FSS LogFarbar Service Scanner Version: If you have email address at Hotmail, Hotmail.uk, etc etc then you will not get notifications and need to manually check for new replies. Press any Key and it will restart the PC. Hijackthis Windows 10 If you have expertise in working with smartphones, we urge you to contact an administrator about the possibility of becoming part of the staff after we review your credentials.

Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Ask Search Assistant BHO - {0A94B111-4504-4e26-AB05-E61E474AA38B} - C:\Program C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\system32\cisvc.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe C:\WINDOWS\System32\hkcmd.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe C:\WINDOWS\gejwqxm.exe C:\Program Files\Kzytm\Mnbp.exe C:\Program Files\AIM\aim.exe C:\Program Post that log in your next reply. Bonuses That may cause it to stall=======================Please re-open HiJackThis and scan.

Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended. Hijackthis Download Windows 7 Please note that many features won't work unless you enable it. Checking service configuration:The start type of BITS service is OK.The ImagePath of BITS service is OK.The ServiceDll of BITS service is OK.EventSystem Service is not running. Thank you for helping us maintain CNET's great community.

Hijackthis Download

It seems to be very infected. https://forums.malwarebytes.com/topic/111049-was-infected-with-smart-fortress-now-pc-fubar-help/ How is the PC, doing now any better.Backup the Registry:Navigate to Start | Run and paste the following:regedit /e c:\registrybackup.regNow click OKIt won't appear to be doing anything, that's normal.Your mouse Hijackthis Log Analyzer WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Out of date HijackThis installed! Hijackthis Trend Micro O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm O8 - Extra context menu item: &Google Search -

I'm running Hijack this again because I ran AVG in safe mode and thought that might help. http://splodgy.org/this-log/hijack-this-log-file-any-ideas.php Sign In Sign In Remember me Not recommended on shared computers Sign in anonymously Sign In Forgot your password? I would appreciate it if you could try to describe advice in layman's terms. Documents and Settings\Matthew\My Documents\Codecs\RealPlayer10-5GOLD with activatiopn patch.rar","Trojan horse Downloader.Generic6.IA","Infected, Archive" "C:\Program Files\Gfkgzmsb\nwejgwdm.dll","","Deleted" "C:\Program Files\ngbmpgnc\peduncjw.dll","","Deleted" "C:\qoobox\Quarantine\C\Program Files\SecCenter\scprot4.exe.vir","","Deleted" "C:\WINDOWS\system32\drvtug.dll","","Deleted" "C:\WINDOWS\system32\unpr.sys","","Deleted" "C:\WINDOWS\system32\winbug32.dll_tobedeleted_old","","Deleted" "D:\Deckard\System Scanner\backup\DOCUME~1\user\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\QY7AP01G\css4[1]","","Deleted" "D:\Deckard\System Scanner\backup\DOCUME~1\user\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\QY7AP01G\css4[2]","","Deleted" "D:\Deckard\System Scanner\backup\WINDOWS\temp\VRT11F.tmp","","Deleted" "D:\Deckard\System Scanner\backup\WINDOWS\temp\VRT145.tmp","","Deleted" Hijackthis Windows 7

[email protected] Vendor Showroom 0 09-23-2015 06:23 PM « Previous Thread | Next Thread » Thread Tools Show Printable Version Search this Thread Advanced Search Posting Rules You may not post new Please read these for more information: How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud? Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: (no name) - {029e02f0-a0e5-4b19-b958-7bf2db29fb13} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 check over here let's see if we can clean some more off this PC.====================SUPERAntiSpyware: Please disable SuperAntispyware.

C:\WINDOWS\system32\.cc5d389d\cc5d389d.exe [2032] 0x89C94788 scanning hidden services & system hive ... [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\cc5d389d] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\cc5d389d] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CC5D389D] "NextInstance"=dword:00000001 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\cc5d389d] "Type"=dword:00000110 "Start"=dword:00000002 "ErrorControl"=dword:00000000 "ImagePath"=str(2):"C:\WINDOWS\system32\.cc5d389d\cc5d389d.exe" "DisplayName"="Microsoft DDE+ server" "ObjectName"="LocalSystem" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg] "s1"=dword:2df9c43f "s2"=dword:110480d0 "h0"=dword:00000001 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "p0"="C:\Program How To Use Hijackthis Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll O9 - Extra button: Insert Password - {8A1D28D0-7676-4AB6-9C1F-38C085A10336} - C:\Program Files\Prospero\be.dll O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe O9 - Extra button: The service key does not exist.Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key.

Choose your usual account.

Type Y to begin the cleanup process. O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: &Google Search - res://c:\windows\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Backward &Links - res://c:\windows\GoogleToolbar1.dll/cmbacklinks.html O8 Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe O9 - Hijackthis Portable Close Hijackthis.Then come back here with both the HijackThis log and ComboFix.txtGogo Die Hijacker DieMember ofALLIANCE OF SECURITY ANALYSIS PROFESSIONALSSince 2004Warning My killer dog at work.QUOTEIMPORTANT - Before Posting a HijackThis

I have some last steps for you here, Make sure to have a look at the link on the end.Please take these following steps to help prevent reinfection:1) Download and install scan completed successfully hidden files: 0 **************************************************************************[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MySql]"ImagePath"="c:/xampp/mysql/bin/mysqld-nt.exe".Completion time: 2007-11-29 23:10:31C:\ComboFix2.txt ... 2007-11-28 14:28C:\ComboFix3.txt ... 2007-11-27 12:47. --- E O F ---Logfile of Trend Micro HijackThis v2.0.2Scan saved at 23:12:14, on 29/11/2007Platform: scanning hidden files ... this content You found the friendliest gaming & tech geeks around.

Please do not assume that I will know or understand computer-related programs or processes. Check the boxes next to all the entries listed below. I got rid of some of the some small pesky stuff on my own. 0 Scion504 Feb 2008 edited Feb 2008 Everything is running smoothly now. 0 OptionsEdit Shulender Feb 2008 Next, I ran LavaSoft AdAware and deleted some 350 running processes that had hidden keys, etc.

Checking service configuration:Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. Please restart your system, and post a new HijackThis log and the log from Ewido. had some questions The posting of advertisements, profanity, or personal attacks is prohibited. Checking service configuration:The start type of SDRSVC service is OK.The ImagePath of SDRSVC service is OK.The ServiceDll of SDRSVC service is OK.VSS Service is not running.

i want nothing going out. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. If CTH has helped you, please consider liking and sharing us on Facebook Search Forums Show Threads Show Posts Advanced Search Go to Page... Categories 45958 All Categories6603 Gaming 16747 Hardware 19274 Science & Tech 1856 Internet & Media 851 Lifestyle 28053 Community HIJACK THIS InfeStop Computer FUBAR'd Scion504 Feb 2008 edited Feb 2008 in

We want to provide a resource for managing smartphone issues, particularly with malware, but with other things as well. I attached the rootappeal log, although at the end of the scan I got some similar messages as I get when I try to oen the task manager. SHOW ME NOW CNET © CBS Interactive Inc.  /  All Rights Reserved. scan completed successfully hidden files: 0 **************************************************************************[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MySql]"ImagePath"="c:/xampp/mysql/bin/mysqld-nt.exe".Completion time: 2007-11-27 12:47:33C:\ComboFix2.txt ... 2007-11-27 02:23. --- E O F ---HJThisLogfile of Trend Micro HijackThis v2.0.2Scan saved at 12:48:13, on 27/11/2007Platform: Windows XP SP2

or read our Welcome Guide to learn how to use this site. That may cause it to stall Post back: Combofix log New Hijackthis log 0 Scion504 Feb 2008 edited Feb 2008 Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:38, on This applies only to the original topic starter. Open notepad and copy/paste the text in the quote box below into it (but don't include the word: quote).