Home > Help With > Help With HijackThis Log 10-27-10

Help With HijackThis Log 10-27-10

Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:10:27 AM, on 10/27/2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18975) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe You may need to do consecutive posts (one after the other) right in this thread, if the logs are too long. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site. Follow the prompts. this contact form

The scan wont take long.When the scan completes, it will open two notepad windows. Microsoft MVP Consumer Security 2008 2009 2010 2011 2012 2013 UNITE member since 2006 I don't help with logs thru PM so don't bother to post me one. You may have to do consecutive posts (one after the other) right in this thread, if the log is too long. ~~~~ Also, download GMER Save it to the Desktop. Please re-enable javascript to access full functionality.

However, we do not guarantee that they are accurate and they are to be used at your own risk. Robotics\U.S. Username Forum Password I've forgotten my password Remember me This is not recommended for shared computers Sign in anonymously Don't add me to the active users list Privacy Policy

Member site: UNITE Against Malware Board index Powered by phpBB Forum Software © phpBB Group Style designed by Artodia. On a Vista/Windows7 Operating System run the remove.bat file as Administrator.Restart the computer normally.===Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link 1alternate download link 2Make sure you If we have ever helped you in the past, please consider helping us. Robotics USB Phone\U.S.RoboticsUSBPhone.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="karna.dat mrrhvf.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxsrvc.dll [2003-11-18 323584] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon] C:\WINDOWS\system32\NavLogon.dll [2005-04-17 43712] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

Sign In Sign In Remember me Not recommended on shared computers Sign in anonymously Sign In Forgot your password? O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe O4 - Global Startup: Google Calendar Sync.lnk = C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe O4 - Global Startup: QuickSet.lnk = ? However, we do not guarantee that they are accurate and they are to be used at your own risk. I suggest you do this and select Immediate E-Mail notification and click on Proceed.

Please use "Reply to this topic" -button while replying. Failure to reboot will prevent MBAM from removing all the malware.For complete or visual instructions on installing and running Malwarebytes Anti-Malware please read this linkPost back with the Malwarebytes Anti-Malware log A DOS box will open and close, that is normal. Provided removal instructions are meant to be used in the correspondent user's case only.

Post them back to your topic.Download GMER here by clicking download exe -button and then saving it your desktop:Double-click .exe that you downloadedClick rootkit-tab and then scan.Don't check Show All box Robotics\U.S. Click 'Show Results' to display all objects found".Click OK to close the message box and continue with the removal process.Back at the main Scanner screen, click on the Show Results button Please include the following reports for further review, and so we may continue cleansing the system:C:\ComboFix.txtNew dds log.A word of warning: Neither I nor sUBs are responsible for any damage you

MalwareRemoval.com provides free support for people with infected computers. weblink Do NOT take any action on any "<--- ROOKIT" entriesClick OK and quit the GMER program.Note: On Firefox you need to go to Tools/Options/Main then under the Downloads section, click on If any errors errors encountered please post.When done you can delete the remove.bat file.p.s. The team • Delete all board cookies • All times are UTC - 5 hours [ DST ] Contact us: forum@malwareremoval.com Advertisements do not imply our endorsement of that product or

These are saved in the same location as OTL.Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.====================Download the following Help us fight Enigma Software's lawsuit! (more information in the link)Follow BleepingComputer on: Facebook | Twitter | Google+ Back to top #3 myrti myrti Sillyberry Malware Study Hall Admin 33,575 posts scanning hidden autostart entries ... navigate here Use the forums!Don't let BleepingComputer be silenced.

Back to top #3 loufinlay loufinlay Newbie Members 3 posts Posted 01 January 2010 - 10:04 PM DDS (Ver_09-12-01.01) - NTFSx86 Run by Louise at 21:00:43.70 on 01/01/2010 Internet Explorer: 7.0.6000.16945 The gmer.exe seemed to hang my machine, I dont think anything else was runningIf anyone can help or advise I would appreciate Logfile of Trend Micro HijackThis v2.0.2Scan saved at 18:41:43, Microsoft MVP Consumer Security 2008 2009 2010 2011 2012 2013 UNITE member since 2006 I don't help with logs thru PM so don't bother to post me one.

Several functions may not work.

Provided removal instructions are meant to be used in the correspondent user's case only. This applies only to the original topic starter. Do not change any settings unless otherwise told to do so. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.After 5 days if a topic is not replied to we assume it

CONTRIBUTE TO OUR LEGAL DEFENSE All unused funds will be donated to the Electronic Frontier Foundation (EFF). Provided removal instructions are meant to be used in the correspondent user's case only. Remember what its name is since it is randomly named.Double click on the new random named exe file you downloaded and run it. http://exomatik.net/help-with/help-with-hijackthis-scan-please-help-me.php Here is the requested information: ntbtlog.txt: Service Pack 311 17 2008 10:38:06.375 Loaded driver \WINDOWS\system32\ntoskrnl.exe Loaded driver \WINDOWS\system32\hal.dll Loaded driver \WINDOWS\system32\KDCOM.DLL Loaded driver \WINDOWS\system32\BOOTVID.dll Loaded driver sptd.sys Loaded driver \WINDOWS\System32\Drivers\WMILIB.SYS Loaded

Please don't send help request via PM, unless I am already helping you. No hidden catch. Press the OK button to close that box and continue. We simply enjoy helping others.

Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll O2 - Click Yes to allow ComboFix to continue scanning for malware.When the tool is finished, it will produce a report for you. If you click on this in the drop-down menu you can choose Track this topic. The forum is run by volunteers who donate their time and expertise.

Please include the address of this thread in your request.This applies only to the original topic starter.Everyone else please start a new topic.With Regards,myrti If I have been helping you and Back to top Back to Resolved/Inactive HijackThis Logs 0 user(s) are reading this topic 0 members, 0 guests, 0 anonymous users Reply to quoted postsClear Lavasoft Support Forums → Archived Malware Removal Instructions Board index Information The requested topic does not exist. I run Essentials and I have spyware doctor.

OTL.Txt and Extras.Txt. Please use "Reply to this topic" -button while replying.