Home > Hijack Log > Hijack Log - Possible Remove Virus 2009 ?

Hijack Log - Possible Remove Virus 2009 ?

I accidentally clicked on one of those side links and then all this started happening Report nicknamer- Mar 31, 2010 06:06PM me too, trojans are really nasty. http://www.malwarebytes.org/forums/index.php?showforum=75. Report eliz- Feb 1, 2010 10:46PM i am having the same thing except I keep getting an antivirus software alert and then it won't let me do anything. It seems that the more you use this fake page the worst the infection becomes. his comment is here

You should not have a problem downloading this, as the trojan does not appear to pick up the keyword. 2) Run program. Once the scan is complete, it will display if your system has been infected.Save the scan results as a Text file ... If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members. Sophos.

so the best advice I have is either keep your anti virus software updated and read kiefermail at the top of the page for different comp scans all of which I Text is available under the Creative Commons Attribution-ShareAlike License; additional terms may apply. I will provide the log below:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 1:00:59 PM, on 11/12/2009Platform: Windows Vista SP1 (WinNT 6.00.1905)MSIE: Internet Explorer v8.00 (8.00.6001.18828)Boot mode: NormalRunning processes:C:\Program Files (x86)\Common F-Secure.

It is called curseclient.exe but there is no way that I can see to close this program. By not closing the warning, this typically will allow you to bypass the malware trying to protect itself so that rkill can terminate the processes . The worm executes automatically if the Autorun feature is enabled. Get a life.

Click edit menu and click find in the menu. It is a simple procedure that will only take a few moments of your time.Once installed, you should see a blue screen prompt that says:The Recovery Console was successfully installed.Please continue Widgets.lnk = C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exeO4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exeO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000O9 - Extra button: Click the minus button beside my computer to close the tree view such that the registry editor looks like the one below.

This may be TMI, but hey, if we are to figure out where this thing came from I will be the first to admit to frequenting Pornhub as a possibility. Are you looking for the solution to your computer problem? Join over 733,556 other people just like you! You must kill the processes which the virus is presently running.

I do believe that had I had Kaspersky before and it was updated, instead of Trend Micro, I would have never caught the bug.) I found this forum yesterday morning Googling Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dllO4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exeO4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /StartO4 - HKLM\..\Run: [HP Software Update] To learn more about this risk, please read:What security risks are associated with USB drives?USB-Based Malware AttacksWhen is AUTORUN.INF really an AUTORUN.INF?Many security experts recommend you disable Autorun asap as a Certain Microsoft Windows services such as Automatic Updates, Background Intelligent Transfer Service (BITS), Windows Defender and Windows Error Reporting disabled.

Good luck. http://exomatik.net/hijack-log/hijack-log-msn-virus.php Select all the files related to virus scan.com and delete them. Retrieved 2009-01-16. ^ Robertson, Andrew (2009-02-12), Microsoft Collaborates With Industry to Disrupt Conficker Worm, ICANN, retrieved 2009-04-01 ^ Leder, Felix; Werner, Tillmann (2009-04-02), Containing Conficker, Institute of Computer Science, University of I have a bad virus This post has been flagged and will be reviewed by our staff.

They were discovered 21 November 2008, 29 December 2008, 20 February 2009, 4 March 2009 and 7 April 2009, respectively.[29][30] The Conficker Working Group uses namings of A, B, B++, C, Once your computer is clean and working normally just to be on the safe side *Turn off system restore and wait 30 seconds, *Turn it back on and create a new From there you can reinstall your anti-virus software (remove the old copy and reinstall a fresh copy) and do a deep system scan. weblink These questions are asked by people with problems - and answered by people with the answers, so if anyone finds the need to just come here to make pointless remarks -

BLEEPINGCOMPUTER NEEDS YOUR HELP! Preview post Submit post Cancel post You are reporting the following post: My Hijackthis log. Share this post Link to post Share on other sites Kiralinn    New Member Topic Starter Members 6 posts ID: 5   Posted July 16, 2009 No luck - it won't

See the following link: http://www.microsoft.com/protect/computer/viruses/worms/conficker.mspx If you have the Kido/Conficker worm you will no be able to link to the above link.

I had Trend Micro orginally and went out and bought Kaspersky after being told that it was the best by the IT guys at work This thing shut down Kaspersky's like Should it happened, relaunch Malwarebyte to complete the FULL scan) Once all this is completed, I always suggest to delete Malwarebyte as some people have reported that it may interfere with Staff Online Now valis Moderator flavallee Trusted Advisor Macboatmaster Trusted Advisor Advertisement Tech Support Guy Home Forums > Security & Malware Removal > Virus & Other Malware Removal > Home Forums the ...button.The program will begin downloading the latest program and definition files.

Helpful +1 Report ocean_85 9Posts Tuesday January 13, 2009Registration date February 7, 2009 Last seen Feb 7, 2009 01:36AM HI, try using malwarebytes Helpful +0 Report karine555 81Posts Tuesday March 11, http://www.bleepingcomputer.com/forums/forum22.html Flag Permalink This was helpful (0) Back to Spyware, Viruses, & Security forum 2 total posts Popular Forums icon Computer Help 51,912 discussions icon Computer Newbies 10,498 discussions icon Laptops Yes, my password is: Forgot your password? check over here Its ability to thwart any attempt to delete it and to spread via USB devices is confounding.

Error code: 2S136/C Contact Us Existing user? I also would like to try and figure out where the "bug" came from. I will move your log there. Microsoft states, "If your computer is infected with the Conficker worm, you might be unable to download certain security products, such as the Microsoft Malicious Software Removal Tool or to access

I still have the box coming up saying "Bad Image globalroot\systemroot\system32\hjgruicghndulj.dll is either not designed to run on windows or it contains an error" any time I try to run any Impact in Europe Intramar, the French Navy computer network, was infected with Conficker on 15 January 2009. Report Sten- Mar 24, 2010 12:31PM I did, but my favorites folder is empty Report sohel- Apr 23, 2010 12:16AM i don't trust other anti-virush please give a name of the Are the registry entries possibly old viruses that were cleaned up by Norton 360 and is it safe to delete them.

Disruptive posting: Flaming or offending other usersIllegal activities: Promote cracked software, or other illegal contentOffensive: Sexually explicit or offensive languageSpam: Advertisements or commercial links Submit report Cancel report Track this discussion If your current anti-virus solution let this infection through please consider purchasing the PRO version of Malwarebytes' Anti-Malware for additional protection against these types of malware.Safe surfing Share this post Link Although Microsoft released an emergency out-of-band patch on October 23, 2008 to close the vulnerability,[16] a large number of Windows PCs (estimated at 30%) remained unpatched as late as January 2009.[17] http://www.lognrock.com/forum/index.php?showforum=52.

Thanks a lot for your help so far, I really appreciate it!