Home > Hijack This > Hijack This Log File- I Think Im Infected

Hijack This Log File- I Think Im Infected

Please help! This includes any missing critical Windows security updates, system vulnerabilities and your IE Browser security settings. Share this post Link to post Share on other sites oconnell565    New Member Topic Starter Members 13 posts ID: 5   Posted May 25, 2009 Thanks, negster22.I got rid of Please post the Kaspersky log, along with the Blacklight log and a new HijackThis log. 0 OptionsEdit fmann2 Feb 2007 edited Feb 2007 Trogan, Thank you for your reply. his comment is here

I'll wait to hear from you. Thank you! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members. When the scan is done, save the scan log to the Windows clipboard Open Notepad or a similar text editor Paste the clipboard contents into a text file by clicking Edit

Click "Yes to all" if it asks if you want to cure/move the file. 11. Danielle Attached Files combofixlog.txt 9.9KB 298 downloads hijackthis.log 10.95KB 308 downloads Back to top #4 LS CalamityJane LS CalamityJane Former Lavasoft Staff Members 8814 posts Posted 03 April 2009 - 10:39 Ran Disk Cleanup Reset the restore points Updated my operating system with windows critical security updates I plan to download the Microsoft Baseline Security Analyzer as you suggested.

Edited by HomesickInTexas, 03 November 2007 - 08:50 PM. Temporarily disable your McAfee antivirus and antimalware real-time protection and any script blocking components of them or your firewall before performing a scan. Even if they come from a buddy, that buddy could be the one infected and it is the virus sending that link from his account. If you do not want Spybot to detect SpywareDetector you can exclude it from the scan.Your detection was:SpywareDetector: Data (File, nothing done)C:\WINDOWS\system32\SDRemoveDB.dbApparently even McAfee, Inc.

Tech Support Guy is completely free -- paid for by advertisers and donations. When the program opens, it will automatically initiate a very fast scan of common rootkit hiding places.When the scan is finished (a few seconds, click the Rootkit/Malware tab,and then select the Thanks again. Please post back ARK.txt, C:\Combofix.txt, and a fresh HJT log.

Do not bother contacting us if you are not the topic starter. And again, disable Ad-Watch so it doesn't interfere with the following fix.To disable Ad-Watch,right-click on the Ad-Aware icon in the task tray (next to the clock usually) and choose *Disable Ad-Watch We're about done here and I do feel confident that so far, no malware remains on your PC. Also, disable Ad-Aware.

We are going to make a new one and run it one last time to tweak some settings in the registry left behind.Delete CFScript.txt from the desktop. Save ComboFix.exe to your DesktopDisable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. Referring to the picture below, drag the CFScript file you made on top of and drop it into ComboFix.exe 4. I think I've followed all of your instructions and suggestions.

Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\YAHOO!\MESSEN~1\YPAGER.EXE (file missing)O9 - Extra 'Tools' menuitem: Yahoo! this content Companion2009-03-29 13:38 . 2009-03-29 20:38

d-------- c:\documents and settings\All Users\Application Data\2836822182009-03-09 17:15 . 2008-04-17 13:12 107,368 --a------ c:\winnt\system32\GEARAspi.dll2009-03-09 17:15 . 2008-04-17 13:12 15,464 --a------ c:\winnt\system32\drivers\GEARAspiWDM.sys2009-03-09 17:14 . 2009-03-09 17:15 I'm not not sure how the Norton stuff got on my system, but I plan to delete those reference and see if AVG will then run. Double-click on randomly named EXE file you just downloaded to start the program.

SifuMike, whenever you think we need to close this thread because I'm asking you questions I should be asking someone else and not taking up your time, let me know. If the log is very long attach it please.Please download Combofix from one of these locations: HERE or HERE I want you to rename Combofix.exe as you download it to a Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dllO2 - BHO: SpywareBlock Class - {0A87E45F-537A-40B4-B812-E2544C21A09F} - C:\Program Files\GhostSurf 2006 Platinum\SCActiveBlock.dll (file missing)O2 - weblink Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

Internet Explorer is blocking it because it cannot verify something. Hingle replied Jan 24, 2017 at 5:13 PM AMD Driver crashes on Windows... Moderator Quietman7 Said Post A Hijackthis Log - I Think I'm Infected!

Please do NOT send Private Messages to Staff or helpers to request assistance!

Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: EPSON Look for the *New Topic* Button near the top right when viewing the forums. scanning hidden autostart entries ... You can donate using a credit card and PayPal.

Please post the contents of the log (C:\ComboFix.txt).Leave your computer alone while ComboFix is running.ComboFix will restart your computer if malware is found; allow it to do so.Reply back with the scan completed successfullyhidden files: 0**************************************************************************.--------------------- DLLs Loaded Under Running Processes ---------------------- - - - - - - > 'winlogon.exe'(868)c:\winnt\system32\igfxsrvc.dllc:\winnt\system32\hccutils.DLL.Completion time: 2009-04-04 8:14:57ComboFix-quarantined-files.txt 2009-04-04 13:14:54ComboFix2.txt 2009-04-03 21:35:58ComboFix3.txt 2009-04-03 18:09:29Pre-Run: 22,835,269,632 bytes freePost-Run: Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum. http://exomatik.net/hijack-this/hijack-this-log-file-help-me-out.php You do not have to do anything, as I will close it.

Newer Than: Search this thread only Search this forum only Display results as threads Useful Searches Recent Posts More... See the following Web page:Spyware Detector (spywaredetectorr.exe)http://www.siteadvisor.com/sites/def...loads/6503844/ Spyware Detector (spywaredetectorr.exe) made the following modifications to the hard drive:ADD c:\WINDOWS\system32\SDRemoveDB.db If you look at the "Properties" of the file itself, I have also run the Ad-Aware webupdate and run a full scan.Following is the logfile for HijackThis:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 10:35:21 AM, on 4/3/2009Platform: Windows XP SP3 Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

If you didn't really ask for or use those they can be removed via Add/Remove programs in the control Panel. This will start ComboFix to run again. Do not start a new topic. Username Forum Password I've forgotten my password Remember me This is not recommended for shared computers Sign in anonymously Don't add me to the active users list Privacy Policy

Now if I can just get my husband to be a little more careful opening emails, etc. Nothing new there really. Attached are 2 logs from Process Explorer for IE that I launched myself. It's amazing just how far those two little words go.

Go to Start > Run and type in the box: CleanmgrWait while Windows scans your system for files to delete.Make sure these 3 are checkmarked and press *ok* to delete them.Temporary Look for the *New Topic* Button near the top right when viewing the forums. This may be what is causing your "anti-virus startup (no icons shows in the taskbar)".It may be best if you uninstall and reinstall McAfee to see if that helps. Thank you for your understanding and cooperation!Plus and Pro Ad-Aware users (only) may use the Support Center for personal assistance:Support CenterMicrosoft MVP/Windows - Security 2003-2009 Back to top #13 mndabear mndabear

Follow the prompts to start ComboFix and when prompted, agree to the End-User License Agreement to install the Microsoft Recovery Console.At the next prompt, click NO to skip the scan for Everything is running so much smoother and faster. The connection is automatically restored before CF completes its run. Back to top #23 Gary's Girl Gary's Girl Topic Starter Members 343 posts OFFLINE Gender:Female Location:Kentucky Local time:05:33 PM Posted 04 November 2007 - 09:49 AM Good Morning!Thanks once again

Again thanks for the help. That may cause it to stall.2. How are all things looking on your end at this point?