Home > Hijackthis Download > HJT Log - Kat

HJT Log - Kat

Contents

C:\WINDOWS\system32\tdsslog.dll (Trojan.Agent) -> Delete on reboot. Share this post Link to post Share on other sites JeanInMontana    Delete this account!! just realised "Symantec Antivirus" is showing up in the log - it should been totally uninstalled / removed. HKEY_CLASSES_ROOT\Interface\{0b6ef17e-18e5-4449-86ea-64c82d596eae} (Trojan.BHO) -> Quarantined and deleted successfully.

If not, "regular basis" means every week, or when you feel it's necessary. HJT Log - Need help to analyze it. *final update* CPU-overload +50% Started by awausagi , Oct 27 2008 06:34 PM This topic is locked 12 replies to this topic #1 Thread Status: Not open for further replies. freeme, Aug 17, 2008 #3 2oldGeek Active member Joined: Jun 16, 2005 Messages: 3,682 Likes Received: 34 Trophy Points: 78 Running MBAM in Safe Mode would be even better.

Hijackthis Log Analyzer

Antivirus-->C:\Program\Avast4\aswRunDll.exe "C:\Program\Avast4\Setup\setiface.dll",RunSetup AVI Codec Pack-->C:\Program\AVI Codec Pack\uninstall.exe AVI to MPEG Converter-->C:\Program\AVITOM~1\UNWISE.EXE C:\Program\AVITOM~1\INSTALL.LOG Battle.net-->C:\WINDOWS\bnetunin.exe BitLord 1.1-->C:\Program\BitLord\uninst.exe Broadcom Advanced Control Suite 2-->C:\Program\Delade filer\InstallShield\Driver\8\Intel 32\IDriver.exe /M{2E086814-7392-4E0F-ADB8-54A81E47406C} /l1053 Broadcom Gigabit Integrated Controller-->C:\Program\Delade filer\InstallShield\Driver\8\Intel 32\IDriver.exe /M{BE6890C7-31EF-478C-812E-1E2899ABFCA9} Download ComboFix from Here But, BEFORE saving it to your Desktop, Rename it to Combo-Fix.exe with a hyphen – in the middle. • Very Important! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [2007-08-30 15:43]"IncrediMail"="C:\Program Files\IncrediMail\bin\IncMail.exe" [2007-10-09 11:02]"Glary Memory Optimizer"="C:\Program Files\Glary Utilities\memdefrag.exe" [2007-10-09 08:07]"HijackThis startup scan"="C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" [2007-11-09 03:24]"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 01:56][HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices]"1A:Stardock TrayMonitor"=C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\Scheduler.lnk - C:\Program Files\SpyCatcher\Scheduler daemon.exe [2007-09-21 18:09:45]C:\Documents If there is some abnormality detected on your computer HijackThis will save them into a logfile.

When it loads type the full path to the file you would like to delete in the field and press the Delete File button (looks like a red circle with a I have the Spybot S&D and keep it up to date, I've got the log and did the immunization like you said. BleepingComputer is being sued by Enigma Software because of a negative post of SpyHunter. Hijackthis Trend Micro Use the tutorial feature in the help tab to see how to go about this.AVG AntiSpyware Be sure to "take action"Then go here and run a scan PandaActive Scan There is

Your Bleepers have turned me into a relentless rager against rotten computer nasties. Double click on the Java installation that you downloaded and follow the prompts. Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quietO4 - HKCU\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /cO4 - HKCU\..\Run: [Glary Memory Optimizer] "C:\Program Files\Glary Utilities\memdefrag.exe" /autostartO4 - HKCU\..\Run: [HijackThis startup scan] C:\Program Files\Trend Micro\HijackThis\HijackThis.exe /startupscanO4 - HKCU\..\Run: [ctfmon.exe] First scan showed up with 7 adwares successfully removed & one Trojan - *Trojan.bp*, also successfully removed.

Please check here for the date of the first run. Hijackthis Download Windows 7 http://www.beyondlogic.org/consulting/proc...processutil.htm Post back the log from Smitfraud and a new HJT. Volume Serial Number is 0436-8692 Directory of C:\WINDOWS\System32 25/11/2005 09:14 PM

dllcache 13/10/2004 05:08 PM 32 {C521A6D4-B4CB-45E8-8E2A-1E28C27EAE91}.dat 13/10/2004 05:07 PM 32 {287991B5-1B8D-4B01-8DC4-6F3D0BBCC8C5}.dat 13/10/2004 05:06 PM 32 {14E11F84-A456-4E46-8512-76711E09C9BF}.dat 13/10/2004 05:04 PM The report can be found at the root of the system drive, usually at C:\rapport.txt Clean: * Reboot your computer in Safe Mode (before the Windows icon appears, tap the F8

Hijackthis Download

Read the instructions about the cookies. Thanx for sticking by me on this one! Hijackthis Log Analyzer HiJack This scan. Hijackthis Windows 7 I've shredded them repeatedly to but there they are again, in backup.

Only two of us use the computer and we are always very careful, in general. Some of them are being given via chat. Please download WebRoot SpySweeper from HERE (It's a 2 week trial):Click the Free Trial link under to "SpySweeper" to download the program.Install This page will give you further information. Then went in to safemode and tried to run Smitfraudfix but it stopped after I clicked y for clean reg. Hijackthis Windows 10

Page 1 of 2 1 2 Next > freeme Member Joined: Aug 17, 2008 Messages: 19 Likes Received: 0 Trophy Points: 11 Hi, I\m sitting here with my friends computer and ID: 16   Posted November 19, 2007 Eeeek! Sure hope they help you.ComboFix 07-11-08.1 - Kat 2007-11-12 23:25:13.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.114 [GMT -6:00]Running from: C:\Documents and Settings\Kat\My Documents\downloaded\ComboFix(3).exe * Created a new restore point.((((((((((((((((((((((((( Files So far the main problem with my comp has been not being able to use the links that I know are good.

C:\Documents and Settings\Administrator\Local Settings\Temp\.ttE.tmp (Trojan.Downloader) -> Quarantined and deleted successfully. How To Use Hijackthis The system cannot find the path specified 7:14 PM: ActiveX Shield: found: Trojan Horse: trojan-downloader-2pursuit, version 1.0.0.0 -- Installation denied 7:14 PM: ActiveX Shield: found: Trojan Horse: trojan-downloader-2pursuit, version 1.0.0.0 -- And the HJT Log from either Mode will do.

Can you navigate to the file a delete manually?

Hi and welcome **Download random's system information tool (RSIT) by random/random from here and save it to your desktop.Double click on RSIT.exe to run RSIT.Click Continue at the disclaimer screen.Once it If you do not have Java then you will need to go to the following link and download the latest version: Java Runtime Environment (JRE) 6 Update 11 Instructions for Kaspersky Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exeO23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exeO23 - Service: SupportSoft Sprocket Service (ddoctorv2) (sprtsvc_ddoctorv2) - SupportSoft, F2 - Reg:system.ini: Userinit= I\m stuck.

Double click combofix.exe & follow the prompts.3. Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exeO23 - Service: avast! I'm going to list the security prgms I've got on my XP pro, ( fine time to tell you that, huh?) I thought I really had it going on but if HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tdssserv (Rootkit.Agent) -> Quarantined and deleted successfully.

Pager] "C:\Program\Yahoo!\Messenger\YahooMessenger.exe" -quiet (User 'Lisa') O4 - HKUS\S-1-5-21-484763869-651377827-839522115-1003\..\Run: [updateMgr] "C:\Program\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1 (User 'Lisa') O4 - HKUS\S-1-5-21-484763869-651377827-839522115-1003\..\Run: [Ibg] C:\Documents and Settings\Lisa\Mina dokument\??crosoft\?ttrib.exe (User 'Lisa') O4 - HKUS\S-1-5-21-484763869-651377827-839522115-1003\..\Run: [IpWins] C:\Program\Ipwindows\ipwins.exe