Home > Hijackthis Log > HiJackThis Log - Antimalware Doctor And Digital Security Viruses

HiJackThis Log - Antimalware Doctor And Digital Security Viruses

To learn more and to read the lawsuit, click here. Please re-enable javascript to access full functionality. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen. This session lasted 9829 seconds with 8940 seconds of active time. weblink

Click here to join today! Message Insert Code Snippet Alt+I Code Inline Code Link H1 H2 Preview Submit your Reply Alt+S Ask a Different Information Security Question Ask a Question Related Articles Alternative to Windows Indexing Also, Antimalware doctor somehow installed itself and is telling me that I have viruses. So I booted up into Safe mode and did a system restore from 2 days ago.

I ran zone alarm, spybot, malwarebytes' antimalware, cc cleaner all in safe mode as well as normally. Read more : JDK5SWFMZY | Views : 3142 | Replies : 13 | Forum : Archived Logs Top Antimalwae doctor help.. it gets to the black screen with the windows … What is Product ID?It is important? 1 reply Hi again, i'm really confused between Product Id and Product Key. C:\Users\Niklas\AppData\Local\Temp\mkcxhunr.exe (Trojan.Hiloti) -> Quarantined and deleted successfully.

or read our Welcome Guide to learn how to use this site. I have downloaded Norton Internet Security and have removed a couple of Trojan horses and a W32.sillyDC virus. Username Forum Password I've forgotten my password Remember me This is not recommended for shared computers Sign in anonymously Don't add me to the active users list Privacy Policy

Jump If you'd like to assist in the fight against malware, click here The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing

C:\Users\Niklas\Local Settings\Application Data\Windows Server\admin.txt (Malware.Trace) -> Quarantined and deleted successfully. Site Changelog Community Forum Software by IP.Board Sign In Use Facebook Use Twitter Need an account? We still need to see the other scanlogs to see what remains to be dealt with. Please be patient with me during this time while I propose a fix for you.

If you are using Vista, please right-click and select run as administrator Under the Custom Scan box paste this in netsvcs msconfig safebootminimal safebootnetwork activex drivers32 %SYSTEMDRIVE%\*.* %systemroot%\system32\Spool\prtprocs\w32x86\*.* %systemroot%\Fonts\*.com %systemroot%\Fonts\*.dll %systemroot%\Fonts\*.ini If there is some abnormality detected on your computer HijackThis will save them into a logfile. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal Typical Google could start sending up custom JavaScript from JavaScript repository.

I've run the rkill and the mbam, program said that antimalware doctor was deleted but it open up again after i rebooted.Here is my highjackthislog.Thanks in advance for your help.Logfile of Mark it as an accepted solution!I am not a Comcast employee.Was your question answered?Mark it as a solution! 1 Kudo Posted by bcvm22 ‎04-22-2009 12:49 AM Regular Visitor Member Since: ‎04-21-2009 Error - 4/16/2010 10:18:36 AM | Computer Name = Shabbir-PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application Thanks for your time!

Would really appreciate if you guys could help me out with this. have a peek at these guys If you still need help after I have closed your topic, send me or a moderator a personal message with the address of the thread or feel free to create a CONTRIBUTE TO OUR LEGAL DEFENSE All unused funds will be donated to the Electronic Frontier Foundation (EFF). Read more : Antimalwae doctor help.. | Views : 4088 | Replies : 24 | Forum : Archived Logs Top Web redirect; antivir solution pro Hi there; logfile:Logfile of Trend Micro

Also, when I run msconfig, I see something called Logitech Desktop Messenger and the file name is called LOGITE~1.VIR -startup. Please copy/paste directly into your post and do not attach files unless requested.Please do not post any logs in the General forum. Error - 4/21/2010 8:04:45 AM | Computer Name = Shabbir-PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application check over here You have both KAV and some piece of Symantec's antivirus as well.

If you don't have an extraction program, you can downlaod, install and use the free 7-zip utility.Double-click on RKUnhookerLE.exe to start the program. Also be aware that some infections are so severe that you might need to resort to reformatting and reinstalling your operating system. This session ended with a crash.

This session lasted 54822 seconds with 600 seconds of active time.

Every time I load up the PC I get three RUNDLL messages saying : nnfj.tqo C:\windows\eniqizevaxik.dll C:\windows\asavric.dll. oader5.cabO16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cabO16 - DPF: {2E28242B-A689-11D4-80F2-0040266CBB8D} (KXHCM10 Control) - http://lovefm.miemasu.net:60002/kxhcm10.ocxO16 - DPF: {3BF72F68-72D8-461D-A884-329D936C5581} (Image Uploader Combo Control) - http://www.mekusharim.co.il/ImageUploader5.cabO16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Jump to content Sign In Create Account Search Advanced Search section: This topic Forums Members Help Files Calendar View New Content Forum Rules BleepingComputer.com Forums Members Tutorials Startup List Tech Support Guy is completely free -- paid for by advertisers and donations.

It is also a good idea to save my instructions to notepad or print them out so you have them. Showing results for  Search instead for  Did you mean:  5,582,491 members 60 online now 1,768,751 discussions Xfinity Help and Support Forums > Internet > Anti-Virus Software & Internet Security > McAfee Back to top #3 SweetTech SweetTech Agent ST Members 13,421 posts OFFLINE Gender:Male Location:Antarctica Local time:07:02 PM Posted 04 June 2011 - 11:46 AM Hello and welcome to the forums!My this content wflash.cabO18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dllO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLLO23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exeO23

There are also two entries with names of just empty boxes, no letters. hinaraees -5 6 posts since Jun 2011 Newbie Member More Recommended Articles About Us Contact Us Donate Advertising Vendor Program Terms of Service API Newsletter Archive Community Forums Recent Articles Recommended Any suggestions?? Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn5\yt.dllO4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exeO4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXEO4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exeO4 - HKLM\..\Run: [DISCover] C:\Program Files\DISC\DISCover.exeO4 - HKLM\..\Run: [DiscUpdateManager]

Now the PC is shutting down when it gets to the Windows loading screen, only safe mode works. Also bottom right corner has a ton of fake "Infiltration Alert - Virus Attack" signs which also tries to make me install fake anti-virus. If you attempted to remove symantec with add/remove programs, then you need to add Symantec's removal tool TANSTAAFL!!I am not a Comcast employee, I am a paying customer just like you!I In Windows Vista and Windows 7, all tools need to be started by right clicking and selecting Run as Administrator!

Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 2:21:35 PM, on 8/19/2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18943) Boot mode: Safe mode with network support I continue to run those antimalware/virus detection programs, but just about every time I run one of those, some new problem will pop up. This session ended with a crash. [ System Events ] Error - 8/12/2010 3:02:11 AM | Computer Name = Shabbir-PC | Source = Service Control Manager | ID = 7009 Description C:\Users\Niklas\AppData\Local\Temp\dsoqq0.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.

As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn5\yt.dllO2 - BHO: &Yahoo! This session lasted 16705 seconds with 60 seconds of active time. Which of these do I select?------------------------------------------------------Logfile of Trend Micro HijackThis v2.0.2Scan saved at 9:36:27 AM, on 4/22/2010Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Intel\Wireless\Bin\EvtEng.exeC:\Program

Thank you. Site Changelog Community Forum Software by IP.Board Sign In Use Facebook Use Twitter Need an account? Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation) Folder [open] Have means of backing up your data available.____________________________________________________Rootkit UnHooker (RkU)Please download Rootkit Unhooker from one of the following links and save it to your desktop.Link 1 (.exe file)Link 2 (zipped file)Link