Home > Hijackthis Log > Hijackthis Log File - Ran Several Anti-virus Programs To No Avail

Hijackthis Log File - Ran Several Anti-virus Programs To No Avail

Make sure you select the full scan to make sure it detects and removes the remaining infection. Windows XP virus won't let me open most exe files. On a side note, I'm new to Reddit and was pleasantly surprised at the amount of you offering quality assistance and how fast everyone responded. like i said before, now its even freezing completely every 2 minutes or so for several seconds. (it started again) any settings i could look at to see what is causing check over here

Typically there are two ways to find a file when you don't know what folder it is in. or read our Welcome Guide to learn how to use this site. This will select all files present in the folder. If it won't allow you to access the internet in safe mode you may need to have a friend download and copy to a usb drive the following: Combofix AVZ can

To test if ncacn_http is running on port 80 (which may be an additional attack vector), telnet to port 80 and enter: RPC_CONNECT :593 HTTP/1.0 Solution: eEye has released a free that is characteristic of the MS_RPC_DCOM_BufferOverflow attack. It's not pure altruism on their part: It allows them to collect malware they may not be detecting, or detecting and not properly removing, as well as gives them an opportunity

Back to top Prev Page 2 of 2 1 2 Back to Virus, Trojan, Spyware, and Malware Removal Logs 0 user(s) are reading this topic 0 members, 0 guests, 0 anonymous Back to top #18 Grinler Grinler Lawrence Abrams Admin 42,756 posts ONLINE Gender:Male Location:USA Local time:06:07 PM Posted 15 June 2006 - 08:02 PM Windows defender message is fine. The virus lets me open firefox and chrome but it won't allow me to connect to any sites. permalinkembedsaveparentgive gold[–]Sezhe 2 points3 points4 points 4 years ago(5 children)Download and run TDSSKiller: http://support.kaspersky.com/faq/?qid=208283363 Then I'd recommend downloading and creating a bootable CD/USB of the Kaspersky Rescue Disk.

also, when i disabled all startup items via msconfig the problem was still there, i failed to mention that in the previous post. thanks again!Logfile of HijackThis v1.99.1Scan saved at 2:18:19 AM, on 5/30/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\LEXBCES.EXEC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\LEXPPS.EXEC:\Program Files\Common Files\AOL\ACS\AOLAcsd.exeC:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exec:\program files\mcafee.com\agent\mcdetect.exec:\PROGRA~1\mcafee.com\vso\mcshield.exec:\PROGRA~1\mcafee.com\agent\mctskshd.exeC:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exeC:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\Explorer.EXEC:\Program Files\McAfee.com\VSO\mcvsshld.exeC:\Program Files\Java\jre1.5.0_06\bin\jusched.exeC:\Program Briefly describe the problem (required): Upload screenshot of ad (required): Select a file, or drag & drop file here. ✔ ✘ Please provide the ad click URL, if possible: SourceForge About Please there must be someone who can help me! 0 crunchie 990 8 Years Ago Download the latest version (2.0.2) of hijackthis after uninstalling the Beta version.

Any help with these issues will be much appreciated. For me, the CPU only goes to 100% when I try to play video files (of any type). permalinkembedsaveparentgive gold[–]NewspaperBlanket[S] 0 points1 point2 points 4 years ago(0 children)I've never used hijackthis before so I don't know if just copying and pasting it into a reply is sufficient. Checking %ProgramFilesDir% folder...

C:Program Files\Support.com\client\bin\tgcmd.exe attempted to access internet tgcmd.exe attempted to access the internet. (I stopped that twice...wasn't sure what it was). Please don't fill out this field. As long as the hard disk light is flashing, the program is still working properly. Windows OS and Versions Product Name: Microsoft Windows XP Current Build: Service Pack 2 The following ports should be blocked: TCP/UDP Port 135 TCP/UDP Port 139 TCP/UDP Port 445 A reliable source has indicated that TCP port 593 is also a potential channel for attacks.

Any ideas what may cause this? check my blog Sent to None. Finally open the SDFix folder on your desktop and copy and paste the contents of the results file Report.txt back onto the forum with a new HijackThis log 0 Discussion Starter If your computer is not allowing you to visit any websites then you may need to reset your HOST file.

Back to top #7 Grinler Grinler Lawrence Abrams Admin 42,756 posts ONLINE Gender:Male Location:USA Local time:06:07 PM Posted 11 June 2006 - 07:37 PM Sorry .. In Safe Mode, right click the SDFix.zip folder and choose Extract All, Open the extracted folder and double click RunThis.bat to start the script. It is important to exercise caution and avoid making changes to your computer settings, unless you have expert knowledge. http://exomatik.net/hijackthis-log/hijackthis-log-unable-to-install-or-browse-to-anti-virus.php I have been having problems with this ever since I reinstalled windows XP.

A case like this could easily cost hundreds of thousands of dollars. To learn more and to read the lawsuit, click here. HijackThis scan results make no separation between safe and unsafe settings , which gives you the ability to selectively remove items from your machine.

Help us fight Enigma Software's lawsuit! (Click on the above link to learn more) Become a BleepingComputer fan: FacebookFollow us on Twitter!

I wanted to give her ability to install applications so she gets admin password, but I wanted to ... In the last few weeks, the people behind this name have succeeded in becoming (IMHO) an even bigger nuisance than the now infamous Lop. Type Y to begin the script. Back to top #9 Grinler Grinler Lawrence Abrams Admin 42,756 posts ONLINE Gender:Male Location:USA Local time:06:07 PM Posted 14 June 2006 - 04:46 PM Still not seeing any problems...Download http://www.bleepingcomputer.com/files/winpfind.phpExtract

Please check the references section for a link to download this utility. ** Several reports state that the RPC/DCOM service may still be vulnerable to a denial of service attack even It will remove the Trojan Services then make some repairs to the registry and prompt you to press any key to Reboot. Microsoft has released new fixes that supersede the original fixes for this issue. have a peek at these guys Can be renamed to a .com file and ran on machines that can't open .exe's to fix that issue.

BLEEPINGCOMPUTER NEEDS YOUR HELP! Hang with us on LockerDomeCircle BleepingComputer on Google+!How to detect vulnerable programs using Secunia Personal Software Inspector Simple and easy ways to keep your computer safe and secure on the Internet Back to top #21 kable kable Topic Starter Members 29 posts OFFLINE Local time:07:07 PM Posted 20 June 2006 - 01:56 PM ok thanks a lot for your help i I'd still recommend scanning with TDSSKiller and then doing another scan using the Kaspersky Rescue Disk.

In the resulting list, look for a command with either the word 'regedit' or '.reg' in it (the command Zorko found was 'C:\Windows\regedit.exe/s C\Windows\System\radB9819.tmp'). permalinkembedsavegive gold[–]NewspaperBlanket[S] 0 points1 point2 points 4 years ago(0 children)Yeah, I can open Firefox/Chrome/VLC/Avast but the internet browsers won't connect to any sites and the other two only allow limited functionality (strange, I Thank you. just wanted to add this incase it helped.

After the machine restarts, delete the following items: the \%systemroot%\java folder java.pnf from the \%systemroot%\inf folder jview.exe and wjview.exe from the \%systemroot%\system32 folder The HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Java VM registry subkey The HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\JAVA_VM Hang with us on LockerDomeCircle BleepingComputer on Google+!How to detect vulnerable programs using Secunia Personal Software Inspector Simple and easy ways to keep your computer safe and secure on the Internet I ended up having to use a little of each of your fixes. Does my computer have a virus or is it just BrowserHijack?

permalinkembedsavegive gold[–]dumbledouche 3 points4 points5 points 4 years ago(1 child)Had this happen with several clients before, almost gave me a heart attack the first time - merge the above listed file to registry, When the desktop loads the Fixtool will complete the removal and display Finished, then press any key to end the script and load your desktop icons. Click Save. Hang with us on LockerDomeCircle BleepingComputer on Google+!How to detect vulnerable programs using Secunia Personal Software Inspector Simple and easy ways to keep your computer safe and secure on the Internet

The Internet Connection Firewall in Windows XP or Windows Server 2003 will, by default, block inbound RPC traffic. I left it alone for a few hours and when I came back Windows was running.