Home > Hijackthis Log > Hijackthis Log (virtumonde?) Please Help

Hijackthis Log (virtumonde?) Please Help

Once installed, you should see a blue screen prompt that says - The Recovery Console was successfully installed. Thanks again. User will have to manually restart.[10/30/2007, 15:14:06] - Attempting to Restart via STOP error (Blue Screen!)[10/30/2007, 15:21:58] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\Marisol Avellaneda\Desktop\VirtumundoBeGone.exe" )[10/30/2007, 15:22:02] - Detected System Information:[10/30/2007, Click on the Misc Tools button 4. http://exomatik.net/hijackthis-log/hijackthis-log-please-help-with-virtumonde.php

Restart computer and press F8 to run Windows in Safe Mode 4. I am posting my DSS main log (didn't get an extra log) and my Active Scan. Step1 | Hijackthis Entries Please re-open HiJackThis and scan. I believe member seanc has helped extremely well under the circumstances (ie limited info supplied) But just to let you know, I personally don't check anything until the logs are supplied

scanning hidden files ... Click the "Report File" button and copy and paste this report in your next reply together with a new HijackThislog.Then we'll start from there, because it really makes no sense otherwise Started by pdyako1 , Feb 07 2009 11:18 PM Please log in to reply 3 replies to this topic #1 pdyako1 pdyako1 Newbie Members 4 posts Posted 07 February 2009 -

That may cause it to stall __________________ 10-02-2007, 04:48 PM #3 pastoral sec. I have added AVG Antivirus and performed the requested actions and scans. Download and run super antispyware http://www.superantispyware.com/download.html Do a complete scan and remove all items it finds. Checking for Winlogon reference.[10/30/2007, 15:22:06] - Checking for HKLM\...\Winlogon\Notify\nnnmn[10/30/2007, 15:22:06] - Key not found: HKLM\...\Winlogon\Notify\nnnmn, continuing.[10/30/2007, 15:22:06] - BHO 2: {89AD4D75-2429-462e-BD4E-443F233F6033} ()[10/30/2007, 15:22:06] - WARNING: BHO has no default name.

Any ideas out there?windows xp professional Discussion is locked Flag Permalink You are posting a reply to: virtumonde The posting of advertisements, profanity, or personal attacks is prohibited. Checking for Winlogon reference.[10/30/2007, 15:13:17] - Checking for HKLM\...\Winlogon\Notify\btojdndo[10/30/2007, 15:13:17] - Key not found: HKLM\...\Winlogon\Notify\btojdndo, continuing.[10/30/2007, 15:13:17] - BHO 2: {A9B3CD2A-4ED9-4127-BD4A-01994D67A4DA} ()[10/30/2007, 15:13:17] - WARNING: BHO has no default name. Please remove those, they're most likely the cause of your AVG problems. My computer is slow!---My Blog---Follow me on Twitter.

The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. Started by imcuneo , Feb 28 2008 06:04 PM This topic is locked 2 replies to this topic #1 imcuneo imcuneo Members 1 posts OFFLINE Local time:03:09 PM Posted 28 Logs Required In Next Post ------------------------------- Deckards System Scanner Logs __________________ 06-24-2008, 02:21 PM #3 (permalink) infantryman True Techie Join Date: Sep 2006 Posts: 113 Re: Virtumonde Here is my HijackThis Log file:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 6:34:23 PM, on 07/02/2009Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16762)Boot mode: Safe mode with network

Registered Member Join Date: Oct 2004 Posts: 33 OS: Windows XP Hey, I have a bad problem with popups and by running Spybot Search & Destroy have found that Hijackthis Log: Please Help With Virtumonde! Attach the report, and a new HJT log Jan 9, 2009 #17 randyhawk TS Enthusiast Topic Starter Posts: 60 sorry about posting results late, usually i work long hours and This applies only to the original topic starter.

settings..." window, selecting "Troubleshooting" and placing a tick in the box next to "Disable avast! check my blog During this operation, you are not allowed to move the mouse or perform other actions. Dismiss Notice TechSpot Forums Forums Software Virus and Malware Removal Today's Posts My computer is Virtumonde infected, pleasehelp Byrandyhawk Jan 1, 2009 i have pop up problems and my anti virus If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post).

Registered Member Join Date: Oct 2004 Posts: 33 OS: Windows XP I did not find ViewPoint in my Add/Remove Programs, but did a basic search and deleted any ViewPoint scan completed successfullyhidden files: 0**************************************************************************.------------------------ Other Running Processes ------------------------.c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exec:\windows\system32\wbem\unsecapp.exec:\program files\iPod\bin\iPodService.exec:\program files\Java\jre1.6.0_05\bin\jucheck.exe.**************************************************************************.Completion time: 2009-02-08 23:31:07 - machine was rebootedComboFix-quarantined-files.txt 2009-02-09 04:30:47Pre-Run: 11,036,508,160 bytes freePost-Run: 10,630,320,128 bytes freeWindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe[boot loader]timeout=2default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS[operating Please note to follow all my steps in the order I give them, and if you have an issue with one step please tell me about the problem and skip to this content I quite like AVG but if there's a better free alternative then it's worth a try.

Using the site is easy and fun. Disruptive posting: Flaming or offending other usersIllegal activities: Promote cracked software, or other illegal contentOffensive: Sexually explicit or offensive languageSpam: Advertisements or commercial links Submit report Cancel report Track this discussion Username Forum Password I've forgotten my password Remember me This is not recommended for shared computers Sign in anonymously Don't add me to the active users list Privacy Policy

Double-click on dss.exe and follow the prompts.

Music Jukebox\ymetray.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo! Pixelated streaming? Several functions may not work. Put your HijackThis.exe there, and double click to run it.Click 'Scan' button.

Assorted Automotive Marine RV & Travel Trailer Techist Cooking Forum Kayaking & Rafting Forum Aquarium Forum BBQ Forum Computer Forums Early Retirement Royal Forums U2 Music Forum Ski Forum CityProfile Local Download & Save this file to Desktop -> http://download.bleepingcomputer.com...a/ComboFix.exe 2. Jump to content Sign In Create Account Search Advanced Search section: This topic Forums Members Help Files Calendar View New Content Forum Rules BleepingComputer.com Forums Members Tutorials Startup List http://exomatik.net/hijackthis-log/hijackthis-log-virtumonde.php Here is the pre-ComboFix, re-done HijackThis Log and then the ComboFix Log:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 11:11:48 PM, on 08/02/2009Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00

Username Forum Password I've forgotten my password Remember me This is not recommended for shared computers Sign in anonymously Don't add me to the active users list Privacy Policy Thread Tools Display Modes 06-22-2008, 03:01 PM #1 (permalink) infantryman True Techie Join Date: Sep 2006 Posts: 113 Virtumonde Hijackthis Log [F] Logfile of Trend Micro HijackThis please help me! The experts are really swamped with requests to have logs reviewed etc.

Jan 4, 2009 #11 randyhawk TS Enthusiast Topic Starter Posts: 60 i forgot to save log, can i scan and save log now Jan 4, 2009 #12 kimsland Ex-TechSpotter Posts: Logfile of HijackThis v1.99.1 Scan saved at 11:00:12 AM, on 5/31/2008 Platform: Windows 2003 SP2 (WinNT 5.02.3790) MSIE: Internet Explorer v7.00 (7.00.6000.16640) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program