Home > Hjt Log > HJT Log 17 Dec 2008

HJT Log 17 Dec 2008

the page fil usage is huge at 1.58GB.A pagefile of 1.5 GB is not unusual. http://www.dslreports.com/faq/10451 When should I re-format? No items were processed. 12/16/2008 1:42:59 PM:906 Anti-Malware Engine Anti-Malware engine configuration loaded successfully. 12/16/2008 2:42:54 PM:640 IntelliGuard: System Event Blocked Threat Name - Spyware.Maya_Password_Stealer Details - Spyware Doctor has blocked Started by eggman131 , 12 Dec 2008 2 replies 638 views Rorschach112 19 Dec 2008 [Inactive]Spyware Popups nonstop Started by aznsportruck , 12 Dec 2008 2 replies 836 views http://exomatik.net/hjt-log/hjt-log-infected-with-antivirus-xp-2008.php

Please re-enable javascript to access full functionality. Username or email: Forum Password I've forgotten my password Remember me This is not recommended for shared computers Sign in anonymously Don't add me to the active users list Privacy Policy Please re-enable javascript to access full functionality. The problem is that "Maya password stealer" is still there.

Sure enough, after his PC powers up and Windows XP comes online, I get the following message with a shutdown counter of 60 secs:This system is shutting down. I didn't notice this b4 I began the scan so avast has unfortunately been on. I reviewed the HJT log as explained earlier. Started by joe12 , 22 Dec 2008 11 replies 871 views Buckeye_Sam 12 Jan 2009 I can not open IE after running SUPERantispyware and quaranting what it found Started by

Back to top #10 Fire Chief Fire Chief Member Members 42 posts Posted 17 December 2008 - 07:45 PM Did you get it removed? If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you after scanning with MBAM. Take advantage of it immediately, Register Now or Sign In. This helps to avoid confusion and ensure the member gets the required expert assistance they need to resolve their problem.

Username Forum Password I've forgotten my password Remember me This is not recommended for shared computers Sign in anonymously Don't add me to the active users list Privacy Policy Jump to I did not run MBAM in safe mode. Sometimes there's a message that pop's up b4 I turn of the comp but it quickly disappears and I don't have time to see what the message says. Close any programs you may have running - especially your web browser.

It may take some time to complete so please be patient.When the scan is finished, a message box will say "The scan completed successfully. Jump to content Sign In Create Account Search Advanced Search section: This forum Forums Members Help Files Calendar View New Content Forum Rules BleepingComputer.com Forums Members Tutorials Startup List Started by TH1214 , 26 Dec 2008 2 replies 687 views KoanYorel 12 Jan 2009 Need help looking over log Started by Baross , 26 Dec 2008 2 replies Regards Jim 0 Back to top #12 quietman7 quietman7 Elder Janitor & Bug Exterminator Admin 11,540 posts Gender:Male Location:Virginia, USA Posted 18 December 2008 - 07:30 AM You're welcome.

nasdaq Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ] [ Housecall online virus scan ] [ Bitdefender online virus scan ] [ AVG antivirus ] Click "OK" to open the results in WordPad. 9. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged All other programs should be kept on your machine and used on a regular basis.Now you should Create a New Restore Point to prevent possible reinfection from an old one.

You should consider them to be compromised. SuperAntispyware will work sometimes when MBAM doesn't. Once installed, backdoor Trojans can be instructed to send, receive, execute and delete files, harvest confidential data from the computer, log activity on the computer and more. Please re-enable javascript to access full functionality.

Join the ClassRoom and learn how.MS - MVP Consumer Security 2009 - 2016 Back to top Page 1 of 2 1 2 Next Back to Viruses, Spyware, Adware 0 user(s) are Back to top #14 Fire Chief Fire Chief Member Members 42 posts Posted 17 December 2008 - 09:06 PM Only in the HJT Logs subforum. Username Forum Password I've forgotten my password Remember me This is not recommended for shared computers Sign in anonymously Don't add me to the active users list Privacy Policy Please click Copy-book Dns Changer And Possible Rootkit Problem Started by jim6149 , Dec 16 2008 07:09 AM This topic is locked 11 replies to this topic #1 jim6149 jim6149 TEG Forum Member

Second time this week - HJT and Malwarebytes logs Started by sj0804 , 20 Dec 2008 13 replies 1,249 views Rorschach112 27 Dec 2008 [Inactive]HELP firefox is not working properly Please have your friend read this: These are the most dangerous, and most widespread, type of Trojan. Last night I downloaded and ran Malarebyte's Anti Malware.

Updater (YahooAUService) - Yahoo!

please wait for one of the above mentioned Admins... (daveydoom or quietman) to respond to your post. Hang around . 0 "A computer beat me in chess, but it was no match when it came to kickboxing" -Emo Philips Spywareinfo Trusted Advisor Back to top #6 daveydoom If not, reboot anyway.Please download SmitfraudFix by S!Ri and save to your Desktop.-- If you have downloaded SmitfraudFix previously, please delete that version and download it again as the tool is Files that you can keep are as follows: NLAapi.dll napinsp.dll pnrpnsp.dll mswsock.dll winrnr.dll theres one more that i cant remember the name of but the description is a list of protocols

You did not say who did your HJT log. Back to top #5 Wingman Wingman Mild-mannered Elder Geek Admin 9,395 posts Gender:Male Location:East Coast, USA Posted 16 December 2008 - 09:20 AM From Guidelines for Posting a HijackThis log.Only the Finally paste the contents of the Report.txt back on the forum. 0 #3 emeraldnzl Posted 17 December 2008 - 12:07 AM emeraldnzl GeekU Instructor GeekU Moderator 19,893 posts Due to lack O17 - HKLM\System\CCS\Services\Tcpip\..\{449A5DB0-581A-49C4-A53A-34C96CED6C0A}: NameServer = 85.255.116.86;85.255.112.157 O17 - HKLM\System\CCS\Services\Tcpip\..\{75C4CBDA-41E3-4638-9CC9-77C0A43CDC66}: NameServer = 85.255.116.86;85.255.112.157 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.86;85.255.112.157 O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 85.255.116.86;85.255.112.157 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.86;85.255.112.157 Delete

Risk Level - High Infection - C:\SYSTEM VOLUME INFORMATION\_RESTORE{1F715F7A-702E-417A-9077-E8DC3A9720FE}\RP570\A0061211.DLL 12/16/2008 1:30:54 PM:640 IntelliGuard: System Event Blocked Threat Name - Spyware.Maya_Password_Stealer Details - Spyware Doctor has blocked an application attempting to access Please temporarily disable such programs or permit them to allow the changes.Reports/logs to post in your next reply:* OTMoveIt log* Report.txt <- SDFix report* MBAM report log* A fresh HijackThis log I can provide additional information on what the exact prolems are on Norton 360.Any help would certainly be highly appreciated in this matter.Kind regards,Marc Edited by sausagekingofla, 16 December 2008 - Please choose YES.