Home > Hjt Log > HJT Log - Aaron

HJT Log - Aaron

Any suggestions how to get rid of it? · actions · 2005-Aug-24 5:12 pm · mazhurgPremium Memberjoin:2004-05-02Brighton, ON·TekSavvy Cable mazhurg Premium Member 2005-Aug-24 5:35 pm Try safe mode. The key should not be executed thereby not starting whatever was active in memory when you tried to kill the folder.If it works, then you should be able to remove the Mark it as an accepted solution!I am not a Comcast employee. I am a paying customer just like you!

REG.EXE VERSION 3.0 HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Applets\Regedit LastKey REG_SZ My Computer\HKEY_CURRENT_USER\Control Panel\don't load  Back to top #7 freeatlast freeatlast E x p l o r e r Retired Staff 833 posts Posted 27 If you're not already familiar with forums, watch our Welcome Guide to get started. If it solve the problem, then you shoul be able to remove the key after with msconfig.However, if the beastie has setup to start also in safe mode then the above Edited by freeatlast, 30 May 2004 - 04:27 AM.

Messenger" [from CLSID] -> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll" ["Yahoo! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exeO23 - Service: avast! I'm also getting a lot (7) of instances of something called hitbot.

I hope #4 gets better Submit Files: ---------------------------------------------------------------------- Back to top #23 freeatlast freeatlast E x p l o r e r Retired Staff 833 posts Posted 01 June 2004 - Sign In Sign Up Browse Back Browse Forums Guidelines Staff Online Users Members Activity Back Activity All Activity My Activity Streams Unread Content Content I Started Search Malwarebytes.com Back Malwarebytes.com Malwarebytes Please help??? · actions · 2005-Aug-25 11:30 am · mazhurgPremium Memberjoin:2004-05-02Brighton, ON

mazhurg Premium Member 2005-Aug-25 1:44 pm »www3.ca.com/securityadvi ··· id=13567Got to get back to work... Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exeO23 - Service: avast!

Post that log and a HiJackthis log in your next reply Note: Do not mouseclick combofix's window while its running. Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO2 - BHO: Yahoo! MushroomWorld18, Nov 12, 2016, in forum: Virus & Other Malware Removal Replies: 0 Views: 159 MushroomWorld18 Nov 12, 2016 Solved Please Help! Mail" -> {CLSID}\InProcServer32\(Default) = "C:\PROGRA~1\Yahoo!\Common\ymmapi.dll" ["Yahoo!

In order to find out what entries are nasty and what are installed by the user, you need some background information.A logfile is not so easy to analyze. Then there is my standard advice: Visit Windows Update:Make sure that you have all the Critical Updates recommended for your operating system and Internet Explorer. Inc."]"{40D41A8B-D79B-43D7-99A7-9EE0F344C385}" = "AIM Search" [from CLSID] -> {CLSID}\InProcServer32\(Default) = "C:\Program Files\AIM Toolbar\AIMBar.dll" ["America Online, Inc"]HKLM\Software\Microsoft\Internet Explorer\Toolbar\"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" = "Yahoo! Delete: Remove in-use files! · actions · 2005-Aug-25 3:58 am · Soapmjoin:2001-07-15Aurora, CO Soapm Member 2005-Aug-25 11:30 am One of the infections on this machine is called Allnet.

IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dllO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dllO2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\3.7.0\ViewBarBHO.dllO2 - BHO: Google Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllO2 - BHO: Yahoo! also spyware doctor found these three IEAcc/HTMLAccess IEAcc/IEdial safecast but since i dont have the registered version i cannot eliminate these. Double click l2mfix.bat and select option #1 for Run Find Log by typing 1 and then pressing enter.

Yes, my password is: Forgot your password? Anyone else with a similar problem please start a "New Thread". Appreciate any help or advice you can give me. Other thatn that I ran each program but there would always be something each program found but couldn't clean.Logfile of HijackThis v1.99.1Scan saved at 10:57:59 AM, on 8/24/2005Platform: Windows XP SP2

All rights reserved. Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exeO23 - Service: avast! Thanks, Aaron Back to top #5 freeatlast freeatlast E x p l o r e r Retired Staff 833 posts Posted 27 May 2004 - 04:31 AM Download, Find-All.zip:http://freeatlast.10...om/Find-All.zip*UNzip it to Start here. CommunityCategoryBoardUsers turn on suggestions Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.

Messenger""CLSIDExtension" = "{4C171D40-8277-11D5-AD55-00010333D0AD}" -> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll" ["Yahoo! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exeO23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exeO23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Here's the output.txt file that was created:--==***@@@ 'FIND-ALL' VERSION 8.2 -5/27 @@@***==-- Fri May 28 02:56:16 2004 -- ++Results: »»System Info: Microsoft Windows XP [Version 5.1.2600]C: "" (50D2:8808) - FS:NTFS clusters:4kTotal:

Mail""{2559a1f7-21d7-11d4-bdaf-00c04f60b9f0}"="Set Program Access and Defaults""{596AB062-B4D2-4215-9F74-E9109B0A8153}"="Previous Versions Property Page""{9DB7A13C-F208-4981-8353-73CC61AE2783}"="Previous Versions""{692F0339-CBAA-47e6-B5B5-3B84DB604E87}"="Extensions Manager Folder""{640167b4-59b0-47a6-b335-a6b3c0695aea}"="Portable Media Devices""{cc86590a-b60a-48e6-996b-41d25ed39a1e}"="Portable Media Devices Menu""{BDEADF00-C265-11D0-BCED-00A0C90AB50F}"="Web Folders""{0006F045-0000-0000-C000-000000000046}"="Microsoft Outlook Custom Icon Handler""{42042206-2D85-11D3-8CFF-005004838597}"="Microsoft Office HTML Icon Handler""{EBDF1F20-C829-11D1-8233-FF20AF3E97A9}"="TrojanHunter Menu Shell Extension""{1CE2AA40-1317-11D3-9922-00104B0AD431}"="CA_AntiVirus"**********************************************************************************HKEY ROOT CLASSIDS:**********************************************************************************Files Found

Total of file sizes: 9,458,288 bytes 9.02 MLocate .tmp files:No matches found.**********************************************************************************Directory Listing of system files: Volume in drive C has no label. I also ran the new updated Adaware and then emailed you the zip file. I am an XFINITY Forum Expert and I am here to help.We ask that you post publicly so people with similar questions may benefit.Was your question answered? Forums → Software and Operating Systems → Security → HJT Log uniqs1210 Share « Karpensky AV Pro-No Icon Task Bar-Can't Open Prog? • Port 88 »page: 1 · 2 · next

IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dllO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dllO2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dllO4 - HKLM\..\Run: [SoundMAXPnP] Is this by any chance a false positive? HijackThis.de Security HijackThis log file analysis HijackThis opens you a possibility to find and fix nasty entries on your computer easier.Therefore it will scan special I also don't know how to get the full info that gets cut off by the browser window being too small because I can't expand it.If you have any ideas, please

Do not change any settings unless otherwise told to do so. Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exeO23 - Service: avast! For information on the program click here.We ask that you post publicly so people with similar questions may benefit from the conversation.Was your question answered? Category: System Startup user entryChange: value deletedEntry: Red Swoosh EDN clientOld Data: c:\programfiles\rsnet\rsednclient.exeCategory: system start up global entryChange: value deletedEntry: moneystartup10.0Old Data: c:\program files\microsoft money\system\ (I cant read this part because

OTL.Txt and Extras.Txt. There is this O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar\3.7.0\ViewBarBHO.dllO3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Common Files\Viewpoint\Toolbar Runtime\3.7.0\IEViewBar.dll Read about why I am REG.EXE VERSION 2.0HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings MinorVersion REG_SZ ;SP1;Q324929;Q810847;Q813951;Q813489;Q330994;Q818529;Q822925;Q828750;Q832894;Q83009;Q831167; »»Google Toolbar version and Attributes: 2.0.111.0 C:\Program Files\google\googletoolbar1.dll Defaults: "A" ;"R" A R C:\Program Files\google\GoogleToolbar1.dll »»UserAgent: REGEDIT4[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform] »»Wmplayer version: 9.0.0.2980 C:\Program Spybot is also letting me know that additional BHOs are being added to my comp everytime I connect.I'd appreciate any help you can offer me!AaronHere's my Hijackthis Log:Logfile of HijackThis v1.97.7Scan

I am a paying customer just like you! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htmO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htmO8 - Extra context menu item: Yahoo! Please post the entire contents of this logfile for me to see. · actions · 2005-Aug-26 6:10 am · Soapmjoin:2001-07-15Aurora, CO Soapm Member 2005-Aug-26 10:24 am L2Mfix 1.04Running From:C:\Documents and Settings\Aaron's What is safe to do when I've got this crap on my machine?

Submit Files: ---------------------------------------------------------------------- Back to top #6 aaron_cabal_trainee aaron_cabal_trainee Member Full Member 12 posts Posted 27 May 2004 - 08:21 AM Hey thanks for the reply. Stay informed with Comcast Alerts Alerts are an easy, quick way to manage your account and get information - like payment confirmations and your current balance. Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htmO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htmO8 - Extra context menu item: Yahoo! Mail Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)SRV:64bit: - (avast!

Copy the contents of that log and paste it back into this thread, along with a new hijackthis log.IMPORTANT: Do NOT run any other files in the l2mfix folder unless you We will take care of that later. · actions · 2005-Aug-25 7:06 pm · Soapmjoin:2001-07-15Aurora, CO1 edit Soapm Member 2005-Aug-25 11:03 pm Thanks Joker,===L2MFIX find log 1.04These are the registry keys Inc."]{AC9E2541-2814-11D5-BC6D-00B0D0A1DE45}\"ButtonText" = "AIM""Exec" = "C:\Program Files\AIM\aim.exe" ["America Online, Inc."]{CD67F990-D8E9-11D2-98FE-00C0F0318AFE}\"ButtonText" = "Real.com"{FB5F1910-F110-11D2-BB9E-00C04F795683}\"ButtonText" = "Messenger""MenuText" = "Windows Messenger""Exec" = "C:\Program Files\Messenger\msmsgs.exe" [MS]Running Services (Display Name, Service Name, Path {Service DLL}):------------------------------------------------------------------CAISafe, CAISafe, "C:\Program Files\CA\eTrust Submit Files: ---------------------------------------------------------------------- Back to top #10 aaron_cabal_trainee aaron_cabal_trainee Member Full Member 12 posts Posted 28 May 2004 - 03:20 PM Hi there,Ok, here's the find-all log I got after deleting

i also have the about:blank hijacker on my computer at the moment and it is a right pain... I recommend a combination of Windows Defender and BOClean from Comodo.