Home > Hjt Log > HJT Log - Infected Again

HJT Log - Infected Again

Everyday is virus day. WindowsBBS Forums > Security > Malware and Virus Removal > Malware and Virus Removal Archive > This site uses cookies. Posted: 25-Jan-2009 | 1:12PM • Permalink Hi If it was with N360 v2 the file "O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe" was being detected. Along with SpywareInfo, it was one of the first places to offer online malware removal training in its Classroom. http://exomatik.net/hjt-log/hjt-log-please-let-me-know-if-i-m-still-infected.php

Version 2, 0, 0, 1 * DivXNetworks, Inc. - DivX EKG Version * Eastman Kodak Company - Kodak DC File System Driver (Win32) Version * Eastman Kodak Company - Did not find \EJAH.DLL anywhere B2. Newer Than: Search this thread only Search this forum only Display results as threads Useful Searches Recent Posts More... Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exeO23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exeO23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exeO23 Stay logged in Sign up now! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll O2 -

I am not familiar with this. WindowsBBS.com is completely free, paid for by advertisers and donations. Now that you are clean, please follow these simple steps in order to keep your computer clean and secure:How did I get infected ? Site Changelog Community Forum Software by IP.Board Sign In Use Facebook Use Twitter Need an account?

Kindly follow my instructions and please do no fixing on your own or running of scanners unless requested by me or another helper. They can interfere with ComboFix or remove some of its embedded files which may cause unpredictable results. Proud graduate of TC/WTT Classroom Back to top Related Topics Back to Virus, Spyware & Malware Removal · Next Unread Topic → 0 user(s) are reading this topic 0 Learn More.

Before we begin, please note the following: The process of cleaning your system may take some time, so please be patient.Follow my instructions step by step if there is a problem o Click the Close button to leave the control center screen. · On the main screen, under Scan for Harmful Software click Scan your computer. · On the left check C:\Fixed XenForo add-ons by Waindigo™ ©2015 Waindigo Ltd. ▲ ▼ Jump to content Resolved Malware Removal Logs Existing user? WARNING: Combofix will disconnect your machine from the Internet as soon as it starts Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.

Join the ClassRoom and learn how. Please download SmitfraudFix (by S!Ri) Extract the content (a folder named SmitfraudFix) to your Desktop. I might have missed a few as well.They're not helpful in your case.Additionally I have used CCleaner and Registry Mechanic.Very, very bad idea! That may cause it to stall** Share this post Link to post Share on other sites BTB    New Member Topic Starter Members 17 posts ID: 5   Posted August 20,

Quads Norton Fighter25 Reg: 21-Jul-2008 Posts: 16,481 Solutions: 182 Kudos: 3,388 Kudos0 Re: My system is infected AGAIN - help with hijackthis. news Consistently helpful members with best answers are invited to staff. Please click here if you are not redirected within a few seconds. Several functions may not work.

Anybody can ask, anybody can answer. It looks as though it's a F.P. The hijackthis log is in the original post I liked above.Malwarebytes' Anti-Malware 1.46www.malwarebytes.orgDatabase version: 4350Windows 5.1.2600 Service Pack 3Internet Explorer 6.0.2900.55128/17/2010 2:47:01 PMmbam-log-2010-08-17 (14-47-01).txtScan type: Quick scanObjects scanned: 167201Time elapsed: 6 have a peek at these guys again and post a new log please.

Thanks, noLogic noLogic, Sep 13, 2007 #1 MFDnNC Joined: Sep 7, 2004 Messages: 49,014 That is not the problem You should print out these instructions, or copy them to a Sign In Use Facebook Use Twitter Need an account? again and post a new log please.

Stay logged in Sign up now!

Data may be transferred on the bus at one, two, or four times the Bus Clock rate. Did everything you suggested. Stay with me until given the 'all clear' even if symptoms diminish. This site is completely free -- paid for by advertisers and donations.

No, create an account now. Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O3 - Toolbar: AIM Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: Proud graduate of TC/WTT Classroom Back to top #3 LDTate LDTate Forum God Root Admin 57,123 posts Posted 22 March 2008 - 07:59 AM Due to inactivity this topic will http://exomatik.net/hjt-log/hjt-log-not-sure-what-i-m-infected-with.php But like always, my computer has once again started to become unresponsive and N360 has shut down by itself.

AVG (free), AVAST!, AdAware, Spybot, Superspyware, Malwarebytes, Spyware doctor w/ antivirus and Norton Anti Virus. I will wait until I hear back from you. Yes, you are correct, I did have problems with the Desktop! Antivirus;avast!

For full access please Register. It's 100% free. Missing symptoms does not mean that everything is okay.Instructions that I give are for your system only!If you don't know or can't understand something please ask. I'm guessing it's because of a stubborn Vundo virus infection I have that N360 was not even able to prevent nor deal with.

For the 10th time, my computer has become unresponsive. On the Tools menu in Windows Explorer, click Folder Options.B. All rights reserved. Web Scanner"=3 (0x3)"sdAuxService"=3 (0x3)"sdCoreService"=3 (0x3)"PCToolsSSDMonitorSvc"=2 (0x2)[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]"DisableMonitoring"=dword:00000001[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]"DisableMonitoring"=dword:00000001[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]"DisableMonitoring"=dword:00000001[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\Network Diagnostic\\xpnetdiag.exe"="c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="c:\\WINDOWS\\system32\\PnkBstrA.exe"="c:\\WINDOWS\\system32\\PnkBstrB.exe"="c:\\Program Files\\DNA\\btdna.exe"="c:\\Program Files\\BitTorrent\\bittorrent.exe"="c:\\Program Files\\TeamViewer\\Version4\\TeamViewer.exe"="c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"="c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="c:\\Program Files\\VIA\\VIAudioi\\HDADeck\\HDeck.exe"="c:\\WINDOWS\\system32\\sessmgr.exe"="c:\\Program Files\\Trillian\\trillian.exe"="c:\\WINDOWS\\system32\\dplaysvr.exe"="c:\\Program Files\\Xfire\\Xfire.exe"="c:\\Program Files\\Activision Value\\THPS2\\THawk2.exe"="c:\\Program Files\\Valve\\HLServer\\left4dead2\\srcds.exe"="c:\\Program Files\\PFPortChecker\\PFPortChecker.exe"="c:\\Resident Evil 5\\RESIDENT EVIL 5\\RE5DX9.EXE"="c:\\Dead Space\\Dead

Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. Please re-enable javascript to access full functionality. Try What the Tech -- It's free! lynca Contributor4 Reg: 24-Dec-2008 Posts: 18 Solutions: 0 Kudos: 0 Kudos0 My system is infected AGAIN - help with hijackthis.

Style Default Style Contact Us Help Home Top RSS Terms and Rules Copyright © TechGuy, Inc. Mail Scanner;avast! Please download ComboFix from Here or Here to your Desktop. **Note: In the event you already have Combofix, this is a new version that I need you to download. or read our Welcome Guide to learn how to use this site.