Home > Is My > Is My HJT Ok?

Is My HJT Ok?

I also ran a Task Manager Risks programme to get a log (see spyinfo.zip) of possible threatening task manager applications, which I've also attached. Just copy and paste that log here. MahJong Solitaire - http://download.games.yahoo.com/games/clients/y/mjst4_x.cab O16 - DPF: Yahoo! Reboot into "Normal" mode, run another HijackThis scan and post its log along with the logs from any antivirus scan and the Ewido scan. 0 Kudos Posted by erodriguez ‎02-26-2006 02:21

TechSpot Account Sign up for free, it takes 30 seconds. You can select "Clean" and check the boxes "Perform action with all infections" and "Create encrypted backup" before clicking on "OK". (b). When you run Ewido for the first time, you will get a warning "Database could not be found!". You can re-enable it after your computer is clean.To disable Ad-Watch:1.

When it is done, your Temporary Internet Files will now be deleted.Empty your Recycle BinGo to Add/Remove Programs and remove ALL the old versions of Java. Download, install, update your system with the trial version of Ewido Anti-Malware Scanner: (a). Boot into safe mode and try the deletions again with HijackThis.

If any of these still exist, you are infected. (a) Continue to try the online scanners recommended by CajunTek. (b) Install an antivirus program. It is very likely a firewall or a piece of malware is prohibiting you from uploading this fileI ran sc delete MsUpdate6...seems to be gone now.Heres the Kapersky scan result:------------------------------------------------------------------------------- KASPERSKY Back to top #14 SpaceHog SpaceHog Topic Starter Members 20 posts OFFLINE Local time:01:39 AM Posted 26 May 2006 - 03:11 PM When I tried to scan C:\WINDOWS\Downloaded Program Files\videox.inf Please create a permanent folder for HijackThis (I suggest "C:\Program Files\HJT" or "C:\Program Files\HijackThis") and move the HijackThis program there.

We have two laptops connected to a wireless router. Show Ignored Content As Seen On Welcome to Tech Support Guy! Start here. CommunityCategoryBoardUsers turn on suggestions Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type. Back to top #7 SpaceHog SpaceHog Topic Starter Members 20 posts OFFLINE Local time:01:39 AM Posted 25 May 2006 - 08:53 AM OK...I tried it in safe mode and same

When I chose f2 I really didnt see anything that I could choose to correct the problem. We will fix this in a moment.From the main Ewido screen, click on update in the left menu, then click the Start update button.After the update finishes, the status bar at If Ewido finds anything, it will pop up a notification. Please contact the MyBB Group for support.

Accessing and setup of a Wireless Gateway Find everything you need to know about setting up your wireless gateway. Main Sections Technology News Reviews Features Product Finder Downloads Drivers Community TechSpot Forums Today's Posts Ask a Question News & Comments Useful Resources Best of the Best Must Reads Trending Now Please make sure all your realtime protection is still disabled. Ask a question and give support.

No, create an account now. Remove formatting Only 75 emoticons maximum are allowed. × Your link has been automatically embedded. Thank you! Path: C:\WINDOWS\System32\ Long name: LegitCheckControl.DLL Short name: LEGITC~1.DLL Date (created): 4/10/2006 1:00:34 PMDate (last access): 5/25/2006 7:53:46 PM Date (last write): 4/10/2006 1:00:34 PM Filesize: 555824 Attributes: archive MD5: 593F9787C3161CC77FA9B4BEBE823582 CRC32:

Backgammon - http://download.games.yahoo.com/games/clients/y/at1_x.cab O16 - DPF: Yahoo! You can even use your credit card! Log in or Sign up Tech Support Guy Home Forums > Security & Malware Removal > Virus & Other Malware Removal > Computer problem? Flrman1, Nov 11, 2003 #4 sleekluxury Joined: Oct 5, 2003 Messages: 3,752 This maybe of help to you: http://forums.techguy.org/t179808/s.html sleekluxury, Nov 15, 2003 #5 Sponsor This thread has been

I would greatly appreciate it if you could take a look at this log and let me know if there's anything dodgy in it. Upon restarting and before I could boot into safe mode my comp said it had detected a Hardrive error or something. You can select "clean" and check the boxes "Perform action with all infections" and "Create encrypted backup" before clicking on OK.When the scan is finished, click the Save report button at

Sign In Sign Up Browse Back Browse Forums Guidelines Staff Online Users Members Activity Back Activity All Activity My Activity Streams Unread Content Content I Started Search Malwarebytes.com Back Malwarebytes.com Malwarebytes

Click "OK". Click here to join today! Here is the hjt log:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 13:38:17, on 28/01/2009Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Archivos de programa\Lavasoft\Ad-Aware\AAWService.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\Archivos de Kolla Path: C:\PROGRA~1\Yahoo!\Common\ Long name: yaddbook.dll Short name: Date (created): 6/14/2004 6:13:16 PMDate (last access): 5/25/2006 7:53:48 PM Date (last write): 6/14/2004 6:13:16 PM Filesize: 218184 Attributes: archive MD5: ACC63341696FD63627720F2858F72B3E CRC32:

All rights reserved. So I ran safe mode and did same in HJT and again the programs wont delete.I will take this opportunity to mention a few things that I saw that I couldn't I have heard about some things shutting down HJT when u try to delete them...could this be the problem? It kinda bothered me, but most of the items were things that either looked like traces or were files I couldnt find (I assume i had disabled most somehow someway already).

Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dllO9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file You have at least one virus on your computer. (a) Follow the instructions in the first thread (READ THIS FIRST...) in this forum regarding doing some on-line virus scans. First, my SpySweeper trial period expired so its not running anyways. There still does appear to be a possible infection, but I cannot be sure because I dont know what was found, especially by Ewido.

Your Name Required Your Email Required Subject Required Email Address Required Message Required I thought you might be interested in looking at is my hjt log ok?.https://forums.malwarebytes.com/topic/10469-is-my-hjt-log-ok/ I thought you might Thank you! Register a free account to unlock additional features at BleepingComputer.com Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Kollamscomctl (mscomctl) DPF name: mscomctl CLSID name: Installer: Codebase: http://www.pestscan.com/scanner/mscomctl.cabmsvcp71 (msvcp71) DPF name: msvcp71 CLSID name: Installer: Codebase: http://download.pestpatrol.com/Downloads/C...nts/msvcp71.cabmsvcr71 (msvcr71) DPF name: msvcr71 CLSID name: Installer: Codebase: http://download.pestpatrol.com/Downloads/C...nts/msvcr71.cabppctlcab (ppctlcab) DPF name:

See if the following files exist in "C:\Windows\System32": (NOTICE: the extension is ".com" not ".exe" (which the valid Windows programs will have)) ---> cmd.com ---> netstat.com ---> ping.com ---> regedit.com ---> MahJong Solitaire - http://download.games.yahoo.com/games/clients/y/mjst4_x.cab O16 - DPF: Yahoo! Pyramids - http://download.games.yahoo.com/games/clients/y/pyt1_x.cab O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} (SupportSoft SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab34120.cab O16 - Sign in to follow this Followers 0 Go To Topic Listing Resolved Malware Removal Logs Recently Browsing 0 members No registered users viewing this page.

Here are some other definitions for it: Also known as Win32/Alcan.5tn!Worm, Win32.Alcan.I, W32.Alcra.F (Symantec), WORM_GAOBOT.DF (Trend), W32/Gaobot.worm.gen.u (McAfee), W32/VB.NQ (F-Secure), P2P-Worm.Win32.VB.dw (Kaspersky) It also installs additional malware. All Activity Home Malware Removal Help Malware Removal for Windows Resolved Malware Removal Logs is my hjt log ok? Please do so before attempting to browse it. Join thousands of tech enthusiasts and participate.

Yes, my password is: Forgot your password? HJT log attached Jan 26, 2007 Help Here is my HJT log Nov 24, 2006 Please Help system is VERY unstable my HJT log Apr 28, 2006 Thanks for your time, Anything stand out in this HJT log?Thanks in advance!SpaceHog Back to top BC AdBot (Login to Remove) BleepingComputer.com Register to remove ads #2 teacup61 teacup61 Bleepin' Texan!