Loading...

Home > Please Look > Please Look At This HJT Log File.

Please Look At This HJT Log File.

Click here to join today! I thought that I had. 0 Kudos Posted by johnd ‎07-07-2006 10:21 PM Valued Contributor View All Member Since: ‎06-30-2003 Posts: 4,409 Message 14 of 19 (255 Views) Re: Please look Off to look again. 0 Kudos Posted by Naddie1 ‎07-07-2006 02:31 PM Most Valued Poster View All Member Since: ‎09-17-2004 Posts: 30,200 Message 4 of 19 (342 Views) Re: Please look Jump to content Resolved Malware Removal Logs Existing user? http://swiftinv.com/please-look/please-look-at-my-log-file.html

HJT log belowThanks.Logfile of HijackThis v1.99.1Scan saved at 16:48:56, on 30/05/2005Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\LEXBCES.EXEC:\WINDOWS\system32\LEXPPS.EXEC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Alwil Software\Avast4\aswUpdSv.exeC:\Program Files\Alwil Software\Avast4\ashServ.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEC:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\system32\RUNDLL32.EXEC:\Program Files\CyberLink\PowerDVD\PDVDServ.exeC:\Program Files\MusicMatch\MusicMatch And that was only half a log; a lot of important entries are missing. Mark it as an accepted solution!I am not a Comcast employee.Was your question answered?Mark it as a solution! 0 Kudos Posted by Naddie1 ‎07-07-2006 01:25 PM Most Valued Poster View All This includes SP1 and SP2 if you use Windows XP. https://forums.techguy.org/threads/please-look-at-this-hjt-log-file.855167/

This applies only to the original topic starter.Everyone else please begin a New Topic. It is currently Wed Feb 22, 2017 10:28 am FAQ Search Register Login PCTech Forums A friendly computer support place Jump to: Board index Change font size Information The requested topic If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members. Please re-enable javascript to access full functionality.

Sometimes these Eulas will even admit the badware is going to be installed.. Typical Google could start sending up custom JavaScript from JavaScript repository. Mark it as an accepted solution!I am not a Comcast employee.Was your question answered?Mark it as a solution! 0 Kudos Posted by Bumpman ‎07-28-2006 12:58 PM Regular Contributor View All Member Logfile of HijackThis v1.99.1Scan saved at 9:24:34 AM, on 7/28/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\acs.exeC:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exeC:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exeC:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exeC:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exeC:\WINDOWS\system32\DVDRAMSV.exeC:\Program Files\ewido anti-spyware 4.0\guard.exec:\TOSHIBA\IVP\swupdate\swupdtmr.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\igfxtray.exeC:\WINDOWS\system32\hkcmd.exeC:\WINDOWS\system32\igfxpers.exeC:\Program Files\ltmoh\Ltmoh.exeC:\WINDOWS\AGRSMMSG.exeC:\Program Files\Apoint2K\Apoint.exeC:\WINDOWS\system32\00THotkey.exeC:\WINDOWS\system32\TPSMain.exeC:\WINDOWS\system32\TFNF5.exeC:\Program Files\TOSHIBA\TouchED\TouchED.ExeC:\Program

I am an XFINITY Forum Expert and I am here to help.We ask that you post publicly so people with similar questions may benefit.Was your question answered? Mark it as an accepted solution!I am not a Comcast employee. For information on the program click here.We ask that you post publicly so people with similar questions may benefit from the conversation.Was your question answered? https://www.bleepingcomputer.com/forums/t/20141/please-look-at-hjt-log/ Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

I am yours. Share this post Link to post Share on other sites miekiemoes    Forum Deity Moderators 8,349 posts Location: Belgium ID: 3   Posted August 6, 2009 Since there is no feedback There is nothing there.. I am at your adware and trojans with ewido and avg.

Check if you know this site and fix it if you do not. Anti-Spyware Programs ComparedWant to know just how effective your anti-spyware program is? Please print these directions and then proceed with the following steps in order.Step #1Download CCleaner and install it but do not run it yet.Download and install ewido security suite. Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)O23 - Service: avast!

Related to Yahoo Companion. weblink such as from thailand, laos.... But, it is possible the user downloaded this program.http://www.emsisoft.com/it/malware/?Adware.Win32.MacroVirusO16 - DPF: {65FDEDF3-8ED9-4F5B-825E-18C2D44191A7} (OneCCCtl Class) - http://d.64.69.12.22.downloads.estara.com./as/OneCCDM.php?template=306633&sessio nid=1414138019_75.170.62.207_3467&=&req=1209586278206OneCC.cabIt is not needed to fix this one if you recognize estara.com. Now I cannot find that one either.Will see if I can run that program again, and see if I can find that path.

However, you have to realise that you must be vigilant to this sort of scam, the internet is no different to normal life. Restart your computer.3. It will pick up on any file changes that might take place as it is being run. 0 Kudos Posted by Naddie1 ‎07-07-2006 10:30 PM Most Valued Poster View All Member http://swiftinv.com/please-look/please-look-at-this-hijack-file.html I will post back later today.

Loading... It is still necessary to keep Internet Explorer current and protected in order to use Windows Update.For more information about Spyware, the tools available, and other informative material, including information on Do not run it yet.Step #2Open Notepad and copy/paste the text in the quotebox below into the new document:@ECHO OFFprocess -k explorer.execd %windir%Nail.exe /fullremovesc config SvcProc start= disabledsc stop SvcProcsc delete

That's what the forums are here for.

Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXEO23 - Service: NVIDIA Display Driver Service (NVSvc) - Klondike Solitaire - http://yog55.games.scd.yahoo.com/yog/y/ks12_x.cabO16 - DPF: {01112B00-3E00-11D2-8470-0060089874ED} - O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} - O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - Mark it as an accepted solution!I am not a Comcast employee.Was your question answered?Mark it as a solution! 0 Kudos Posted by Naddie1 ‎07-07-2006 08:47 PM Most Valued Poster View All Using the site is easy and fun.

The first defense against infection is a properly patched Operating System. Message Insert Code Snippet Alt+I Code Inline Code Link H1 H2 Preview Submit your Reply Alt+S Related Articles How much anonymity does a VPN really provide? - 9 replies Alternative to O17 - HKLM\System\CCS\Services\Tcpip\..\{47EAA8BF-2DFE-4509-8DA9-035DF93B79B4}: NameServer = 205.171.3.65,205.171.2.65Do you know the IP or Domain '205.171.3.65,205.171.2.65'? his comment is here You really should read these carefully.Good luck, and thanks for coming to our forums for help with your security and malware issues.

Short URL to this thread: https://techguy.org/855167 Log in with Facebook Log in with Twitter Log in with Google Your name or email address: Do you already have an account? Download Chrome SMF 2.0.13 | SMF © 2015, Simple Machines XHTML RSS WAP2 Page created in 0.044 seconds with 18 queries. Now if you truly do have a rootkit, it wouldn't show here anyway... If you need anything just let me know.

For information on the program click here.We ask that you post publicly so people with similar questions may benefit from the conversation.Was your question answered? Reset System RestoreIf you are using Windows ME or Windows XP, please reset your System Restore. It will save you a lot of grief, as well as money if you are thinking of purchasing. It will pick up on any file changes that might take place as it is being run.Yes I know, Thanks 0 Kudos Posted by Naddie1 ‎07-07-2006 10:32 PM Most Valued Poster

I am a paying customer just like you! If not, fix this entry. Several functions may not work. Options Mark as New Bookmark Subscribe Subscribe to RSS Feed Highlight Print Report I found the last one.HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Reinstall\ 8/26/2003 12:26 PM 0 bytes Key name contains embedded nulls (*)C:\System Volume Information\_restore{543848E5-A971-4387-BA47-98525

MushroomWorld18, Nov 12, 2016, in forum: Virus & Other Malware Removal Replies: 0 Views: 181 MushroomWorld18 Nov 12, 2016 Thread Status: Not open for further replies. Use the Add Reply button to post your new log file back here along with details of any problems you encountered performing the above steps and I will review it when Please use them so that others may benefit from your questions and the responses you receive.OldTimer Back to top #3 djh72 djh72 Topic Starter Members 33 posts OFFLINE Local time:04:28 What does it exactly say?

See Windows help for information.You should do this now Clean Temporary Files and FoldersDownload and install the disk cleanup utility called Cleanup! For information on the program click here.We ask that you post publicly so people with similar questions may benefit from the conversation.Was your question answered? I was getting just a tad upset. "Just a tad" 0 Kudos All Forum Topics Previous Topic Next Topic Popular Help Articles Set up your remote control Use this tool to Options Mark as New Bookmark Subscribe Subscribe to RSS Feed Highlight Print Report It is nothing Naddie, just hidden info in your restore point..