Windows Support Forum

Virus keep closing HijackThis, MalwareBytes and other things...

Q: Virus keep closing HijackThis, MalwareBytes and other things...

Hi Recently my PC is being killed by a virus It closes the following programs when I try to open them MalwareBytes antimalware Trend-Micro Hijack This MalwareBytes closing HijackThis, things... and keep Virus other Killbox Also it keeps sending an URL direction to a exe file to all my msn contacts The process of the virus is quot Ztytrh Virus keep closing HijackThis, MalwareBytes and other things... exe quot when I kill it using windows process manager keeps reapearing and when I try to change priority it says I am not allowed Also appeared quot r h exe quot but I was able to sucefully kill this process Also I went to quot C Windows Prefech quot and sucefully deleted a file related with r h exe but when I try to delete a file related to quot Ztytrh exe quot it keeps re-appearing I tried to run RegEdit double clicking the icon in C Windows but it says I m not allowed to modify the registry This PC only have one account and that s mine Please help me get rid of this virus also start gt Run dissapeared Edit R h exe came back nbsp

Relevancy 100%
Preferred Solution: Virus keep closing HijackThis, MalwareBytes and other things...

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/directdownload.php. (This link will automatically start a download of Reimage that you can save to your computer.)

A: Virus keep closing HijackThis, MalwareBytes and other things...

Bump, please help.

https://forums.techguy.org/threads/virus-keep-closing-hijackthis-malwarebytes-and-other-things.868963/
Relevancy 61.06%

Hi I am running xp pro I know something s not right just cant sort HijackThis things correct Log working not and virus it my self and any help would be grateful When I click the link to open e mail on msn it doesn t open my e mail page and when I run more than one scan in tune up utilities the seconded scan wont run and my cpu usage goes up to Have not been able to update ad-adware se personal so I tried to uninstall it and it said something like cant find file or access denied so I download HijackThis Log virus and things not working correct a new version from download HijackThis Log virus and things not working correct com and when I was installing it my anti virus popped up and said something can not remember now but I think said virus I guess that there is some type of parasite or virus I use AntiVir PE Classic for virus protection I would be grateful if I could post a HijackThis log for someone to look at or any other HijackThis Log virus and things not working correct suggestions I would be grateful of too Followed the instructions before posting mcafee online found gamespy related files I think they are not that important but I will uninstall game spy and rescan later Symantec didn t find anything but kicked off my virus scanner and it said virus at C docume shared locals v bkr a and said bds virkel a backdoor server programs Ahh when I turn computer on it quite often it does a scan disk for errors Hope i done this correct as it has taken me hours lol Thanks for your time DOJ Logfile of HijackThis v Scan saved at on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system csrss exe C WINDOWS SYSTEM winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS system svchost exe C WINDOWS System svchost exe C Program Files Sygate SPF smc exe C WINDOWS System svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C Program Files AntiVir PersonalEdition Classic sched exe C Program Files AntiVir PersonalEdition Classic avguard exe C WINDOWS system CTsvcCDA exe C WINDOWS system nvsvc exe C WINDOWS System svchost exe C WINDOWS system MsPMSPSv exe C WINDOWS System alg exe C WINDOWS system WgaTray exe C WINDOWS Explorer EXE C Program Files ASUS Probe AsusProb exe C PROGRA Maxtor OneTouch Utils OneTouch exe C WINDOWS MXOALDR EXE C WINDOWS System spool DRIVERS W X E S I S EXE C Documents and Settings shared Desktop shazar downloads Aero windows Glass k exe C WINDOWS SOUNDMAN EXE C PROGRA BILLPS WINPAT winpatrol exe C Program Files AntiVir PersonalEdition Classic avgnt exe C WINDOWS system rundll exe C program files topthemesxp txp exe C Program Files Common Files Real Update OB realsched exe C Program Files Thomson SpeedTouch USB Dragdiag exe C PROGRA Dantz RETROS RetroExpress exe C Program Files CyberLink DVD Solution PowerDVD PDVDServ exe C Program Files Adobe Photoshop Album Starter Edition Apps apdproxy exe C Program Files CyberLink DVD Solution Power Go Power GoExpress exe C Program Files Spyware Doctor swdoctor exe C Program Files Skype Phone Skype exe C Program Files Messenger msmsgs exe C Program Files Yahoo Messenger ymsgr tray exe C WINDOWS system wuauclt exe C PROGRA Dantz RETROS retrospect exe C PROGRA Dantz RETROS retrorun exe C Documents and Settings shared Desktop New Folder HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http www google co uk R - HKLM Software Microsoft Internet Explorer Main Start Page http www google co uk R - URLSearchHook Yahoo Toolbar - EF BD -C FB- D - F- D F - no file O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO no name - - F - D - - D F - C Program Files Spybot - Search amp Destroy SDHelper dll O - BHO PCTools Site Guard - C B A - DB - A -A CB-D BBFEB - C PROGRA SPYWAR TOOLS iesdsg dll O - BHO Windows Live Sign-in Helper - D - C - ABF- ECC- C - C Program Files Comm... Read more

A:HijackThis Log virus and things not working correct

Hello and welcome to TSF

I recommend you Subscribe to this thread so you are notified of any replies via email. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe.

There isn't much showing in your log, so we'll try a general cleaning and see what turns up.

Please print out or copy this page to Notepad in order to assist you when carrying out the following instructions.

Downloads(make sure to save these in a permanent location)
Cleanup!- Install it. You will use this later.

*NOTE* Cleanup deletes EVERYTHING out of temporary folders and does not make backups.

Ewido Anti-MalwareInstall Ewido Anti-Malware
Double-click the icon on Desktop to launch Ewido
You will need to update Ewido to the latest definition files.On the top of the main screen click Shield
Click the word active to change it to inactive
On the top of the main screen click Update.
Then click on Start Update. The update will start and a progress bar will show the updates being installed.
I also recommend changing the "Update interval" to something more reasonable like 12 hours.
If you are having problems with the updater, you can use this link to manually update Ewido
When you have finished updating, EXIT Ewido.

Next, please reboot your computer in SafeMode by doing the following:Restart your computer
After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
Instead of Windows loading as normal, a menu should appear
Select the first option, to run Windows in Safe Mode.

Tools
Open Cleanup! by double-clicking the icon on your desktop (or from the Start > All Programs menu). Set the program up as follows:
*Click "Options..."
*Move the arrow down to "Custom CleanUp!"
*Put a check next to the following:Empty Recycle Bins
Delete Cookies
Delete Prefetch files
Cleanup! All Users
Click on the "Temporary Files" and uncheck the box for "Scan drives for file matching" if it?s checked.
Click OK
Press the CleanUp! button to start the program. Reboot/logoff when prompted. If prompted to reboot, click No.

Run Ewido with it's updated definitions:(...it's important that all windows must be closed) Click Scanner
Click on the Scan tab
Click Complete System Scan to begin scanning.
When the scan is complete click Recommended Action and change it to Quarantine
Then click Apply all actions
Once finished, click the Save report button, then click Save Report As and save it to your desktop.

Reboot your system in Normal Mode.

Online Scans
Perform an online scan with Internet Explorer with Panda ActiveScan
** click on "Free use ActiveScan" located on the top right hand corner Click Scan your PC & a 'pop up' window shall appear. *ensure that your pop up blocker doesn't block it
Click Scan Now
Enter your e-mail address & click Scan Now ...begins downloading 8 MB Panda's ActiveX controls
Begin the scan by selecting My Computer If it finds any malware, it will offer you a report.
Click on see report. Then click Save report
Post the contents of the report in your next reply

*You needn't remain online while it's doing the scan but you have to re-connect after it has finished to see the report.
*Turn off the real time scanner of any existing antivirus program while performing the online scan

In your next post please include:Panda Activescan Log
Ewido Log
A new Hijackthis! Log

http://www.techsupportforum.com/forums/f100/hijackthis-log-virus-and-things-not-working-correct-109846.html
Relevancy 60.63%

Hi I am running xp pro I correct Log things Solved: and HijackThis virus working not know something s not right just cant sort it my self and any help would be grateful When I click the link to open e mail on msn it doesn t open my e mail page and when I run more than one scan in tune up utilities the seconded scan wont run and my cpu usage goes up to Have not been able to update ad-adware se personal so I tried to uninstall it and it said something like cant find file or access denied so I download a new version from download com and when I was installing it my anti virus popped Solved: HijackThis Log virus and things not working correct up and said something can not remember now but I Solved: HijackThis Log virus and things not working correct think said virus I guess that there is some type of parasite or virus I use AntiVir PE Classic for virus protection I would be grateful if I could post a HijackThis log for someone to look at or any other suggestions I would be grateful of too mcafee online found gamespy related files I think they are not that important but I will uninstall game spy and rescan later Symantec online sca didn t find anything but kicked off my virus scanner and it said virus at C docume shared locals v bkr a and said bds virkel a backdoor server programs Ahh when I turn computer on it quite often it does a scan disk for errors Thanks for your time DOJ Logfile of HijackThis v Scan saved at on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system csrss exe C WINDOWS SYSTEM winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS system svchost exe C WINDOWS System svchost exe C Program Files Sygate SPF smc exe C WINDOWS System svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C Program Files AntiVir PersonalEdition Classic sched exe C Program Files AntiVir PersonalEdition Classic avguard exe C WINDOWS system CTsvcCDA exe C WINDOWS system nvsvc exe C WINDOWS System svchost exe C WINDOWS system MsPMSPSv exe C WINDOWS System alg exe C WINDOWS system WgaTray exe C WINDOWS Explorer EXE C Program Files ASUS Probe AsusProb exe C PROGRA Maxtor OneTouch Utils OneTouch exe C WINDOWS MXOALDR EXE C WINDOWS System spool DRIVERS W X E S I S EXE C Documents and Settings shared Desktop shazar downloads Aero windows Glass k exe C WINDOWS SOUNDMAN EXE C PROGRA BILLPS WINPAT winpatrol exe C Program Files AntiVir PersonalEdition Classic avgnt exe C WINDOWS system rundll exe C program files topthemesxp txp exe C Program Files Common Files Real Update OB realsched exe C Program Files Thomson SpeedTouch USB Dragdiag exe C PROGRA Dantz RETROS RetroExpress exe C Program Files CyberLink DVD Solution PowerDVD PDVDServ exe C Program Files Adobe Photoshop Album Starter Edition Apps apdproxy exe C Program Files CyberLink DVD Solution Power Go Power GoExpress exe C Program Files Spyware Doctor swdoctor exe C Program Files Skype Phone Skype exe C Program Files Messenger msmsgs exe C Program Files Yahoo Messenger ymsgr tray exe C WINDOWS system wuauclt exe C PROGRA Dantz RETROS retrospect exe C PROGRA Dantz RETROS retrorun exe C Documents and Settings shared Desktop New Folder HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http www google co uk R - HKLM Software Microsoft Internet Explorer Main Start Page http www google co uk R - URLSearchHook Yahoo Toolbar - EF BD -C FB- D - F- D F - no file O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO no name - - F - D - - D F - C Program Files Spybot - Search amp Destroy SDHelper dll O - BHO PCTools Site Guard - C B A - DB - A -A CB-D BBFEB - C PROGRA SPYWAR TOOLS iesdsg dll O - BHO Windows Live Sign-in Helper - D - C - ABF- ECC- C - C Program Files Common Files Microsoft Shared Windows Live WindowsLiveLogin dll O - BHO PCTools Browser Monitor - B A D D- - C -A - ... Read more

Relevancy 60.63%

I was recently infected with Antispyware Pro I don't think I got rid of it but I no longer have the constant pop-ups However when I try to Google search Malwarebytes the browser automatically closes Even when me HijackThis/Malwarebytes Virus from prevents downloading I download the Malwarebytes exe file nothing happens when I double-click it I also can't Google search HiJack this although I haven't yet tried downloading it on a different computer and transferring it over I downloaded Spyware Doctor because Symantec wasn't updating and it said that I was infected with a Trojan DDS Ver - - - NTFSx Run by Kevin at on Wed Internet Explorer BrowserJavaVersion Microsoft Windows XP Professional GMT - AV Symantec AntiVirus Corporate Edition On-access scanning enabled Outdated FB E- B - A- F -E D C Running Processes C WINDOWS system svchost -k DcomLaunch C WINDOWS system svchost -k rpcss C WINDOWS System svchost exe -k netsvcs C Program Files WIDCOMM Bluetooth Software bin btwdins exe C Program Files Common Files Microsoft Shared Ink KeyboardSurrogate exe C Program Files Intel Wireless Bin S EvMon exe C WINDOWS system svchost exe -k LocalService C Program Files Cisco Cisco AnyConnect VPN Client vpnagent exe C Program Files Common Files Symantec Shared ccSetMgr exe C Program Files Common Files Symantec Shared ccEvtMgr exe C WINDOWS SYSTEM WISPTIS EXE C WINDOWS Explorer EXE C WINDOWS system ctfmon exe C Program Files Common Files Symantec Shared SPBBC SPBBCSvc exe C WINDOWS system spoolsv exe C Program Files Common Files Microsoft Shared Ink TCServer exe C Program Files Common Files Microsoft Shared Virus prevents me from downloading HijackThis/Malwarebytes Ink TabTip exe C Program Files CyberLink PowerDVD PDVDServ exe C Program Files Intel Intel Matrix Storage Manager Iaanotif exe C WINDOWS system svchost exe -k LocalService C WINDOWS system agrsmsvc exe C Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe C Program Files Symantec LiveUpdate ALUSchedulerSvc exe C WINDOWS system igfxtray exe C Program Files Bonjour mDNSResponder exe C WINDOWS system igfxsrvc exe C Program Files Spyware Doctor BDT BDTUpdateService exe C WINDOWS Virus prevents me from downloading HijackThis/Malwarebytes system igfxpers exe C Program Files Synaptics SynTP SynTPEnh exe C WINDOWS stsystra exe C Program Files Cisco Systems VPN Client cvpnd exe C Program Files Protector Suite QL psqltray exe C WINDOWS AGRSMMSG exe C Program Files Symantec AntiVirus DefWatch exe C WINDOWS mHotKey exe C Program Files Common Files Symantec Shared ccApp exe C Program Files Intel Wireless Bin EvtEng exe C PROGRA SYMANT VPTray exe C Program Files Intel Intel Matrix Storage Manager Iaantmon exe C Program Files Intel Wireless bin ZCfgSvc exe C Program Files Java jre bin jqs exe C Program Files Common Files Microsoft Shared VS DEBUG MDM EXE C Program Files Intel Wireless Bin ifrmewrk exe C Program Files Common Files Real Update OB realsched exe C WINDOWS System svchost exe -k HPZ C Program Files Adobe Acrobat Acrobat Acrotray exe C Program Files Common Files New Boundary PrismXL PRISMXL SYS C Program Files Intel Wireless Bin RegSrvc exe C Program Files Symantec AntiVirus SavRoam exe C Program Files Spyware Doctor pctsAuxs exe C Program Files iTunes iTunesHelper exe C Program Files Microsoft Office Office GrooveMonitor exe C Program Files Spyware Doctor pctsTray exe C Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exe C Program Files DAEMON Tools Lite DTLite exe C WINDOWS system svchost exe -k imgsvc C Program Files Symantec AntiVirus Rtvscan exe C WINDOWS system WacomTouchService exe C Program Files WIDCOMM Bluetooth Software BTTray exe C Program Files Common Files Macrovision Shared FLEXnet Publisher FNPLicensingService exe C Program Files Microsoft Office Office ONENOTEM EXE C Program Files iPod bin iPodService exe C WINDOWS system wscntfy exe C PROGRA WIDCOMM BLUETO BTSTAC EXE C WINDOWS System alg exe C Program Files Intel Wirele... Read more

A:Virus prevents me from downloading HijackThis/Malwarebytes

Hello and to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.*If you have since resolved the original problem you were having, we would appreciate you letting us know. *If not please perform the following steps below so we can have a look at the current condition of your machine. *If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.**If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. In order to be notified via email when your topic has a reply you need to enable topic notifications. To enable topic notifications you should do the following: 1. Click on the My Controls link at the top of the page to enter your control panel. 2. Scroll down to the Options category in the left hand side menu bar and click on the Email Settings link. 3. Put a checkmark in the checkbox labeled Enable 'Email Notification' by default?. 4. Set the If ticked, choose default type: menu option to Immediate Email Notification to have an email sent immediately when someone repliedThe topics you are tracking are shown Here.Because the e-mail notification system is not completely reliable, please check your topic once a day for responses.----------------------------*-------------------------------We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the instructions that pop up for posting the results.Close the program window, and delete the program from your desktop.Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. Information on A/V control HEREKind regardsNet_Surfer

http://www.bleepingcomputer.com/forums/t/274061/virus-prevents-me-from-downloading-hijackthismalwarebytes/
Relevancy 60.63%

I recently had an a,b,c,d.exe virus. I thought I got it all but it seems to have come back. It is shutting down any anti-virus program I am run after just a few seconds. I tried an online one through windows security and now IE7 won't open. Mozilla still works though. Any help getting this off my computer is greatly appreciated.

Nate

A:virus shuts down Malwarebytes, hijackthis, adware, IE7

It looks like there is a rootkit variant in this log. The rootkit itself is a protection module used to terminate a variety of security tools by changing the permissions on targeted programs so that they cannot run or complete scans. There are some new variants of rootkits in the wild right now that will require custom scripts to remove the infection, the process must be completed by HJT team members or above.Failure to follow the proper removal process can and will cause serious damage to a machine. Recovery of the machine may be difficult, if not impossible. Download this Utility and save it to your Desktop.Double-click the Utility to run it and and let it finish.When it states Finished! Press any key to exit, press any key to close the program.It will save a .txt file to your desktop automatically. Double-click on the Win32kDiag.txt file that is located on your Desktop and post the entire contents of that log as part of the reply in the topic you will create below..Next please go here HijackThis Logs and Virus/Trojan/Spyware/Malware Removal ,click New Topic,give it a relevant Title and post the above Win32kDiag.exe log.Let me know how that went.

http://www.bleepingcomputer.com/forums/t/262378/virus-shuts-down-malwarebytes-hijackthis-adware-ie7/
Relevancy 59.77%

I have had this virus for a week or so now and can't seem to get rid of it Malwarebytes and spy bot search and destroy both found stuff but I am still getting constant pop ups when I go on fire fox or internet explorer Please check my log and see if you see anything that I can delete I would appreciate it greatly Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows SP WinNT MSIE Internet Explorer v FIREFOX x en-US Boot mode Normal Running processes C Program Files x NVIDIA Corporation Update Core NvBackend exe C Program Files x iTunes iTunesHelper exe C Program Files x Razer Synapse RzSynapse exe C Program Files x AlienRespawn COMPONENTS SCHEDULER STSERVICE EXE C Program Files x AlienRespawn Components DSUpdate DSUpd exe C Program Files Alienware Command Center AlienwareAlienFXController exe C Program Files Alienware Command Center AWCCApplicationWatcher exe C Program Files Alienware Command Center AlienFusionController exe C ProgramData Battle net Agent Agent Agent exe C Program Files x Battle net Battle net Battle net exe C Program Files x Spybot - Search amp Destroy SDTray exe C Malwarebytes Anti-Malware mbam exe C Program Files x Common Files Adobe check hijackthis virus.. tried malwarebytes/spybot.. for log me Stubborn please ARM Stubborn virus.. tried malwarebytes/spybot.. please check hijackthis log for me AdobeARM exe C Users Robert Gantt Downloads HijackThis exe R - HKLM Software Microsoft Internet Explorer Stubborn virus.. tried malwarebytes/spybot.. please check hijackthis log for me Main Default Page URL http go microsoft com fwlink p LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink p LinkId R - HKLM Software Microsoft Internet Explorer Search SearchAssistant R - HKLM Software Microsoft Internet Explorer Search CustomizeSearch R - HKLM Software Microsoft Internet Explorer Main Local Page C Windows SysWOW blank htm R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride lt -loopback gt R - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName O - BHO saoveron - d fb - b - d - b - ccf eab - C Program Files x saoveron B XY m qQbAzP dll O - BHO no name - B C- C F- BF -B - A - no file O - HKLM Run iTunesHelper C Program Files x iTunes iTunesHelper exe O - HKLM Run Razer Synapse C Program Files x Razer Synapse RzSynapse exe O - HKLM Run SDTray C Program Files x Spybot - Search amp Destroy SDTray exe O - Startup CurseClientStartup ccip O - Options group ACCELERATED GRAPHICS Accelerated graphics O - Protocol skype com - FFC B - B - DFF- - C DD F D - C PROGRA COMMON Skype SKYPE DLL O - AppInit DLLs c Windows SysWOW nvinit dll C Windows SysWOW nvinit dll O - Winlogon Notify SDWinLogon - SDWinLogon dll file missing O - Service Adobe Acrobat Update Service AdobeARMservice - Adobe Systems Incorporated - C Program Files x Common Files Adobe ARM armsvc exe O - Service Adobe Flash Player Update Service AdobeFlashPlayerUpdateSvc - Adobe Systems Incorporated - C Windows SysWOW Macromed Flash FlashPlayerUpdateService exe O - Service Andrea RT Filters Service AERTFilters - Unknown owner - C Program Files Realtek Audio HDA AERTSr exe file missing O - Service SystemRoot system Alg exe - ALG - Unknown owner - C Windows System alg exe file missing O - Service Alienware Fusion Service AlienFusionService - Alienware - C Program Files Alienware Command Center AlienFusionService exe O - Service AlienFXWindowsService - Alienware - C Program Files Alienware Command Center AlienFXWindowsService exe O - Service Apple Mobile Device - Apple Inc - C Program Files x Common Files Apple Mobile Device Support AppleMobileDeviceService exe O - Service Intel reg Content Protection HECI Service cphs - Intel Corporation - C Windows SysWow IntelCpHeciS... Read more

A:Stubborn virus.. tried malwarebytes/spybot.. please check hijackthis log for me

Hello and on bleeping computerMy name is Sandra and I will help you with your problem.Please follow my instructions in the order they are givenRead the instructions carefully before you start. If you get in trouble or do not understand what is to do then stop with the execution and describe the problem as good as you canDo only run Scans which I advise to youDo not do crossposting (Posting in different forums)Do not de- or install software during removal, expect I advisted that to youPlease post all logfiles as a reply instead of attaching them unless I asked you for do so. If the files are too big then use more posts, thanksPlease keep in mind that we are all doing this here in our freetime, if I do not reply within 48 hours, feel free to send me a PMPlease notice: I am Malware Study Hall Senior, that means all of my answers will reviewed by an expert before I can post them here. Therefore it could be, that there is a little delay in my answering.Step 1Please post the log created by Malwarebytes here in your thread.To retrieve the Malwarebytes Anti-Malware 2.0 scan log information (Method 1)Open Malwarebytes Anti-Malware.Click the History Tab at the top and select Application Logs.Select (check) the box next to Scan Log. Choose the most current scan.Click the View button.Click Copy to Clipboard at the bottom...come back to this thread, click Add Reply, then right-click and choose Paste.Alternatively, you can click Export and save the log as a .txt file on your Desktop or another location.Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.To retrieve the Malwarebytes Anti-Malware 2.0 scan log information (Method 2)Open Malwarebytes Anti-Malware.Click the Scan Tab at the top.Click the View detailed log link on the right.Click Copy to Clipboard at the bottom...come back to this thread, click Add Reply, then right-click and choose Paste.Alternatively, you can click Export and save the log as a .txt file on your Desktop or another location.Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.Logs are named by the date of scan in the following format: mbam-log-yyyy-mm-dd and automatically saved to the following locations:-- XP: C:\Documents and Settings\<Username>\Application Data\Malwarebytes\Malwarebytes Anti-Malware\Logs\mbam-log-yyyy-mm-dd-- Vista, Windows 7/8: C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs\mbam-log-yyyy-mm-ddStep 2Scan with FRSTPlease download Farbar Recovery Scan Tool and save it to your Desktop.(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)Start FRST with administator privileges.Make sure the option Addition.txt is checked and press the Scan button.When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was runing from.Please copy and paste these logs in your next reply.

http://www.bleepingcomputer.com/forums/t/567754/stubborn-virus-tried-malwarebytesspybot-please-check-hijackthis-log-for-me/
Relevancy 59.34%

I'm trying to help a client who says they're getting tons of pop-ups taking over their browser. I had her run Malwarebytes, but she did a clean-up before I could look at the list.
 
I'm attaching a hijackthis log. 
 
If anyone can spot things that should be cleaned/ removed, this would be much appreciated.

A:Unsure of Virus - MalwareBytes clean-up already peformed - Hijackthis attached

Hello Black Francis,

Welcome to Bleeping Computer.
My name is fireman4it and I will be helping you with your Malware problem.

Please take note of some guidelines for this fix:
Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools.
   If you do not understand any step(s) provided, please do not hesitate to ask before continuing.
   Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean".
In the upper right hand corner of the topic you will see a button called Follow This Topic.I suggest you click it and select Immediate E-Mail notification and click on Follow This Topic. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

   Finally, please reply using the Post  button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply, unless they do not fit into the post.
  I will be analyzing your log. I will get back to you with instructions.  1.Download AdwCleanerDouble click on AdwCleaner.exe to run the tool.
***Note: Windows Vista and Windows 7 users:
Right click in the adwCleaner.exe and select "Run as administrator"Click the Scan button.

Once the scan completes click the Clean button.A logfile will automatically open after the scan has finished.Please post the content of that logfile in your next reply.Or you can find the logfile at C:\AdwCleaner[S1].txt.  2.Please download Farbar Recovery Scan Tool and save it to your Desktop.Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.Press Scan button.It will produce a log called FRST.txt in the same directory the tool is run from.Please copy and paste log back here.The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

http://www.bleepingcomputer.com/forums/t/527527/unsure-of-virus-malwarebytes-clean-up-already-peformed-hijackthis-attached/
Relevancy 58.91%

This may sound dumb but how do we close some of the new stuff once it is open? I mean if i open PC Settings for example I cannot close it without using the task manager. If you don't end the task it stays running forever in the background. There is no "close" button on the screen and I can't find any other way to close those types of things out.

A:Closing Things

Left click on the very top of the screen and drag it to the bottom and it folds up and closes

http://www.eightforums.com/general-support/4158-closing-things.html
Relevancy 58.91%

Wonder if anyone can help me?

Very often, infact almost every time I use my labptop now, when I am finished with whatever website I have been reading, when I try to close it down the main body disappears but the headings at the top of the page remain and it won't shut down.

The only way I can get rid of the page is if I go into Task Manager. This is a very new laptop and it has been working really well up until now.

The odd thing is that it has just started happening on my husband's laptop too.

Any ideas anyone?
 

A:closing things down

Hi there,

First off, I will tell you that this definitely sounds like a spyware problem. The spyware is loading on your system through your browser and is running in the background, not really causing "damage", but just being pesky. I'd recommend running an anti-spyware scan with whatever program came with your PC. If you do not have a program, I'd recommend either PestPatrol (paid) or Ad-Aware (free).

I would check the installed add-ons in your browser as well. it is possible that those are what is causing the freezing when exiting as well. In most browsers, all you have to do is navigate to the settings or tools, and look for add-ons. Disable the ones that do not make any sense at all (e.g. randon letters, numbers or symbols; or words that do not exist).
Hope this helps.
 

https://forums.techguy.org/threads/closing-things-down.755206/
Relevancy 58.48%

Hello I foolishly ran an exe file that installed a virus on my desktop PC that will not let me run many forms of virus protection and spyware removal The virus has defeated Hijackthis hijackfree Spybot Malwarebytes combofix and AVG and a few others even in safe mode I have tried renaming the install files and the exe files to no avail So at this point I Malwarebytes, not Reply topic topicStart Spybot,etc. Hijackthis, new to will boot me let this Virus cannot even post a logfile AntiVira will run but cannot seem to remove the virus additionally I have run ATF cleaner and Vundofix which ran successfully Vundofix with zero detections The desktop runs Windows XP Service Pack I have tried renaming the files and running all of the above programs renamed in Safe Mode Additionally I have used TrendMicro s House Call I can access the internet but the virus often redirects me away from sites such as this one I have perused multiple forums and haven t found a fix yet If anyone can help I would be deeply in their debt Thanks

http://www.bleepingcomputer.com/forums/t/248184/reply-to-this-topicstart-new-topic-virus-will-not-let-me-boot-hijackthis-malwarebytes-spybotetc/
Relevancy 58.05%

things are closing automatically on me i opened a file in paint and it immediately closed also something was causing me not to be able to type in firefox here is my hjs logLogfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Boot mode NormalRunning processes C WINDOWS System smss exeC WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system Ati evxx exeC WINDOWS system svchost exeC WINDOWS System svchost exeC WINDOWS system spoolsv exeC automatically closing things WINDOWS system Ati evxx exeC Program Files AVG AVG avgchsvx exeC Program Files AVG AVG avgrsx exeC Program Files things closing automatically Common Files AOL ACS AOLAcsd exeC OpenSA Apache bin Apache exeC Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exeC Program Files AVG AVG avgwdsvc exeC Program Files Bonjour mDNSResponder exeC Program Files AVG AVG avgcsrvx exeC OpenSA Apache bin Apache exeC WINDOWS system svchost exeC Program Files Google Update GoogleCrashHandler exeC Program Files AVG AVG avgnsx exeC Program Files Java jre bin jqs exeC Program Files Microsoft LifeCam MSCamS exeC WINDOWS System svchost exeC WINDOWS System svchost exeC WINDOWS system svchost exeC Program Files AVG AVG avgemc exeC Program Files AVG AVG avgcsrvx exeC Program Files Canon CAL CALMAIN exeC WINDOWS Explorer EXEC Program Files Dell Support Center bin sprtcmd exeC Program Files iTunes iTunesHelper exeC WINDOWS RTHDCPL EXEC Program Files HP HP Software Update HPWuSchd exeC WINDOWS vVX exeC Program Files Common Files Java Java Update jusched exeC PROGRA AVG AVG avgtray exeC Program Files Common Files Adobe ARM AdobeARM exeC Program Files Skype Phone Skype exeC Program Files DNA btdna exeC Program Files SUPERAntiSpyware SUPERAntiSpyware exeC Program Files AIM aim exeC WINDOWS system ctfmon exeC WINDOWS system svchost exeC Program Files Skype Plugin Manager skypePM exeC Program Files iPod bin iPodService exeC Program Files HP Digital Imaging bin hpqSTE exeC Program Files HP Digital Imaging bin hpqbam exeC Program Files Common Files Java Java Update jucheck exeC Program Files HP Digital Imaging bin hpqgpc exeC WINDOWS system LVComsX exeC PROGRA Yahoo MESSEN YAHOOM EXEC WINDOWS system calc exeC Program Files Lavasoft Ad-Aware AAWService exeC Program Files Lavasoft Ad-Aware AAWTray exeC Program Files Common Files Real Update OB realsched exeC Program Files Mozilla Firefox firefox exeC Program Files Mozilla Firefox plugin-container exeC Documents and Settings jam Local Settings Application Data Google Google Talk Plugin googletalkplugin exeC Program Files Trend Micro HijackThis HiJackThis exeR - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Bar about blankR - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Search Default Page URL www google com ig dell hl en amp client dell-usuk amp channel us amp ibd R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride localO - BHO HP Print Enhancer - C E- - -BF - C - C Program Files HP Digital Imaging Smart Web Printing hpswp printenhancer dllO - BHO AcroIEHelperStub - DF C-E AD- -A -FA C EBDC - C Program Files Common Files Adobe Acrobat ActiveX AcroIEHelperShim dllO - BHO IeCatch Class - F -AA - B - F D- A B E EF - C PROGRA FlashGet jccatch dllO - BHO WormRadar com IESiteBlocker NavFilter - CA F - F E- B -A E- E E C C - C Program Files AVG AVG avgssie dllO - BHO Spybot-S amp D IE Protection - - F - D - - D F - C PROGRA SPYBOT SDHelper dllO - BHO Google Toolbar Notifier BHO - AF DE - D - -B FA-CE B AD D - C Program Files Google GoogleToolbarNotifier swg dllO - BHO FDMIECookiesBHO Class... Read more

A:things closing automatically

Hello fscguy, My name is Syler and I will be helping you to solve your malware issues. Sorry for the delayin replying, we are very busy at the moment.Please note because we are very busy, if I don't hear from you within 5 days the topic will be closed, If youhave since resolved your issues I would appreciate if you would let me no so I can close this topic.Please download Malwarebytes' Anti-Malware from HereNote: If you already have Malwarebytes' Anti-Malware, just update then run it.Double Click mbam-setup.exe to install the application.Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.If an update is found, it will download and install the latest version.Once the program has loaded, select "Perform Quick Scan", then click Scan (the scan may take some time to finish, so please be patient).When the scan is complete, click OK, then Show Results to view the results.Make sure that everything is checked, and click Remove Selected.When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.Copy and Paste the entire report in your next reply .Note: If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.Scan With RKUnHookerPlease Download Rootkit Unhooker Save it to your desktop.Now double-click on RKUnhookerLE.exe to run it.Click the Report tab, then click Scan.Check all of the boxes. then Click OK.Wait till the scanner has finished and then click File, Save Report.Save the report somewhere where you can find it. Click Close.Copy the entire contents of the report and paste it in a reply here.Note** you may get this warning it is ok, just ignore"Rootkit Unhooker has detected a parasite inside itself!It is recommended to remove parasite, okay?"We need to create an OTL ReportPlease download OTL from one of the following mirrors:This is THE MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.Under the Custom Scans/Fixes box at the bottom, paste in the following bold text.%systemroot%\system32\*.dll /lockedfiles%systemroot%\Tasks\*.job /lockedfiles%systemroot%\System32\config\*.sav%systemroot%\*. /mp /s%SYSTEMDRIVE%\*.exenetsvcsmsconfigdrivers32CREATERESTOREPOINTPush the button.Two reports will open, copy and paste them in a reply here:OTL.txt <-- Will be openedExtra.txt <-- Will be minimizedThen please post back here with the following logs: MBAM log RKUnHooker report OTL.txt Extra.txtThanks

http://www.bleepingcomputer.com/forums/t/343992/things-closing-automatically/
Relevancy 58.05%

I m pretty good with fixing my own computer problems but I can t imagine what is going on on my computer lately closing SP1, after Odd XP delays things The first sign was with closing windows I have a mouse button for closing the current window Alt-F and when I try to close multiple windows in a row the first one works immediately but the next ones take a second or before it receives XP SP1, Odd delays after closing things commands I can click the button times but nothing will happen When it is quot ready quot I have to click it again for it to work Using the keyboard shortcut produces the same The next sign was when clicking inside a new window or clicking back and forth in Windows explorer If I click back sometimes it waits a second or If I switch to a different explorer window and XP SP1, Odd delays after closing things click on a file the folder might wait a second before the file will be highlighted Then I ve noticed the delay in opening files I have small images on my desktop If I open one close it with the mouse button or the X in the corner of irfanview and open the other one immediately after there s a delay before it will open Actually I guess the problem is delay after opening the last one I can use the doubleclick mouse button on the second file and it will open when it s ready or I can click on it and press Enter to open it but pressing Enter doesn t accomplish anything unless I wait for that delay to finish first It s really been annoying me I find a lot of the time I m waiting for something to open that didn t get my command to open it or I have delays in navigating windows It happens with all kinds windows that I m closing not just Explorer I keep a pretty clean computer it s not weighed down with background programs and my computer has been better than this in the past My video card is about a year old hard drive brand new another one about a year old Man I would be so grateful if someone could help with this nbsp

A:XP SP1, Odd delays after closing things

For what reasons you haven't installed "SP2"
 

https://forums.techguy.org/threads/xp-sp1-odd-delays-after-closing-things.637374/
Relevancy 57.62%

posting for a friend quot My computer has been acting wonky closing Programs itself, Lagging, Other by Things just today My computer lags sometimes it freezes programs close by themselves repeatedly etc Sometimes the internet doesn t even work and I get popups saying there is spyware Lagging, Programs closing by itself, Other Things on my computer I tried running Spybot but while fixing the things it gives me a bunch of errors and exits out by itself Adaware won t even load - it says there s not enough memory If that erro doesn t pop up I click next once or twice and then Adaware just closes I managed to run HijackThis and heres a log Logfile of HijackThis v Scan saved at PM on Platform Windows XP WinNT MSIE Internet Explorer v Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C WINDOWS Explorer EXE C windows system hpsysdrv exe C Program Files Hewlett-Packard Digital Imaging Unload hpqcmon exe C HP KBD KBD EXE C WINDOWS system dla tfswctrl exe C Program Files WildTangent DDC DDCManager DDCMan exe C WINDOWS System igfxtray exe C WINDOWS System hkcmd exe C WINDOWS System spool drivers w x hpztsb exe C Program Files Winamp Winampa exe C Program Files QuickTime qttask exe C Program Files Common Files Real Update OB realsched exe C Program Files Creative Shared Files CAMTRAY EXE C WINDOWS System nsdcmdav exe C WINDOWS System msawindows exe C WINDOWS System RUNDLL exe C Program Files Messenger msmsgs exe C Program Files Common Files GMT GMT exe C Program Files hp center Program BackWeb- exe C Program Files PrecisionTime PrecisionTime exe C Program Files Yahoo Messenger ymsgr tray exe C Program Files SBC Connection Manager CManager exe C Program Files Common Files CMEII CMESys exe C PROGRA BROADJ CLIENT CFD exe C WINDOWS System svchost exe C WINDOWS System wuauclt exe C Program Files AIM aim exe C Documents and Settings Owner My Documents download foundmychewtoy HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Search Bar file C DOCUME Owner LOCALS Temp sp html R - HKCU Software Microsoft Internet Explorer Main Search Page file C DOCUME Owner LOCALS Temp sp html R - HKCU Software Microsoft Internet Explorer Main Default Page URL http us hpwis com R - HKCU Software Microsoft Internet Explorer Main Default Search URL http srch-us hpwis com R - HKCU Software Microsoft Internet Explorer Search SearchAssistant file C DOCUME Owner LOCALS Temp sp html R - HKLM Software Microsoft Internet Explorer Main Search Bar file C DOCUME Owner LOCALS Temp sp html R - HKLM Software Microsoft Internet Explorer Main Search Page file C DOCUME Owner LOCALS Temp sp html R - HKLM Software Microsoft Internet Explorer Main Default Page URL http rd yahoo com customize sbcydsl defaults http yahoo sbc com dsl R - HKLM Software Microsoft Internet Explorer Main Default Search URL http rd yahoo com customize sbcydsl defaults su http www yahoo com R - HKLM Software Microsoft Internet Explorer Search CustomizeSearch http srch-us hpwis com R - HKLM Software Microsoft Internet Explorer Search SearchAssistant file C DOCUME Owner LOCALS Temp sp html R - HKCU Software Microsoft Internet Explorer SearchURL Default http rd yahoo com customize sbcydsl defaults su http www yahoo com R - HKCU Software Microsoft Internet Explorer Main HomeOldSP about blank O - BHO no name - -C - D - F - A C C - C PROGRA SB SMART- BHO DLL O - BHO Yahoo Companion BHO - F F -AF - d - - B F E - C Program Files Yahoo Common ycomp dll O - BHO no name - E BD F- B D- E-C FF-FD B A D - C PROGRA COMMON Real Toolbar realbar dll O - BHO no name - - F - D - - D F - C Program Files Spybot - Search amp Destroy SDHelper dll O - BHO no name - B BB - B D- fd- A -B F DEB - C WINDOWS questmod- dll O - BHO no name - B A D - - -B - E E AFB - C WINDOWS System fpa dll O - BHO NAV Helper - BDF E -B - AD-A -FADC B - c Program Files Norton A... Read more

Relevancy 56.76%

I have computers different internet explorer probs Prob XP home laptop serv pac click minimise amp explorer closes amp no traces of bars at the bottom of screen even try to right click to see if I can cascade windows thought they just might be hidden or something is things minimiser other closing Explorer Int woes, + but no Prob Just says Vista home premium laptop either gets a white screen after it has loaded windows and you open something or develops two Explorer windows on opening explorer one good and one just a white screen it takes over and I have nothing showing on the screen my only way to get out of it is the window button to bring back the bar and I right click on the white screen one bar and close it Prob XP Open the Explorer page and I get tabs click Int Explorer woes, minimiser is closing + other things home and I get tabs again and if I am on one tab and click home it changes both pages even if I wish to keep one of them I have basicaly the same AVG antivirus spyware advance window v care free window registry repair programs on each of them and I feel its one of them but can't find out

A:Int Explorer woes, minimiser is closing + other things

Hi brandy59, welcome to TSF..

regarding prob 1: when it happens, try opening your Task Manager to see if there's any trace of iexplore.exe in the list under the process tab.

Prob 2: Has it always done this or is it a fairly recent problem? Have you tried a System Restore?

Prob 3: Same applies to prob 2.

Do all the problems still occur on each machine if you run them in Safe Mode with networking or from another user profile?

http://www.techsupportforum.com/forums/f56/int-explorer-woes-minimiser-is-closing-other-things-241102.html
Relevancy 56.76%

So I can't open malwarebytes and it won't let me open some programs. I tried renaming mbam.exe, also tried opening it in safe mode, both not working. Also in IE and Firefox (not in Opera) google links will get redirected. It's really irritating me so help me please!!

A:Malwarebytes keeps closing on me. Can't open some programs help!

Hello let's try Fatdcuk's fix.Please navigate to the MBAM folder located in the Program Files directory.Locate MBAM.exe and rename it to winlogon.exeOnce renamed double click on the file to open MBAM and select Quick ScanAt the end of the scan click Remove Selected and then reboot.Post the scan log. The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.We Need to check for Rootkits with RootRepealDownload RootRepeal from the following location and save it to your desktop.Direct Download (Recommended)Primary MirrorSecondary MirrorSecondary MirrorSecondary MirrorZip Mirrors (Recommended if you have a slower connection or if the Direct Download mirror is down)
Primary MirrorSecondary MirrorSecondary MirrorRar Mirrors - Only if you know what a RAR is and can extract it.
Primary MirrorSecondary MirrorSecondary MirrorExtract RootRepeal.exe from the archive (If you did not use the "Direct Download" mirror).Open on your desktop.Click the tab.Click the button.Check ONLY the Files box: Push OkCheck the box for your main system drive (Usually C:), and press Ok.Allow RootRepeal to run a scan of your system. This may take some time.Once the scan completes, push the button. Save the log to your desktop, using a distinctive name, such as RootRepeal.txt. Include this report in your next reply, please.

http://www.bleepingcomputer.com/forums/t/255836/malwarebytes-keeps-closing-on-me-cant-open-some-programs-help/
Relevancy 56.33%

Hi whats going on with my "malwarebytes free" im thinking of getting the "full pro version" so i gave the "14 day trial" a go but its gave me another 14 days

A:Malwarebytes (Strange things going on)

Did you change the date on your PC?

http://www.bleepingcomputer.com/forums/t/439662/malwarebytes-strange-things-going-on/
Relevancy 56.33%

I've just run malwarebytes and it found 34 Spyware.OnlineGames. They are quarantined but what should I do now? If I delete them will it have any negative effects on the computer? What the hell is Spyware.OnlineGames? I do play games on this computer and I have downloaded Half Life 2: Lost Coast off of Steam. I have Comodo Internet Security Premium but it didn't find all these spyware. Why is that?

A:Malwarebytes found some things, now what?

Those are probably cookies from Internet Explorer / Mozilla. Someone must have run some browser based games. Just delete them from malwarebytes. I'm pretty much sure its not from Steam because malwarebytes will know its a legitimate gaming site.

http://www.sevenforums.com/system-security/164248-malwarebytes-found-some-things-now-what.html
Relevancy 55.9%

Hi BC Helper I recently read CarolynF s post about opencloud security and I am infected with this virus http www bleepingcomputer com forums topic html page p hl Keeps Infected Malwarebytes Closing Security with OpenCloud gmer fromsearch entry I have also tried many times to remove opencloud security using rkill and malwarebytes When I run rkill with various file names a text window pops up saying that Infected with OpenCloud Security Malwarebytes Keeps Closing all malware processes have been Infected with OpenCloud Security Malwarebytes Keeps Closing stopped however opencloud security popups still open shortly after rkill has finished I also have the same problem with malwarebytes just closing - seconds after opening for the first time Then after it has shut itself I try to reopen malwarebytes to scan my comp and a error message displays the pathway C malwarebytes can not be found and you dont have the permissions to run this file which is funny cause I only have one user administrator This problem occurs in normal mode and safe mode with and without networking I have also tried many other sites removal guides which end up with an antivirus software needing to be used for removal however I end up with the same problem I have Infected with OpenCloud Security Malwarebytes Keeps Closing also found the web site that infected my computer it is called novamov a video streaming web site I found this as I was watching a tv episode on my macbook not infected computer and it download a heap of suspicious files which I deleted immediately Is my macbook at risk now After realising I had the same probem as CarolynF I looked at topic number Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help and followed all the steps I have not yet tried to remove opencloud again since performing these steps Below here I have attached the DDS and GMER logs please help me to remove this virus Thanks jc

A:Infected with OpenCloud Security Malwarebytes Keeps Closing

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything. We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here. To help Bleeping Computer better assist you please perform the following steps:*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/421970 <<< CLICK THIS LINK If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.*************************************************** If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.A new DDS and GMER log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
Please do this even if you have previously posted logs for us.If you were unable to produce the logs originally please try once more.If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system. If you are unsure about any of these characteristics just post what you can and we will guide you.Please tell us if you have your original Windows CD/DVD available. Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.Thank you for your patience, and again sorry for the delay.*************************************************** We need to see some information about what is happening in your machine. Please perform the following scan again: Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.DDS.scr DDS.pifDouble click on the DDS icon, allow it to run. A small box will open, with an explanation about the tool. No input is needed, the scan is running. Notepad will open with the results. Follow the instructions that pop up for posting the results. Close the program window, and delete the program from your desktop.Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. Information on A/V control HERE We also need a new log from the GMER anti-rootkit Scanner. Please note that if you are running a 64-bit version of Windows you will not be able to run GMER and you may skip this step. Please first disable any CD emulation programs using the steps found in this topic: Why we request you disable CD Emulation when receiving Malware Removal Advice Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here: How to create a GME... Read more

http://www.bleepingcomputer.com/forums/t/421970/infected-with-opencloud-security-malwarebytes-keeps-closing/
Relevancy 55.47%

Been having some strange problems on my Windows Vista laptop in the last own, menus closing their things on happening: Strange disappearing.... windows few days It s something that has happened occasionally in the past but always went away after a reboot This time I ve tried all sorts of scans clean-ups problem checks but nothing is helping It s quite hard Strange things happening: windows closing on their own, menus disappearing.... to describe but basically the computer seems to be acting as if the mouse is being Strange things happening: windows closing on their own, menus disappearing.... clicked when I m not even touching it So for example then I click the start menu Strange things happening: windows closing on their own, menus disappearing.... or right-click to bring up a scroll-down menu it flashes up briefly but then disappears Or I m running a program and a box pops up saying Are you sure you want to close this program when I haven t pressed anything In Excel I try to type something in a cell but before I ve finished typing the text disappears exactly the same happens when I m typing an address into web browser Sometimes an open window will just close on its own It s not happening all the time and even when it is happening I can still do a lot of normal stuff on the computer But once it sets in it does seem to get progressively worse Then when it gets too much and I have to restart the computer once it has rebooted it starts to make a really loud constant beeping noise and I have to press F a few times to stop the beeping and bring up that options menu safe mode etc I m not particularly computer literature and have exhausted all the ways I know to deal with problems I can t find any reference to this problem in other forum posts on here Any help would be hugely appreciated P S Not sure I ve posted this in the correct part of the forum Please let me know if I d be better off posting it elsewhere nbsp

A:Strange things happening: windows closing on their own, menus disappearing....

https://forums.techguy.org/threads/strange-things-happening-windows-closing-on-their-own-menus-disappearing.964517/
Relevancy 55.47%

I have these websites listed on my exclusions list and I cannot delete them Any sugestions on what to do to get rid of them Reinstalling malwarebytes did not work You can see a screenshot of the names of the websites in the attachment It also became apparent to me that something was redirecting my internet traffic to another IP address I am using ZoneAlarm and everytime I run any kind of program it always wants to connect to C Windows Explorer EXE I ran avast and that was trying to connect to it too But it was denied by ZoneAlarm and it still completed the task it just didn't connect to Explorer EXE I really suspect something is running in the background Back a couple of months ago I was using Audacity the recording program and I downloaded a bunch of plugins Turns out the plugins were loaded with malware As soon as I installed some of them my normally quiet computer fan began to run non stop and my computer Issue other of a going plus bunch things on Malwarebytes was badly overheating I ran Malwarebytes Issue plus a bunch of other things going on Malwarebytes Spy Search and Destroy and a bunch of other programs at that time but none of them worked So the overheating is not caused by anything but some kind of malware running in the background I also cleaned the vents So any idea what might be happening here

A:Malwarebytes Issue plus a bunch of other things going on

Here is the frst log followed by the additional log file text.
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:22-11-2015
Ran by Anon4902 (administrator) on DV7-7073CA (23-11-2015 10:56:27)
Running from C:\Users\Anon4902\Desktop
Loaded Profiles: Anon4902 (Available Profiles: UpdatusUser & Anon4902 & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 8 (Default browser: "C:\Program Files\Cyberfox\Cyberfox.exe" -osint -url "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(HP) C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
(AuthenTec Inc.) C:\Program Files (x86)\HP SimplePass\TouchControl.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Google Inc.) C:\Users\Anon4902\AppData\Local\Google\Update\GoogleUpdate.exe
(Flux Software LLC) C:\Users\Anon4902\AppData\Local\FluxSoftware\Flux\flux.exe
() C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel&... Read more

http://www.bleepingcomputer.com/forums/t/597313/malwarebytes-issue-plus-a-bunch-of-other-things-going-on/
Relevancy 55.04%

Not having any problems with computer, but wondering if it will speed things up a bit, without loosing protection, if I disable Malwarebytes and Spywareblaster (Windows Defender is disabled). That will leave me with just Norton 360, freely installed by Comcast. I don't mind Norton's footprint and I think it is doing a good job for me.

A:Will disabling Malwarebytes and Spywareblaster speed things up?

I think it depends on what you're trying to speed up. If you're talking about boot time, and if you have Malwarebytes and Spywareblaster set to start up as soon as you power on the computer, then you may see a few seconds improvement in operating system boot time. But if you're talking about a computer that's already gone through the boot process and is just waiting for you to give it some work to do (like opening a website or accessing your files and folders) I don't think you will see any noticeable improvement by disabling Malwarebytes or Spywareblaster.

Several months ago I tested my home computer in a completely non-scientific way. I did a factory restore using the recovery disks I made when I bought the computer. I installed all the Windows Updates, programs and applications like Office, SnagIt, Roxio, Microsoft Security Essentials, etc. I left everything at default settings including my paid version of Malwarebytes Pro. (Sorry, I've never used Spywareblaster.) My boot time was averaging 1 minute 45 seconds to about 2 minutes 10 seconds. Then I disabled everything at startup except for MSE, Malwarebytes and my Synaptics touchpad. Boot time decreased to about 50 seconds to 1 minute 10 seconds. Then I disabled Malwarebytes so it would be an on-demand scanner only. I did not see any difference in boot time. And as far as accessing websites once the boot process had finished, I did not see any appreciable difference no matter what was enable or disabled.

Having said all of this, each computer is different so maybe by disabling Malwarebytes and Spywareblaster you'll see a good increase in performance.

http://www.sevenforums.com/performance-maintenance/274200-will-disabling-malwarebytes-spywareblaster-speed-things-up.html
Relevancy 55.04%

Just a few items to note - Keep getting the quot Host Process for Windows Services stopped working and was closed quot pop-up window - Malwarebytes keeps quot blocking quot outgoing messages to various IP s - says the Malwarebytes keep Windows sites keeps Processes for closing blocking Host and Process is services exe - AVG keeps showing quot C Window assembly GAC Desktop ini quot Trojan horse BackDoor Generic AXLA My DDS Log is below and attach log and ark txt file are attached DDS Ver - - - NTFSAMD Internet Explorer Run by dmin at on - - Microsoft Windows Vista Home Premium GMT - AV AVG Anti-Virus Free Edition Enabled Updated A B Malwarebytes keep blocking sites and Host Processes for Windows keeps closing -DEE -F A-FBCD-ADB C F SP AVG Anti-Virus Free Edition Enabled Updated E A -F D -F D Malwarebytes keep blocking sites and Host Processes for Windows keeps closing -C D- C DBE F D SP Windows Defender Disabled Updated D DDC A- F- fae- E -DA C ACF Running Processes C Malwarebytes keep blocking sites and Host Processes for Windows keeps closing PROGRA AVG AVG avgchsva exe C Windows system wininit exe C Windows system lsm exe C Windows system svchost exe -k DcomLaunch C Windows system svchost exe -k rpcss C Windows system atiesrxx exe C Windows System svchost exe -k LocalServiceNetworkRestricted C Windows System svchost exe -k LocalSystemNetworkRestricted C Windows system svchost exe -k netsvcs C Program Files x Common Files logishrd LVMVFM UMVPFSrv exe C Windows system SLsvc exe C Windows system svchost exe -k LocalService C Windows system svchost exe -k NetworkService C Windows System svchost exe -k yksvcs C Windows system atieclxx exe C Windows System spoolsv exe C Windows system svchost exe -k LocalServiceNoNetwork C Windows system agr svc exe C Program Files ATI Technologies ATI ACE Fuel Fuel Service exe C Program Files x Common Files Apple Mobile Device Support AppleMobileDeviceService exe C Program Files x AVG AVG avgwdsvc exe C Program Files Bonjour mDNSResponder exe C Program Files x Hi-Rez Studios HiPatchService exe C Windows system svchost exe -k NetworkServiceNetworkRestricted C Windows system svchost exe -k imgsvc C Program Files x StartNow Toolbar ToolbarUpdaterService exe C Program Files x AVG AVG avgnsa exe C Program Files x AVG AVG avgemca exe C Program Files x Common Files AVG Secure Search vToolbarUpdater ToolbarUpdater exe C Windows System svchost exe -k WerSvcGroup c Program Files Common Files Microsoft Shared Windows Live WLIDSVC EXE C Windows system SearchIndexer exe C Windows system WUDFHost exe C Program Files x Spybot - Search amp Destroy SDWinSec exe C Program Files x AVG AVG Identity Protection Agent Bin AVGIDSAgent exe c Program Files Common Files Microsoft Shared Windows Live WLIDSvcM exe C Windows system Dwm exe C Windows system taskeng exe C Windows Explorer EXE C Windows system taskeng exe C Windows system taskeng exe C Windows MHotKey exe C Program Files x Malwarebytes Anti-Malware mbamservice exe C Program Files Realtek Audio HDA RAVCpl exe C Program Files Microsoft IntelliPoint ipoint exe C Program Files x Logitech Vid HD Vid exe C Program Files x Steam Steam exe C Program Files x Pando Networks Media Booster PMB exe C Windows ehome ehtray exe C Program Files x Gateway Photo Frame ButtonMonitor exe C Program Files x AVG AVG avgtray exe C Program Files x GameStop App Now GameStopNow exe C Program Files x Logitech LWS Webcam Software LWS exe C Program Files x AVG Secure Search vprot exe C Program Files x ATI Technologies ATI ACE Core-Static MOM exe C ProgramData Anti-phishing Domain Advisor visicom antiphishing exe C Program Files x Searchqu Toolbar Datamngr datamngrUI exe C Program Files x Malwarebytes Anti-Malware mbamgui exe C Program Files x AVG AVG Identity Protection agent bin avgidsmonitor exe C Windows ehome ehmsas exe C Program Files x Logitech LWS Webcam Software CameraHelperShell exe C Windows ChiFuncExt exe C Users dmin AppData Local Apps GJW RB ZL GVAEJQCD Z curs tion e e ddf ed ead... Read more

A:Malwarebytes keep blocking sites and Host Processes for Windows keeps closing

Greetings and Welcome to The Forums!!My name is Gringo and I'll be glad to help you with your computer problems.I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of usPlease do not run any tools unless instructed to do so.
We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.Please do not attach logs or use code boxes, just copy and paste the text.
Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.Please read every post completely before doing anything.
Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.Please provide feedback about your experience as we go.
A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster. NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of hartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer. NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.Security CheckDownload Security Check by screen317 from here.Save it to your Desktop.Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.A Notepad document should open automatically called checkup.txt; please post the contents of that document.Run Combofix:You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<Combofix may need to reboot your computer more than once to do its job this is normal.You can download Combofix from one of these links.Link 1Link 2Link 31. Close any open browsers or any other programs that are open.2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.Double click on combofix.exe & follow the prompts.When finished, it will produce a report for you. Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stallNote 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer"information and logs"In your next post I need the following
Log from Combofixlet me know of any problems you may have had
How is the computer doing now?Gringo

http://www.bleepingcomputer.com/forums/t/466376/malwarebytes-keep-blocking-sites-and-host-processes-for-windows-keeps-closing/
Relevancy 54.61%

About weeks ago it was apparent that laptop was infected with antispyware XP My husband tried to solve it himself without waiting for me I m the problem solver in the house Anyway he purchased Shield Dekuxe which didn t seem to work He downloaded the trial version of StopZilla which found bad things and quarentined them Things were working fine Today things are not working again I can open IE and it will bring up virus, search IE closing, window closing Possible the home page google com but anything typed Possible virus, IE closing, search window closing in the search box or clicked on from the drop down list of frequently visited sites just closes IE I also cannot search The window will open but clicking on anything files folders documents etc immediately closes the window I also cannot find Windows Explorer Shield Deluxe is currently installed StopZilla is uninstalled We have Zone Alarm installed possibly I was doing online chat with Shield Deluxe to get it to work the internet aspect and they said to uninstall ZA as it would interfere with SD I removed ZA using add remove programs from the control panel yet when I restarted the computer ZA started up It is no longer listed in the add remove programs list However viewing All Programs from the start menu shows a folder for Zone Labs Since I can t find Windows Explorer and I can t search I can t find the folder to delete its contents Laptop is a Compaq Presario running Windows XP and currently cannot use the internet due to the above problem I am using laptop for the internet connection to solve these problems Thanks for any help you can offer nbsp

A:Possible virus, IE closing, search window closing

Here is my Hijack This log from yesterday:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:53:11 PM, on 11/15/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\PCSecurityShield\The Shield Deluxe 2008\avp.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\runservice.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\PCSecurityShield\The Shield Deluxe 2008\avp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\cidaemon.exe
F:\Anti Virus\HJTInstall.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;127.0.0.1
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn5\yt.dll
O2 - BHO: (no name) - rsion - (no file)
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn5\yt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn5\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: AllDial High Speed - {8B79EE88-E62D-4AA8-B530-CC357BA112B7} - C:\Program Files\AllDial High Speed\Toolband.dll (file missing)
O4 - HKLM\..\Run: [AVP] "C:\Program Files\PCSecurityShield\The Shield Deluxe 2008\avp.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [[system]] C:\WINDOWS\system32\drivers\services.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [brastk] C:\WINDOWS\system32\brastk.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [[system]] C:\WINDOWS\system32\drivers\services.exe (User 'Default user')
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\prog... Read more

https://forums.techguy.org/threads/possible-virus-ie-closing-search-window-closing.769451/
Relevancy 54.18%

I had an alert for a rootkit infection which spysweeper picked up and I deleted but after that my computer has not other Malwarebytes rootkit closing infection. and Possible programs(google seconds. a after chrome) few been the same It is really slow google chrome opens but doesnt load any webpages i tried to download firefox but cant even install Possible rootkit infection. Malwarebytes and other programs(google chrome) closing after a few seconds. it im using IE which works but crashes randomly Malwarebytes closes itself after a few seconds so I cant scan for infection I uninstalled them and tried to reinstal but now I cant even install them I get a weird message from Zonealarm firewall whenever i open a program that says a library will be installed everytime I open this program for any program I open which I Possible rootkit infection. Malwarebytes and other programs(google chrome) closing after a few seconds. click deny on That never happened before so maybe thats important Also Spysweeper detects something- System monitor found potentially masked rootkit found the location is lt HKLM Software Microsoft Windows NT Currentversion drivers midi gt but when I look in the registry it is not there and spysweeper doesnt delete it it comes back in the next scan Also rootrepeal doesnt install so i cant do the scan I cant install much at the moment becuase of something thats messing my pc up This is all the things that I think are wrong hope you can help - here is my log DDS Ver - - - NTFSx Run by Webby at on Internet Explorer Microsoft Windows XP Professional GMT AV AVG Anti-Virus Free On-access scanning enabled Outdated DDD - FF- F- E B- D D BF AV ZoneAlarm Security Suite Antivirus On-access scanning disabled Outdated D B - C- CAB- FF - B B F CF FW ZoneAlarm Security Suite Firewall enabled BDA - B - F - -F FCFF F B Running Processes E Program Files Webroot WebrootSecurity WRConsumerService exe C windows system svchost -k DcomLaunch svchost exe C windows System svchost exe -k netsvcs svchost exe C Program Files AVG AVG avgchsvx exe C Program Files AVG AVG avgrsx exe C Program Files AVG AVG avgcsrvx exe C windows system spoolsv exe C windows Explorer EXE E Program Files Virgin Broadband Wireless AffinegyService exe C Program Files AVG AVG avgwdsvc exe C Program Files Java jre bin jqs exe C windows System svchost exe -k imgsvc C WINDOWS system ZoneLabs vsmon exe C Program Files AVG AVG avgnsx exe E web Zone Alarm ZoneAlarm zlclient exe E Program Files Virgin Broadband Wireless Wireless Manager exe C PROGRA AVG AVG avgtray exe E Program Files Webroot WebrootSecurity SpySweeperUI exe E Program Files Webroot WebrootSecurity SpySweeper exe E Program Files Virgin Broadband Wireless ndis events exe C windows system wscntfy exe C Program Files Internet Explorer iexplore exe C Program Files Windows Live Messenger msnmsgr exe C Documents and Settings Webby Desktop dds scr Pseudo HJT Report mSearch Bar hxxp uk red clientapps yahoo com customize btyahoo defaults sb http uk docs yahoo com info bt side html uInternet Settings ProxyOverride uSearchURL Default hxxp www google com keyword s uURLSearchHooks AVG Security Toolbar BHO a bc a - f - -aa - d c - e program files anti virus and spyware avg anti-spyware toolbar IEToolbar dll uURLSearchHooks H - No File mURLSearchHooks AVG Security Toolbar BHO a bc a - f - -aa - d c - e program files anti virus and spyware avg anti-spyware toolbar IEToolbar dll mWinlogon System csize exe BHO C C A-E - b - D - CECB - No File BHO Windows Live Sign-in Helper d - c - abf- ecc- c - c program files common files microsoft shared windows live WindowsLiveLogin dll BHO ST ede -c b - e- - bf af e - c program files msn apps st en-xu stmain dll BHO AVG Security Toolbar BHO a bc a - f - -aa - d c - e program files anti virus and spyware avg anti-spyware toolbar IEToolbar dll BHO MSNToolBandBHO bdbd dad-c - a -adc - b b ff d - c program files msn apps msn toolbar msn toolbar en-gb msntb dll BHO Java Plug-In SSV Helper dbc -a... Read more

A:Possible rootkit infection. Malwarebytes and other programs(google chrome) closing after a few seconds.

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. Please include a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.Please download OTL from following mirror:This is THE MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.Push the button.Two reports will open, copy and paste them in a reply here:OTL.txt Will be openedExtra.txt Will be minimizedPlease also provide a log from gmer:Please download GMER from one of the following locations and save it to your desktop:Main Mirror
This version will download a randomly named file (Recommended)Zipped Mirror
This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.Disconnect from the Internet and close all running programs.Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.
GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.Now click the Scan button. If you see a rootkit warning window, click OK.When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.Click the Copy button and paste the results into your next reply.Exit GMER and re-enable all active protection when done.-- If you encounter any problems, try running GMER in Safe Mode.In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. I suggest you do this and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.regards myrti

http://www.bleepingcomputer.com/forums/t/272507/possible-rootkit-infection-malwarebytes-and-other-programsgoogle-chrome-closing-after-a-few-seconds/
Relevancy 49.88%

Hello - I could do with some advice I think Some basics first Dell Inspiron with GB RAM running Vista Recently I ve had problems where my laptop has frozen during normal operation - nothing fancy just surfing etc It sometimes freezing properly/freezing not closing Vista - Malwarebytes/Avast doesn t shut down properly either I have been using the radialpoint safecare software that Virgin Media supply in the UK as part of Vista not closing properly/freezing - Malwarebytes/Avast freezing their broadband package For a few months now the anti spy and anti virus s w have failed to load so I have relied on MSE As I say some problems have started to appear Vista not closing properly/freezing - Malwarebytes/Avast freezing MSE told me that on i had a trojandownloader which was removed Some pals Vista not closing properly/freezing - Malwarebytes/Avast freezing advised I would be better trying Malwarebytes or Avast I tried the former and on scanning it stuck while looking at wklnhst dat something to do wth MS Works I think I had to power off and on It did a chkdsk which came up with a number of actions that looked like it was trying to fix something sorry I rand MBAM again and it got further then froze while looking at msvcr dll Power off on again OK then I tried avast which seemed to get about through then froze Power off on again SOmeone suggested rkill would kill any trojan processes that might be causing a problem - t did knock off a couple of things one by sun and another by ms Malwarebytes again - crashed as before Struggling now Welcome any advice at all Cheers Steve

A:Vista not closing properly/freezing - Malwarebytes/Avast freezing

Can you try running MBAM in Safe Mode?

You can get to safe mode via hitting F8 just after the BIOS Post screen/Dell Splash Logo.

http://www.bleepingcomputer.com/forums/t/364680/vista-not-closing-properlyfreezing-malwarebytesavast-freezing/
Relevancy 49.02%

Every time I go to some website my IE sp closes I have reinstalled cleaned my registry redone media player etc and nothing works Here is my HiJackThis log Any help would be appreciated Logfile of HijackThis v Scan saved at AM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS System ccs exe C Program IE - Keeps log Solved: Hijackthis Closing Files Common Files Symantec Shared ccSetMgr exe C Program Files Common Files Symantec Shared ccEvtMgr exe C WINDOWS system spoolsv exe C WINDOWS System cusrvc exe C Program Files Symantec AntiVirus DefWatch exe C Program Files Expertcity GoToMyPC g svc exe C Solved: IE Keeps Closing - Hijackthis log WINDOWS System nvsvc exe C Program Files Symantec AntiVirus SavRoam exe C Program Files Symantec AntiVirus Rtvscan exe C Program Files Expertcity GoToMyPC g comm exe C WINDOWS System CCM CLICOMP RemCtrl Wuser exe C WINDOWS System CCM CcmExec exe C Program Files Expertcity GoToMyPC g pre exe C Program Files Expertcity GoToMyPC g tray exe C WINDOWS Explorer EXE C WINDOWS System NWTRAY EXE C Program Files Common Files Symantec Shared ccApp exe C PROGRA SYMANT VPTray exe C Program Files Logitech MouseWare system em exec exe C Program Files Common Files Real Update OB realsched exe C Program Files Offline Course Player OlpSynch exe C Program Files Java jre bin jusched exe C Program Files Cisco Aironet adu exe C WINDOWS System rundll exe C Program Files Adobe Acrobat Distillr acrotray exe C Program Files Novell GroupWise GrpWise exe C Program Files Novell GroupWise Notify exe C Program Files Internet Explorer iexplore exe C Program Files Adobe Acrobat Acrobat Acrobat exe C WINDOWS System WISPTIS EXE C Program Files Microsoft Office Office EXCEL EXE C Program Files Internet Explorer iexplore exe C Downloads hijackthis HijackThis exe C Program Files Outlook Express MSIMN EXE C Program Files Messenger msmsgs exe R - HKCU Software Microsoft Internet Explorer Main Start Page http www cnn com R - HKCU Software Microsoft Internet Explorer Main Local Page R - HKLM Software Microsoft Internet Explorer Main Local Page F - REG system ini UserInit C WINDOWS System Userinit exe O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Acrobat ActiveX AcroIEHelper dll O - BHO ViewerHelper Class - A - E - F - A - B - C Program Files Microsoft Rights Management Add-on mime filter dll O - BHO AcroIEToolbarHelper Class - AE CD -E - f- - EE - C Program Files Adobe Acrobat Acrobat AcroIEFavClient dll O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS System msdxm ocx O - Toolbar Adobe PDF - -D C - - FA - E EAAC - C Program Files Adobe Acrobat Acrobat AcroIEFavClient dll O - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS System NvCpl dll NvStartup O - HKLM Run NWTRAY NWTRAY EXE O - HKLM Run Logitech Utility Logi MwX Exe O - HKLM Run nwiz nwiz exe installquiet O - HKLM Run ccApp quot C Program Files Common Files Symantec Shared ccApp exe quot O - HKLM Run vptray C PROGRA SYMANT VPTray exe O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKLM Run TkBellExe quot C Program Files Common Files Real Update OB realsched exe quot -osboot O - HKLM Run GoToMyPC C Program Files Expertcity GoToMyPC g svc exe -logon O - HKLM Run OLPSYNCH C Program Files Offline Course Player OlpSynch exe O - HKLM Run SunJavaUpdateSched C Program Files Java jre bin jusched exe O - HKLM Run ADU quot C Program Files Cisco Aironet adu exe quot -nogui O - HKCU Run NVIEW rundll exe nview dll nViewLoadHook O - Global Startup Acrobat Assistant lnk C Program Files Adobe Acrobat Distillr acrotray exe O - Global Startup Adobe Gamma Loader exe lnk C Program Files Common Files Adobe Calibration Adobe Gamma Loader exe O - Extra button no name - B E C - FCB- CF-AAA - C - C Program Files Java ... Read more

Relevancy 49.02%

Something keeps closing my Spybot but CWShredder Ad-Aware and Spyware Blaster don't find anything Here's my HijackThis log Logfile of HijackThis v Scan saved at PM on Platform Windows NT SP WinNT MSIE Internet Explorer v Unable to list running processes error R - HKCU Software Microsoft Internet Explorer Main Start Page http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Start Page http red clientapps yahoo com customize my yahoo comR - HKLM Software Microsoft Internet Explorer Main Default Page URL http red clientapps yahoo com customize my yahoo comR - HKLM Software Microsoft Internet Explorer Main Default Search URL http red clientapps yahoo com customize www yahoo comR - HKCU Software Microsoft Internet Explorer SearchURL Default http red clientapps yahoo com customize www yahoo comF - REG system ini UserInit userinit nddeagnt exeO - Toolbar amp Radio - E - F- D - E- A C - C WINNT System msdxm ocxO - HKLM Run SystemTray SysTray ExeO - HKLM Run BrowserWebCheck loadwc exeO - Spybot closing Something's my (Hijackthis Log) HKLM Run SchedulingAgent mstinit exe logonO - HKLM Run cpqek C Program Files Compaq Compaq EAB Software cpqek exeO - HKLM Run EM EXEC C PROGRA MOUSEW SYSTEM EM EXEC EXEO - HKLM Run QuickTime Task quot C WINNT System qttask exe quot -atboottimeO - HKLM Run TkBellExe quot C Program Files Common Files Real Update OB realsched exe quot -osbootO - HKLM Run SpybotSnD quot C Program Something's closing my Spybot (Hijackthis Log) Files Spybot SpybotSD exe quot autocheck autocloseO - HKLM Run AVG CC C PROGRA AVGANT avgcc Something's closing my Spybot (Hijackthis Log) exe Something's closing my Spybot (Hijackthis Log) STARTUPO - Startup Wallpaper Changer lnk C Program Files Wallpaper Changer AWC exeO - Global Startup WinZip Quick Pick lnk C Program Files WinZip WZQKPICK EXEO - Global Startup Pow lnk C Program Files AnalogX POW pow exeO - Global Startup Yahoo Messenger lnk C Program Files Yahoo Messenger YPager exeO - Extra 'Tools' menuitem IMI HKLM O - DPF BF D - C - B -BC -D ABDDC B QuickTime Object - http www apple com qtactivex qtplugin cabO - DPF B BCA- F C- CF- - Shockwave ActiveX Control - http download macromedia com pub shockwa director sw cabO - DPF - F - BB - D -FA D F A AB YInstStarter Class - http download yahoo com dl installs yinst cabO - DPF BCB- D A- D -A B- DA DE RdxIE Class - http software-dl real com d aa cb ip RdxIE cabO - DPF A E C -A BA- D - - DB C YahooYMailTo Class - http us dl yimg com download yahoo com ymmapi dllO - DPF D CDB E-AE D- CF- B - Shockwave Flash Object - http download macromedia com pub shockwa ash swflash cab

A:Something's closing my Spybot (Hijackthis Log)

Do me a favor and give me another log from safe mode:How to enter Safe Mode.Save the log to your drive somewhere, and then reboot. Post the log from safe mode into a reply to this message

http://www.bleepingcomputer.com/forums/t/423/somethings-closing-my-spybot-hijackthis-log/
Relevancy 49.02%

I have the same problem as TallNick00 had. I downloaded the WinpPFind3u. I ran it and have the txt file that I have attached. I need the help from this point!

Summary of Problem:
Homepage hijacked by messengersite.net. When I run hijackthis, it will only remain open for a few seconds. Regedit will only stay open for a few seconds too.

Thanks

myers1965
 

Relevancy 48.59%

Hello All I have had issues with this I ve taken the harddrive out and ran a virus s scan using nod updated I before etc Nod closes hijackthis can closing, setup use virus defs and It didn t find anything bitdefender did and Nod setup closing, hijackthis closes before I can use etc removed however I still cant run some programs example Nod setup closing, hijackthis closes before I can use etc when I Nod setup closing, hijackthis closes before I can use etc try Hijackthis it comes up then closes same with trying to reinstall my nod I have run combofix my log is below Any help would be great thanks spent to many hours trying toget rid of this spyware lt RegardsPaulComboFix - - - Administrator - NTFSx MINIMALMicrosoft Windows XP Home Edition GMT Running from F ComboFix exeCommand switches used ComboFix exeAV ESET NOD Antivirus On-access scanning enabled Updated E E D - - F - FB -D ACA F C Other Deletions c documents and settings Owner Application Data c program files Common Files Real WeatherBug MiniBugTransporter dllc program files TinyProxyc recycler S- - - - - - - c windows bemark datc windows f f daa datc windows fmark datc windows Installer adb msic windows Installer d msic windows Installer a d msic windows Installer ac mspc windows Installer ac mspc windows system bthser dllc windows system drivers bquavszq sysc windows system drivers lccoljhz sysc windows system kdpini dllD Autorun inf Drivers Services ------- Legacy BQUAVSZQ------- Service bquavszq Files Created from - - to - - - - - - ----a-w- C FixWebHancer exe - - - - -------- d-----w- c program files Exterminate It - - - - -------- d-----w- c windows BDOSCAN - - - - -------- d-sh--w- c documents and settings Administrator PrivacIE - - - - ----a-w- C eav nt version enu msi - - - - ----a-w- c windows system GDIPFONTCACHEV DAT - - - - -------- d-----w- c windows system XPSViewer - - - - -------- d-----w- c program files MSBuild - - - - -------- d-----w- c program files Reference Assemblies - - - - -c----w- c windows system dllcache filterpipelineprintproc dll - - - - ------w- c windows system prntvpt dll - - - - -c----w- c windows system dllcache printfilterpipelinesvc exe - - - - -c----w- c windows system dllcache xpsshhdr dll - - - - ------w- c windows system xpsshhdr dll - - - - -c----w- c windows system dllcache xpssvcs dll - - - - ------w- c windows system xpssvcs dll - - - - -------- d-----w- C a fc b dcbd dd a b - - - - -c--a-w- c windows system dllcache wiamsmud dll - - - - -c--a-w- c windows system dllcache tp mon exe - - - - -c--a-w- c windows system dllcache smbclass sys - - - - -c--a-w- c windows system dllcache rthwcls sys - - - - -c--a-w- c windows system dllcache pca e sys - - - - -c--a-w- c windows system dllcache mstape sys - - - - -c--a-w- c windows system dllcache lmndis sys - - - - -c--a-w- c windows system dllcache ibmsgnet dll - - - - -c--a-w- c windows system dllcache fus base sys - - - - -c--a-w- c windows system dllcache dp sys - - - - -c--a-w- c windows system dllcache cpqarray sys - - - - -c--a-w- c windows system dllcache bulltlp sys - - - - -c--a-w- c windows system dllcache atidvai dll - - - - -c--a-w- c windows system dllcache s legacy dll - - - - ----a-r- c documents and settings Owner Application Data Microsoft Installer B - F B- D -ADA - C F DD Icon ED E exe - - - - -------- d-----w- c program files Windows Installer Clean Up - - - - -------- d-----w- c program files MSECACHE - - - - -------- d-sh--w- c documents and settings Administrator IETldCache - - - - -c--a-w- c windows system dllcache kbdhid sys - - - - ----a-w- c windows system drivers kbdhid sys - - - - -------- d-----w- c documents and settings Owner Application Data Sage Software Inc - - - - -------- d-----w- c program files Common Files SWF Studio - - - - -------- d-sh--w- c documents and settings NetworkService IETldCache - - - - -------- d-----w- c documents and settings Owner Local Settings Application Data Temp - - - - -------- d-sh--w- c documents and settings Owner IE... Read more

A:Nod setup closing, hijackthis closes before I can use etc

Hello Angelllus,Please note the message text in blue at the top of the Am I infected? What do I do? forum.ComboFix logs should not to be posted outside the HijackThis forums and then only when requested by a HJT Team member. It is an extremely powerful tool which should only be used when instructed to do so by someone who has been properly trained. ComboFix is intended by its creator to be "used under the guidance and supervision of an expert", NOT for private use. Please read Combofix's Disclaimer. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again.Please create a new topic explaining the nature of your problem in the Am I infected? What do I do? forum. Describe pop-ups and system tray or desktop icons that have appeared. Explain what is "going wrong" with your computer. Note any tools you have used and their respective results.If needed, we will direct you to our HJT Preparation Guide.Thank you for using BleepingComputer as your malware removal source.This topic is now closed. If you have any questions, please PM me or another Moderator.The BC Staff

http://www.bleepingcomputer.com/forums/t/245571/nod-setup-closing-hijackthis-closes-before-i-can-use-etc/
Relevancy 48.59%

I recently had to reformat my computer and it worked well for a while But one log other things hijackthis among help with Need day it stopped working and I thought that it Need help with hijackthis log among other things might be the anti-virus I checked and sure enough Norton's auto-protect function had been turned off Not only that but my Windows Firewall had been shut off too I downloaded AVG free and it fixed the problem for a while but then it came back after about - days the problem was that when I logged on to my user name the only thing that showed up was the background I had no desktop or task bar so I was using the computer with the task manager After fixing the problem the second time AVG once again the computer worked for only more days then did the same thing as the first two times After checking with AVG once more and finding no viruses I ran Ad-Aware and TRIED to run spybot but it didn't do anything other than to tell me to download updates which I did but it still wouldn't work At the suggestion of another friend I downloaded HijackThis and did a scan It came up with a list of things that it thought to be wrong only it told me that some of it might not be a problem at all So I saved the file and sent it to the friend who reccomended it only he said he couldn't tell me exactly what to delete fix He told me to post it on a forum and I happened across this one Now here I am typing up this long explanation of what is going on with my computer I am on a laptop the one with the problem is my desktop My HijackThis log is below please help me if you can Thank you -Mike Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C PROGRA Grisoft AVGFRE avgamsvr exe C PROGRA Grisoft AVGFRE avgupsvc exe C PROGRA Grisoft AVGFRE avgemc exe C WINDOWS system rundll exe C WINDOWS Explorer EXE C Program Files Batty Batty exe C WINDOWS system taskmgr exe C WINDOWS system wuauclt exe C Documents and Settings Mom amp Mckenze Desktop hijackthis HijackThis exe C Program Files Mozilla Firefox firefox exe R - URLSearchHook no name - A DC- CDB- - - A B - no file R - URLSearchHook no name - A B - - CD - AA - D C D - no file F - REG system ini UserInit userinit exe O - Toolbar Norton AntiVirus - CDD BF- FFB- - AD - DF B D - C Program Files Norton AntiVirus NavShExt dll O - HKLM Run ExploreUpdSched C WINDOWS system qwinnpes exe O - HKLM Run E - E-E - B-ZN C WINDOWS system dwdsregt exe GEN O - HKCU Run PSDream quot C Program Files PSDream PSDream exe quot O - Startup LimeWire On Startup lnk C Program Files LimeWire LimeWire exe O - Global Startup Adobe Reader Speed Launch lnk C Program Files Adobe Acrobat Reader reader sl exe O - Extra button no name - ABF A-F D- - D F- D F A - C WINDOWS system dmonwv dll file missing O - Extra 'Tools' menuitem Java - ABF A-F D- - D F- D F A - C WINDOWS system dmonwv dll file missing O - Extra button Messenger - FB F -F - d -BB E- C F - C Program Files Messenger msmsgs exe O - Extra 'Tools' menuitem Windows Messenger - FB F -F - d -BB E- C F - C Program Files Messenger msmsgs exe O - DPF B-B - D-A D -FCFDF E C WUWebControl Class - http update microsoft com microsof O - DPF E A- D- EE - C-DC FA D FC MUWebControl Class - http update microsoft com microsof O - DPF E C E- - FF- A - BDA FACAD Installer Class - http activex matcash com speedtest dll O - Protocol livecall - A - C - - F- E F - C PROGRA MSNMES MSGRAP DLL O - Protocol msnim - A - C - - F- E F - C PROGRA MSNMES MSGRAP DLL O - AppInit DLLs BattyRun dll O - Winlogon Notify Explorer - C WINDOWS system jt dme dll O - SSODL WPDShServiceObj - AAA BA- A C- B - D - D DB - C WINDOWS system WPDShServiceObj dll O - Service AVG Alert Manager Server Avg Alrt - GRISOFT s r o - C PROGRA Grisoft AVGFRE avgamsvr ... Read more

A:Need help with hijackthis log among other things

Hello michaelb227, and welcome to TSF.


I am currently reviewing your log. Please note that this is under the supervision of an expert analyst,
and I will be back with a fix for your problem as soon as possible.

You may wish to Subscribe to this thread (Thread Tools) so that you are notified when you receive a reply.

Please be patient with me during this time.

http://www.techsupportforum.com/forums/f284/need-help-with-hijackthis-log-among-other-things-123199.html
Relevancy 47.73%

Hi I m unable to work out what the issue is with this it s been happening now for days when I open Acrobat or try and do Remote Desktop they close after - seconds HiJackThis Log Logfile of Trend Micro HijackThis v BETA Scan saved at on Platform Windows XP SP WinNT Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS attached) 5-10 Applications closing seconds. (HiJackThis Log after system svchost exe C WINDOWS System svchost exe C WINDOWS Explorer EXE C WINDOWS RTHDCPL EXE C WINDOWS Applications closing after 5-10 seconds. (HiJackThis Log attached) system RUNDLL EXE C Program Files Java jre bin jusched exe C Program Files iTunes iTunesHelper exe C Program Files TomTom HOME TomTomHOME exe C WINDOWS system ctfmon exe C Program Files MSN Messenger MsnMsgr Exe C Program Files Steam Steam exe C Program Applications closing after 5-10 seconds. (HiJackThis Log attached) Files Messenger msmsgs exe C Program Files DAEMON Tools daemon exe C Program Files Hamachi hamachi exe C Program Files Xfire xfire exe C Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe C PROGRA Grisoft AVG avgupsvc exe C Program Files Bonjour mDNSResponder exe C WINDOWS system nvsvc exe C WINDOWS system PnkBstrA exe C WINDOWS system svchost exe C Program Files Mozilla Firefox firefox exe C Program Files iPod bin iPodService exe C Program Files MSN Messenger livecall exe C WINDOWS System svchost exe C WINDOWS system msiexec exe C Program Files mIRC mirc exe C WINDOWS system spoolsv exe C Program Files Adobe Acrobat Acrobat acrotray exe C Program Files Common Files Macrovision Shared FLEXnet Publisher FNPLicensingService exe C Program Files MSN Messenger usnsvc exe C Documents and Settings Morgan Withers Desktop HiJackThis v exe R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride local O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Common Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - BHO no name - E D - A- EC-A -BA D E E - no file O - BHO Adobe PDF Conversion Toolbar Helper - AE CD -E - f- - EE - C Program Files Adobe Acrobat Acrobat AcroIEFavClient dll O - Toolbar Adobe PDF - -D C - - FA - E EAAC - C Program Files Adobe Acrobat Acrobat AcroIEFavClient dll O - HKLM Run RTHDCPL RTHDCPL EXE O - HKLM Run SkyTel SkyTel EXE O - HKLM Run Alcmtr ALCMTR EXE O - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS system NvCpl dll NvStartup O - HKLM Run nwiz nwiz exe install O - HKLM Run NvMediaCenter RUNDLL EXE C WINDOWS system NvMcTray dll NvTaskbarInit O - HKLM Run AVG CC C PROGRA Grisoft AVG avgcc exe STARTUP O - HKLM Run SunJavaUpdateSched quot C Program Files Java jre bin jusched exe quot O - HKLM Run QuickTime Task quot C Program Files QuickTime QTTask exe quot -atboottime O - HKLM Run iTunesHelper quot C Program Files iTunes iTunesHelper exe quot O - HKLM Run PWRISOVM EXE C Program Files PowerISO PWRISOVM EXE O - HKLM Run TomTomHOME exe quot C Program Files TomTom HOME TomTomHOME exe quot -s O - HKLM Run Acrobat Assistant quot C Program Files Adobe Acrobat Acrobat Acrotray exe quot O - HKCU Run CTFMON EXE C WINDOWS system ctfmon exe O - HKCU Run MsnMsgr quot C Program Files MSN Messenger MsnMsgr Exe quot background O - HKCU Run Steam quot C Program Files Steam Steam exe quot -silent O - HKCU Run MSMSGS quot C Program Files Messenger msmsgs exe quot background O - HKCU Run DAEMON To... Read more

https://forums.techguy.org/threads/applications-closing-after-5-10-seconds-hijackthis-log-attached.604576/
Relevancy 47.73%

hey im having a problem with my programs closing i have included my hijackthis log too if it helps Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows SP WinNT MSIE Internet Explorer v Boot mode Normal Programs randomly log posted Hijackthis closing/ Running processes C Windows AsScrPro exe C Program Files x ASUS ATK Package ATKOSD ATKOSD exe C Program Files x ASUS ATK Package ATK Media DMedia exe C Program Files x ASUS ATK Programs randomly closing/ Hijackthis log posted Package ATK Hotkey HControlUser exe C Program Files x AVG Secure Search vprot exe C Program Files x Common Files Java Java Update jusched exe C Program Files x AVG AVG avgui exe C Program Files x Internet Explorer IELowutil exe C Program Files x Adobe Reader Reader AcroRd exe D Other Programs New folder Programs randomly closing/ Hijackthis log posted Comodo Dragon dragon exe D Other Programs New folder Comodo Dragon dragon exe D Other Programs New folder Comodo Dragon dragon exe D Other Programs New folder Comodo Dragon dragon exe D Other Programs New folder Comodo Dragon Programs randomly closing/ Hijackthis log posted dragon exe D Other Programs New folder Comodo Dragon dragon exe D Other Programs New folder Comodo Dragon dragon exe D Other Programs New folder Comodo Dragon dragon exe C Users Cody Downloads HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Default Page URL http asus msn com R - HKCU Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Internet Explorer Main Start Page http search conduit com SearchSource amp ctid CT R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Search SearchAssistant R - HKLM Software Microsoft Internet Explorer Search CustomizeSearch R - HKLM Software Microsoft Internet Explorer Main Local Page C Windows SysWOW blank htm R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride local R - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName R - URLSearchHook no name - C B- A - DD -B D - A E - no file R - URLSearchHook no name - b d d- a - e d-b b - dd d bb - no file R - URLSearchHook no name - c f aa-f f- c- f e-b d a - no file R - URLSearchHook no name - e ab - f - cd- -c d caaccea - no file F - REG system ini UserInit userinit exe O - BHO no name - D -C F - efb- B - ECA - no file O - BHO AcroIEHelperStub - DF C-E AD- -A -FA C EBDC - C Program Files x Common Files Adobe Acrobat ActiveX AcroIEHelperShim dll O - BHO no name - F B -B - - B- FBA BD D - no file O - BHO no name - b d d- a - e d-b b - dd d bb - no file O - BHO Search Helper - EBF - F- bff-A F-B E AAC B - C Program Files x Microsoft Search Enhancement Pack Search Helper SEPsearchhelperie dll O - BHO Java tm Plug-In SSV Helper - BB-D F - C-B EB-D DAF D D - C Program Files x Java jre bin ssv dll O - BHO Windows Live ID Sign-in Helper - D - C - ABF- ECC- C - C Program Files x Common Files Microsoft Shared Windows Live WindowsLiveLogin dll O - BHO AVG Security Toolbar - B C- C F- BF -B - A - C Program Files x AVG Secure Search AVG Secure Search toolbar dll O - BHO SkypeIEPluginBHO - AE - E C- ED - F B-F F A - C Program Files x Skype Toolbars Internet Explorer skypeieplugin dll O - BHO Java tm Plug-In SSV Helper - DBC -A - b-BC - C C C A - C Program Files x Java jre bin jp ssv dll O - Toolbar no name - D C F- A- -A AD- D - no file O - Toolbar no name - b d d- a - e d-b b - dd d bb - no file O - Toolbar no name - F B -B - - B- FBA BD D - no file O - Toolbar no name - EBF BA - - c a- B-BB F D DE - no file O - Toolbar no name - CCC A ... Read more

https://forums.techguy.org/threads/programs-randomly-closing-hijackthis-log-posted.1079883/
Relevancy 47.73%

theres these things in add remove files No idea what they are - IE Driver amp IIScript Hijack Log - Logfile of HijackThis v Scan saved at on Platform Windows XP SP WinNT MSIE Unable to get Internet Explorer version Running + things 2 help log in please hijackthis add/remove processes D WINDOWS System smss exe D WINDOWS system csrss exe D 2 things in add/remove + hijackthis log help please WINDOWS system winlogon exe D WINDOWS system services exe D WINDOWS system lsass exe D WINDOWS system 2 things in add/remove + hijackthis log help please svchost exe D WINDOWS system svchost exe D WINDOWS System svchost exe D WINDOWS System svchost exe D WINDOWS System svchost exe D WINDOWS system spoolsv exe D Program Files Common Files Symantec Shared ccEvtMgr exe D WINDOWS system crypserv exe D Program Files Norton AntiVirus navapsvc exe D Program Files Norton AntiVirus AdvTools NPROTECT EXE D WINDOWS System svchost exe D Program Files Common Files Symantec Shared Security Center SymWSC exe D WINDOWS System alg exe D WINDOWS System svchost exe D WINDOWS Explorer EXE D Program Files Common Files Symantec Shared ccApp exe D WINDOWS SOUNDMAN EXE D Program Files Messenger Plus MsgPlus exe D Program Files Winamp winamp exe D Program Files Mozilla Firefox firefox exe D Program Files MSN Messenger msnmsgr exe D WINDOWS System msiexec exe D WINDOWS system rundll exe D Documents and Settings phil crane Desktop HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http www philcrane cydelia co uk forum index php R - HKCU Software Microsoft Internet Explorer Main Window Title Phil Crane Internet Explorer O - BHO NAV Helper - BDF E -B - AD-A -FADC B - D Program Files Norton AntiVirus NavShExt dll O - Toolbar Norton AntiVirus - CDD BF- FFB- - AD - DF B D - D Program Files Norton AntiVirus NavShExt dll O - Toolbar no name - E E AB-F - D - D - BA E - no file O - HKLM Run ccApp quot D Program Files Common Files Symantec Shared ccApp exe quot O - HKLM Run ccRegVfy quot D Program Files Common Files Symantec Shared ccRegVfy exe quot O - HKLM Run Advanced Tools Check D PROGRA NORTON AdvTools ADVCHK EXE O - HKLM Run SoundMan SOUNDMAN EXE O - HKLM Run MessengerPlus quot D Program Files Messenger Plus MsgPlus exe quot O - HKLM Run NeroFilterCheck D WINDOWS system NeroCheck exe O - HKCU Run SpySweeper quot D Program Files Webroot Spy Sweeper SpySweeper exe quot O - Extra context menu item amp Use webcow on this Page - D Documents and Settings phil crane Desktop wcie iemenu htm O - Extra context menu item E amp xport to Microsoft Excel - res D PROGRA MICROS OFFICE EXCEL EXE O - Extra context menu item Use webcow on this amp Selection - D Documents and Settings phil crane Desktop wcie iemenu htm O - Extra button Messenger Addon HKLM O - Extra Tools menuitem amp Messenger Addon HKLM O - DPF E F - B - D - - BD D PCPitstop Utility - http www pcpitstop com pcpitstop PCPitStop CAB O - DPF B BCA- F C- CF- - Shockwave ActiveX Control - http download macromedia com pub shockwave cabs director sw cab O - DPF -C A- E-A -C C BBF Windows Genuine Advantage Validation Tool - http go microsoft com fwlink linkid amp clcid x O - DPF E E -C DE- FF- AE- EE F C CE Office Update Installation Engine - http office microsoft com officeupdate content opuc cab O - DPF D F B - A - D - B - DC A SecureLogin SecureControl - http secure comned com signuptemplates ActiveSecurity cab O - DPF C E B D- A - B - E -E F B NsvPlayX Control - http www nullsoft com nsv embed nsvplayx vp mp cab O - DPF D CDB E-AE D- CF- B - Shockwave Flash Object - https download macromedia com pub shockwave cabs flash swflash cab O - DPF D - - F - B- E E CD A FlashXControl Object - https red microgaming com red FlashAX cab thanx for ya help guys nbsp

A:2 things in add/remove + hijackthis log help please

Your HJT is old

HiJack This http://www.majorgeeks.com/download3155.html,
put it in a permanent folder, run it , DO NOT fix anything, post the log here.
 

https://forums.techguy.org/threads/2-things-in-add-remove-hijackthis-log-help-please.299731/
Relevancy 47.73%

But I m not an expert at this and don t want to delete anything I need Here s my log Logfile look on here things some Log... HijackThis questionable... of HijackThis v Scan saved at AM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C WINDOWS System smss exe C WINDOWS system csrss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost HijackThis Log... some things on here look questionable... exe C WINDOWS System svchost exe C WINDOWS System svchost exe C WINDOWS System svchost exe C WINDOWS amFtZXM command exe c PROGRA mcafee com vso mcvsrte exe C Program Files Common Files Microsoft Shared VS DEBUG MDM EXE C Program Files M-Audio MobilePre Install MPInst exe C PROGRA McAfee SPAMKI MSKSrvr exe C WINDOWS Explorer EXE C PROGRA mcafee com vso mcvsshld exe c program files mcafee com agent mcagent exe c progra mcafee com vso mcvsescn exe C PROGRA McAfee SPAMKI MSKAgent exe C Program Files Java jre bin jusched exe C WINDOWS CTHELPER EXE C Program Files Common Files Real Update OB realsched exe C Program Files Winamp winampa exe C WINDOWS System nvsvc exe C WINDOWS System HijackThis Log... some things on here look questionable... ctfmon exe C WINDOWS System wdfmgr exe c progra mcafee com vso mcvsftsn exe c PROGRA mcafee com vso mcshield exe C Program Files Internet Explorer IEXPLORE EXE C Program Files Azureus Azureus exe C Program Files Java jre bin javaw exe C aim HijackThis exe O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dll O - Toolbar McAfee VirusScan - BA B -B - c -B - F F - c progra mcafee com vso mcvsshl dll O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS System msdxm ocx O - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS System NvCpl dll NvStartup O - HKLM Run nwiz nwiz exe install O - HKLM Run NvMediaCenter RUNDLL EXE C WINDOWS System NvMcTray dll NvTaskbarInit O - HKLM Run VSOCheckTask quot c PROGRA mcafee com vso mcmnhdlr exe quot checktask O - HKLM Run VirusScan Online quot c PROGRA mcafee com vso mcvsshld exe quot O - HKLM Run MCAgentExe c PROGRA mcafee com agent mcagent exe O - HKLM Run MCUpdateExe C PROGRA mcafee com agent McUpdate exe O - HKLM Run MSKAGENTEXE C PROGRA McAfee SPAMKI MSKAgent exe O - HKLM Run MSKDetectorExe C PROGRA McAfee SPAMKI MskDetct exe startup O - HKLM Run DeadAIM rundll exe quot C PROGRA AIM DeadAIM ocm quot ExportedCheckODLs O - HKLM Run SunJavaUpdateSched C Program Files Java jre bin jusched exe O - HKLM Run NeroCheck C WINDOWS system NeroCheck exe O - HKLM Run CTHelper CTHELPER EXE O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKLM Run TkBellExe quot C Program Files Common Files Real Update OB realsched exe quot -osboot O - HKLM Run KernelFaultCheck systemroot system dumprep -k O - HKLM Run wdskctl C WINDOWS wdskctl exe O - HKLM Run DigidesignMMERefresh C Program Files Digidesign Drivers MMERefresh exe O - HKLM Run WinampAgent C Program Files Winamp winampa exe O - HKCU Run MSMSGS quot C Program Files Messenger msmsgs exe quot background O - HKCU Run AIM C PROGRA AIM aim exe -cnetwait odl O - HKCU Run MSKAGENTEXE C PROGRA McAfee SPAMKI MskAgent exe O - HKCU Run ctfmon exe C WINDOWS System ctfmon exe O - HKCU Run SetDefaultMIDI MIDIDef exe O - HKCU Run mqzk C PROGRA COMMON mqzk mqzkm exe O - Global Startup Adobe Reader Speed Launch lnk C Program Files Adobe Acrobat Reader reader sl exe O - Global Startup M-Audio MobilePre Control Panel Launcher lnk C Program Files M-Audio MobilePre MPTask exe O - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MICROS OFFICE EXCEL EXE O - Extra button no name - B E C - FCB- CF-AAA - C - C Program Files Java jre bin npjpi dll O - Extra Tools menuitem Sun Java Console - B E C - FCB- CF-AAA - C - C Program Files Java jre bin npjpi dll O - Extra button Research - B - CC- C -B BE- C C A - C PROGRA MICROS OFFICE REFIEBAR DLL O - Extra button AI... Read more

A:HijackThis Log... some things on here look questionable...

Hi and welcome to TSG,

Download Cleanup from Here

A window will open and choose SAVE, then DESKTOP as the destination.
On your Desktop, click on Cleanup40.exe icon.
Then, click RUN and place a checkmark beside "I Agree"
Then click NEXT followed by START and OK.
A window will appear with many choices, keep all the defaults as set when the Slide Bar to the left is set to Standard Quality.
Click OK
DO NOT RUN IT YET
Download the trial version of Ewido Security Suite here.
Install ewido.
During the installation, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
Launch ewido
It will prompt you to update click the OK button and it will go to the main screen
On the left side of the main screen click update
Click on Start and let it update.
DO NOT run a scan yet. You will do that later in safe mode.

Click here for info on how to boot to safe mode if you don't already know how.
Now copy these instructions to notepad and save them to your desktop. You will need them to refer to in safe mode.
Restart your computer into safe mode now. Perform the following steps in safe mode:
Run Ewido:
Click on scanner
Click Complete System Scan and the scan will begin.
During the scan it will prompt you to clean files, click OK
When the scan is finished, look at the bottom of the screen and click the Save report button.
Save the report to your desktop

Run Cleanup:
Click on the "Cleanup" button and let it run.
Once its done, close the program.
Go to Control Panel - Internet Options. Click on the Programs tab then click the "Reset Web Settings" button. Click Apply then OK.
Restart back into Windows normally now.
Do a Panda Active Scan. Be sure to save the log it creates.
Come back here and post a new HijackThis log, as well as the logs from the Ewido and Panda scans.
 

https://forums.techguy.org/threads/hijackthis-log-some-things-on-here-look-questionable.418834/
Relevancy 47.73%

I gave Hijackthis a go and it came out with these things Logfile of Trend Micro HijackThis v Scan saved at AM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Boot mode NormalRunning processes C WINDOWS System smss exeC things Some Hijackthis that - bugs me... WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system svchost exeC WINDOWS System svchost exeC Program Files Alwil Software Avast AvastSvc exeC WINDOWS system LEXBCES EXEC WINDOWS system spoolsv exeC WINDOWS system LEXPPS EXEC WINDOWS Explorer EXEC Program Files Unlocker UnlockerAssistant exeC PROGRA ALWILS Avast avastUI exeC WINDOWS system hkcmd exeC Hijackthis - Some things that bugs me... WINDOWS system igfxpers exeC Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exeC Program Files Java jre bin jqs exeC Program Files Common Files Microsoft Shared VS DEBUG MDM EXEC Program Files mIRC mirc exeC WINDOWS system taskmgr exeC Program Files Mozilla Firefox firefox exeC Documents and Settings John Stanley Garcia Desktop HiJackThis exeO - BHO no Hijackthis - Some things that bugs me... name - D -C F - EFB- B - ECA - no file O - BHO AcroIEHelperStub - DF C-E AD- -A -FA C EBDC - C Program Files Common Files Adobe Acrobat ActiveX AcroIEHelperShim dllO - BHO WormRadar com IESiteBlocker NavFilter - CA F - F E- B -A E- E E C C - no file O - BHO Groove GFS Browser Helper - - C - D -B F - BBC D Hijackthis - Some things that bugs me... A E - C PROGRA MI Office GRA E DLLO - BHO Java Plug-In SSV Helper - DBC -A - b-BC - C C C A - C Program Files Java jre bin jp ssv dllO - BHO JQSIEStartDetectorImpl - E E F - CE- C -BC -EABFE F C - C Program Files Java jre lib deploy jqs ie jqs plugin dllO - Toolbar Veoh Web Player Video Finder - FBB -D D - f a-A E - B BFC - C Program Files Veoh Networks VeohWebPlayer VeohIEToolbar dllO - HKLM Run UnlockerAssistant quot C Program Files Unlocker UnlockerAssistant exe quot O - HKLM Run avast C PROGRA ALWILS Avast avastUI exe noguiO - HKLM Run igfxtray C WINDOWS system igfxtray exeO - HKLM Run igfxhkcmd C WINDOWS system hkcmd exeO - HKLM Run igfxpers C WINDOWS system igfxpers exeO - HKLM Run GrooveMonitor quot C Program Files Microsoft Office Office GrooveMonitor exe quot O - HKUS S- - - RunOnce tscuninstall systemroot system tscupgrd exe User O - HKUS DEFAULT RunOnce tscuninstall systemroot system tscupgrd exe User Default user O - S- - - - - - - Startup OpenOffice org lnk C Program Files OpenOffice org program quickstart exe User O - Startup OpenOffice org lnk C Program Files OpenOffice org program quickstart exeO - Extra context menu item amp AOL Toolbar search - res C Program Files AOL Toolbar toolbar dll SEARCH HTMLO - Extra context menu item Add to Google Photos Screensa amp ver - res C WINDOWS system GPhotos scr O - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MI Office EXCEL EXE O - Extra button Send to OneNote - A- - f c- - EE C C - C PROGRA MI Office ONBttnIE dllO - Extra Tools menuitem S amp end to OneNote - A- - f c- - EE C C - C PROGRA MI Office ONBttnIE dllO - Extra button Research - B - CC- C -B BE- C C A - C PROGRA MI Office REFIEBAR DLLO - Extra button no name - CD F -D E - d - FE- C F AFE - no file O - Extra button no name - e e dd -d - - b -f ba - C WINDOWS Network Diagnostic xpnetdiag exeO - Extra Tools menuitem xpsp res dll - - e e dd -d - - b -f ba - C WINDOWS Network Diagnostic xpnetdiag exeO - Extra button Messenger - FB F -F - d -BB E- C F - C Program Files Messenger msmsgs exeO - Extra Tools menuitem Windows Messenger - FB F -F - d -BB E- C F - C Program Files Messenger msmsgs exeO - DPF RaptisoftGameLoader - http www miniclip com hamsterball raptisoftgameloader cabO - DPF BF D - C - B -BC -D ABDDC B QuickTime Object - http a g akamai net ex qtplugin cabO - DPF -C A- E-A -C C BBF Windows Genuine Advantage Validation Tool - http go microsoft com fwlink linkid O - DPF A C - - D -BF - A CCE B TTestGenXInstallObject - ht... Read more

A:Hijackthis - Some things that bugs me...

Hello and and Welcome to BleepingcomputerPlease note we are very busy, so if I don't hear from you within 5 days the topic will be closed, If you have sinceresolved your issues I would appreciate if you would let me no so I can close this topic.We need to create an OTL ReportPlease download OTL from one of the following mirrors:This is THE MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.Under the Custom Scans/Fixes box at the bottom, paste in the following bold text.%appdata%\*.*%systemroot%\system32\*.dll /lockedfiles%systemroot%\Tasks\*.job /lockedfiles%SYSTEMDRIVE%\*.exenetsvcsmsconfig/md5startproquota.exesfcfiles.dlleventlog.dllscecli.dllnetlogon.dllcngaudit.dllsceclt.dllntelogon.dlllogevent.dllbeep.sysiaStor.sysnvstor.sysatapi.sysnvatabus.sysviamraid.sysnvata.sysiastorv.sys/md5stopCREATERESTOREPOINTPush the button.Two reports will open, copy and paste them in a reply here:OTL.txt <-- Will be openedExtra.txt <-- Will be minimizedThanks

http://www.bleepingcomputer.com/forums/t/313429/hijackthis-some-things-that-bugs-me/
Relevancy 47.73%

hey guys my windows media player is not running and is giving lots of problems in anger i deleted the wmpnscfg exe from registry Also attached is the hijack this log file Please tell me what other viruses and malware there are How should I get my windows media player working again Please help me Thanks please help me i need to get my computer working im fed up with vista anyways and there's nothing i can do about it because my video card doesnt have xp driver also I tried installing adaware but i think whatever the virus spyware is has taken over the windows installer and disactivated it because it says windows installer service could not be accessed Please help guys Thanks Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows Vista WinNT MSIE Internet Explorer v Boot mode Normal Running - HijackThis wrong many things are please help log, processes C Windows system Dwm exe C Windows Explorer EXE C Windows system taskeng exe C Program Files Windows Defender MSASCui exe C Program Files Synaptics SynTP SynTPEnh exe C Program Files Common Files Symantec Shared ccApp exe C Program HijackThis log, please help - many things are wrong Files HP QuickPlay QPService exe C Program Files Hewlett-Packard HP Quick Launch Buttons QLBCTRL exe C Program Files Hewlett-Packard HP Wireless Assistant WiFiMsg exe C Program Files Hewlett-Packard HP Wireless Assistant HPWAMain exe C Program Files Java jre bin jusched exe C Program Files Synaptics SynTP SynTPStart exe C Program Files Microsoft Office Office GrooveMonitor exe C Program Files Windows HijackThis log, please help - many things are wrong Live Messenger msnmsgr exe C Program Files Compaq Connections Program Compaq Connections exe C WINDOWS System rundll exe C PROGRA HEWLET Shared HPQTOA EXE C Program Files Mozilla Firefox firefox exe C Program Files Trend Micro HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Internet Explorer Main Start Page http www google ca R - HKLM Software Microsoft Internet Explorer Main Default Page URL http ie redirect hp com svs rdr TY ARIO amp pf laptop R - HKLM Software HijackThis log, please help - many things are wrong Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http ie redirect hp com svs rdr TY ARIO amp pf laptop R - HKLM Software Microsoft Internet Explorer Search SearchAssistant R - HKLM Software Microsoft Internet Explorer Search CustomizeSearch R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride local R - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName O - Hosts localhost O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Common Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO no name - E A - - D F-BEAE-D A C - c Program Files Common Files Symantec Shared coShared Browser NppBho dll O - BHO Groove GFS Browser Helper - - C - D -B F - BBC D A E - C PROGRA MICROS Office GRA E DLL O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - BHO no name - E D - A- EC-A -BA D E E - no file O - BHO Windows Live Sign-in Helper - D - C - ABF- ECC- C - C Program Files Common Files Microsoft Shared Windows Live WindowsLiveLogin dll O - Toolbar Show Norton Toolbar - -F - -B -FBEE C B DF - c Program Files Common Files Symantec Shared coShared Browser UIBHO dll O - HKLM Run Windows Defender ProgramFiles Windows Defender MSASCui exe -hide O - HKLM Run SynTPEnh C Program Files Synaptics SynTP SynTPEnh exe O - HKLM Run ccApp quot c Program Files Common Files Symantec Shared ccApp exe quot O - HKLM Run osCheck quot c Program Files Norton Internet Security osCheck exe quot O - HKLM Run QPService quot C Program Files HP QuickPlay QPSer... Read more

http://www.techsupportforum.com/forums/f284/hijackthis-log-please-help-many-things-are-wrong-211226.html
Relevancy 47.73%

I'd like some advice on my log before I go deleting things I don't want to screw anything up worse than it is VVCShePaytimeall look quite suspicious to me and also when my computer Few - Things Hijackthis Suspicious. Log Looking starts up I get a few error messages about not being able to start start VVC Whatever it is I use AVG and Spybot just finished removing surferside kick from my computer I'm still getting quite a few browser redirect hijacks with firefox and IE which I Hijackthis Log - Few Things Looking Suspicious. dont use randomly opens up ads AVG SBS amp D i've ran quite a few times in safemode but it spyboy just cant seem to get rid of some things Can someone help me out please Logfile of HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Running processes C windows System smss exeC windows system winlogon exeC windows system services exeC windows system lsass exeC windows system svchost exeC windows System svchost exeC windows system spoolsv exeC windows system rundll exeC windows system svchost exeC windows system nvsvc exeC windows system svchost exeC windows explorer exeC WINDOWS inet winlogon exeC windows SOUNDMAN EXEC Program Files D-Tools daemon exeC windows Hijackthis Log - Few Things Looking Suspicious. system DeltTray exeC windows system paytime exeC windows smss exeC windows system rsdsregr exeC windows inet mm exeC WINDOWS PCHealth HelpCtr Binaries MSConfig exeC Program Files Messenger msmsgs exeC windows system dllcache IExplore exeC windows system nwintsaw exeC Program Files Internet Explorer iexplore exeC Program Files Logitech Desktop Messenger Program BackWeb- exeC windows system paytime exeC Program Files MSN Messenger msnmsgr exeC windows system dllcache IExplore exeC windows system dllcache IExplore exeC windows system dllcache IExplore exeC windows system dllcache IExplore exeC windows system dllcache IExplore exeC windows system dllcache IExplore exeC windows system dllcache IExplore exeC windows system dllcache IExplore exeC windows system dllcache IExplore exeC windows system dllcache IExplore exeC Program Files Logitech SetPoint KEM exeC windows system wuauclt exeC Program Files Logitech SetPoint KHALMNPR EXEC Documents and Settings Shay Desktop HijackThis HijackThis exeC windows system NOTEPAD EXER - HKCU Software Microsoft Internet Explorer Main Default Page URL c secure htmlR - HKCU Software Microsoft Internet Explorer Main Start Page c secure htmlR - HKLM Software Microsoft Internet Explorer Main Default Page URL c secure htmlR - HKLM Software Microsoft Internet Explorer Main Start Page c secure htmlR - HKCU Software Microsoft Internet Explorer Main Local Page c secure htmlR - HKLM Software Microsoft Internet Explorer Main Local Page c secure htmlR - HKCU Software Microsoft Internet Connection Wizard ShellNext http windowsupdate microsoft com R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride localhostR - URLSearchHook no name - EE B -F - BB- FB-A BD B A - no file F - REG system ini Shell explorer exe quot C Program Files Common Files Microsoft Shared Web Folders ibm exe quot F - REG win ini run C WINDOWS inet winlogon exeO - BHO no name - E -FFAD- - C - CA F B - no file O - Toolbar SnagIt - FF E -ABDE- EB-B E-D AAB CABE - C Program Files TechSmith SnagIt SnagItIEAddin dllO - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS system NvCpl dll NvStartupO - HKLM Run SoundMan SOUNDMAN EXEO - HKLM Run DAEMON Tools- quot C Program Files D-Tools daemon exe quot -lang O - HKLM Run NeroFilterCheck C WINDOWS system NeroCheck exeO - HKLM Run DeltTray DeltTray exeO - HKLM Run PayTime C windows system paytime exeO - HKLM Run xp system C WINDOWS inet winlogon exeO - HKLM Run Microsoft Windows Session Manager Subsystem C windows smss exeO - HKLM Run - - F-F -ZN C windows system rsdsregr exe DRCA O - HKLM Run BrowserUpdateSched C windows system nwintsaw exe DRCA O - HKLM Run UserFaultCheck systemroot system dumprep -uO - HKLM Run MSConfig C... Read more

A:Hijackthis Log - Few Things Looking Suspicious.

wow..please someone help - MSN wont even work (crashes on sign in)

http://www.bleepingcomputer.com/forums/t/38963/hijackthis-log-few-things-looking-suspicious/
Relevancy 47.73%

Hello Hoping I could find out how to eliminate being redirected to different websites HijackThis after using Malwarebytes Log after using yahoo or google search engines Below is the HijackThis Log Does anything unusual stand out I have used the superantispyware which found the trojan dns-changer adware tracking cookies and rootkit Agent files Once I removed these they still come back upon a reboot I also have the RECYCLER S- pop-up when trying to access c drive along with being unable to perfom windows updates or update the spyware or HijackThis Log after using Malwarebytes adware software I appreciate any help or direction to move towards Thanks Running processes C WINDOWS System smss exeC WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system svchost exeC WINDOWS System svchost exeC Program Files Lavasoft Ad-Aware AAWService exeC WINDOWS Explorer EXEC WINDOWS system dla tfswctrl exeC Program Files Java j re bin jusched exeC Program Files Lavasoft Ad-Aware AAWTray exeC WINDOWS system ctfmon exeC Program Files SUPERAntiSpyware SUPERAntiSpyware exeC Program Files Common Files Microsoft Shared VS DEBUG MDM EXEC Program Files Microsoft SQL Server MSSQL MICROSOFTBCM Binn sqlservr exeC WINDOWS System HPZipm exeC WINDOWS System svchost exeC Program Files Viewpoint Common ViewpointService exeC Program Files Canon CAL CALMAIN exeC Program Files Viewpoint Viewpoint Manager ViewMgr exeC WINDOWS system spoolsv exeC Program Files Internet Explorer iexplore exeC Program Files Trend Micro HijackThis HijackThis exeR - HKCU Software Microsoft Internet Explorer Main Search Bar http www comcast net toolbar search R - HKCU Software Microsoft Internet Explorer Main Start Page http www comcast net home htmlR - HKLM Software Microsoft Internet Explorer Search SearchAssistant http www comcast net toolbar search O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Common Files Adobe Acrobat ActiveX AcroIEHelper dllO - BHO Comcast Toolbar - E BD F- B D- E- BE-BE DF D AE - C PROGRA COMCAS COMCAS DLLO - BHO DriveLetterAccess - CA D E- - CF- E - - C WINDOWS system dla tfswshx dllO - Toolbar Comcast Toolbar - E BD F- B D- E- BE-BE DF D AE - C PROGRA COMCAS COMCAS DLLO - HKLM Run dla C WINDOWS system dla tfswctrl exeO - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottimeO - HKLM Run SunJavaUpdateSched quot C Program Files Java j re bin jusched exe quot O - HKLM Run Adobe Reader Speed Launcher quot C Program Files Adobe Reader Reader Reader sl exe quot O - HKLM Run Ad-Watch C Program Files Lavasoft Ad-Aware AAWTray exeO - HKCU Run ctfmon exe C WINDOWS system ctfmon exeO - HKCU Run SUPERAntiSpyware C Program Files SUPERAntiSpyware SUPERAntiSpyware exeO - Extra context menu item E amp xport to Microsoft Excel - res C PROGRA MICROS OFFICE EXCEL EXE O - Extra button no name - B E C - FCB- CF-AAA - C - C WINDOWS System shdocvw dllO - Extra 'Tools' menuitem Sun Java Console - B E C - FCB- CF-AAA - C - C WINDOWS System shdocvw dllO - Extra button Research - B - CC- C -B BE- C C A - C PROGRA MICROS OFFICE REFIEBAR DLLO - Extra button Real com - CD F -D E - d - FE- C F AFE - C WINDOWS System Shdocvw dllO - Extra button Messenger - FB F -F - d -BB E- C F - C Program Files Messenger msmsgs exeO - Extra 'Tools' menuitem Windows Messenger - FB F -F - d -BB E- C F - C Program Files Messenger msmsgs exeO - DPF CA FB - E E- B -BF - E A CAA CD Office Genuine Advantage Validation Tool - http go microsoft com fwlink linkid O - DPF ED DDF - - BBE- - A EDB D A - http download mcafee com molbin shared m mcinsctl cabO - DPF BCC FF - D - -A E-C E ADA - http download mcafee com molbin shared m mcgdmgr cabO - Winlogon Notify SASWinLogon - C Program Files SUPERAntiSpyware SASWINLO dllO - Service Canon Camera Access Library CCALib - Canon Inc - C Program Files Canon CAL CALMAIN exeO - Service InstallDriver Table Manager IDriverT - Macrovision Corporation - C Program Files Common F... Read more

A:HijackThis Log after using Malwarebytes

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a description of your problem, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.comDDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results, click no to the Optional_ScanFollow the instructions that pop up for posting the results.Close the program window, and delete the program from your desktop.Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. Information on A/V control HERER,K

http://www.bleepingcomputer.com/forums/t/200618/hijackthis-log-after-using-malwarebytes/
Relevancy 47.73%

I have an HP laptop compaq nc with Windows XP Professional edition To remove Spyware Guard I disconnected my laptop off HijackThis Malwarebytes won't and run internet and ran ComboFix in safe mode the log file is below But then I can't run Malwarebyets nor Hijackthis Tried to turn off Malwarebytes and HijackThis won't run the Phishing Filter but it doesn't exist checked Internet Explorer-Tools-Advanced or I can't find it Please help me ScorpComboFix Log FileComboFix - - - - - - NTFSx MINIMALMicrosoft Windows XP Professional GMT Running from C Documents and Settings Desktop ComboFix exe - REDUCED FUNCTIONALITY MODE - Files Created from - - to - - - - - - lt DIR gt d-------- C Program Files Spyware Guard - - - - --a------ C WINDOWS system winscenter exe - - - - lt DIR gt d-------- C Program Files GraphPad - - - - lt DIR gt d-------- C Documents and Settings Application Data GraphPad Software - - - - lt DIR gt d-------- C Documents and Settings All Users Application Data GraphPad Software Find M Report - - --------- d---a-w C Documents and Settings All Users Application Data TEMP - - --------- d-----w C Documents and Settings Application Data uTorrent - - --------- d-----w C Program Files Malwarebytes' Anti-Malware - - --------- d-----w C Program Files SpywareBlaster - - --------- d-----w C Documents and Settings Application Data Skype - - --------- d-----w C Documents and Settings Application Data skypePM - - --------- d-----w C Program Files Common Files Symantec Shared - - ----a-w C WINDOWS system drivers mbamswissarmy sys - - ----a-w C WINDOWS system drivers mbam sys - - --------- d-----w C Program Files Common Files Adobe - - --------- d-----w C Program Files ImageJ - - ----a-w C WINDOWS system drivers SYMEVENT INF - - ----a-w C WINDOWS system drivers SYMEVENT SYS - - ----a-w C WINDOWS system drivers SYMEVENT CAT - - --------- d-----w C Program Files Symantec - - ----a-w C WINDOWS system drivers srv sys - - --------- d-----w C Documents and Settings All Users Application Data Spybot - Search amp Destroy - - --------- d--h--w C Program Files InstallShield Installation Information - - --------- d-----w C Program Files Windows Desktop Search - - --------- d-----w C Program Files Microsoft Silverlight - - ----a-w C Documents and Settings All Users Application Data ezsid dat - - -csha-r C WINDOWS Regbak dat Reg Loading Points Note empty entries amp legit default entries are not shown REGEDIT HKEY LOCAL MACHINE Browser Helper Objects BBD -D B- DD-B EC-CEBF D - - --a------ C WINDOWS system vumer dll HKEY CURRENT USER SOFTWARE Microsoft Windows CurrentVersion Run quot ctfmon exe quot quot C WINDOWS system ctfmon exe quot - - HKEY LOCAL MACHINE SOFTWARE Microsoft Windows CurrentVersion Run quot ccApp quot quot C Program Files Common Files Symantec Shared ccApp exe quot - - quot osCheck quot quot C Program Files Norton AntiVirus osCheck exe quot - - quot Symantec PIF AlertEng quot quot C Program Files Common Files Symantec Shared PIF B E DD - - c -B F- F FCA A PIFSvc exe quot - - quot Adobe Reader Speed Launcher quot quot C Program Files Adobe Reader Reader Reader sl exe quot - - quot SynTPLpr quot quot C Program Files Synaptics SynTP SynTPLpr exe quot - - quot SynTPEnh quot quot C Program Files Synaptics SynTP SynTPEnh exe quot - - HKEY USERS DEFAULT Software Microsoft Windows CurrentVersion Run quot CTFMON EXE quot quot C WINDOWS system CTFMON EXE quot - - quot DWQueuedReporting quot quot C PROGRA COMMON MICROS DW dwtrig exe quot - - HKEY LOCAL MACHINE SOFTWARE Microsoft Windows CurrentVersion ShellServiceObjectDelayLoad quot ieModule quot D B- E - F - F E- E B F - C Documents and Settings All Users Application Data Microsoft Internet Explorer DLLs ieModule dll - - quot InternetConnection quot D DBEE C- - -BDF - AD A A FD - C Documents and Settings All Users Application Data Microsoft Internet Explorer DLLs kadjpmhihk dll - - HKEY LOCAL MACHINE software microsoft windows nt currentversion winlogon notify fdeadfeefbdd - - C W... Read more

A:Malwarebytes and HijackThis won't run

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a description of your problem, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed. Use the 'Add Reply' and add the new log to this thread. Also please explain your problem as fully as possible. Each little detail will help in getting your system cleaned up and functional again.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scans:Please perform an AVG AS Online Malware ScanWhen a dialog box appears asking you if you would like to download and install the ewido anti-spyware online scanner.
Please click Yes to allow the download. Click on Start Scan. If any infections are found, Click on Remove Infections. * Download DDS by sUBs from one of the following links. Save it to your desktop. DDS.com DDS.scr DDS.pif * Double click on the DDS icon, allow it to run. * A small box will open, with an explaination about the tool. No input is needed, the scan is running. * Notepad will open with the results, click no to the Optional_Scan * Follow the instructions that pop up for posting the results. * Close the program window, and delete the program from your desktop.Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.Information on A/V control HEREAfter your response, someone will be with you soon.

http://www.bleepingcomputer.com/forums/t/197215/malwarebytes-and-hijackthis-wont-run/
Relevancy 47.73%

Hi,

I am running windows XP SP3 with ESET Smart security.
ESET blocked the execution of a program. It detected: Win32/Kryptik.YQ trojan.
Malwarebytes and HijackThis won't run. I also tried inherit.exe. It allows me to start mbam again, but disappears after 3 seconds again.
Please advise me what to do.

thanks,
Maarten vb

A:Malwarebytes and HijackThis won't run

Welcome to BCLet's see if we can produce a log or twoWe Need to check for Rootkits with RootRepealDownload RootRepeal from the following location and save it to your desktop.Direct Download (Recommended)Primary MirrorSecondary MirrorSecondary MirrorSecondary MirrorZip Mirrors (Recommended if you have a slower connection or if the Direct Download mirror is down)
Primary MirrorSecondary MirrorSecondary MirrorRar Mirrors - Only if you know what a RAR is and can extract it.
Primary MirrorSecondary MirrorSecondary MirrorExtract RootRepeal.exe from the archive (If you did not use the "Direct Download" mirror).Open on your desktop.Click the tab.Click the button.Check all seven boxes: Push OkCheck the box for your main system drive (Usually C:), and press Ok.Allow RootRepeal to run a scan of your system. This may take some time.Once the scan completes, push the button. Save the log to your desktop, using a distinctive name, such as RootRepeal.txt. Include this report in your next reply, please.----------------------------------Please note: If Rootrepeal fails to run, try this step: Click Settings - Options. Set the Disk Access slider to HighAlso try: right-click on rootrepeal.exe and rename it to tatertot.scr============================Please download Win32kDiag.exe by AD and save it to your desktop.alternate download 1alternate download 2This tool will create a diagnostic report Double-click on Win32kDiag.exe to run and let it finish. When it states Finished! Press any key to exit..., press any key on your keyboard to close the program. A file called Win32kDiag.txt should be created on your Desktop.Open that file in Notepad and copy/paste the entire contents (from Starting up... to Finished! Press any key to exit...) in your next reply.-------------------------------------- Go to > Run..., then copy and paste this command into the open box: cmdClick OK.At the command prompt C:\>, copy and paste the following command and press Enter:DIR /a/s %windir%\scecli.dll %windir%\netlogon.dll %windir%\eventlog.dll >Log.txt & START notepad Log.txtA file called log.txt should be created on your Desktop.Open that file and copy/paste the contents in your next reply.

http://www.bleepingcomputer.com/forums/t/265398/malwarebytes-and-hijackthis-wont-run/
Relevancy 47.73%

For the last week I have had repeated viruses and trojans appearing every time I scan I think it started when 'System Defender' appeared on my laptop which log HijackThis/Malwarebytes I think I managed to get rid of I recently changed from using Avast and Spybot Search amp Destroy to Avir and A-Squared I also use Malwarebytes Whenever I use internet explorer or firefox it opens up saying it was interrupted unexpectedly and if I want to re-open web pages If I click yes I get around pop ups While using the browsers I hear noises of pop ups being blocked and music such as Gwen Stefani very random but no visual sign of either them being blocked or of the pop up windows I then get a message from Avir saying a virus has been found usually 'HTML Infected WebPage Gen - Malware' Every program I scan with finds new corrupt files I also can not get into safe mode I am beginning to get quite worried Here is my HijackThis log Logfile of Trend Micro HijackThis v Scan saved at on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot HijackThis/Malwarebytes log mode NormalRunning processes C WINDOWS System smss exeC WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system svchost exeC WINDOWS System svchost exeC WINDOWS system svchost exeC WINDOWS system spoolsv exeC Program Files Avira AntiVir Desktop sched exeC WINDOWS Explorer EXEC WINDOWS system igfxtray exeC WINDOWS system hkcmd exeC WINDOWS system igfxpers exeC WINDOWS RTHDCPL EXEC Program Files Synaptics SynTP SynTPEnh exeC Program Files Toshiba Toshiba Applet thotkey exeC WINDOWS system TPSMain exeC Program Files TOSHIBA TOSHIBA Zooming Utility SmoothView exeC Program Files TOSHIBA ConfigFree NDSTray exeC Program Files TOSHIBA TOSHIBA Direct Disc Writer ddwmon exeC Program Files TOSHIBA Toshiba Online Product Information topi exeC Program Files Search Settings SearchSettings exeC WINDOWS vVX exeC Program Files Canon MyPrinter BJMyPrt exeC Program Files Avira AntiVir Desktop avgnt exeC Program Files TOSHIBA TOSCDSPD toscdspd exeC WINDOWS system ctfmon exeC Program Files Common Files Ahead Lib NMBgMonitor exeC Program Files Sony Ericsson Sony Ericsson PC Suite SEPCSuite exeC Program Files Panasonic PHOTOfunSTUDIO PhAutoRun exeC WINDOWS system igfxsrvc exeC Program Files Common Files Ahead Lib NMIndexStoreSvr exeC WINDOWS system TPSBattM exeC Program Files a-squared Free a service exeC Program Files Common Files ArcSoft Connection Service Bin ACService exeC WINDOWS system agrsmsvc exeC Program Files Avira AntiVir Desktop avguard exeC Program Files TOSHIBA ConfigFree CFSvcs exeC Program Files Java jre bin jqs exeC Program Files Common Files LightScribe LSSrvc exeC Program Files Common Files Microsoft Shared VS DEBUG MDM EXEC Program Files Microsoft LifeCam MSCamS exeC WINDOWS system svchost exeC Program Files Toshiba TOSHIBA Applet TAPPSRV exeC WINDOWS system TODDSrv exec Program Files Toshiba Bluetooth Toshiba Stack TosBtSrv exeC Program Files Common Files Ahead Lib NMIndexingService exeC WINDOWS system ctfmon exeD setup exeC Program Files Trend Micro HijackThis HijackThis exeR - HKCU Software Microsoft Internet Explorer Main Search Page www google co ukR - HKCU Software Microsoft Internet Explorer Main Start Page http www plymouth ac uk R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Internet Connection Wizard ShellNext http go microsoft com fwlink LinkId R - URLSearchHook no name - E E- - F - DAB-FCDD B E D - no file O - Hosts google aeO - Hosts google asO - Hosts google atO - Hosts google azO - Hosts google baO - Hosts google beO - Hosts google bgO - Hosts go... Read more

A:HijackThis/Malwarebytes log

Hello! My name is Sam and I will be helping you. In order to see what's going on with your computer I will ask for you to post various logs from the tools that we will use to resolve your issue. Please also share with me any information about how your computer is reacting and behaving each step of the way as we work through this process.We need to create an OTL ReportPlease download OTL from hereSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.Under the Custom Scan box paste this in

netsvcs
%SYSTEMDRIVE%\*.exe
%SYSTEMDRIVE%\eventlog.dll /s /md5
%SYSTEMDRIVE%\scecli.dll /s /md5
%SYSTEMDRIVE%\netlogon.dll /s /md5
%SYSTEMDRIVE%\cngaudit.dll /s /md5
%SYSTEMDRIVE%\sceclt.dll /s /md5
%SYSTEMDRIVE%\ntelogon.dll /s /md5
%SYSTEMDRIVE%\logevent.dll /s /md5
%SYSTEMDRIVE%\iaStor.sys /s /md5
%SYSTEMDRIVE%\nvstor.sys /s /md5
%SYSTEMDRIVE%\atapi.sys /s /md5
%SYSTEMDRIVE%\IdeChnDr.sys /s /md5
%SYSTEMDRIVE%\viasraid.sys /s /md5
%SYSTEMDRIVE%\AGP440.sys /s /md5
%SYSTEMDRIVE%\vaxscsi.sys /s /md5
%SYSTEMDRIVE%\nvatabus.sys /s /md5
%SYSTEMDRIVE%\viamraid.sys /s /md5
%SYSTEMDRIVE%\nvata.sys /s /md5
CREATERESTOREPOINT

Click the "Quick Scan" button.The scan should take just a few minutes.Please copy and paste both logs back here in your next reply.=============The next log will show us any hidden files that are present.Download RootRepeal from the following location and save it to your desktop.Direct Download (Recommended)Primary MirrorSecondary MirrorSecondary MirrorSecondary MirrorZip Mirrors (Recommended if you have a slower connection or if the Direct Download mirror is down)
Primary MirrorSecondary MirrorSecondary MirrorRar Mirrors - Only if you know what a RAR is and can extract it.
Primary MirrorSecondary MirrorSecondary MirrorExtract RootRepeal.exe from the archive (If you did not use the "Direct Download" mirror).Open on your desktop.Click the tab.Click the button.Check all seven boxes: Push OkCheck the box for your main system drive (Usually C:), and press Ok.Allow RootRepeal to run a scan of your system. This may take some time.Once the scan completes, push the button. Save the log to your desktop, using a distinctive name, such as RootRepeal.txt. Include this report in your next reply, please.

http://www.bleepingcomputer.com/forums/t/273989/hijackthismalwarebytes-log/
Relevancy 47.73%

u can check my logfile and malwarebytes Logfile of Trend Micro HijackThis v Scan saved at on - - Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system nvsvc exe C WINDOWS system svchost hijackthis and malwarebytes log exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C WINDOWS Explorer EXE C WINDOWS RTHDCPL EXE C Programas Synaptics SynTP SynTPEnh hijackthis log and malwarebytes exe C WINDOWS hijackthis log and malwarebytes system RUNDLL EXE C Programas Kaspersky Lab Kaspersky Anti-Virus avp exe C WINDOWS system ctfmon exe C Programas Windows Live Messenger msnmsgr exe C Programas DAEMON Tools Lite DTLite exe C Programas HotKey Driver HotKeyDriver exe C Programas Kaspersky Lab Kaspersky Anti-Virus avp exe C Programas LogMeIn Hamachi hamachi- exe C Programas Java jre bin jqs exe C WINDOWS system svchost exe C Programas Windows Live Contacts wlcomm exe C WINDOWS system wscntfy exe C WINDOWS system wbem wmiapsrv exe C WINDOWS system wbem unsecapp exe C Programas software tmn software tmn exe C Programas Mozilla Firefox firefox exe C Programas Kaspersky Lab Kaspersky Anti-Virus klwtblfs exe D downloads e afins HiJackThis HijackThis exe C WINDOWS system rundll exe R - HKCU Software Microsoft Internet Explorer Main Search Page http search live com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Search SearchAssistant http search live com sphome aspx R - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName Hiperliga es O - BHO AcroIEHelperStub - DF C-E AD- -A -FA C EBDC - C Programas Ficheiros comuns Adobe Acrobat ActiveX AcroIEHelperShim dll O - BHO IEVkbdBHO - AB -E D - F -A A - FA CCA C - C Programas Kaspersky Lab Kaspersky Anti-Virus ievkbd dll O - BHO no name - C C A-E - b - D - CECB - no file O - BHO Auxiliar de Conex o do Windows Live - D - C - ABF- ECC- C - C Programas Ficheiros comuns Microsoft Shared Windows Live WindowsLiveLogin dll O - BHO Java tm Plug-In SSV Helper - DBC -A - b-BC - C C C A - C Programas Java jre bin jp ssv dll O - BHO link filter bho - E CF -D - A- F - F A F - C Programas Kaspersky Lab Kaspersky Anti-Virus klwtbbho dll O - BHO JQSIEStartDetectorImpl - E E F - CE- C -BC -EABFE F C - C Programas Java jre lib deploy jqs ie jqs plugin dll O - HKLM Run RTHDCPL RTHDCPL EXE O - HKLM Run Alcmtr ALCMTR EXE O - HKLM Run SynTPEnh C Programas Synaptics SynTP SynTPEnh exe O - HKLM Run nwiz nwiz exe installquiet O - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS system NvCpl dll NvStartup O - HKLM Run NvMediaCenter RUNDLL EXE C WINDOWS system NvMcTray dll NvTaskbarInit O - HKLM Run Adobe Reader Speed Launcher quot C Programas Adobe Reader Reader Reader sl exe quot O - HKLM Run Adobe ARM quot C Programas Ficheiros comuns Adobe ARM AdobeARM exe quot O - HKLM Run AVP quot C Programas Kaspersky Lab Kaspersky Anti-Virus avp exe quot O - HKCU Run CTFMON EXE C WINDOWS system ctfmon exe O - HKCU Run msnmsgr quot C Programas Windows Live Messenger msnmsgr exe quot background O - HKCU Run DAEMON Tools Lite quot C Programas DAEMON Tools Lite DTLite exe quot -autorun O - HKUS S- - - Run CTFMON EXE C WINDOWS system CTFMON EXE User SERVI O LOCAL O - HKUS S- - - Run CTFMON EXE C WINDOWS system CTFMON EXE User Servi o de rede O - HKUS S- - - Run CTFMON EXE C WINDOWS system CTFMON EXE User SYSTEM O - HKUS DEFAULT Run CTFMON EXE C WINDOWS system CTFMON EXE User Default user O - Startup ImpulseNow lnk C Programas Stardock Impulse Now ImpulseNow exe O - Glob... Read more

https://forums.techguy.org/threads/hijackthis-log-and-malwarebytes.906960/
Relevancy 47.73%

Hey Im tom new to this site and was wondering if you could so kindly help me out I have AVG full version and it keeps saying threat detected Win virut and win heur virus's but it wont remove it for some reason it just keeps coming up I downloaded HiJackThis and Malwarebytes and ran and scan here are the Logs Logfile of Trend Micro HijackThis and Malwarebytes HiJackThis HELP! Log Log, Please v Scan saved at on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode NormalRunning processes C WINDOWS System smss exeC WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system svchost exeC WINDOWS System svchost exeC PROGRA AVG AVG avgwdsvc exeC WINDOWS system svchost exeC PROGRA AVG AVG avgemc HiJackThis Log and Malwarebytes Log, Please HELP! exeC PROGRA AVG AVG avgam exeC PROGRA AVG AVG avgrsx exeC Program Files AVG AVG avgcsrvx exeC WINDOWS Explorer EXEC PROGRA AVG AVG avgtray exeC WINDOWS system ctfmon exeC PROGRA AVG AVG HiJackThis Log and Malwarebytes Log, Please HELP! avgnsx exeC Program Files Malwarebytes' Anti-Malware mbam exeC Program Files Trend Micro HijackThis HijackThis exeR - HKCU Software Microsoft Internet Explorer Main Start Page www google com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - URLSearchHook AVG Security Toolbar BHO - A BC A - F - -AA - D C - C Program Files AVG AVG Toolbar IEToolbar dllR - URLSearchHook no name - CFBFAE - A - D - CB- C FD - no file F - REG system ini UserInit C WINDOWS system userinit exe C WINDOWS system sdra exe O - BHO AcroIEHelperStub - DF C-E AD- -A -FA C EBDC - C Program Files Common Files Adobe Acrobat ActiveX AcroIEHelperShim dllO - BHO WormRadar com IESiteBlocker NavFilter - CA F - F E- B -A E- E E C C - C Program Files AVG AVG avgssie dllO - BHO Windows Live Sign-in Helper - D - C - ABF- ECC- C - C Program Files Common Files Microsoft Shared Windows Live WindowsLiveLogin dllO - BHO AVG Security Toolbar BHO - A BC A - F - -AA - D C - C Program Files AVG AVG Toolbar IEToolbar dllO - Toolbar AVG Security Toolbar - CCC A -B CA- -B A - F DD - C Program Files AVG AVG Toolbar IEToolbar dllO - Toolbar no name - AAC-C - - E A- E A E - no file O - HKLM Run AVG TRAY C PROGRA AVG AVG avgtray exeO - HKLM RunOnce Malwarebytes' Anti-Malware C Program Files Malwarebytes' Anti-Malware mbamgui exe install silentO - HKCU Run ctfmon exe C WINDOWS system ctfmon exeO - HKCU Run msnmsgr quot C Program Files Windows Live Messenger msnmsgr exe quot backgroundO - HKUS S- - - Run CTFMON EXE C WINDOWS system CTFMON EXE User 'LOCAL SERVICE' O - HKUS S- - - Run CTFMON EXE C WINDOWS system CTFMON EXE User 'NETWORK SERVICE' O - HKUS S- - - Run CTFMON EXE C WINDOWS system CTFMON EXE User 'SYSTEM' O - HKUS DEFAULT Run CTFMON EXE C WINDOWS system CTFMON EXE User 'Default user' O - Startup Windows Updater lnk C Documents and Settings Tom Local Settings Temp JDstart exeO - Extra button no name - B E C - FCB- CF-AAA - C - C Program Files Java j re bin npjpi dllO - Extra 'Tools' menuitem Sun Java Console - B E C - FCB- CF-AAA - C - C Program Files Java j re bin npjpi dllO - Extra button Messenger - FB F -F - d -BB E- C F - no file O - Extra 'Tools' menuitem Windows Messenger - FB F -F - d -BB E- C F - no file O - Unknown file in Winsock LSP c windows system nwprovau dllO - DPF BF D - C - B -BC -D ABDDC B QuickTime Plugin Control - http appldnld apple com edgesuite net co ex qtplugin cabO - DPF B-B - D-A D -FCFDF E C WUWebControl Class - http www update microsoft com windowsupd b O - DPF DABFBF-D AB- FA- C -CC F DivXBrowserPlugin Object - http download divx com player DivXBrowserPlugin cabO - DPF ... Read more

A:HiJackThis Log and Malwarebytes Log, Please HELP!

BTW just to say, I also have spyware doctor 6 which didnt find any kind of virus, and have ran a Dr.Web virus scan which has found alot of files infected with Win32.Virut.56.Thanks again.Hello Tdot09,We ask that once you have posted your log and are waiting, please DO NOT "bump" your thread or make further replies until it has been responded to by a member of the HJT Team. The reason we ask this or do not respond to your requests is because that would remove you from the active queue that Techs and Staff have access to. The malware staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response, there will be 1 reply. A team member, looking for a new log to work may assume another HJT Team member is already assisting you and not open the thread to respond.That is why I have made an edit to your last post, instead of a reply. Please do not multiple post here, as that only pushes you further down the queue and causes confusion to the staff.Please be patient. It may take a while to get a response but your log will be reviewed and answered as soon as possible.Thank you for understanding.Regards,The weatherman (Moderator)

http://www.bleepingcomputer.com/forums/t/258304/hijackthis-log-and-malwarebytes-log-please-help/
Relevancy 47.73%

ok, so i have the 2008 norton internet security program and it tells me that i have this virus called "infostealer", but i can't get rid of it, so i downloaded malwarebytes and hijackthis, but neither of them would open. I would click on the programs and nothing would happen, no error message or anything. I even tried running both of them in safemode, but the same problem kept happening. I'm not sure if "infostealer" is connected to all this or some other virus, but i would seriously appreciate some help. i have Window XP
 

Relevancy 47.73%

The computer will not run any spyware or antivirus software Hijackthis,or Can't Malwarebytes, Run else... anything I have tried about different programs It may install and then crash when running or I may just immediately get the following error message quot Windows cannot access the specified device path or file You may not have the appropriate permissions to access the item quot I think that it has one of the rootkits that are running wild but I am not sure if it is or how to fix it I can t run hijackthis or anything else I did run Sophos and below is the log Thank Can't Run Malwarebytes, Hijackthis,or anything else... you so much for the help Sophos Anti-Rootkit Version copy Sophos Plc Started logging on at AM User quot carol quot on computer quot OWNER- EA quot Can't Run Malwarebytes, Hijackthis,or anything else... Windows version SP Service Pack build SM x PT x Win Info Starting process scan Info Starting registry scan Hidden registry item HKEY USERS S- - - Software Microsoft Windows Can't Run Malwarebytes, Hijackthis,or anything else... CurrentVersion Internet Settings Cache Extensible Cache MSHist Info Starting disk scan of C NTFS Hidden file C WINDOWS system dimap dll Hidden file C Program Files Malwarebytes Anti-Malware mbam exe Hidden file C cleanup exe Hidden file C Software Google Updater exe Hidden file C Program Files Spybot - Search amp Destroy SpybotSD exe Hidden file C System Volume Information restore F AFFDDC- B B- B -BF -B DDDF DFD RP A sys Hidden file C System Volume Information restore F AFFDDC- B B- B -BF -B DDDF DFD RP A exe Hidden file C System Volume Information restore F AFFDDC- B B- B -BF -B DDDF DFD RP A exe Hidden file C WINDOWS system eventlog dll Hidden file C Documents and Settings tony Local Settings Temp UAC c tmp Hidden file C WINDOWS system dllcache figaro sys Hidden file C System Volume Information restore F AFFDDC- B B- B -BF -B DDDF DFD RP A exe Hidden file C Program Files CA CA Internet Security Suite CA Anti-Virus caavguiscan exe Hidden file C Program Files CA CA Internet Security Suite CA Anti-Virus vetmsg exe Hidden file C f a f ffffd a e c dc amd xpssvcs dll Hidden file C f a f ffffd a e c dc amd mxdwdrv dll Hidden file C f a f ffffd a e c dc amd filterpipelineprintproc dll Hidden file C f a f ffffd a e c dc i xpssvcs dll Hidden file C f a f ffffd a e c dc i mxdwdrv dll Hidden file C f a f ffffd a e c dc i filterpipelineprintproc dll Stopped logging on at AM

A:Can't Run Malwarebytes, Hijackthis,or anything else...

Welcome to BC Let's get one more log with rootrepealInstall RootRepealClick here - Official Rootrepeal Site, and download RootRepeal.zip. I recommend downloading to your desktop. Fatdcuk at Malwarebytes posted a comprehensive tutorial - Self Help guide can be found here if needed.: Malwarebytes Removal and Self Help Guides.Click RootRepeal.exe to open the scanner. Click the Report tab, now click on Scan. A Window will open asking what to include in the scan. Check the following items: DriversProcessesSSDTStealth ObjectsHidden ServicesClick OKScan your C Drive (Or your current system drive) and click OK. The scan will begin. This my take a moment, so please be patient. When the scan completes, click Save Report. Name the log RootRepeal.txt and save it to your Documents folder - (Default folder). Paste the log into your next reply.

http://www.bleepingcomputer.com/forums/t/257775/cant-run-malwarebytes-hijackthisor-anything-else/
Relevancy 47.73%

Hi Had a trojan virus DL d and ran malwarebyte reboot Hijackthis got the two log files I don t know what to fix or delete etc etc my PC expertise falls short Please could someone just check it out ThanksMalawarebyte Malwarebytes Anti-Malware www malwarebytes orgDatabase version Windows Service Pack Internet Explorer mbam-log- - HijackThis Malwarebytes help and - - - txtScan type Full scan C D E Objects scanned Time elapsed minute s second s Memory Processes Infected Memory Modules Infected Registry Keys Infected HijackThis and Malwarebytes help Registry Values Infected Registry Data Items Infected Folders Infected Files Infected Memory Processes Infected No malicious HijackThis and Malwarebytes help items detected Memory Modules Infected No malicious items detected Registry Keys Infected HKEY CURRENT USER SOFTWARE XML Trojan HijackThis and Malwarebytes help FakeAlert - gt Quarantined and deleted successfully HKEY CURRENT USER SOFTWARE QZAIB KITK Trojan FakeAlert - gt Quarantined and deleted successfully Registry Values Infected No malicious items detected Registry Data Items Infected No malicious items detected Folders Infected No malicious items detected Files Infected C Users Lord amp Emperor AppData Local Temp somnwracxe exe Trojan Downloader - gt Quarantined and deleted successfully C Windows Tasks DC -A - d -B C -FD CA A C job Trojan Downloader - gt Quarantined and deleted successfully HijackThis Logfile of Trend Micro HijackThis v Scan saved at on Platform Windows Vista SP WinNT MSIE Internet Explorer v Boot mode NormalRunning processes C Windows system Dwm exeC Windows Explorer EXEC Windows system taskeng exeC Users LORD amp E AppData Local Temp Mf exeC Windows System mobsync exeC Program Files Windows Defender MSASCui exeC Program Files ESET ESET NOD Antivirus egui exeD Software iTunesHelper exeC Program Files Windows Sidebar sidebar exeC Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exeC Program Files RALINK Common RaUI exeC Program Files Internet Explorer iexplore exeC Program Files Internet Explorer iexplore exeC Program Files Google Google Toolbar GoogleToolbarUser exeC Windows system Macromed Flash FlashUtil e exeC Program Files Internet Explorer iexplore exeC Windows system SearchFilterHost exeC Program Files Trend Micro HijackThis HijackThis exeR - HKCU Software Microsoft Internet Explorer Main Search Bar PreserveR - HKCU Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Internet Explorer Main Start Page http www google co uk R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Search SearchAssistant R - HKLM Software Microsoft Internet Explorer Search CustomizeSearch R - HKCU Software Microsoft Internet Explorer Main Local Page R - HKLM Software Microsoft Internet Explorer Main Local Page R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride localR - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName O - Hosts localhostO - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Common Files Adobe Acrobat ActiveX AcroIEHelper dllO - BHO no name - C C A-E - b - D - CECB - no file O - BHO Windows Live ID Sign-in Helper - D - C - ABF- ECC- C - C Program Files Common Files Microsoft Shared Windows Live WindowsLiveLogin dllO - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - C Program Files Google Google Toolbar GoogleToolbar dllO - BHO Google Toolbar Notifier BHO - AF DE - D - -B FA-CE B AD D - C Program Files Google GoogleToolbarNotifier swg dllO - BHO Java Plug-In SS... Read more

A:HijackThis and Malwarebytes help

think i found it....'mf1.exe'

http://www.bleepingcomputer.com/forums/t/313503/hijackthis-and-malwarebytes-help/
Relevancy 47.3%

Since early today my Kaspersky Anti-Virus will randomly close with quot Will you like to report problem to Microsoft quot message popping up I installed AVG Anti-Virus and did a scan and removed trojans viruses Also I think I have other possible viruses trojans undetected and would like help to clean my computer from any further spyware trojans viruses etc Here is my log Logfile of comp Possibly virus Anti-Virus randomly Kaspersky closing; Solved: infected HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Solved: Kaspersky Anti-Virus randomly closing; Possibly virus infected comp SP Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system Ati evxx exe C WINDOWS system svchost exe C Program Files Windows Defender MsMpEng exe C WINDOWS System svchost exe C WINDOWS system Ati evxx exe C WINDOWS system spoolsv exe C Program Files ewido anti-spyware guard exe C Program Files Dantz Retrospect retrorun exe C WINDOWS System svchost exe C WINDOWS Explorer EXE C WINDOWS SOUNDMAN EXE C Program Files Java jre bin jusched exe C WINDOWS system RunDll exe C Program Files Adobe Adobe Acrobat Distillr Acrotray exe C Program Files CyberLink DVD Solution PowerDVD PDVDServ exe C PROGRA Dantz RETROS ComboButton exe C WINDOWS System spool drivers w x hpztsb exe C Program Files Windows Defender MSASCui exe C Program Files MSN Messenger msnmsgr exe C Program Files ATI Technologies ATI ACE CLI EXE C Program Files Hewlett-Packard Digital Imaging bin hpohmr exe C Program Files Hewlett-Packard Digital Imaging bin hpotdd exe C Program Files Hewlett-Packard Digital Imaging bin hpoevm exe C Program Files Microsoft Broadband Networking MSBNTray exe C Program Files Hewlett-Packard Digital Imaging Bin hpoSTS exe C Program Files ATI Technologies ATI ACE cli exe C Program Files ATI Technologies ATI ACE cli exe C WINDOWS system svchost exe C PROGRA Grisoft AVGFRE avgamsvr exe C PROGRA Grisoft AVGFRE avgemc exe C PROGRA Grisoft AVGFRE avgupsvc exe C Program Files Grisoft AVG Free avgcc exe C Program Files Opera Opera exe C Program Files Kaspersky Lab Kaspersky Anti-Virus avp exe C Program Files Kaspersky Lab Kaspersky Anti-Virus avp exe C Documents and Settings Shane Singh My Documents Shane s Folder HijackThis HijackThis exe C Program Files Kaspersky Lab Kaspersky Anti-Virus userdump exe O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Adobe Adobe Acrobat ActiveX AcroIEHelper dll O - BHO no name - - F - D - - D F - C PROGRA SPYBOT SDHelper dll O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - BHO Windows Live Sign-in Helper - D - C - ABF- ECC- C - C Program Files Common Files Microsoft Shared Windows Live WindowsLiveLogin dll O - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - c program files google googletoolbar dll O - BHO Adobe PDF Conversion Toolbar Helper - AE CD -E - f- - EE - C Program Files Adobe Adobe Acrobat Acrobat AcroIEFavClient dll O - BHO MSNToolBandBHO - BDBD DAD-C - A -ADC - B B FF D - C Program Files MSN Apps MSN Toolbar en-us msntb dll file missing O - Toolbar Adobe PDF - -D C - - FA - E EAAC - C Program Files Adobe Adobe Acrobat Acrobat AcroIEFavClient dll O - Toolbar amp Google - C B - - d - B - A CD F - c program files google googletoolbar dll O - HKLM Run SoundMan SOUNDMAN EXE O - HKLM Run SunJavaUpdateSched C Program Files Java jre bin jusched exe O - HKLM Run BigDogPath C WINDOWS VM STI EXE USB PC Camera P O - HKLM Run CmUsbSound RunDll cmcnfgu cpl CMICtrlWnd O - HKLM Run Acrobat Assistant quot C Program Files Adobe Adobe Acrobat Distillr Acrotray exe quot O - HKLM Run RemoteControl quot C Program Files CyberLink DVD Solution PowerDVD PDVDServ exe quot O - HKLM Run NeroFilterCheck C WINDOWS system NeroCheck exe O - HKLM Run IMJPMIG quot C WINDOWS IME imjp IMJPMIG EXE quot Spoil RemAdvDef Migration O - HKLM Run MSPY C WINDOWS Syste... Read more

https://forums.techguy.org/threads/solved-kaspersky-anti-virus-randomly-closing-possibly-virus-infected-comp.520501/
Relevancy 47.3%

hrm, when i have like... windows media player up, or, i think anything else, anything open works, but nothing will open and when i try to open them my comp thinks for a second then just stops thinking, and makes a lil ding noise to comfirm it cant open, then when i close whatever im doing i can start opening things, lemme give you a hijack this log
bah, i have to close internet explorer to run it, so ill post it on the reply
 

A:Things dont open/Hijackthis log

hrm, sorry about that, when i closed internet explorer and tried opening hijackthis with windows explorer open, it said "not enough memory" so i restarted my computer and it closed something really big it was doing (and i dont know what it was, maybe bittorrent) it fixed... so umm, heres my hijackthis log anyway, just in case anything is wrong
Logfile of HijackThis v1.97.7
Scan saved at 3:47:07 PM, on 1/2/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\Program Files\NavNT\defwatch.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\Program Files\NavNT\rtvscan.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
C:\Program Files\NavNT\vptray.exe
F:\Program Files\D-Tools\daemon.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\WINDOWS\System32\MsgSys.EXE
C:\Program Files\Trillian\trillian.exe
C:\Documents and Settings\Justin\Desktop\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe

O1 - Hosts: 204.89.253.1 dns1 # Smithville DNS Server 1
O1 - Hosts: 204.89.253.2 dns2 # Smithville DNS Server 2
O1 - Hosts: 194.164.136.2 fs # Family Systems
O1 - Hosts: 207.207.198.102 fsfax # JKC Fax Processor
O1 - Hosts: 66.244.85.193 gateway # gateway public address
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [PRONoMgr.exe] c:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
O4 - HKLM\..\Run: [vptray] C:\Program Files\NavNT\vptray.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "F:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"
O4 - HKLM\..\Run: [RoxioAudioCentral] "C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ATI Launchpad] "C:\Program Files\ATI Multimedia\main\launchpd.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] F:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [AIM] F:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: ATI TV (HKLM)
O9 - Extra button: AIM (HKLM)
O9 - Extra button: ICQ Lite (HKLM)
O... Read more

https://forums.techguy.org/threads/things-dont-open-hijackthis-log.191864/
Relevancy 47.3%

Here is my HijackThis log I know that there are a lot of things wrong on my computer could you guys give me some support -------------------------------------------------------------- Logfile of HijackThis v Scan saved at AM on Platform Windows XP WinNT MSIE Internet Explorer v Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system LEXBCES EXE C WINDOWS system spoolsv exe C WINDOWS system LEXPPS EXE C WINDOWS system cisvc exe C WINDOWS System svchost exe C WINDOWS system sysfrcx exe C WINDOWS Explorer EXE C WINDOWS System RunDll exe C Program Files Common Files Real Update OB realsched exe C Program Files Lexmark X Series lxbkbmgr LOG (lots wrong) things of HiJackThis ----> HELP!!! exe C Program Files Lexmark X Series lxbkbmon exe C Program Files Java jre bin jusched exe C Program Files Logitech MouseWare system em exec exe C PROGRA SUNBEL COUNTE SUNASD exe C WINDOWS System apmmsp exe C Program Files rttr erst exe C Program Files Windows Media Components Encoder Wmencagt exe C Program Files Windows Media Player wmplayer exe C Program Files NetZero exec exe C Program Files NetZero exec exe HELP!!! ----> HiJackThis LOG (lots of things wrong) C Program Files Internet Explorer iexplore exe C Program Files MSN Messenger msnmsgr exe C WINDOWS SYSTEM hkdsk exe C WINDOWS system cidaemon exe C PROGRA FlashGet flashget exe C PROGRA WINZIP winzip exe C HELP!!! ----> HiJackThis LOG (lots of things wrong) unzipped hijackthis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Search Bar http my netzero net s search r minisearch R - HKCU Software Microsoft Internet Explorer Main Search Page http my netzero net s search r minisearch R - HKCU Software Microsoft Internet Explorer Main Start Page http www google ca R - HKLM Software Microsoft Internet Explorer Main Default Search URL http my netzero net s search r minisearch R - HKLM Software Microsoft Internet Explorer Main Search Page http my netzero net s search r minisearch R - HKLM Software Microsoft Internet Explorer Search SearchAssistant http my netzero net s search r minisearch R - HKCU Software Microsoft Internet Explorer SearchURL Default http my netzero net s search r minisearch R - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName R - URLSearchHook URLSearchHook Class - D CDBF- AF - AA- -BD D DA C B - C Program Files NZSearch SearchEnh dll O - BHO AcroIEHlprObj Class - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat Reader ActiveX AcroIEHelper ocx O - BHO X IEHook Class - EF -D A - AD-A -E CF - C Program Files NetZero qsacc x IEBHO dll O - BHO no name - - B - d - C - DEC AABE B - no file O - BHO no name - AFB - DD- - FB - EE BA - no file O - BHO ST - EDE -C B - E- - BF AF E - C Program Files MSN Apps ST en-xu stmain dll O - BHO no name - A - C- E -B FB- DC E - no file O - BHO IeCatch Class - A -E CA- D - CD - D B - C PROGRA FLASHGET jccatch dll O - BHO no name - A - EE- D -B - DE - no file O - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - c program files google googletoolbar dll O - BHO no name - B A - D - -E AE- C CF DE - C WINDOWS System egqn dll O - BHO MSNToolBandBHO - BDBD DAD-C - A -ADC - B B FF D - C Program Files MSN Apps MSN Toolbar en-us msntb dll O - BHO no name - F D D - DCA- D -B FB- DC E - no file O - BHO no name - F B C- -C C - C - A A B - C WINDOWS System vvzbq dll O - Toolbar ZeroBar - F C - FB - FE-BA - E DDE - C Program Files NetZero toolbar dll O - Toolbar FlashGet Bar - E E AB-F - D - D - BA E - C PROGRA FLASHGET fgiebar dll O - Toolbar MSN - BDAD DAD-C - A -ADC - B B FF D - C Program Files MSN Apps MSN Toolbar en-us msntb dll O - Toolbar amp Google - C B - - d - B - A CD F - c program files google googletoolbar dll O - Toolbar no name - EE A E- - f -A B- D - no file O - Toolbar ISTbar - FAA E -D - a -AB -A C E D - C Program Files ISTbar istbarcm dll file mi... Read more

A:HELP!!! ----> HiJackThis LOG (lots of things wrong)

Download this tool to your desktop:

FixO.exe

Doubleclick FixO.exe and choose install.
This will create a new folder on your desktop called FixO
Open the folder and doubleclick FixO.bat

It will generate a log afterwards. Copy and paste the contents of that log in your next reply.


Download Ewido Security SuiteInstall Ewido Security Suite
When installing, under "Additional Options" uncheck..Install background guard
Install scan via context menu

Double-click the icon on Desktop to launch Ewido
You will need to update Ewido to the latest definition files.On the left hand side of the main screen click update.
Then click on Start Update.
The update will start and a progress bar will show the updates being installed.
If you are having problems with the updater, you can use this link to manually update Ewido
When you have finished updating, EXIT Ewido.


= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =


Next, please reboot your computer in SafeMode by doing the following:
1. Restart your computer
2. After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
3. Instead of Windows loading as normal, a menu should appear
4. Select the first option, to run Windows in Safe Mode.


= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =


** Please disable all other antivirus programs before proceeding.**

Run Ewido:Click Scanner
Click Complete System Scan to begin scanning.
Click OK when prompted to clean files
With the first file it prompts to clean, select the option - "Perform action on all infections" - & choose clean and click OK
Once finished, click the Save report button
Save the report to your desktop
Close Ewido
* Ewido scan would require at least an hour. I suggest that you go grab a cup of coffee & do something else while you wait for it to complete.


In your next reply, I require these logs:

Fresh HJT log
Ewido's report
FixO's log


Quote:




Before we can proceed any further, please visit Microsoft's Windows Update Page and install ALL Critcal Updates for your system (except Service Pack 2 (SP2). SP2 should only be installed on a fully disinfected system). At the minimum install at least SP1a for both XP and IE6.

Without these updates your system is wide open to re-infection and we are both wasting our efforts to clean your system. After we have completed your clean-up, we will have you return to the Windows Update page and install SP2. We will also then advise you on how to better protect yourself online.

Please apply those updates BEFORE posting your next log. It is this forum's policy to stop the disinfection process until these basic updates are done. If during the updating process you get a message that your product key is invalid ....then you may not have a legitimate copy of Windows XP. Unfortunately it?s also this forums policy that we only address users with a legal copy of Windows XP.... therefore if you can not update XP to SP1 we must stop the cleansing process here.

Thank you for your cooperation.

http://www.techsupportforum.com/forums/f284/help-hijackthis-log-lots-of-things-wrong-66913.html
Relevancy 47.3%

I cannot keep my explorer exe up and running even in Safe mode I am running or have run Kaspersky BitDefender and F-Secure online scanners removing some but not all of the infected files I cannot - Things happening HijackThis log included Bad get my McAfee to come up at all I have been working on this for the better part of days please help Logfile of Trend Micro HijackThis v BETA Scan saved at PM on Platform Windows XP SP WinNT Boot mode Safe mode with network support Running processes C WINDOWS System smss exe C WINDOWS system csrss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C Bad Things happening - HijackThis log included WINDOWS system svchost exe C WINDOWS system svchost exe C WINDOWS system svchost exe C WINDOWS system svchost exe C WINDOWS system svchost exe C Program Files Lavasoft Ad-Aware aawservice exe C PROGRA McAfee VIRUSS mcods exe C WINDOWS system ctfmon exe C Kaspersky mwavscan com C Kaspersky kavss exe C Documents and Settings serapheme Desktop HiJackThis v exe C Program Files Internet Explorer iexplore exe C WINDOWS system wbem wmiprvse exe R - HKCU Software Microsoft Internet Explorer Main Start Page http google com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKCU Software Microsoft Internet Explorer Main Local Page O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Common Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO no name - F -C - C- C -C A FC E AA - C WINDOWS system pmkhh dll O - BHO Parental Control Toolbar - E BD F- B D- E- FA -A DE DBE - C PROGRA PARENT PARENT DLL O - BHO Spybot-S amp D IE Protection - - F - D - - D F - C PROGRA SPYBOT SDHelper dll O - BHO scriptproxy - DB D A - - E -B D- F C - c PROGRA mcafee VIRUSS scriptcl dll O - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - c program files google googletoolbar dll O - BHO Google Toolbar Notifier BHO - AF DE - D - -B FA-CE B AD D - C Program Files Google GoogleToolbarNotifier swg dll O - Toolbar Parental Control Toolbar - E BD F- B D- E- FA -A DE DBE - C PROGRA PARENT PARENT DLL O - Toolbar Windows Live Toolbar - BDAD DAD-C - A -ADC - B B FF D - C Program Files Windows Live Toolbar msntb dll file missing O - Toolbar amp Google - C B - - d - B - A CD F - c program files google googletoolbar dll O - HKLM Run ATICCC quot C Program Files ATI Technologies ATI ACE cli exe quot runtime -Delay O - HKLM Run P Helper Rundll P dll P Helper O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKLM Run SunJavaUpdateSched quot C Program Files Java jre bin jusched exe quot O - HKLM Run HPDJ Taskbar Utility C WINDOWS system spool drivers w x hpztsb exe O - HKLM Run parentalcontrol quot C Program Files parentalcontrol parentalcontrol exe quot quot C Program Files parentalcontrol parentalcontrol dll quot quot parentalcontrol quot O - HKLM Run scpom quot C Program Files Schoolpop Shopping Buddy schoolpopv exe quot O - HKLM Run AIMPro quot C Program Files AIM AIM Pro aimpro exe quot O - HKLM Run NeroFilterCheck C WINDOWS system NeroCheck exe O - HKLM Run Adobe Photo Downloader quot C Program Files Adobe Photoshop Album Starter Edition Apps apdproxy exe quot O - HKLM Run Adobe Reader Speed Launcher quot C Program Files Adobe Reader Reader Reader sl exe quot O - HKLM Run SmartDefrag quot C Program Files IObit IObit SmartDefrag IObit SmartDefrag exe quot StartUp O - HKCU Run PlaxoUpdate C Program Files Plaxo PlaxoHelper exe -a O - HKCU Run MsnMsgr quot C Program Files MSN Messenger MsnMsgr Exe quot background O - HKCU Run MSMSGS quot C Program Files Messenger msmsgs exe quot background O - HKCU Run igndlm exe C Program Files IGN Download Manager DLM exe windowsstart startifwork O - HKCU Run Yahoo Pager quot C PROGRA Yahoo MESSEN YAHOOM EXE quot -quiet O - HKCU Run swg C Pr... Read more

A:Bad Things happening - HijackThis log included

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 2:09:46 AM, on 10/25/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\PROGRA~1\McAfee\MPS\mps.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\McAfee\MPS\mpsevh.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe
C:\Program Files\Plaxo\2.12.1.1\PlaxoHelper.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\PROGRA~1\Nero\data\Xtras\mssysmgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Documents and Settings\serapheme\Desktop\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptcl.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [scpom] "C:\Program Files\Schoolpop__Shopping__Buddy\schoolpopv.exe"
O4 - HKLM\..\Run: [SmartDefrag] "C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe" /StartUp
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\RunOnce: [parentalcontrol] C:\DOCUME~1\SERAPH~1\LOCALS~1\Temp\uninstall_load.exe -df "C:\Program Files\parentalcontrol\"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-A... Read more

https://forums.techguy.org/threads/bad-things-happening-hijackthis-log-included.643143/
Relevancy 47.3%

I have looked through old messages that explain how to get rid of whatever creates keylog txt but the directions given don t seem to work for me Another file that I can t seem to get rid of is CDownCom Class in windows downloaded program files see log below Would Keylog.txt things away & that won't go Solved: HijackThis log, some resident genious kindly take a look at the log below and let me know what and how I can safety get Solved: HijackThis log, Keylog.txt & things that won't go away rid of absolutely MUST get rid of and what I should leave as is Let me know if I should re-run HijackThis in safemode I m running Windows Before running HijackThis I ran CWshredder SpybotS amp D Ad-Aware and AVG Grisoft Below is the log from HijackThis Logfile of HijackThis v Scan saved at AM on Platform Windows Solved: HijackThis log, Keylog.txt & things that won't go away Gold Win x MSIE Internet Explorer v Running processes C WINDOWS SYSTEM KERNEL DLL C WINDOWS SYSTEM MSGSRV EXE C WINDOWS SYSTEM MPREXE EXE C WINDOWS SYSTEM mmtask tsk C WINDOWS Solved: HijackThis log, Keylog.txt & things that won't go away SYSTEM WINMODEM wmexe exe C WINDOWS SYSTEM MSTASK EXE C WINDOWS EXPLORER EXE C WINDOWS TASKMON EXE C WINDOWS SYSTEM SYSTRAY EXE C WINDOWS STARTER EXE C WINDOWS SYSTEM ATIPTAAA EXE C USBSTORAGE USBDETECTOR EXE C WINDOWS SYSTEM USBMONIT EXE C WINDOWS SYSTEM AOLMSNGR EXE C PROGRAM FILES REAL REALPLAYER REALPLAY EXE C PROGRAM FILES GRISOFT AVG FREE AVGCC EXE C PROGRAM FILES GRISOFT AVG FREE AVGEMC EXE C WINDOWS SYSTEM MSWHEEL EXE C PROGRAM FILES GRISOFT AVG FREE AVGAMSVR EXE C PROGRAM FILES HEWLETT-PACKARD HP SHARE-TO-WEB HPGS WND EXE C PROGRAM FILES THE HELPSPOT FAWGRD EXE C PROGRAM FILES HEWLETT-PACKARD AIO HP OFFICEJET V SERIES BIN HPOANT EXE C PROGRAM FILES HEWLETT-PACKARD HP SHARE-TO-WEB HPGS WNF EXE C PROGRAM FILES THE HELPSPOT FA GD EXE C PROGRAM FILES THE HELPSPOT RTFIXM EXE C WINDOWS SYSTEM SPOOL EXE C PROGRAM FILES HEWLETT-PACKARD AIO SHARED BIN HPOEVM EXE C WINDOWS SYSTEM HPOIPM EXE C PROGRAM FILES HEWLETT-PACKARD AIO SHARED BIN HPOSTS EXE C PROGRAM FILES HEWLETT-PACKARD AIO SHARED BIN HPOFXM EXE C WINDOWS SYSTEM TAPISRV EXE C WINDOWS SYSTEM RNAAPP EXE C WINDOWS DESKTOP HIJACKTHIS HIJACKTHIS EXE R - HKCU Software Microsoft Internet Explorer Main Window Title Microsoft Internet Explorer provided by America Online R - Default URLSearchHook is missing O - BHO CDownCom Class - B D -CBC - A - E -CF B C A - C WINDOWS DOWNLOADED PROGRAM FILES IPREG DLL O - Toolbar no name - E F -EA - A - C-D ABC EED B - no file O - HKLM Run ScanRegistry C WINDOWS scanregw exe autorun O - HKLM Run TaskMonitor C WINDOWS taskmon exe O - HKLM Run SystemTray SysTray Exe O - HKLM Run EnsoniqMixer starter exe O - HKLM Run LoadPowerProfile Rundll exe powrprof dll LoadCurrentPwrScheme O - HKLM Run ATIGART c ati gart atigart exe O - HKLM Run AtiPTA Atiptaaa exe O - HKLM Run AtiCwd Aticwd exe O - HKLM Run AtiQiPcl AtiQiPcl exe O - HKLM Run TIPS C PROGRA MICROS tips mouse tips exe O - HKLM Run POINTER C PROGRA MICROS point exe O - HKLM Run USBDetector C USBStorage USBDetector exe O - HKLM Run Gene USB Monitor C WINDOWS SYSTEM USBMonit exe O - HKLM Run AOL Messenger AOLMSNGR EXE O - HKLM Run RealTray C Program Files Real RealPlayer RealPlay exe SYSTEMBOOTHIDEPLAYER O - HKLM Run lsqwkrf C WINDOWS zixzaipwx exe O - HKLM Run lhdkfgq C WINDOWS ndddddsc exe O - HKLM Run systray C WINDOWS SYSTEM A EXE O - HKLM Run Xl exe C WINDOWS TEMP XL EXE O - HKLM Run tvvgtnmtud C WINDOWS SYSTEM jhiczk exe O - HKLM Run CashBack C Program Files CashBack bin cashback exe O - HKLM Run NaviSearch C Program Files NaviSearch bin nls exe O - HKLM Run Tray Temperature C WINDOWS TEMP MINIBUG EXE O - HKLM Run AVG CC C PROGRA GRISOFT AVGFRE AVGCC EXE STARTUP O - HKLM Run AVG EMC C PROGRA GRISOFT AVGFRE AVGEMC EXE O - HKLM Run AVG AMSVR C PROGRA GRISOFT AVGFRE AVGAMSVR EXE O - HKLM Run Win Comm C PROGRAM FILES WIN COMM WINCOMM EXE O - HKLM Run Share-to-Web Namespace Daemon C Program... Read more

A:Solved: HijackThis log, Keylog.txt & things that won't go away

https://forums.techguy.org/threads/solved-hijackthis-log-keylog-txt-things-that-wont-go-away.328534/
Relevancy 47.3%

Hello, im new to these forums and i would like to get some help on an issue im having. I cannot post a hijackthis log because it keeps closing on me when i first try to scan (also malwarebytes) and then the second time i try and open it i get this error message when i try to open it that says "windows cannot access the specified device path or file you may not have the opropriate permissions... and so on" Im running windows xp sp3.
both program start to scan but close shortly after.
 

A:Help Please, Hijackthis and Malwarebytes Close

Hello, im new to these forums and i would like to get some help on an issue im having. I cannot post a hijackthis log because it keeps closing on me when i first try to scan (also malwarebytes) and then the second time i try and open it i get this error message when i try to open it that says "windows cannot access the specified device path or file you may not have the opropriate permissions... and so on" Im running windows xp sp3.

both program start to scan but close shortly after.
 

https://forums.techguy.org/threads/help-please-hijackthis-and-malwarebytes-close.854157/
Relevancy 47.3%

Ok guys...What's next? Like most everyone else, I'm unable to run any antivirus programs, nor can I run Malwarebytes, or HijackThis...Whats next???

Running Windows XP

A:Unable to run Malwarebytes or HijackThis

Please download Win32kDiag.exe by AD and save it to your desktop.alternate download 1alternate download 2This tool will create a diagnostic report for me to review.Double-click on Win32kDiag.exe to run and let it finish. When it states Finished! Press any key to exit..., press any key on your keyboard to close the program. A file called Win32kDiag.txt should be created on your Desktop.Open that file in Notepad, then copy and paste the entire contents starting with Running from... to Finished!) in your next reply.Then go to > Run..., and copy and paste this command into the open box: cmdClick OK.At the command prompt C:\>, copy and paste the following command and press Enter:DIR /a/s %windir%\scecli.dll %windir%\netlogon.dll %windir%\eventlog.dll >Log.txt & START notepad Log.txtA file called log.txt should be created on your Desktop.Open that file and copy/paste the contents in your next reply.

http://www.bleepingcomputer.com/forums/t/261679/unable-to-run-malwarebytes-or-hijackthis/
Relevancy 47.3%

I had a generic trojan14.cagg last night along with a heur1 in a name that AVG caught but didn't handle. AVG couldn't show Virus Vault-said it couldn't initialize to see it.

Can't run SpybotSD, malwarebytes, hijackthis. Was able to run a gmer file but I had to get it on the computer by CD. Spybotsd says I don't have permission.

Some websites get diverted like trying to go to Spybot's website and adaware (lavasoft) to junk sites.
Safe mode won't work. Restores didn't work last night.
Help. Where can I start.

Windows XP Pro SP2 desktop.

A:Can't run AVG, malwarebytes (zztoy), hijackthis,

When you say none of those anti-virus programs can run, what exactly do you mean? Explain the problem in more depth.

Same with safe mode and the system restore. When you say they don't work, exactly how do they not work?

http://www.bleepingcomputer.com/forums/t/263879/cant-run-avg-malwarebytes-zztoy-hijackthis/
Relevancy 47.3%

Symptoms:1. Malwarebytes will not run. Flashes initial program then crashes.2. HijackThis will not run. 3. IE 7 and Firefox 3.0.7 run fine except when the word 'malwarebytes' is anywhere on the page, such as a search. This will crash the browsers.4. Trend Micro detects nothing5. Ad-aware detects nothingNothing yet on the web about this, unless I'm missing it. User picked this up last Friday, but not sure it's anything new. Suggestions since I can't run HJT?Attached are the two files from running DDS.pif.Merged posts. ~ OB

A:Attacking Malwarebytes and HijackThis

Superantispyware found two instances of vundo.

http://www.bleepingcomputer.com/forums/t/212051/attacking-malwarebytes-and-hijackthis/
Relevancy 47.3%

For 2 days now i've been trying to fix this issue. Normally I can figure it out by looking up other people's issues online, but this one I am at a hault and need help. I've tried renaming malwarebytes and still haven't gotten it to run. I've ran Noadware CCleaner and Antivir already. Still Malwarebytes will not run or reinstall. Please help me, thank you.

attached is the hijackthis log.

A:Malwarebytes/Combofix will not run, Hijackthis log (please help!)

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the instructions that pop up for posting the results.Close the program window, and delete the program from your desktop.Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. Information on A/V control HERE

http://www.bleepingcomputer.com/forums/t/244142/malwarebytescombofix-will-not-run-hijackthis-log-please-help/
Relevancy 46.87%

Well the main reason this is really bugging me is that I have this proccess - I dont know what it is but it uses about half my CPU and really slows it down I cant kill that proccess since I cant open Task Manager I HiJackThis Manager - included Task logfile instantly HELP! closing PLEASE tried Adaware and Spybot with no real result - the problem is still there Here is my HiJackThis logfile Logfile of HijackThis v Scan saved at AM on Platform Windows XP WinNT Task Manager closing instantly - HiJackThis logfile included PLEASE HELP! MSIE Internet Explorer v Running processes C WINDOWS System smss exe C WINDOWS system csrss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS System Ati evxx exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS System svchost exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C Vet isafe exe C WINDOWS System DVDRAMSV exe C Vet VetMsg exe C WINDOWS System msc exe C WINDOWS ktajrt exe C Program Files Internet Optimizer optimize exe C Program Files Internet Optimizer actalert exe C Program Files BullsEye Network bin bargains exe C Program Files Internet Explorer iexplore exe C WINDOWS System SahAgent exe C Program Files Internet Explorer iexplore exe C WINDOWS explorer exe C WINDOWS System locatesvc exe C WINDOWS System wuauclt exe C Program Files MSN Messenger msnmsgr exe C Program Files ISTsvc istsvc exe C Program Files Mozilla Firefox firefox exe C Vet Vet exe C Documents and Settings dAmItH My Documents hijak HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Search Bar http www htutpzgezfcjetehcqpdr co MvttHYQiEfEt PLTnS HRm OCctOWL jUIXDG W html R - HKCU Software Microsoft Internet Explorer Main Start Page http www dhpjqfbazbvyph com mvEPlNMgJt Z qMlAP GFE TWhh nQifnaqAh fY html R - HKLM Software Microsoft Internet Explorer Main Start Page http www startnow com R - HKCU Software Microsoft Internet Explorer Search CustomizeSearch http minisearch startnow com R - HKLM Software Microsoft Internet Explorer Search Default Search URL http minisearch startnow com F - REG system ini Shell explorer exe locatesvc exe O - BHO no name - B -CA - -E D - AD C FE - C DOCUME dAmItH APPLIC SUPPOR Heart ante exe O - BHO no name - C EB -A AF-A -F -DE - C DOCUME dAmItH APPLIC SUPPOR Heart ante exe O - BHO no name - - F Task Manager closing instantly - HiJackThis logfile included PLEASE HELP! - D - - D F - C PROGRA SPYBOT SDHelper dll O - BHO NTIECatcher Class - C CB B - D - D - C -B B - C Program Files Xi NetTransport NTIEHelper dll O - Toolbar amp Radio - E - F- D - E- A C - C WINDOWS System msdxm ocx O - Toolbar MSN - BDAD DAD-C - A -ADC - B B FF D - C Program Files MSN Apps MSN Toolbar en-us msntb dll O - Toolbar NavExcel Toolbar - AA -BC - -A - A EB C D - C Program Files NavExcel Search Toolbar NavExcelBar dll O - HKLM Run SoundMan SOUNDMAN EXE O - HKLM Run NeroFilterCheck C WINDOWS system NeroCheck exe O - HKLM Run msnappau quot C Program Files MSN Apps Updater en-us msnappau exe quot O - HKLM Run SunJavaUpdateSched C Program Files Java j re bin jusched exe O - HKLM Run ATIPTA C Program Files ATI Technologies ATI Control Panel atiptaxx exe O - HKLM Run SpeedTouch USB Diagnostics quot C Program Files Alcatel SpeedTouch USB Dragdiag exe quot icon O - HKLM Run DAEMON Tools- quot C Program Files D-Tools daemon exe quot -lang O - HKLM Run QuickTime Task quot C Program Files QuickTime qttask exe quot -atboottime O - HKLM Run WinampAgent C Program Files Winamp winampa exe O - HKLM Run TkBellExe quot C Program Files Common Files Real Update OB realsched exe quot -osboot O - HKLM Run VetTray C Vet VetTray exe O - HKLM Run MubAbsGG C WINDOWS eemyk exe O - HKLM Run Modem locatesvc exe O - HKLM Run gridgreatcitywipe C Documents and Settings All Users Application Data LOGSUPPORTGRIDGREAT fivepeak exe O - HKLM Run NvCplScan msc exe O - HKLM Run Services C socks exe O - HKLM Run Windows ServeAd C Program Files Windows ServeAd WinServ... Read more

A:Task Manager closing instantly - HiJackThis logfile included PLEASE HELP!

https://forums.techguy.org/threads/task-manager-closing-instantly-hijackthis-logfile-included-please-help.318808/
Relevancy 46.87%

Tony and the rest of you wizards,

I asked before if a lot of the things you see and tell people to remove from a HijackThis logs are things you learned by repetition and was told yes. Is there any way to start a FAQ type thread that we could get Mike to stick to the top of the forum that would basically list "if you see this, delete it" type things.

I understand you couldn't do it for all items, but with all the threads that I see you all try to answer it just seems it might save you some time.

Just a thought from someone who is trying to learn, but still afraid to help since it isn't my computer I could be messing up.
 

A:List of things to remove in HijackThis Logs

good idea terry........although there is an abundance of wickedness in those logs and we couldnt possibly list them all,there are a few.....quite a few repetitious entries that maybe could be listed.

lets see what TK and Rog have to say
 

https://forums.techguy.org/threads/list-of-things-to-remove-in-hijackthis-logs.138112/
Relevancy 46.87%

hello there i am using windows bits yesterday windows made some automatic updates and i also used a (already other couple log help Hijackthis needed: and combofix things) a tried friend's pendrive i dont know what caused the problem the problem i get strange popups on sites i usually browse also lost funcionality of some sites for instance while browsing an imageboard i cant reply to anything or even get into the threads instead i get directed sometimes to popups or nothing happens i was able to register to this forum but i was not able to login got an error no username entered or something similar the problem happens in firefox and also on chrome i havent tried using the computer much more dont want to risk it more than strictly needed what i have tried combo fix then malwarebytes anti-malware nothing found combofix help needed: Hijackthis log (already tried combofix and a couple other things) again checked the startup programs on msconfig deactivaed a couple of stuff i thought was not esential ccleaner then i tried reseting firefox combofix again hijackthis but only fixing stuff i was sure was strange and or not needed but the problem is still there i dont have restore points for windows system recovery so i think this is my last shot before a format hope i can avoid that so anyway here are the logs by the way i really find strange so much services running and a zilion thanks --------------------------------------------------------------------- Logfile of Trend Micro HijackThis v Scan saved at on Platform Windows SP WinNT MSIE Internet Explorer v FIREFOX x es-CL Boot mode Normal Running processes C Program Files x Elaborate Bytes VirtualCloneDrive VCDDaemon exe C Program Files x MOTU Audio MFWAKeys exe C Program Files x Common Files Java Java Update jusched exe C Program Files x Mozilla Firefox firefox exe C Program Files x Mozilla Firefox plugin-container exe C Windows SysWOW Macromed Flash FlashPlayerPlugin exe C Windows SysWOW Macromed Flash FlashPlayerPlugin exe C Users V Downloads HijackThis exe R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink p LinkId R - HKLM Software Microsoft Internet Explorer Search SearchAssistant R - HKLM Software Microsoft Internet Explorer Search CustomizeSearch O - BHO Java Plug-In SSV Helper - BB-D F - C-B EB-D DAF D D - C Program Files x Java jre bin ssv dll O - BHO URLRedirectionBHO - B F A - E - -BA - B E FF - C PROGRA MICROS Office URLREDIR DLL O - BHO Java Plug-In SSV Helper - DBC -A - b-BC - C C C A - C Program Files x Java jre bin jp ssv dll O - HKLM Run VirtualCloneDrive C Program Files x Elaborate Bytes VirtualCloneDrive VCDDaemon exe s O - HKLM Run APSDaemon C Program Files x Common Files Apple Apple Application Support APSDaemon exe O - HKLM Run SunJavaUpdateSched C Program Files x Common Files Java Java Update jusched exe O - HKLM Run QuickTime Task C Program Files x QuickTime QTTask exe -atboottime O - HKLM Run QuickTime Plugin Install C Program Files x QuickTime Plugins DeleteMe exe O - HKCU Run QuickTime Task C Program Files x QuickTime QTTask exe -atboottime O - Global Startup MOTU Pedal Service lnk C Program Files x MOTU Audio MFWAKeys exe O - Options group ACCELERATED GRAPHICS Accelerated graphics O - Service Adobe LM Service - Adobe Systems - C Program Files x Common Files Adobe Systems Shared Service Adobelmsvc exe O - Service Adobe Flash Player Update Service AdobeFlashPlayerUpdateSvc - Adobe Systems Incorporated - C Windows SysWOW Macromed Flash FlashPlayerUpdateService exe O - Service SystemRoot system aelupsvc dll - AeLookupSvc - Unknown owner - C Windows system svchost exe O - Service SystemRoot system Alg exe - ALG - Unknown owner - C Windows System alg exe file missing O - Service AMD External Events Utility - Unknown owner - C Windows system atiesrxx exe file missing O - Service AMD FUEL Service - Unknown owner - C Program Files ATI Technologies ATI ACE Fuel Fuel Service exe O - Service systemroot system appidsvc dll - AppI... Read more

A:help needed: Hijackthis log (already tried combofix and a couple other things)

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.===Please download AdwCleaner by Xplode onto your Desktop.Close all open programs and internet browsers.Double click on AdwCleaner.exe to run the tool.Click the Scan button and wait for the process to complete.Click the Report button and the report will open in Notepad.IMPORTANTIf you click the Clean button all items listed in the report will be removed.If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.Close all open programs and internet browsers.Double click on AdwCleaner.exe to run the tool.Click the Scan button and wait for the process to complete.Check off the element(s) you wish to keep.Click on the Clean button follow the prompts.A log file will automatically open after the scan has finished.Please post the content of that log file with your next answer.You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).===Download the version of this tool for your operating system.Farbar Recovery Scan Tool (64 bit)Farbar Recovery Scan Tool (32 bit)and save it to a folder on your computer's Desktop.Double-click to run it. When the tool opens click Yes to disclaimer.Press Scan button.It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.===How is the computer running now?Wait for further instructions.p.s.HijackThis is no longer supported.I suggest your remove it Using the Add/Remove programs applet.Use the Farbar tool from now on to report problems.<<<>>>

http://www.bleepingcomputer.com/forums/t/587120/help-needed-hijackthis-log-already-tried-combofix-and-a-couple-other-things/
Relevancy 46.44%

This notebook had antiviruspro2009 running.
I found this and removed.

I still have a red circle with white cross in the task bar that pop ups spyware detection messages.

I have tried to install all the above software with no luck! (I have also looked for Spyaxe and spyfalcon and found nothing)

If I double click the install of any of these programs nothing happens. The HDD buzzs for a moment and the popup appears telling me there is an infection again.

The browser also appears to be hijacked. Clicking the link from the search results of a google search, you are directed to anti virus or spyware sites.

Attached is the results of a month scan of the Random/random program. I hope it has some clues as to what is going on!

Thanks for your time!

Regards,

A:Cannot run HiJackThis, spybot, adaware, Malwarebytes.

Hi,Welcome to BleepingComputer HijackThis Logs and Malware Removal,BigBillyk. My name is sundavis, I will be helping you to deal with your Malware problems today.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times. and we are trying our best to keep up.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not, then please do the following.The log you presented had been a few days away. It may not show what it is. In the meantime, please refrain from making any changes to your computer. and please do in the following:Please go to Here and Download System Repair Engine by smallfrogs Extract it to Desktop & double click SREng.exe to run it Select 'Smart Scan' & tick "Verify the digital signature of process modules" Click on the Scan button Before scanning the computer, Close all browsers and other programs except SREng. When finished, click on the Save Reports button & save the log to DesktopIf you're experiencing the problem to run SREng, please right click SREng.exe, rename it to abc.com and rerun it.You can refer to this thread for your reference.In your next reply, please post back SREng log. Thanks

http://www.bleepingcomputer.com/forums/t/181592/cannot-run-hijackthis-spybot-adaware-malwarebytes/
Relevancy 46.44%

I ve got won't Malwarebytes work, won't HiJackThis install the ransomware Antivirus Soft I tried removing it with Malwarebytes and it didn t work I can t even post a HJT log beacuse the computer won t let it install quot The system administrator has set policies to prevent this installation quot Help Here s the Malwarebytes log Malwarebytes Malwarebytes won't work, HiJackThis won't install Anti-Malware Database version Windows Service Pack Safe Mode Internet Explorer AMmbam-log- - - - Malwarebytes won't work, HiJackThis won't install - txtScan type Full Scan C E M Objects scanned Malwarebytes won't work, HiJackThis won't install Time elapsed hour s minute s second s Memory Processes Infected Memory Modules Infected Registry Keys Infected Registry Values Infected Registry Data Items Infected Folders Infected Files Infected Memory Processes Infected No malicious items detected Memory Modules Infected No malicious items detected Registry Keys Infected HKEY CURRENT USER SOFTWARE Microsoft Windows CurrentVersion Ext Stats aa - c e- e -b -d bf dd d Rogue AntiVirus - gt Quarantined and deleted successfully HKEY CURRENT USER SOFTWARE Microsoft Windows CurrentVersion Ext Stats ce - - b -a -ffe Rogue Installer - gt Quarantined and deleted successfully HKEY CURRENT USER SOFTWARE Microsoft Windows CurrentVersion Ext Stats d c -f c- e f- fa -d ef a e Rogue Installer - gt Quarantined and deleted successfully HKEY CURRENT USER SOFTWARE Microsoft Windows CurrentVersion Ext Stats b f a c- c - da- bde-f bad e f a Rogue WinAntiVirus - gt Quarantined and deleted successfully Registry Values Infected No malicious items detected Registry Data Items Infected No malicious items detected Folders Infected No malicious items detected Files Infected C Program Files DAEMON Tools SearchBar search dll Adware WhenU - gt Quarantined and deleted successfully C Documents and Settings RMC Application Data Microsoft Internet Explorer Quick Launch lnk Rogue Multiple - gt Quarantined and deleted successfully C WINDOWS system a exe Backdoor Bot - gt Quarantined and deleted successfully I ran MWB a second time but it couldn t find any additional viruses So I rebooted the computer again and same problem can t run any programs fake virus warnings HELP Here s the DDS DDS Ver - - - NTFSx MINIMAL Run by RMC at on Mon Internet Explorer BrowserJavaVersion Microsoft Windows XP Professional GMT - AV Avira AntiVir PersonalEdition On-access scanning enabled Updated AD - F - A-A -FDD C Running Processes C WINDOWS system svchost -k DcomLaunchsvchost exeC Program Files Lavasoft Ad-Aware aawservice exeC WINDOWS system svchost exe -k netsvcsC WINDOWS Explorer EXEC WINDOWS system ctfmon exeH dds scr Pseudo HJT Report uStart Page hxxp my yahoo com uDefault Page URL hxxp www yahoo com fr fp-yie uWindow Title Windows Internet Explorer provided by Yahoo uInternet Settings ProxyServer http uInternet Settings ProxyOverride lt local gt uURLSearchHooks Yahoo Toolbar ef bd -c fb- d - f- d f - c program files yahoo companion installs cpn yt dllBHO amp Yahoo Toolbar Helper d -c f - efb- b - eca - c program files yahoo companion installs cpn yt dllBHO Adobe PDF Reader Link Helper e f-c d - d -b d- b d be b - c program files common files adobe acrobat activex AcroIEHelper dllBHO RealPlayer Download and Record Plugin for Internet Explorer c e -b - bc - - c ca - c program files real realplayer rpbrowserrecordplugin dllBHO Spybot-S amp D IE Protection - f - d - - d f - c progra spybot SDHelper dllBHO Search Helper ebf - f- bff-a f-b e aac b - c program files microsoft search enhancement pack search helper SEPsearchhelperie dllBHO Groove GFS Browser Helper - c - d -b f - bbc d a e - c progra micros office GRA E DLLBHO Windows Live ID Sign-in Helper d - c - abf- ecc- c - c program files common files microsoft shared windows live WindowsLiveLogin dllBHO Easy Photo Print dd - f- -a ca- df ac ea - c program files epson software easy photo print EPTBL dllBHO Google Toolbar ... Read more

A:Malwarebytes won't work, HiJackThis won't install

Hello? Anyone?===========Hello While we understand your frustration at having to wait, please note that Bleeping Computer deals with several hundred requests for assistance such as yours on a daily basis. As a result, our backlog is quite large as are other comparable sites that help others with malware issues. Although our HJT Team members work on hundreds of requests each day, they are all volunteers who work logs when they can and are able to do so. No one is paid by Bleeping Computer for their assistance to our members.Further, our malware removal staff is comprised of team members with various levels of skill and expertise to deal with thousands of malware variants, some more complex than others. Although we try to take DDS/HJT logs in order (starting with the oldest), it is often the skill level of the particular helper and sometimes the operating system that dictates which logs get selected first. Some infections are more complicated than others and require a higher skill level to remove. Without that skill level attempted removal could result in disastrous results. In other instances, the helper may not be familiar with the operating system that you are using, since they use another. In either case, neither of us want someone to assist you who is not familiar with your issue and attempt to fix it.We ask that once you have posted your log and are waiting, please DO NOT "bump" your thread or make further replies until it has been responded to by a member of the HJT Team. The reason we ask this or do not respond to your requests is because that would remove you from the active queue that Techs and Staff have access to. The malware staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response, there will be 1 reply. A team member, looking for a new log to work may assume another HJT Team member is already assisting you and not open the thread to respond.That is why I have made an edit to your last post, instead of a reply. Please do not multiple post here, as that only pushes you further down the queue and causes confusion to the staff.Please be patient. It may take several days, up to more than a week, perhaps less, to get a response but your log will be reviewed and answered as soon as possible. I advise checking your topic once a day for responses as the e-mail notification system is unreliable.Thank you for understanding.Elise - forum moderator

http://www.bleepingcomputer.com/forums/t/294150/malwarebytes-wont-work-hijackthis-wont-install/
Relevancy 46.44%

My browser is not working properly, malwarebytes, spybot s&d, hijackthis, root repeal also don't work.

I tried to run MWAM, and after starting the scan for a few seconds, the open program dissapeared, and when trying to run it again, and "Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access this item."

Reinstalling and renaming the program still resulted in the same problem.

A:Malwarebytes, HijackThis, RootRepeal don't work

Try one of these two and see if you have any luckPlease download RSIT by random/random and save it to your Desktop.Note: You will need to run this tool while connected to the Internet so it can download HijackThis if it is not located on your system. If you get a warning from your firewall or other security programs regarding Rist attempting to contact the Internet, please allow the connection.Close all applications and windows so that you have nothing open and are at your Desktop.Double-click on RSIT.exe to start the program.If using Windows Vista, be sure to Run As Administrator.Click Continue after reading the disclaimer screen.Leave the drop down box set to default: "List/folders created or modified in the last 1 month (30 days).When the scan is complete, a text file named log.txt will automatically open in Notepad.Save the log file to your desktop and copy/paste the contents into a new topic in the HijackThis Logs and Malware Removal forum, NOT here.Important: Be sure to mention that you tried to follow the Prep Guide but were unable to get DDS to run.If RSIT did not work, then reply back here.---------------------------If you cannot get DDS to work, please try this instead.Please download runscanner.zip and save to your desktop.Create a new folder on your hard drive called Runscanner (C:\Runscanner) and extract (unzip) the file there.
(click here if you're not sure how to do this.)Double-click Runscanner.exe to launch.Select Beginner mode and click Ok.Select Do a full scan and save a log file (default is Full Scan) to start.Please be patient and do not use your computer during the scan.When the scan is complete, a window will open asking you to save runscanner.run. Click Cancel.Another window will open asking you to save runscanner.log.Save it to your desktop and "Save as type: Runscanner log file [*.log].The log file will automatically open in Notepad.Go to the top menu, click on "Format" and uncheck "Word Wrap" if checked.Copy and paste the contents of the log file into a new topic in the HijackThis Logs and Malware Removal forum, NOT here.Exit Runscanner when done.Important: Be sure to mention that you tried to follow the Prep Guide but were unable to get DDS to run. If Runscanner did not work, then reply back here.

http://www.bleepingcomputer.com/forums/t/253768/malwarebytes-hijackthis-rootrepeal-dont-work/
Relevancy 46.44%

Hi everyone. :D

Ok, I recently had this problem with my browser, I kept getting redirected when doing Google searches. So now I have to resort to using Safari.

I had AVG and Ad-Aware installed, ran them, but that didn't fix it. So I tried running Spybot, but it won't run or open.

I did some research and I found out that I might have to download MalwareBytes and/or HijackThis, so that's what I did. I was able to download both but whenever I try to run these programs, nothing happens. No window or anything.

What should I do? Any ideas?

A:Unable to run Spybot, MalwareBytes, and HijackThis

Hello,let's do it this way then..Please download RSIT by random/random and save it to your Desktop.Note: You will need to run this tool while connected to the Internet so it can download HijackThis if it is not located on your system. If you get a warning from your firewall or other security programs regarding Rist attempting to contact the Internet, please allow the connection.Close all applications and windows so that you have nothing open and are at your Desktop.Double-click on RSIT.exe to start the program.If using Windows Vista, be sure to Run As Administrator.Click Continue after reading the disclaimer screen.Leave the drop down box set to default: "List/folders created or modified in the last 1 month (30 days).When the scan is complete, a text file named log.txt will automatically open in Notepad.Save the log file to your desktop and copy/paste the contents into a new topic in the HijackThis Logs and Malware Removal forum, NOT here.Important: Be sure to mention that you tried to follow the Prep Guide but were unable to get DDS to run.If RSIT did not work, then reply back here.

http://www.bleepingcomputer.com/forums/t/217176/unable-to-run-spybot-malwarebytes-and-hijackthis/
Relevancy 46.44%

A month ago I noticed I was getting a lot of browser redirects and popups in firefox and IE (winxp pro w/ sp2) so I downloaded malwarebytes and it seemed to fix the problem. Recently though, the redirects started again and I went to try and run malwarebytes and it wouldnt run. I've tried reinstalling and not even the installer will run. Now I'm blocked from going to any of the online help sites like atribune.org, bleepingcomputer (i'm on a different pc right now), any of the free online scanners, and any of the anti-spyware software sites. And I've tried downloading different browsers like chrome and opera and they seem to be infected too. I tried downloading hijack this and combofix on this computer and transferring them to the infected pc but the installers will not run. What can i do to fix this?

A:Hijackthis, malwarebytes, and combofix wont run!

Hello please try these steps.Some types of malware will disable MBAM and other security tools. If MBAM will not install, try renaming it. Right-click on the mbam-setup.exe file and change the .exe extension to .bat, .com, .pif, or .scr and then double-click on it to run.If after installation, MBAM will not run, open the Malwarebytes' Anti-Malware folder in Program Files, right-click on mbam.exe and change the .exe as noted above. Then double-click on it to run. ***Another work around is by not using the mouse to install it, Just use the arrow keys, tab, and enter keys.***If you cannot use the Internet,you will need access to another computer that has a connection.From there save mbam-setup.exe to a flash,usb,jump drive or CD. Now transfer it to the infected machine, then install and run the program. If you cannot transfer to or install on the infected machine, try running the setup (installation) file directly from the flash drive or CD by double-clicking on mbam-setup.exe so it will install on the hard drive.Manually Downloading Updates: Manually download them from HERE and just double-click on mbam-rules.exe to install. Alternatively, you can update through MBAM's interface from a clean computer, copy the definitions (rules.ref) located in C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware from that system to a usb stick or CD and then copy it to the infected machine.

http://www.bleepingcomputer.com/forums/t/196359/hijackthis-malwarebytes-and-combofix-wont-run/
Relevancy 46.44%

Windows XP sp I got some stupid malware infection I have no idea how it got in because I m usually very careful about what I run Before I was getting fake antivirus messages but I managed to remove them by using instructions I found here on BleepingComputer However I know I am still infected because I cannot run any of these programs - Hijackthis- Spybot S amp D- MalwareBytes- RootkitRevealer- SuperAntiSpyware- TrendMicro online scan these programs run but are quickly killed by the malware after a scan is started - Windows update runs screwed run Cannot Malwarebytes, computer S&D, Hijackthis, but the update never actually stays I consistently get the yellow shield with the on it even though Windows Update says it has installed In addition I used to be able to run taskkill to stop processes but now I cannot C gt taskkill IM iexplore exe FERROR Logon failure unknown user name or bad password I followed the instructions on this forum and ran dds and gmer and here are the logs However I know something is very wrong because dds is reporting no running processes After I ran Gmer it reported two rootkits Service C WINDOWS system svchost exe hidden AUTO pwngtshrService C WINDOWS Microsoft NET Framework v WPF PresentationFontCache exe PresentationFontCache exe Microsoft Corporation MANUAL FontCache So I deleted the registry keys for the FontCache service I had a lot of trouble removing pwngtshr I am sure this was a trojan malware because it was so hard to remove The registry keys had modified permissions making them difficult to delete but I was able to use regedit to clear the permissions and delete the key Even after these service deletions I am still seeing the problem ---------DDS Ver - - - NTFSx Run by J at on Thu Internet Explorer BrowserJavaVersion FW ZoneAlarm Pro Firewall disabled BDA - B - F - -F FCFF F B Running Processes Pseudo HJT Report uStart Page hxxp www google com uInternet Settings ProxyServer socks localhost BHO C C A-E - b - D - CECB - No FileBHO Java Plug-In SSV Helper bb-d f - c-b eb-d daf d d - c program files java jre bin ssv dllBHO Windows Live Sign-in Helper d - c - abf- ecc- c - c program files common files microsoft shared windows live WindowsLiveLogin dllBHO Office Document Cache Handler b f a - e - -ba - b e ff - c progra micros office URLREDIR DLLBHO IEHlprObj Class ce c cf - b - d Cannot run Hijackthis, Malwarebytes, S&D, computer screwed -abed- c - c gores IEHelper dllBHO Java Plug-In SSV Helper dbc -a - b-bc - c c c a - c program files java jre bin jp ssv dllBHO JQSIEStartDetectorImpl Class e e f - ce- c -bc -eabfe f c - c program files java jre lib deploy jqs ie jqs plugin dllBHO TwebstBHO Class f e - e - fa- cd - bf ee - c pl twebstredist TwebstBHO dlluRun AtiTrayTools quot c program files radeon omega drivers v ati tray tools atitray exe quot uRun Simp c program files secway simplite-msn SimpLite-MSN exeuRun MsnMsgr quot c program files windows live messenger msnmsgr exe quot backgrounduRun SUPERAntiSpyware c program files superantispyware SUPERAntiSpyware exeuRun ctfmon exe c windows system ctfmon exemRun UnlockerAssistant quot c program files unlocker UnlockerAssistant exe quot mRun IMJPMIG quot c windows ime imjp IMJPMIG EXE quot Spoil RemAdvDef Migration mRun IMEKRMIG c windows ime imkr IMEKRMIG EXEmRun MSPY c windows system ime pintlgnt ImScInst exe SYNCmRun PHIME ASync c windows system ime tintlgnt TINTSETP EXE SYNCmRun PHIME A c windows system ime tintlgnt TINTSETP EXE IMENamemRun StartCCC quot c program files ati technologies ati ace core-static CLIStart exe quot MSRunmRun Sabre Site Services c sabre apps ats SSSClnt EXEmRun SynTPEnh c program files synaptics syntp SynTPEnh exemRun ZoneAlarm Client quot c program files zone labs zonealarm zlclient exe quot dRun Sabre Site Services c sabre apps ats SSSClnt EXEStartupFolder c docume alluse startm programs startup commcl lnk - c program files intouch health sharedcomm CommClient exeStartupFolder c docume alluse startm programs startup ... Read more

A:Cannot run Hijackthis, Malwarebytes, S&D, computer screwed

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. Please include a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.We need to create an OTL ReportPlease download OTL from one of the following mirrors:This is THE MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.In the custom scan box paste the following:CODEmsconfigsafebootminimalactivexdrivers32netsvcs%SYSTEMDRIVE%\*.exe/md5starteventlog.dllscecli.dllnetlogon.dllcngaudit.dllsceclt.dllntelogon.dlllogevent.dlliaStor.sysnvstor.sysatapi.sysIdeChnDr.sysviasraid.sysAGP440.sysvaxscsi.sysnvatabus.sysviamraid.sysnvata.sysnvgts.sysiastorv.sysViPrt.syseNetHook.dllahcix86.sysKR10N.sysnvstor32.sysahcix86s.sysnvrd32.syssymmpi.sysadp3132.sysmv61xx.sysnvraid.sys/md5stop%systemroot%\*. /mp /s%systemroot%\system32\*.dll /lockedfiles%systemroot%\Tasks\*.job /lockedfiles%systemroot%\system32\drivers\*.sys /lockedfiles%systemroot%\System32\config\*.sav%systemroot%\system32\drivers\*.sys /90Push the button.Two reports will open, copy and paste them in a reply here:OTL.txt <-- Will be openedExtra.txt<--Will be minimizedIn the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. I suggest you do this and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.regards myrti

http://www.bleepingcomputer.com/forums/t/349165/cannot-run-hijackthis-malwarebytes-sd-computer-screwed/
Relevancy 46.44%

in response to. - http://www.bleepingcomputer.com/forums/ind...p;#entry1406296"My browser is not working properly, malwarebytes, spybot s&d, hijackthis, root repeal also don't work. I tried to run MWAM, and after starting the scan for a few seconds, the open program dissapeared, and when trying to run it again, and "Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access this item."Reinstalling and renaming the program still resulted in the same problem."garmanma was working with me on this. sorry for not attaching dds logs. here they are. hope it helps.

A:Malwarebytes, HijackThis, RootRepeal don't work

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the instructions that pop up for posting the results.Close the program window, and delete the program from your desktop.Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. Information on A/V control HERE

http://www.bleepingcomputer.com/forums/t/253834/malwarebytes-hijackthis-rootrepeal-dont-work/
Relevancy 46.44%

need help lots of things wrong with my comp

there are lots of things wrong command prompt wont open taskmanager wont open lots of things i just cant think of them at the moment anywayz lots of people tell me hijackthis will help with most of it if not all of it. Well it says be sure to show someone who knows this stuff.. It says that rate on the program lol must be serious stuff..

Well here is the attatched log file can someone tell me what to check.
 

http://www.techspot.com/community/topics/need-help-lots-of-things-wrong-with-my-comp-can-someone-look-at-my-hijackthis-file.37112/
Relevancy 46.44%

I have attached my hijackthis log. I have just got over a winbooterr infection that didn't seem to want to go away with malwarebytes or hijackthis. Then I realized that I wasn't running hijackthis as an administrator. Do I have to do the same for malwarebytes? I thought it was set automatically for running as an administrator. Anyways I would like help removing the missing files as every time I delete them they don't go away they just seem to delete and are still there when I rescan and completely restart. Also I would like to know if I have any other infections within the hijackthis log as I still don't know every single infection possible in hijackthis logs to remove only things I know to delete.

A:I am having problems removing file missing things in hijackthis.

Only the experts will give you clearance if you feel your computer is compromised.

Read this to achieve a clearance for your system please.

kind regards,

http://www.techsupportforum.com/forums/f217/i-am-having-problems-removing-file-missing-things-in-hijackthis-478168.html
Relevancy 46.01%

I had just removed a bunch of trojans using malwarebytes and avg antivirus I didnt have a desktop and toolbar or a while but found the registry that I had to fix Reran malwarebytes in safemode and didnt find anything Also ran avg in safemode with autofix on I am just checking to see if I missed anything I most likely still have some malware on the comp or at least I feel like its not all gone But to keep me sane and my paranoia on the bay I'm hoping you guys can help me out Thanks a lot in advance Here inside. removed malwarebytes HiJackthis Just and log Trojan, are my logs Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system Ati evxx exe C WINDOWS system svchost exe C WINDOWS System Just removed Trojan, HiJackthis and malwarebytes log inside. svchost exe C WINDOWS system Ati evxx exe C WINDOWS system spoolsv exe C WINDOWS Explorer EXE C WINDOWS stsystra exe C Program Files Synaptics SynTP SynTPEnh exe C Just removed Trojan, HiJackthis and malwarebytes log inside. PROGRA AVG AVG avgtray exe C Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe C PROGRA AVG AVG avgwdsvc exe C WINDOWS system ctfmon exe C Program Files Bonjour Just removed Trojan, HiJackthis and malwarebytes log inside. mDNSResponder exe C Program Files Common Files Microsoft Shared VS DEBUG MDM EXE C Program Files Dell QuickSet NICCONFIGSVC exe C PROGRA AVG AVG avgrsx exe C WINDOWS system svchost exe C PROGRA AVG AVG avgnsx exe C Program Files Common Files Symantec Shared CCPD-LC symlcsvc exe C WINDOWS system UTSCSI EXE C Program Files Viewpoint Common ViewpointService exe C PROGRA AVG AVG avgemc exe C Program Files AVG AVG avgcsrvx exe C WINDOWS System svchost exe C Documents and Settings David Vo Local Settings Application Data Google Chrome Application chrome exe C Documents and Settings David Vo Local Settings Application Data Google Chrome Application chrome exe C Program Files Viewpoint Viewpoint Manager ViewMgr exe C Documents and Settings David Vo Local Settings Application Data Google Chrome Application chrome exe C Documents and Settings David Vo Local Settings Application Data Google Chrome Application chrome exe C Program Files Trend Micro HijackThis HijackThis exe R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Search Default Page URL http www google com ig dell hl en amp us amp ibd R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyServer http localhost R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride local lt local gt O - BHO no name - A F- BA- D - D -F f - no file O - BHO no name - D -C F - efb- B - ECA - no file O - BHO no name - C B A- - A C-BCC - D C A BBF - no file O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - HKLM Run SigmatelSysTrayApp stsystra exe O - HKLM Run SynTPEnh C Program Files Synaptics SynTP SynTPEnh exe O - HKLM Run AVG TRAY C PROGRA AVG AVG avgtray exe O - HKLM Run amd dc opt C Program Files AMD Dual-Core Optimizer amd dc opt exe O - HKLM Run QuickTime Task quot C Program Files QuickTime QTTask exe quot -atboottime O - HKCU Run ctfmon exe C WINDOWS system ctfmon exe O - HKUS S- - - RunOnce WUAppSetup C Program Files Common Files logishrd WUApp exe -v x d -p x dd -f video -m logitech -d User 'SYSTEM' O - HKUS DEFAULT RunOnce WUAppSetup C Program Files Common Files logishrd WU... Read more

A:Just removed Trojan, HiJackthis and malwarebytes log inside.

Hello and Welcome to TSF.

We no longer use HijackThis as our initial analysis tool.

We want all our members to perform the steps outlined in the link I'll give you below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

---------------------------------------------------------------------------------------------

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply.

http://www.techsupportforum.com/forums/f50/just-removed-trojan-hijackthis-and-malwarebytes-log-inside-387676.html
Relevancy 46.01%

A few days ago there was an icon on the bottom AVG S&D, no HijackThis, working Malwarebytes, Spybot longer corner with a red circle and a white X insdie i forgot the exact words but it did say that there was a virus and when I clicked on it it said the name was Sheur bjwn So I ran AVG Free healed it and it disappeared Now AVG no longer scans And sometimes it just automatically quits I had Hijack This and Malwarebytes Anti-Malware installed and was working perfectly fine but now when I click it it says quot Windows cannot Malwarebytes, HijackThis, Spybot S&D, AVG no longer working access the specified device path or file Malwarebytes, HijackThis, Spybot S&D, AVG no longer working You may not have the appropriate permissions to access the item quot and also the icons for HiJackThis and Malwarebytes is this white screen picture I went on safe mode to re-install Malwarebytes and HijacThis and I installed Spybot Search and destroy too but again the above happen And when on safe mode when trying to open the programs this black window pops up for a couple seconds then disappears The internet is also running slow and it directs me to other websites I don t know what to do I can t do the HijackThis log to post on here because it doesn t work Please help me Here is what I can share Microsoft Windows XP Home Edition Compaq Presario Use Mozilla Firefox nbsp

https://forums.techguy.org/threads/malwarebytes-hijackthis-spybot-s-d-avg-no-longer-working.868081/
Relevancy 46.01%

Hello Whenever I am using my browser and I click a link or put an address in the address bar my browser will automatically redirect to something else first I can usually work around this by clicking back and reloading the page but it is very annoying I have attempted to run Malwarebytes software but it will not even open for me My virus scan finds nothing Below is my HiJackThis Log if there is anything you can tell me that would be awesome Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe HijackThis software run Redirect, Log, cannot malwarebytes Browser C WINDOWS system services exe Browser Redirect, HijackThis Log, cannot run malwarebytes software C WINDOWS system lsass exe C Browser Redirect, HijackThis Log, cannot run malwarebytes software WINDOWS system svchost exe C WINDOWS System svchost exe C Program Files AVG AVG avgchsvx exe C Program Files AVG AVG avgrsx exe C Browser Redirect, HijackThis Log, cannot run malwarebytes software Program Files AVG AVG avgcsrvx exe C WINDOWS system spoolsv exe C PROGRAM FILES A-SQUARED FREE a service exe C Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe C Program Files AVG AVG avgwdsvc exe C Program Files Bonjour mDNSResponder exe C WINDOWS System svchost exe C WINDOWS System svchost exe C PROGRA SQUEEZ server Bin MSWIN mysqld exe C WINDOWS system svchost exe C Program Files AVG AVG avgnsx exe C WINDOWS Explorer EXE C Program Files iTunes iTunesHelper exe C PROGRA AVG AVG avgtray exe C Program Files Common Files Java Java Update jusched exe C Program Files Squeezebox SqueezeTray exe C Program Files iPod bin iPodService exe C PROGRA SQUEEZ server SQUEEZ EXE C Program Files Convergence Convergence exe C Program Files Trend Micro HiJackThis HiJackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyServer http O - Hosts url adtrgt com O - Hosts googleads gdoubleclick net O - BHO WormRadar com IESiteBlocker NavFilter - CA F - F E- B -A E- E E C C - C Program Files AVG AVG avgssie dll O - BHO Java Plug-In SSV Helper - DBC -A - b-BC - C C C A - C Program Files Java jre bin jp ssv dll O - BHO JQSIEStartDetectorImpl - E E F - CE- C -BC -EABFE F C - C Program Files Java jre lib deploy jqs ie jqs plugin dll O - HKLM Run Synchronization Manager SystemRoot system mobsync exe logon O - HKLM Run iTunesHelper quot C Program Files iTunes iTunesHelper exe quot O - HKLM Run AVG TRAY C PROGRA AVG AVG avgtray exe O - HKLM Run QuickTime Task quot C Program Files QuickTime QTTask exe quot -atboottime O - HKLM Run SunJavaUpdateSched quot C Program Files Common Files Java Java Update jusched exe quot O - Global Startup Adobe Reader Speed Launch lnk C Program Files Adobe Acrobat Reader reader sl exe O - Global Startup Squeezebox Server Tray Tool lnk C Program Files Squeezebox SqueezeTray exe O - DPF B-B - D-A D -FCFDF E C WUWebControl Class - http www update microsoft com windowsupdate v V Controls en x client wuweb site cab O - DPF D CDB E-AE D- CF- B - Shockwave Flash Object - http fpdownload macromedia com get shockwave cabs flash swflash cab O - DPF FD DE- C- C -BAF -E B DB HD AController Control - http HD ACTL cab O - HKLM System CCS Services Tcpip Parameters Domain CEINTERNAL COM O - HKLM Software Telephony DomainName CEINTERNAL COM O - HKLM System CCS Services Tcpip BE E-E D - F -A A - ED A A NameServer O - HKLM System CS S... Read more

A:Browser Redirect, HijackThis Log, cannot run malwarebytes software

Hello John117,Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.Download Security Check by screen317 from here or here.Save it to your Desktop.Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.A Notepad document should open automatically called checkup.txt.Please post the contents of that document. ************Please download RKill by Grinler from one of the 4 links below and save it to your desktopLink #1Link #2Link #3Link #4Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.Download Link #1.Save it to your Desktop.Double click the RKill desktop icon.
If you are using Vista please right click and run as Admin!A black screen will briefly flash indicating a successful run.If this does not occur please delete that application and download Link #2.Continue process until the tool runs.If the tool does not run from any of the links tell me about it.Do not reboot your computer after running rkill as the malware programs will start again. Or if rebooting is required run it again. Pleae run Malwarebytes. * Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish. * If an update is found, it will download and install the latest version. * Once the program has loaded, select "Perform Full Scan", then click Scan. * The scan may take some time to finish,so please be patient. * When the scan is complete, click OK, then Show Results to view the results. * Make sure that everything is checked, and click Remove Selected. * When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note) * The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM. * Copy&Paste the entire MBAM report (even if it does not find anything) in your next reply along with a fresh HijackThis log.Extra Note:If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.

http://www.bleepingcomputer.com/forums/t/354990/browser-redirect-hijackthis-log-cannot-run-malwarebytes-software/
Relevancy 46.01%

Everytime I try to run MalwareBytes I get a run-time error ' ' AND run-time error ' ' I'm pretty sure my computer is infected with something just dont know what or how to clean it any help would appreciated Thanks Logfile of Trend Micro HijackThis v Scan saved at AM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode NormalRunning processes C WINDOWS System MalwareBytes log..can't infected Hijackthis Need computer..probably Help Analyzing on run smss exeC WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS system lsass exeC WINDOWS system Ati evxx exeC WINDOWS system svchost exeC Program Files Windows Defender MsMpEng exeC WINDOWS System Need Help Analyzing Hijackthis log..can't run MalwareBytes on computer..probably infected svchost exeC WINDOWS system svchost exeC WINDOWS system spoolsv exeC Program Files ESET ESET NOD Antivirus ekrn exeC Program Files Java jre bin jqs exeC Program Files Common Files LightScribe LSSrvc Need Help Analyzing Hijackthis log..can't run MalwareBytes on computer..probably infected exeC Program Files Common Files Microsoft Shared VS DEBUG MDM EXEC WINDOWS system pnusbvirtualhubwssrv exeC Need Help Analyzing Hijackthis log..can't run MalwareBytes on computer..probably infected Program Files Alcohol Soft Alcohol StarWind StarWindService exeC WINDOWS system svchost exeC WINDOWS system UTSCSI EXEC Program Files VMware VMware Workstation vmware-authd exeC Program Files Common Files VMware VMware Virtual Image Editing vmount exeC WINDOWS system Ati evxx exeC WINDOWS system vmnat exeC WINDOWS system vmnetdhcp exeC WINDOWS Explorer EXEC WINDOWS system wuauclt exeC Program Files ATI Technologies ATI Control Panel atiptaxx exeC Program Files hpq HP Wireless Assistant HP Wireless Assistant exeC Program Files Trend Micro HijackThis HijackThis exeC Program Files Synaptics SynTP SynTPLpr exeC Program Files Synaptics SynTP SynTPEnh exeC Program Files HPQ Quick Launch Buttons EabServr exeC WINDOWS System spool DRIVERS W X E FATI HA EXEC Program Files HPQ SHARED HPQWMI exeC Program Files Java jre bin jusched exeC WINDOWS System spool DRIVERS W X E FATI HA EXEC Program Files ESET ESET NOD Antivirus egui exeC Program Files Adobe Reader Reader Reader sl exeC WINDOWS system pnusbclitray exeC Program Files Microsoft ActiveSync wcescomm exeC Program Files Google GoogleToolbarNotifier GoogleToolbarNotifier exeC WINDOWS system PNTray exeC WINDOWS system ctfmon exeC PROGRA MI AA rapimgr exeR - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId O - BHO AcroIEHelperStub - DF C-E AD- -A -FA C EBDC - C Program Files Common Files Adobe Acrobat ActiveX AcroIEHelperShim dllO - BHO Java Plug-In SSV Helper - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dllO - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - C Program Files Google Google Toolbar GoogleToolbar dllO - BHO Google Toolbar Notifier BHO - AF DE - D - -B FA-CE B AD D - C Program Files Google GoogleToolbarNotifier swg dllO - BHO Google Dictionary Compression sdch - C D FE-E D- -BB - C E E C E - C Program Files Google Google Toolbar Component fastsearch B C AC BB E dllO - BHO Java Plug-In SSV Helper - DBC -A - b-BC - C C C A - C Program Files Java jre bin jp ssv dllO - BHO JQSIEStartDetectorImpl - E E F - CE- C -BC -EABFE F C - C Program Files Java jre lib deploy jqs ie jqs plugin dllO - Toolbar Google Toolbar - C B - - d - B - A CD F - C Program Files Google Google Toolbar GoogleToolbar dllO - HKLM Run ATIPTA C Program Files ATI Technologies ATI Control Panel atiptaxx exeO - HKLM Run hpWirelessAssistant C Program Files hpq HP Wireless Assistant HP Wireless Assistant e... Read more

A:Need Help Analyzing Hijackthis log..can't run MalwareBytes on computer..probably infected

Hello cnhr, and welcome to Bleeping Computer We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. Please include a clear description of the problems you're having, along with any steps you may have performed so far.

Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scr[url="http://www.forospyware.com/sUBs/dds"%20rel=nofollow"]DDS.pif[/url]Now, double click on the DDS icon, allow it to run.A small box will open, with an explanation about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the instructions that pop up for posting the results.Close the program window, and delete the program from your desktop.Please post the results of that log with your next reply.[/list]Upon completing the steps above, I will review, and take the steps necessary with you, to get your machine back in working order, clean and free of malware.Thanks and again sorry for the delay.Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. Information on A/V control HEREMalwareMutilator

http://www.bleepingcomputer.com/forums/t/274460/need-help-analyzing-hijackthis-logcant-run-malwarebytes-on-computerprobably-infected/
Relevancy 46.01%

I - & Google Yahoo Redirects Log / HijackThis Malwarebytes don t have any idea how I got this infection but its one of the worst things that have happened to my computer I feel hijacked Symptoms are Can not click on any links from Yahoo or Google search engine Mysterious tabs continue to open by themselves while surfing Mozilla amp IE seems to operate slower and Yahoo & Google Redirects - HijackThis / Malwarebytes Log some websites do not open at allHere is my HijackThis Log Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode NormalRunning processes C WINDOWS System smss exeC WINDOWS system winlogon exeC WINDOWS system services exeC WINDOWS Yahoo & Google Redirects - HijackThis / Malwarebytes Log system lsass exeC WINDOWS system svchost exeC WINDOWS System svchost exeC Program Files Alwil Software Avast AvastSvc exeC WINDOWS system spoolsv exeC Program Files Common Files Apple Mobile Device Support AppleMobileDeviceService exeC Program Files Bonjour mDNSResponder exeC Program Files Java jre bin jqs exeC Program Files Maxtor Sync SyncServices exeC WINDOWS system nvsvc exeC WINDOWS system svchost exeC Program Files TomTom HOME TomTomHOMEService exeC Program Files Viewpoint Common ViewpointService exeC WINDOWS system wuauclt exeC WINDOWS Explorer EXEC WINDOWS RTHDCPL EXEC Program Files CyberLink PowerDVD PDVDServ exeC Program Files Adobe Acrobat Distillr Acrotray exeC Program Files Maxtor OneTouch Status maxmenumgr exeC Program Files Common Files Java Java Update jusched exeC PROGRA ALWILS Avast avastUI exeC Program Files iTunes iTunesHelper exeC Program Files Common Files Ahead Lib NMBgMonitor exeC WINDOWS system ctfmon exeC Program Files Messenger msmsgs exeC PROGRA AIM aim exeC Program Files TomTom HOME TomTomHOMERunner exeC Program Files trademanager aliim exeC Program Files SUPERAntiSpyware SUPERAntiSpyware exeC Program Files Wireless LAN g Wireless Cardbus amp PCI Adapter HW V WlanCU exeC Program Files Common Files Ahead Lib NMIndexingService exeC WINDOWS system wscntfy exeC Program Files Common Files Ahead Lib NMIndexStoreSvr exeC Program Files iPod bin iPodService exeC Program Files Mozilla Firefox firefox exeC Program Files Mozilla Firefox plugin-container exeC Documents and Settings Eddie My Documents Downloads HijackThis exeC WINDOWS system NOTEPAD EXER - HKCU Software Microsoft Internet Explorer Main Start Page http www yahoo com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyServer http O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Adobe Acrobat ActiveX AcroIEHelper dllO - BHO Adobe PDF Conversion Toolbar Helper - AE CD -E - f- - EE - C Program Files Adobe Acrobat Acrobat AcroIEFavClient dllO - BHO Java Plug-In SSV Helper - DBC -A - b-BC - C C C A - C Program Files Java jre bin jp ssv dllO - BHO JQSIEStartDetectorImpl - E E F - CE- C -BC -EABFE F C - C Program Files Java jre lib deploy jqs ie jqs plugin dllO - Toolbar Adobe PDF - -D C - - FA - E EAAC - C Program Files Adobe Acrobat Acrobat AcroIEFavClient dllO - HKLM Run RTHDCPL RTHDCPL EXEO - HKLM Run SkyTel SkyTel EXEO - HKLM Run Alcmtr ALCMTR EXEO - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS system NvCpl dll NvStartupO - HKLM Run nwiz nwiz exe installO - HKLM Run NvMediaCenter RUNDLL EXE C WINDOWS system NvMcTray dll NvTaskbarInitO - HKLM Run NeroFilterCheck C Program Files Common Files Ahead Lib NeroCheck exeO - HKLM Run RemoteControl quot C Program Files CyberLink PowerDVD PDVDServ exe quot O - HKLM Run Acrobat Assistant ... Read more

A:Yahoo & Google Redirects - HijackThis / Malwarebytes Log

Hello iamsecond and welcome to the forums here at BleepingComputer.Sorry for the delay in getting to your post here, as you can probably see the forums are very busy. If you still need help, please read through and follow the instructions at this link. Then post the logs from DDS (both logs) and GMER back to this link. Do not start a new topic. NOTE: You can just skip the steps you have already done. The critical points are to make sure you have good backups, then run and post the logs from DDS and GMER.Please also advise if you have a router in your network.

http://www.bleepingcomputer.com/forums/t/356698/yahoo-google-redirects-hijackthis-malwarebytes-log/
Relevancy 46.01%

Hey Bleepers - thanks in advance for taking a look at my problem Avast detected a virus a little over a week ago so I did a full scan followed by a bootscan with that program and then immediately ran MalwareBytes as well It seemed to my limited knowledge my virus had been taken care of until yesterday when it reappeared again I did another scan amp bootscan with avast followed by another scan with MalwareBytes and just now did a HiJackThis scan as well which I will post below If you would like to see logs from avast or malwarebytes I will do so as well lt edit gt The various scans using avast amp malwarebytes detected several problems all of which I used the quot move to chest quot option for lt edit gt Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C Windows vVX exe C Program Files x Google GoogleToolbarNotifier GoogleToolbarNotifier exe C Program Files x Skype Phone Skype exe C Program Files x Amazon Amazon Unbox Video ADVWindowsClientSystemTray exe C Program Files Alwil Software Avast AvastUI exe C Program Files x Hewlett-Packard Digital Imaging bin hpobnz exe C Program Files x Microsoft Office OFFICE OUTLOOK EXE C Program Files x Mozilla Firefox firefox exe C Program Files x Common Files Intuit QuickBooks QBUpdate qbupdate exe C Program Files x Winamp winamp exe C Program Files x MSN Toolbar Platform mswinext exe C Program Files x iTunes iTunesHelper exe C Program Files x Carbonite Carbonite Backup CarboniteUI exe C Program request) malwarebytes HiJackThis avast log logs upon (also & Files x HP HP Software Update hpwuschd exe C Program Files x Common Files Adobe ARM AdobeARM exe C Program Files x HiJackThis log (also malwarebytes & avast logs upon request) Adobe Acrobat Acrobat acrotray exe C Program Files x Common Files Java Java Update HiJackThis log (also malwarebytes & avast logs upon request) jusched exe C Program Files x Microsoft Office OFFICE WINWORD EXE C windows sysWow SearchProtocolHost exe C Users Dave Desktop HijackThis exe R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Search SearchAssistant R - HKLM Software Microsoft Internet Explorer Search CustomizeSearch R - HKLM Software Microsoft Internet Explorer Main Local Page C Windows SysWOW blank htm R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride local R HiJackThis log (also malwarebytes & avast logs upon request) - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName O - BHO ContributeBHO Class - C DC - - A A- D-C C - C Program Files x Adobe Adobe Contribute CS Plugins IEPlugin contributeieplugin dll O - BHO AcroIEHelperStub - DF C-E AD- -A -FA C EBDC - C Program Files x Common Files Adobe Acrobat ActiveX AcroIEHelperShim dll O - BHO Search Helper - EBF - F- bff-A F-B E AAC B - C Program Files x Microsoft Search Enhancement Pack Search Helper SEPsearchhelperie dll O - BHO Windows Live ID Sign-in Helper - D - C - ABF- ECC- C - C Program Files x Common Files Microsoft Shared Windows Live WindowsLiveLogin dll O - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - C Program Files x Google Google Toolbar GoogleToolbar dll O - BHO Adobe PDF Conversion Toolbar Helper - AE CD -E - f- - EE - C Program Files x Common Files Adobe Acrobat ActiveX AcroIEFavClient dll O - BHO Google Toolbar Notifier BHO - AF DE - D - -B FA-CE B AD D - C Program Files x Google GoogleToolbarNotifier swg dll O - BHO Bing Bar BHO - d ce e -f a- - e- dc f c f - C Program Files x MSN Toolbar Platform npwinext dll O - BHO Java Plug-In SSV Help... Read more

A:HiJackThis log (also malwarebytes & avast logs upon request)

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything. We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here. To help Bleeping Computer better assist you please perform the following steps:*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/429752 <<< CLICK THIS LINK If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.*************************************************** If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.A new DDS and GMER log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
Please do this even if you have previously posted logs for us.If you were unable to produce the logs originally please try once more.If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system. If you are unsure about any of these characteristics just post what you can and we will guide you.Please tell us if you have your original Windows CD/DVD available. Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.Thank you for your patience, and again sorry for the delay.*************************************************** We need to see some information about what is happening in your machine. Please perform the following scan again: Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.DDS.scr DDS.pifDouble click on the DDS icon, allow it to run. A small box will open, with an explanation about the tool. No input is needed, the scan is running. Notepad will open with the results. Follow the instructions that pop up for posting the results. Close the program window, and delete the program from your desktop.Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. Information on A/V control HERE We also need a new log from the GMER anti-rootkit Scanner. Please note that if you are running a 64-bit version of Windows you will not be able to run GMER and you may skip this step. Please first disable any CD emulation programs using the steps found in this topic: Why we request you disable CD Emulation when receiving Malware Removal Advice Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here: How to create a GME... Read more

http://www.bleepingcomputer.com/forums/t/429752/hijackthis-log-also-malwarebytes-avast-logs-upon-request/
Relevancy 46.01%

HijackThis log Logfile Malwarebytes' and Anti-Malware log HijackThis files of Trend Micro HijackThis v Scan saved at on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C Program Files Microsoft Security Essentials MsMpEng exe C WINDOWS System svchost exe C WINDOWS system svchost exe C Program Files Lavasoft Ad-Aware AAWService exe C WINDOWS system spoolsv exe C Program Files Java jre bin jqs exe C Program Files Common Files LightScribe LSSrvc exe C Program Files Common Files Microsoft Shared VS DEBUG MDM EXE C WINDOWS system nvsvc exe C Program Files CyberLink Shared files RichVideo exe C WINDOWS system wuauclt exe C WINDOWS Explorer EXE C WINDOWS RTHDCPL EXE C WINDOWS system RUNDLL EXE C Program Files Common Files Java Java Update jusched exe C Program Files CyberLink PowerDVD PDVDServ exe C Program Files Microsoft Security Essentials msseces exe C WINDOWS system ctfmon exe C Program Files DAEMON Tools Lite DTLite exe C Program Files Common Files LightScribe LightScribeControlPanel exe C Documents and Settings Default Local Settings Application Data Google Update GoogleCrashHandler exe C WINDOWS system wuauclt exe C Program Files Lavasoft Ad-Aware AAWTray exe C Program Files Trend Micro HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Search Page URL SEARCHPAGE R - HKCU Software Microsoft Internet Explorer Main Start Page http search HijackThis and Malwarebytes' Anti-Malware log files conduit com SearchSource amp ctid CT R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page URL SEARCHPAGE R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId R - URLSearchHook PHPNukeEN Toolbar - dd a eb- afd- d - d -e f ca - C Program Files PHPNukeEN tbPHPN dll O - BHO Skype add-on mastermind - BF B-C D - d - A -A F BA C - C Program Files Skype Toolbars Internet Explorer SkypeIEPlugin dll O - BHO Ask Toolbar BHO HijackThis and Malwarebytes' Anti-Malware log files - D C F- A- -A AD- D - C Program Files Ask com GenericAskToolbar dll O - BHO Java tm Plug-In SSV Helper - DBC -A - b-BC - C C C A - C Program Files Java jre bin jp ssv dll O - BHO PHPNukeEN Toolbar - dd a eb- afd- d - d -e f ca - C Program Files PHPNukeEN tbPHPN dll O - BHO JQSIEStartDetectorImpl - E E F - CE- C -BC -EABFE F C - C Program Files Java jre lib deploy jqs ie jqs plugin dll O - Toolbar PHPNukeEN Toolbar - dd a eb- afd- d - d -e f ca - C Program Files PHPNukeEN tbPHPN dll O - Toolbar Ask Toolbar - D C F- A- -A AD- D - C Program Files Ask com GenericAskToolbar dll O - HKLM Run RTHDCPL RTHDCPL EXE O - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS system NvCpl dll NvStartup O - HKLM Run nwiz nwiz exe install O - HKLM Run NvMediaCenter RUNDLL EXE C WINDOWS system NvMcTray dll NvTaskbarInit O - HKLM Run SunJavaUpdateSched quot C Program Files Common Files Java Java Update jusched exe quot O - HKLM Run RemoteControl quot C Program Files CyberLink PowerDVD PDVDServ exe quot O - HKLM Run LanguageShortcut quot C Program Files CyberLink PowerDVD Language Language exe quot O - HKLM Run MSSE quot C Program Files Microsoft Security Essentials msseces exe quot -hide O - HKCU Run CTFMON EXE C WINDOWS system ctfmon exe O - HKCU Run DAEMON Tools Lite quot C Program Files DAEMON Tools Lite DTLite exe quot -autorun O - HKCU Run LightScribe Control Panel C Program Files Common Files LightScribe LightScribeControlPanel exe -hidden O - HKCU Run Google Update quot C Documents and Settings Default Local Settings Application Data Google Update GoogleUpdate exe quot c O - HKCU Run uTorrent quot C Program Files uTorrent uTorrent exe quot ... Read more

https://forums.techguy.org/threads/hijackthis-and-malwarebytes-anti-malware-log-files.908517/
Relevancy 46.01%

The computer in question has over 100 process running, many of which simply restart when killed, When the computer is idle it routinely spikes to 100% cpu usage, and many malware removal tools wont download.
 
Dss from bleeping computer will start the download but disappear entirely before its finished
malwarebytes downloaded but will not update, neither will avg2013(the antivirus on the computer)
Hijackthis wont finish its download.
 
Not really sure what to do, please help

A:100+ processes, wont allow malwarebytes, dds or hijackthis downloads

Hello AgentOfSomeone NOTE** download the tools from a good computer and pass to this one with a pen driveI would like to welcome you to the Malware Removal section of the forum.Around here they call me Gringo and I will be glad to help you with your malware problems.Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!Please do not run any tools unless instructed to do so.We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.Please do not attach logs or use code boxes, just copy and paste the text.Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.Please read every post completely before doing anything.Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.Please provide feedback about your experience as we go.A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.NOTE: At the top of your post, click on the "Follow This Topic" Button, make sure that the "Receive notification" box is checked and that it is set to "Instantly" - This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.I need to get some reports to get a base to start from so I need you to run these programs first.-Download DDS-Please download DDS from one of the links below and save it to your desktop:Download DDS and save it to your desktopLink1Link2Link3Double-Click on dds.scr and a command window will appear. This is normal.Shortly after two logs will appear:DDS.txtAttach.txtA window will open instructing you save & post the logsSave the logs to a convenient place such as your desktopCopy the contents of both logs & post in your next replyGringo

http://www.bleepingcomputer.com/forums/t/493951/100-processes-wont-allow-malwarebytes-dds-or-hijackthis-downloads/
Relevancy 46.01%

Hey i'm running on Windows XP Professional SP and I recently encountered this problem where I cannot open Malwarebytes Spybot Search amp Destroy HijackThis programs without getting the error Windows cannot access this file I have tried to Malwarebytes/Spybot/Hijackthis unable open to reinstall rename start in safe mode all the tricks have been attempted with the exact same results I was told to Malwarebytes/Spybot/Hijackthis unable to open post here and rootrepeal would not work Malwarebytes/Spybot/Hijackthis unable to open therefore I can't post a log for that and also I tried to do a DDS scan but it just sat there and never produced a Malwarebytes/Spybot/Hijackthis unable to open log either Topic referenced is here http www bleepingcomputer com forums t i-cant-run-malwarebytes-spybot-search-destroy-etc OBAll I have is this Win diag Please tell me how to get rid of this infection I have Oh and also I am using ESET NOD Antivirus and it constantly pops up saying I have a threat in my memory called Win Olmarik Trojan and it's usaully unable to clean it also I can run GMER fine and it produces a rootkit threat as well

A:Malwarebytes/Spybot/Hijackthis unable to open

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. Pleaseinclude a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.Please download OTL from following mirror:This is THE MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.Push the button.Two reports will open, copy and paste them in a reply here:OTL.txt <-- Will be openedExtra.txt <-- Will be minimizedIn the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. I suggest you do this and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.regards _temp_

http://www.bleepingcomputer.com/forums/t/259610/malwarebytesspybothijackthis-unable-to-open/
Relevancy 46.01%

Hello, I have some weird chinese "anti-virus" virus that I cannot delete, also Malwarebytes Quarantine doesnt let me press the finish button.
Some weird chinese programs tend to appear out of nowhere.
Please help.

A:Weird chinese "anti-virus" virus + malwarebytes quarantine doesnt let me finish

Hi Snajpi My name is Aura and I'll be assisting you with this issue. Please give me a few hours to review your logs and prepare a reply.Thank you!

http://www.bleepingcomputer.com/forums/t/611190/weird-chinese-anti-virus-virus-malwarebytes-quarantine-doesnt-let-me-finish/
Relevancy 46.01%

Windows XP Media Just upgraded to IE I regularly run ATF Cleaner and lately it has been clearing alot more files even when I haven t been on the internet I am also having problems staying connected Our DSL provider will be coming out tomorrow to check the lines Recently when doing a deep scan with Bitdefender it found Java Trojan Exploit Bytverify I The files affected were quarantined and a scan has been run since and causing running Lots problems...HijackThis included log things of then and nothing was found to be infected My hunch is that all of this has something to do with IE and or Facebook Please help Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C Program Files Common Files BitDefender BitDefender Update Service livesrv exe C Program Files BitDefender BitDefender vsserv exe C WINDOWS System svchost exe C WINDOWS system spoolsv exe C Program Files Common Files EPSON EBAPI eEBSVC exe C Program Files Common Lots of things running and causing problems...HijackThis log included Files Command Software dvpapi exe C WINDOWS eHome ehRecvr exe C WINDOWS eHome ehSched exe C Program Files Common Files EPSON EBAPI SAgent exe C Program Lots of things running and causing problems...HijackThis log included Files Lots of things running and causing problems...HijackThis log included Java jre bin jqs exe C Program Files Kodak printer center KodakSvc exe C Program Files Common Files New Boundary PrismXL PRISMXL SYS C WINDOWS system svchost exe C Program Files Common Files Symantec Shared CCPD-LC symlcsvc exe C Program Files Viewpoint Common ViewpointService exe C Program Files Canon CAL CALMAIN exe C WINDOWS system dllhost exe C WINDOWS Explorer EXE C PROGRA Yahoo browser ybrwicon exe C Program Files Verizon Servicepoint VerizonServicepoint exe C Program Files Common Files Real Update OB realsched exe C Program Files Digital Media Reader shwiconem exe C Program Files Java jre bin jusched exe C WINDOWS SOUNDMAN EXE C Program Files CyberLink PowerDVD PDVDServ exe C Program Files QuickTime qttask exe C PROGRA VERIZO HELPSU SMARTB MotiveSB exe C PROGRA Yahoo browser ycommon exe C WINDOWS system hkcmd exe C WINDOWS zHotkey exe C WINDOWS ALCWZRD EXE C PROGRA VERIZO HELPSU VERIZO EXE C WINDOWS System spool DRIVERS W X EKIJ MUI exe C Program Files BitDefender BitDefender bdagent exe C Program Files SUPERAntiSpyware SUPERAntiSpyware exe C WINDOWS system ctfmon exe C Program Files Common Files Verizon Online ConnMgr cmisrv exe C Program Files Kodak Kodak EasyShare software bin EasyShare exe C Program Files BitDefender BitDefender seccenter exe C Program Files Yahoo Yahoo Music Engine ymetray exe C Program Files TrueAssistant TrueAssistant exe C Program Files OpenOffice org program soffice exe C Program Files OpenOffice org program soffice BIN C Program Files Common Files Verizon Online AppMgr vzOpenUIServer exe C Program Files Common Files MotiveBrowser MotiveBrowser exe C PROGRA Yahoo MESSEN ymsgr tray exe C Program Files Internet Explorer iexplore exe C Program Files Internet Explorer iexplore exe C Program Files Trend Micro HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http home verizon yahoo com R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http www gatewaybiz com R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyServer R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride O - BHO RealPlayer Download and Record Plugin for Internet Explorer - C E -B - BC - - C CA - C Program Files Real RealPlayer rpbrowserrecordplugin dll O - BHO Google Dictionary Compression sdch - C D FE-E D- -BB - C E E C E - no ... Read more

A:Lots of things running and causing problems...HijackThis log included

The telephone tech just left...there was some corrosion in the jack box causing some of the problems. When he got on the computer, he said there were some other things that are slowing it down...

I'm hoping someone will be able to look at my HijackThis log...
 

https://forums.techguy.org/threads/lots-of-things-running-and-causing-problems-hijackthis-log-included.905870/
Relevancy 45.58%

Here are the only two logs that tool remove other or will Virus not me Malwarebytes to run let virus/trojan/malware any I was able to get Here is the logfile from Win kDiag exe Running from C Documents and Settings Eduardo Lugo Desktop Win kDiag exe Log file at C Documents and Settings Eduardo Lugo Desktop Win kDiag txt WARNING Could not get backup privileges Searching 'C WINDOWS' Found mount point C WINDOWS hf mig Virus will not let me run Malwarebytes or any other tool to remove virus/trojan/malware KB KB Mount point destination Device max gt Found mount Virus will not let me run Malwarebytes or any other tool to remove virus/trojan/malware point C WINDOWS hf mig KB KB Mount point destination Device max gt Found mount point C WINDOWS hf mig KB KB Mount point destination Device max gt Found mount point C WINDOWS hf mig KB KB Mount point destination Device max gt Found mount point C WINDOWS hf mig KB KB Mount point destination Device max gt Found mount point C WINDOWS hf mig KB KB Mount point destination Device max gt Found mount point C WINDOWS hf mig KB KB Mount point destination Device max gt Found mount point C WINDOWS hf mig KB KB Mount point destination Device max gt Found mount point C WINDOWS hf mig KB KB Mount point destination Device max gt Found mount point C WINDOWS hf mig KB KB Mount point destination Device max gt Found mount point C WINDOWS hf mig KB KB Mount point destination Device max gt Found mount point C WINDOWS assembly NativeImages v Temp ZAP tmp ZAP tmp Mount point destination Device max gt Found mount point C WINDOWS assembly NativeImages v Temp ZAP tmp ZAP tmp Mount point destination Device max gt Found mount point C WINDOWS assembly NativeImages v Temp ZAP tmp ZAP tmp Mount point destination Device max gt Found mount point C WINDOWS assembly NativeImages v Temp ZAP tmp ZAP tmp Mount point destination Device max gt Found mount point C WINDOWS assembly NativeImages v Temp ZAP F tmp ZAP F tmp Mount point destination Device max gt Found mount point C WINDOWS assembly NativeImages v Temp ZAP tmp ZAP tmp Mount point destination Device max gt Found mount point C WINDOWS assembly temp temp Mount point destination Device max gt Found mount point C WINDOWS assembly tmp tmp Mount point destination Device max gt Found mount point C WINDOWS Config Config Mount point destination Device max gt Found mount point C WINDOWS Connection Wizard Connection Wizard Mount point destination Device max gt Found mount point C WINDOWS CSC d d Mount point destination Device max gt Found mount point C WINDOWS CSC d d Mount point destination Device max gt Found mount point C WINDOWS CSC d d Mount point destination Device max gt Found mount point C WINDOWS CSC d d Mount point destination Device max gt Found mount point C WINDOWS CSC d d Mount point destination Device max gt Found mount point C WINDOWS CSC d d Mount point destination Device max gt Found mount point C WINDOWS CSC d d Mount point destination Device max gt Found mount point C WINDOWS CSC d d Mount point destination Device max gt Found mount point C WINDOWS ftpcache ftpcache Mount point destination Device max gt Found mount point C WINDOWS ime chsime applets applets Mount point destination Device max gt Found mount point C WINDOWS ime CHTIME Applets Applets Mount point destination Device max gt Found mount point C WINDOWS ime imejp applets applets Mount point destination Device max gt Found mount point C WINDOWS ime imejp imejp Mount point destination Device max gt Found mount point C WINDOWS ime imjp applets applets Mount point destination Device max gt Found mount point C WINDOWS ime imkr applets applets Mount point destination Device max gt Found mount point C WINDOWS ime imkr dicts dicts Mount point destination Device max gt Found mount point C WINDOWS ime shared res res Mount point destination Device max gt Found mount point C WINDOWS Installer PatchCache Managed F FEC Mount point destination Device max gt Found mount point C WINDOWS Installer PatchCache Managed B F... Read more

A:Virus will not let me run Malwarebytes or any other tool to remove virus/trojan/malware

Hello trumpetman,Please save this file to your desktop. Click on Start->Run, and copy-paste the following command (the bolded text) "%userprofile%\desktop\win32kdiag.exe" -f -rinto the "Open" box, and click OK. When it's finished, there will be a log called Win32kDiag.txt on your desktop. Please open it with notepad and post the contents here.

http://www.bleepingcomputer.com/forums/t/260548/virus-will-not-let-me-run-malwarebytes-or-any-other-tool-to-remove-virustrojanmalware/
Relevancy 45.58%

Hi, I've been getting pop ups on my computer from malwarebytes and Avast saying that they've blocked some malware. Before that I noticed that my computer restarted on its own when I walked back into my room. I get the Threat has been detected from avast every few minutes. Ive scanned with TDSSKiller and rougekiller. When I scanned with TDSSkiller I got 2 threats that say unsigned file Service:Dcomlaunch and Service:RpcSs,

A:Avast and Malwarebytes Virus Popups svchost.exe Virus/malware

Oh and my computer is a windows 7 home premium service pack 1

http://www.bleepingcomputer.com/forums/t/535013/avast-and-malwarebytes-virus-popups-svchostexe-virusmalware/
Relevancy 45.58%

I have a particulary troublesome infection that I am at a loss for. I tried to run Malwarebytes but after downloading, installing, and updating, when I click on scan it starts but after 5 seconds it closes. Does the same thing with hijackthis, and superantispyware free edition. What is strange, is just for kicks I ran combofix, it updated, did the recovery console, went thru the scan completely, said it found a couple items but when I go back to run Malwarebytes, it still only runs for 5 seconds. All other malware remover free products I have tried render the same results such as RootRepeal, a couple of online scans, Spybot Search and Destroy etc. After running if I try to run again it says windows cannot access the specified path you may not have the appropriate permissions.

A:Malwarebytes, HijackThis, SuperAntiSpyware starts then closes after 5 seconds

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process. Please also continue to work with me until I give you the all clear. Even if your computer appears to act better, you may still be infected.Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.Once we start working together, please reply back within 3 days or this thread may be closed so we can help others who are waiting.We need to create an OTL report,Please download OTL from this link.Save it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.Under the Custom Scan box paste this in:netsvcsmsconfigdrivers32 /all%systemroot%\system32\*.dll /lockedfiles%systemroot%\system32\*.sys /90%systemroot%\Tasks\*.job /lockedfiles%systemroot%\System32\config\*.sav %SYSTEMDRIVE%\*.*%systemroot%\system32\Spool\prtprocs\w32x86\*.dll%systemroot%\*. /mp /s/md5starteventlog.dllscecli.dllnetlogon.dllcngaudit.dllsceclt.dllntelogon.dlllogevent.dlliaStor.sysnvstor.sysatapi.sysIdeChnDr.sysviasraid.sysAGP440.sysvaxscsi.sysnvatabus.sysviamraid.sysnvata.sysnvgts.sysiastorv.sysViPrt.syseNetHook.dllahcix86.sysKR10N.sysnvstor32ahcix86s.sysnvrd32.sysuser32.dllws2_32.dll/md5stop%systemroot%\*. /mp /sHKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AUCREATERESTOREPOINTClick the Quick Scan button.The scan should take a few minutes.Please copy and paste both logs in your reply.We also need a new log from the GMER anti-rootkit scanner. Please first disable any CD emulation programs using the steps found in this topic:Why we request you disable CD Emulation when receiving Malware Removal AdviceThen create another GMER log and post it as an attachment to the reply where you post your new OTL log. Instructions on how to properly create a GMER log can be found here:How to create a GMER logIn your reply, please post both OTL logs and the GMER log.

http://www.bleepingcomputer.com/forums/t/350195/malwarebytes-hijackthis-superantispyware-starts-then-closes-after-5-seconds/
Relevancy 45.58%

Hi -- I'm new to this kind of thing though I've followed advice on cleaning my computer before submitting this Any help would be greatly appreciated Much obliged -- davemundycmt Logfile of Trend Micro HijackThis v Scan logs & trojans/spyware--malwarebytes Looking help hijackthis with for attached saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C Program Files Lavasoft Ad-Aware AAWService exe C WINDOWS system spoolsv exe C Program Files Trend Micro BM TMBMSRV exe C Program Files Nero Nero InCD InCDsrv exe C Program Files Common Files Intuit Update Service Looking for help with trojans/spyware--malwarebytes & hijackthis logs attached IntuitUpdateService exe C Program Files Java jre bin Looking for help with trojans/spyware--malwarebytes & hijackthis logs attached jqs exe C Program Files Common Files LightScribe LSSrvc exe C Program Files Nero Nero InCD NBHRegInCDSrv exe C Program Files CyberLink Shared Files RichVideo exe C Program Files Trend Micro Internet Security SfCtlCom exe C Program Files Trend Micro Internet Security TmPfw exe C Program Files Trend Micro Internet Security TmProxy exe C WINDOWS system SearchIndexer exe C WINDOWS Explorer EXE C WINDOWS system SearchProtocolHost exe C WINDOWS system hkcmd exe C WINDOWS system igfxpers exe C Program Files VIA VIAudioi HDADeck HDeck exe C WINDOWS system igfxsrvc exe C Program Files Nero Nero InCD NBHGui exe C Program Files Nero Nero InCD InCD exe C Program Files CyberLink PowerDVD PDVDServ exe C Program Files Trend Micro Internet Security UfSeAgnt exe C Program Files Common Files Java Java Update jusched exe C Program Files Adobe Reader Reader Reader sl exe C Program Files Lavasoft Ad-Aware AAWTray exe C Program Files Trend Micro Internet Security TMAS OE TMAS OEMon exe C WINDOWS system ctfmon exe C Program Files Common Files LightScribe LightScribeControlPanel exe C Program Files Microsoft Money System mnyexpr exe C Program Files Creative Home Hallmark Card Studio Planner PLNRnote exe C Program Files Windows Desktop Search WindowsSearch exe C Program Files Mozilla Firefox firefox exe C Program Files Trend Micro HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http search mywebsearch com mywebs xYf mLGoYz MaA R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http go microsoft com fwlink LinkId O - BHO AcroIEHelperStub - DF C-E AD- -A -FA C EBDC - C Program Files Common Files Adobe Acrobat ActiveX AcroIEHelperShim dll O - BHO no name - B DE- C - BF-B B- B F A E - C Program Files Microsoft Money System mnyside dll O - BHO Java tm Plug-In SSV Helper - DBC -A - b-BC - C C C A - C Program Files Java jre bin jp ssv dll O - BHO JQSIEStartDetectorImpl - E E F - CE- C -BC -EABFE F C - C Program Files Java jre lib deploy jqs ie jqs plugin dll O - BHO no name - FDD B - D - ffb- - B AD ACC - no file O - HKLM Run IgfxTray C WINDOWS system igfxtray exe O - HKLM Run HotKeysCmds C WINDOWS system hkcmd exe O - HKLM Run Persistence C WINDOWS system igfxpers exe O - HKLM Run HDAudDeck C Program Files VIA VIAudioi HDADeck HDeck exe O - HKLM Run NeroFilterCheck C Program Files Common Files Nero Lib NeroCheck exe O - HKLM Run SecurDisc C Program Files Nero Nero InCD NBHGui exe O - HKLM Run InCD C Program Files Nero Nero InCD InCD exe O - HKLM Run RemoteControl quot C Program Files CyberLink PowerDVD PDVDServ exe quot O - HKLM Run LanguageShortcut quot C Program Files CyberLink PowerDVD Language Language exe qu... Read more

A:Looking for help with trojans/spyware--malwarebytes & hijackthis logs attached

Welcome to TSF :)
Download OTL.exe to your desktop.
Double-Click on OTL to run it.
When the window appears, underneath Output at the top change it to Minimal Output.
Under the Standard Registry box change it to All.
Under Custom scan's and fixes section paste in the below in bold


netsvcs
%SYSTEMDRIVE%\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\drivers\*.sys /90
Check the boxes beside LOP Check and Purity Check.
Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan won't take long.
When the scan completes, it will open two notepad windows. OTL.txt and Extras.txt. These are saved in the same location as OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.

http://www.techsupportforum.com/forums/f50/looking-for-help-with-trojans-spyware-malwarebytes-and-hijackthis-logs-attached-495067.html
Relevancy 45.58%

I need some help fixing this problem. I am unable to open Hijackthis and Malwarebytes to help solve the problem. It says I do not have sufficient privileges to access the program. What should I do?!
 

A:Hijackthis and Malwarebytes wont open suspected malware

Ok I finally got HIjack this and Malwarebytes to work and hopefully cleaned the problem up. I can not get COMBOFIX to run it comes up with many errors and my comodo antivirus says there are many files infected when I try to run it. I am going to post the Hijackthis log and I would appreciate it very much if someone would take a look and let me know if everything is working as it should. Thank you.
 

https://forums.techguy.org/threads/hijackthis-and-malwarebytes-wont-open-suspected-malware.864934/
Relevancy 45.58%

Hi I definitely have a bunch of nasty trojans and or viruses They were redirecting all my web pages for a while but I found a tool called Exterminate It and bought it and I think it got rid of Zlob SpyDldr J CnsMin some BHO's and some dll's that it identified as trojans CWShredder also removed one thing I'm not sure what My browsers arent redirecting anymore but there are definitely some nasty things still on the computer I downloaded Webroot Antivirus SpySweeper and CyberDefender and ran them and they each picked up a few things but before taking further action and removing things I wasn't sure about I thought I'd come over here and seek some help Some other things my Avira SUPERAntiSpyware Hijackthis run SpyBot, install, crashes on etc. Can't Malwarebytes, or AntiVir Professional picked up but I don't think cleaned are TR Dropper Gen and TR Alureon J Panda found Trj Agent MIK I also noticed Scansoft Shared in my startup items When I try to launch Spybot Hijackthis or Malwarebyters they Can't run SpyBot, Hijackthis or Malwarebytes, SUPERAntiSpyware crashes on install, etc. just shut down But I was able to run DDS and the logs are below and attached Please help Can't run SpyBot, Hijackthis or Malwarebytes, SUPERAntiSpyware crashes on install, etc. This computer has my lifes work on it and shame on me I haven't backed up in a while Thank you MikeDDS Ver - - - NTFSx Run by Michael Coletta at on Wed Internet Explorer BrowserJavaVersion Microsoft Windows XP Professional GMT - AV Spyware Doctor with AntiVirus On-access scanning enabled Updated D C B -C DC- F- EF - AF A EFF AV AntiVir Windows Workstation On-access scanning enabled Updated B B A- C - DD-A D - C CE E AV Norton Internet Security On-access scanning enabled Updated E A - - -B - C C F AV Webroot AntiVirus with AntiSpyware On-access scanning disabled Updated E C F- CCA- - -BDBC AD AV CyberDefender Internet Security On-access scanning enabled Updated AD DABF - B - CB-A E - DE A F FW Norton Internet Security enabled C A C -F F- AC -B -A E C F Running Processes C Program Files Webroot WebrootSecurity WRConsumerService exeC WINDOWS system svchost -k DcomLaunchsvchost exeC Program Files Windows Defender MsMpEng exeC WINDOWS System svchost exe -k netsvcsC Program Files WIDCOMM Bluetooth Software bin btwdins exeC WINDOWS system svchost exe -k WudfServiceGroupC Program Files Common Files Microsoft Shared Ink KeyboardSurrogate exeC Program Files Intel Wireless Bin S EvMon exesvchost exesvchost exeC WINDOWS system LEXBCES EXEC WINDOWS system LEXPPS EXEC WINDOWS system spoolsv exeC Program Files Avira AntiVir Workstation sched exesvchost exeC Program Files a-squared Free a service exeC Program Files Common Files Acronis Schedule schedul exeC Program Files Avira AntiVir Workstation avguard exeC Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exeC WINDOWS system AstSrv exeC Program Files Avira AntiVir Workstation avesvc exeC WINDOWS system bmwebcfg exeC Program Files Bonjour mDNSResponder exeC Program Files Common Files InterVideo DeviceService DevSvc exeC Program Files Intel Wireless Bin EvtEng exeC Program Files Microsoft SQL Server MSSQL PROVIDUSSTD Binn sqlservr exeC Program Files Google Update GoogleUpdate exeC WINDOWS system nvsvc exeC WINDOWS system oodag exeC WINDOWS system HPZipm exeC Program Files Common Files Intuit QuickBooks QBCFMonitorService exeC WINDOWS SYSTEM WISPTIS EXEC Program Files Intel Wireless Bin RegSrvc exeC WINDOWS system svchost exe -k imgsvcC Program Files Common Files Ulead Systems DVD ULCDRSvr exeC Program Files Website Accelerator wad exeC Program Files Website Accelerator wad ssl exeC Program Files Webroot WebrootSecurity SpySweeper exec WINDOWS system ZuneBusEnum exeC Program Files Avira AntiVir Workstation AVWEBGRD EXEC WINDOWS Explorer EXEC Program Files Motorola SMSERIAL sm hlpr exeC Program Files Common Files Microsoft Shared Ink TabTip exeC Program Files Common Files Microsoft Shared Ink TCServer exe... Read more

A:Can't run SpyBot, Hijackthis or Malwarebytes, SUPERAntiSpyware crashes on install, etc.

Hello mrfettucini,Sorry about the delay. If you still need help, please post a new HijackThis log to make sure nothing has changed, and I'll be happy to look at it for you.Please do this:1. Download HijackThis? here:http://www.trendsecure.com/portal/en-US/th.../hijackthis.php2. Click 'Do a System Scan and Save log'.The HJT log will open in notepad.Try renaming Hijackthis.exe to fettucini.exe if it won't run. Thanks,tea

http://www.bleepingcomputer.com/forums/t/234644/cant-run-spybot-hijackthis-or-malwarebytes-superantispyware-crashes-on-install-etc/
Relevancy 45.58%

Hi I had to get MalwareBytes installed on a flash drive on another computer because the virus stopped MalwareBytes from working or installing Ran MBytes Deleted everything it found but the virus is still present in that I see rundll exe running in Taskmanager which I CANNOT terminate and in that every link is redirected to greatfeedmill com or other website usually search and health related HiJackThis found these FOUR files I deleted them but when I scan again they pop up again Don't know what to do Please help I ALSO cannot boot in Safe Mode it help System greatfeedmill.com HiJackThis Malwarebytes Hijack, and :( Browser and don't automatically reboots after a few seconds when I try to do it Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C windows System smss exe C windows system winlogon exe C windows system services exe C windows system lsass exe C windows system svchost exe C windows System svchost exe C windows Explorer EXE C windows system spoolsv exe C windows system rundll exe C windows system svchost exe C windows System svchost exe C Program Files Mozilla Firefox firefox exe C Program Files Trend Micro HijackThis HijackThis exe O - HKLM Run calc rundll exe C windows system calc dll IWMPEvents O - HKCU Run calc rundll exe C DOCUME ADMINI ntuser dll IWMPEvents O - HKUS S- - - Run calc rundll exe C windows system config SYSTEM ntuser dll IWMPEvents User 'SYSTEM' O - HKUS DEFAULT Run calc rundll greatfeedmill.com Browser and System Hijack, Malwarebytes and HiJackThis don't help :( exe C windows system config SYSTEM ntuser dll IWMPEvents User 'Default user' -- End of file - bytes

A:greatfeedmill.com Browser and System Hijack, Malwarebytes and HiJackThis don't help :(

I FIXED IT!

Just download and run Combofix, it will automatically scan and delete the problem-causing files.

If your browser redirects to toseka.com, greatfeedmill, etc, and some health-related websites, then try that.

http://www.bleepingcomputer.com/forums/t/266238/greatfeedmillcom-browser-and-system-hijack-malwarebytes-and-hijackthis-dont-help/
Relevancy 45.58%

I have come here from this initial thread http://www.bleepingcomputer.com/forums/t/262378/virus-shuts-down-malwarebytes-hijackthis-adware-ie7/Here is the log from win32kdiagThanks in advance for the help

A:rootkit variant shuts down malwarebytes, hijackthis, adaware, IE7

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Follow the instructions that pop up for posting the results.Close the program window, and delete the program from your desktop.Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. Information on A/V control HERE

http://www.bleepingcomputer.com/forums/t/262438/rootkit-variant-shuts-down-malwarebytes-hijackthis-adaware-ie7/
Relevancy 45.15%

Um so the main problem here is that I can't update virus, plus can't even Crazy my update malwarebytes/anti-virus I my new antivirus malwarebytes because Crazy virus, plus I can't even update my malwarebytes/anti-virus the virus that i have im assuming isnt allowing me and is directing me to the not found page as if you didn't have internet It seems that when i do the quickdl for combofix it prompts up a message saying this can be a virus please do not install Crazy virus, plus I can't even update my malwarebytes/anti-virus and says Crazy virus, plus I can't even update my malwarebytes/anti-virus i may be infected with virus virut or w e and the combofix dl was from this site I also keep getting virus popups ever seconds Anyone know the problem heres my logs Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows Vista SP WinNT MSIE Internet Explorer v Boot mode NormalRunning processes C Windows system taskeng exeC Windows system Dwm exeC Windows Explorer EXEC Program Files AVG AVG avgtray exeC Program Files iTunes iTunesHelper exeC Program Files AIM aim exeC Program Files Windows Live Messenger msnmsgr exeC Program Files ooVoo ooVoo exeC Program Files AIM aolsoftware exeC Program Files Windows Live Contacts wlcomm exeC Program Files AVG AVG avgcsrvx exeC Windows system wuauclt exeC Program Files Mozilla Firefox firefox exeC Program Files PayPal PayPal Plug-In RBroker exeC Users CJ Desktop Work PC HijackThis exeR - HKCU Software Microsoft Internet Explorer Main Default Page URL http www alienware com Mothership Comp D R - HKCU Software Microsoft Internet Explorer Main Start Page http www ask com o amp l disR - HKLM Software Microsoft Internet Explorer Main Default Page URL http www alienware com mothershipR - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Search Page http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Start Page http www alienware com mothershipR - HKLM Software Microsoft Internet Explorer Search SearchAssistant R - HKLM Software Microsoft Internet Explorer Search CustomizeSearch R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride localR - HKCU Software Microsoft Internet Explorer Toolbar LinksFolderName R - URLSearchHook no name - f - dc - -bc - e fefafe - no file R - URLSearchHook no name - CFBFAE - A - D - CB- C FD - no file R - URLSearchHook AVG Security Toolbar BHO - A BC A - F - -AA - D C - C Program Files AVG AVG Toolbar IEToolbar dllO - Hosts localhostO - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Common Files Adobe Acrobat ActiveX AcroIEHelper dllO - BHO WormRadar com IESiteBlocker NavFilter - CA F - F E- B -A E- E E C C - C Program Files AVG AVG avgssie dllO - BHO no name - C C A-E - b - D - CECB - no file O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dllO - BHO Windows Live Sign-in Helper - D - C - ABF- ECC- C - C Program Files Common Files Microsoft Shared Windows Live WindowsLiveLogin dllO - BHO ooVoo Toolbar - A FB F A-D E- DD- -E A D - C Program Files oovootb oovoodx dllO - BHO AVG Security Toolbar BHO - A BC A - F - -AA - D C - C Program Files AVG AVG Toolbar IEToolbar dllO - BHO Google Toolbar Helper - AA ED - DD- d - -CF F - c program files google googletoolbar dllO - BHO AIM Toolbar Loader - b cda -b - eef-a - a ac dbf - C Program Files AIM Toolbar aimtb dllO - BHO Ask Toolbar BHO - D C F- A- -A AD- D - C Program Files Ask com GenericAskToolbar dllO - BHO OToolbarHelper Class - EAD A - A - - -C E - C Program Files PayPal PayPal Plug-In PayPalHelper dllO - Toolbar amp Google - C B - - d - B - A CD F - c program files google googletoolbar dllO - Toolbar AIM Toolbar - ecd-cc - -a c- aaccbd - C Program Files AIM Toolbar aimtb dllO - Toolbar AVG Security Toolbar - CCC A -B CA- -B A - F DD - C Program Files AVG AVG Tool... Read more

A:Crazy virus, plus I can't even update my malwarebytes/anti-virus

Bump... can anyone help? emergency... thank you

http://www.bleepingcomputer.com/forums/t/265068/crazy-virus-plus-i-cant-even-update-my-malwarebytesanti-virus/
Relevancy 45.15%

Hello everyone I have a problem with a keylogger type program I know this because my yahoo e-mail account sends some of my friends spam on the messanger and that logs) problem (MalwareBytes' Keylogger Hijackthis Anti-Malware and i an account to an online game that i play has been stolen I have used the following softwares in the following order ATF Cleaner Ad-aware Free Spybot Search amp Destroy MBAM MalwareBytes Anti-Malware Full system scan with two online virusscanners BitDefender and Panda Keylogger problem (MalwareBytes' Anti-Malware and Hijackthis logs) Hijackthis You can find the MalwareBytes Anti-Malware and Hijackthis logs below Could you please tell me what to do to make sure my system is safe Thank you in advance Hijackthis log Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS Explorer EXE C WINDOWS system spoolsv exe C WINDOWS SOUNDMAN EXE C WINDOWS system RUNDLL EXE C Program Files Adobe Acrobat Acrobat Acrotray exe C Program Files Adobe Reader Reader Reader sl exe C WINDOWS system ctfmon exe C Program Files Yahoo Messenger YahooMessenger exe C Program Files Google Update GoogleUpdate exe C Program Files Nero Nero Nero BackItUp NBService exe C WINDOWS system nvsvc exe C WINDOWS system svchost exe C Program Files Common Files Macrovision Shared FLEXnet Publisher FNPLicensingService exe C WINDOWS system wscntfy exe C WINDOWS System svchost exe C WINDOWS system wuauclt exe C Program Files Trend Micro HijackThis HijackThis exe R - HKLM Software Microsoft Internet Explorer Search SearchAssistant R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride local O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Common Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - BHO Adobe PDF Conversion Toolbar Helper - AE CD -E - f- - EE - C Program Files Adobe Acrobat Acrobat AcroIEFavClient dll O - BHO Google Toolbar Notifier BHO - AF DE - D - -B FA-CE B AD D - C Program Files Google GoogleToolbarNotifier swg dll O - Toolbar Adobe PDF - -D C - - FA - E EAAC - C Program Files Adobe Acrobat Acrobat AcroIEFavClient dll O - HKLM Run SoundMan SOUNDMAN EXE O - HKLM Run Logitech Hardware Abstraction Layer KHALMNPR EXE O - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS system NvCpl dll NvStartup O - HKLM Run nwiz nwiz exe install O - HKLM Run NvMediaCenter RUNDLL EXE C WINDOWS system NvMcTray dll NvTaskbarInit O - HKLM Run Acrobat Assistant quot C Program Files Adobe Acrobat Acrobat Acrotray exe quot O - HKLM Run Adobe Reader Speed Launcher quot C Program Files Adobe Reader Reader Reader sl exe quot O - HKCU Run ctfmon exe C WINDOWS system ctfmon exe O - HKCU Run DAEMON Tools Lite quot C Program Files DAEMON Tools Lite daemon exe quot -autorun O - HKCU Run Messenger Yahoo quot C Program Files Yahoo Messenger YahooMessenger exe quot -quiet O - HKCU Run EA Core quot C Program Files Electronic Arts EADM Core exe quot -silent O - Global Startup Logitech SetPoint lnk C Program Files Logitech SetPoint SetPoint exe O - Extra context menu item Append to existing PDF - res C Program Files Adobe Acrobat Acrobat AcroIEFavClient dll AcroIEAppend html O - Extra context menu item Convert link target to Adobe PDF - res C Program Files Adobe Acrobat Acrobat AcroIEFavClient dll AcroIECapture html O - Extra context menu item Convert link target to existing PDF - res C Program Files Adobe Acrobat Acrobat AcroIEFavClient dll AcroIEAppend html O - Extra context menu item Convert selected links to Adobe PDF - res C Program Files Adobe Acrobat Acrobat AcroIEFavClient dll AcroIECaptureSelLinks html O - Extra context menu item Convert selected links... Read more

A:Keylogger problem (MalwareBytes' Anti-Malware and Hijackthis logs)

So can't anyone please help me?
 

https://forums.techguy.org/threads/keylogger-problem-malwarebytes-anti-malware-and-hijackthis-logs.830126/
Relevancy 45.15%

Hello everyone I have and (MalwareBytes' Anti-Malware problem Keylogger logs) Hijackthis a problem with a keylogger type program I know this because my yahoo e-mail account sends some of my friends spam on the messanger and that i an account to an online game that i play has been stolen I have used the following softwares in the following order ATF Cleaner Ad-aware Free Spybot Search amp Destroy MBAM MalwareBytes' Anti-Malware Full system scan with two online virusscanners BitDefender and Panda Hijackthis You can find the MalwareBytes' Anti-Malware and Hijackthis logs below Could you please tell me what to do to make sure my system is safe Thank you in advance Keylogger problem (MalwareBytes' Anti-Malware and Hijackthis logs) Hijackthis log Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v SP Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS Explorer EXE C WINDOWS system Keylogger problem (MalwareBytes' Anti-Malware and Hijackthis logs) spoolsv exe C WINDOWS SOUNDMAN EXE C WINDOWS system RUNDLL EXE C Program Files Adobe Acrobat Acrobat Acrotray exe C Program Files Adobe Reader Reader Reader sl exe C WINDOWS system ctfmon exe C Program Files Yahoo Messenger YahooMessenger exe C Program Files Google Update GoogleUpdate exe C Program Files Nero Nero Nero BackItUp NBService exe C WINDOWS system nvsvc exe C WINDOWS system svchost exe C Program Files Common Files Macrovision Shared FLEXnet Publisher FNPLicensingService exe C WINDOWS system wscntfy exe C WINDOWS System svchost exe C WINDOWS system wuauclt exe C Program Files Trend Micro HijackThis HijackThis exe R - HKLM Software Microsoft Internet Explorer Search SearchAssistant R - HKCU Software Microsoft Windows CurrentVersion Internet Settings ProxyOverride local O - BHO Adobe PDF Reader Link Helper - E F-C D - D -B D- B D BE B - C Program Files Common Files Adobe Acrobat ActiveX AcroIEHelper dll O - BHO SSVHelper Class - BB-D F - C-B EB-D DAF D D - C Program Files Java jre bin ssv dll O - BHO Adobe PDF Conversion Toolbar Helper - AE CD -E - f- - EE - C Program Files Adobe Acrobat Acrobat AcroIEFavClient dll O - BHO Google Toolbar Notifier BHO - AF DE - D - -B FA-CE B AD D - C Program Files Google GoogleToolbarNotifier swg dll O - Toolbar Adobe PDF - -D C - - FA - E EAAC - C Program Files Adobe Acrobat Acrobat AcroIEFavClient dll O - HKLM Run SoundMan SOUNDMAN EXE O - HKLM Run Logitech Hardware Abstraction Layer KHALMNPR EXE O - HKLM Run NvCplDaemon RUNDLL EXE C WINDOWS system NvCpl dll NvStartup O - HKLM Run nwiz nwiz exe install O - HKLM Run NvMediaCenter RUNDLL EXE C WINDOWS system NvMcTray dll NvTaskbarInit O - HKLM Run Acrobat Assistant quot C Program Files Adobe Acrobat Acrobat Acrotray exe quot O - HKLM Run Adobe Reader Speed Launcher quot C Program Files Adobe Reader Reader Reader sl exe quot O - HKCU Run ctfmon exe C WINDOWS system ctfmon exe O - HKCU Run DAEMON Tools Lite quot C Program Files DAEMON Tools Lite daemon exe quot -autorun O - HKCU Run Messenger Yahoo quot C Program Files Yahoo Messenger YahooMessenger exe quot -quiet O - HKCU Run EA Core quot C Program Files Electronic Arts EADM Core exe quot -silent O - Global Startup Logitech SetPoint lnk C Program Files Logitech SetPoint SetPoint exe O - Extra context menu item Append to existing PDF - res C Program Files Adobe Acrobat Acrobat AcroIEFavClient dll AcroIEAppend html O - Extra context menu item Convert link target to Adobe PDF - res C Program Files Adobe Acrobat Acrobat AcroIEFavClient dll AcroIECapture html O - Extra context menu item Convert link target to existing PDF - res C Program Files Adobe Acrobat Acrobat AcroIEFavClient dll AcroIEAppend html O - Extra context menu item Convert selected links to Adobe PDF - res C Program Files Adobe Acrobat Acrobat AcroIEFavClient dll AcroIECa... Read more

A:Keylogger problem (MalwareBytes' Anti-Malware and Hijackthis logs)

Hello and welcome to TSF.

We would like to have the logs from the scanners we request. HijackThis is no longer the preferred initial analysis tool in this forum.

We want all our members to perform the steps outlined in the link given below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

http://www.techsupportforum.com/forums/f100/keylogger-problem-malwarebytes-anti-malware-and-hijackthis-logs-379517.html
Relevancy 44.72%

Hi guys I am new to this forum I hope you can help me with dis closing itself.?? think... Virus, everything help........ is pls Why i i hv windows xp sp a few days bak i used a pen drive Why is everything closing itself.?? Virus, i think... pls help........ with my system that had some viruses in it and now i m repenting i hv got avast dul updated and installed bit defender trial as well a few hrs ago now my prblm is as follows these are a few things that close automatically on my system a few minutes seconds after opening - firefox internet explorer tools dialog box of my computer and even the chest of avast antivirus i dunno d reason virus dat i know sure on my system is vbs malware gen how to remove dis thingy it doesnt get repaired or anything only deleted or no action taken pls suggest me wat to do i ran a system scanin avast and a few viruses and trojans came in d way but i moved them to chest now i m unable to open d chest i dunno wat to do pls help me pls i m badly suffereing evrything closing even my email this is my hijackthislogfile Logfile of Trend Micro HijackThis v Scan saved at PM on Platform Windows XP SP WinNT MSIE Internet Explorer v Boot mode Normal Running processes C WINDOWS System smss exe C WINDOWS system winlogon exe C WINDOWS system services exe C WINDOWS system lsass exe C WINDOWS system svchost exe C WINDOWS System svchost exe C WINDOWS system ZoneLabs vsmon exe d Program Files Alwil Software Avast aswUpdSv exe d Program Files Alwil Software Avast ashServ exe C WINDOWS Explorer EXE C WINDOWS killer exe D PROGRA ALWILS Avast ashDisp exe D Program Files Zone Labs ZoneAlarm zlclient exe D Program Files HP HP Software Update HPWuSchd exe D Program Files Google Google Talk googletalk exe C WINDOWS SOUNDMAN EXE C WINDOWS system VTTimer exe D PROGRA INTERV WinDVR WINSCH EXE D Program Files InterVideo WinDVR WinRemote exe D Program Files DAEMON Tools daemon exe D Program Files Microsoft Office Office GrooveMonitor exe D Program Files CyberLink PowerDVD PDVDServ exe D Program Files Java jre bin jusched exe D Program Files iTunes iTunesHelper exe C WINDOWS system spoolsv exe D Program Files Google Google Desktop Search GoogleDesktop exe D Program Files BitDefender BitDefender bdagent exe C WINDOWS system ctfmon exe D PROGRA Ahead NEROPH data Xtras mssysmgr exe D Program Files Chameleon Clock ChamClock exe D Program Files Common Files Ahead lib NMBgMonitor exe D Program Files Common Files Apple Mobile Device Support bin AppleMobileDeviceService exe D Program Files HP Digital Imaging bin hpqtra exe D Program Files Microsoft Office Office ONENOTEM EXE d Program Files Common Files Microsoft Shared VS DEBUG MDM EXE D Program Files stickies stickies exe C WINDOWS system HPZipm exe D Program Files Webshots WebshotsTray exe C WINDOWS system svchost exe D Program Files Common Files BitDefender BitDefender Communicator xcommsvr exe D Program Files Google Google Desktop Search GoogleDesktop exe D Program Files Common Files BitDefender BitDefender Update Service livesrv exe D Program Files BitDefender BitDefender vsserv exe D Program Files HP Digital Imaging bin hpqimzone exe d Program Files Alwil Software Avast ashMaiSv exe D Program Files HP Digital Imaging bin hpqSTE exe d Program Files Alwil Software Avast ashWebSv exe D Program Files iPod bin iPodService exe C WINDOWS System svchost exe D Program Files HP Digital Imaging Product Assistant bin hprblog exe D Program Files internet explorer iexplore exe D Program Files internet explorer iexplore exe D Program Files Microsoft Office Office WINWORD EXE D Program Files J River Media Center Media Center exe D Program Files Trend Micro HijackThis HijackThis exe R - HKCU Software Microsoft Internet Explorer Main Start Page http http portal vidyamandir com c R - HKLM Software Microsoft Internet Explorer Main Default Page URL http go microsoft com fwlink LinkId R - HKLM Software Microsoft Internet Explorer Main Default Search URL http go microsoft com fwlink LinkId R - HKLM Sof... Read more

A:Why is everything closing itself.?? Virus, i think... pls help........

any suggestions, guys?????
 

https://forums.techguy.org/threads/why-is-everything-closing-itself-virus-i-think-pls-help.679840/