Home > Messed Up > Messed Up Computer's HI JACK This Log

Messed Up Computer's HI JACK This Log

I have put zone alarm on it now though the computer seems rather messed up. He is gone to college and I must clean it. Tech Reviews Tech News Tech How To Tech Buying Advice Laptop Reviews PC Reviews Printer Reviews Smartphone Reviews Tablet Reviews Wearables Reviews PC & Laptop Storage Reviews Antivirus Reviews Best Tech C:\Qoobox\Quarantine\C\WINDOWS\system32\H8SRTpmaxvrhmwn.dll.vir (Trojan.TDSS) -> Quarantined and deleted successfully. http://martop.net/messed-up/messed-up-my-computer-installing-an-ssd.html

Sign In Sign In Remember me Not recommended on shared computers Sign in anonymously Sign In Forgot your password? C:\Documents and Settings\Rami\Application Data\Microsoft\Internet Explorer\Quick Launch\Malware Defense.lnk (Rogue.MalwareDefense) -> Quarantined and deleted successfully. johnb35, Feb 24, 2010 #16 (You must log in or sign up to reply here.) Show Ignored Content Share This Page Tweet Your name or email address: Do you already have If you need this topic reopened, please send a Private Message to any one of the moderating team members. Homepage

After reboot (in case it asks to reboot), it will produce a log for you. Good luck with this. When finished, it shall produce a log for you. Josquius 13:09 08 Feb 05 The Josquius one is mine though it is on a totally different computer (this log is not off mine, its off my sisters).Its strange how they

HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{297D43D6-5E4B-4AC5-80E9-002DF4B60EF0}\RP368\A0130238.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.

johnb35, Feb 21, 2010 #5 Acetyle New Member Messages: 23 Malwarebytes' Anti-Malware 1.44 Database version: 3770 Windows 5.1.2600 Service Pack 2 Internet Explorer 6.0.2900.2180 2/21/2010 2:10:00 PM mbam-log-2010-02-21 (14-10-00).txt Scan type: Registry Values Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\malware defense (Rogue.MalwareDefense) -> Quarantined and deleted successfully. Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\Program Files\Windows Live\Messenger\msimg32.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully. There is still some cleaning we can do with combofix but i'll wait until after malwarebytes runs.

Flag Permalink This was helpful (0) Back to Windows Legacy OS forum 2 total posts Popular Forums icon Computer Help 51,912 discussions icon Computer Newbies 10,498 discussions icon Laptops 20,411 discussions Once reported, our moderators will be notified and the post will be reviewed. Companion) - http://us.dl1.yimg.com/download.companion.yahoo.com/dl/toolbar/yiebio5_1_6_0.cabO23 - Service: Symantec Event Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeO23 - Service: Symantec Password Validation - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exeO23 - Service: Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\WINDOWS\Downloaded Program Files\ycomp5_1_6_0.dllO4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exeO4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exeO4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXEO4 - HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exeO4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exeO4 - HKLM\..\Run:

  • C:\Qoobox\Quarantine\C\WINDOWS\system32\smss32.exe.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
  • Track this discussion and email me when there are updates If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and
  • in oreder for me to get to anything i have to ctrl alt del, then type in a run command.here is my hijack this log(Moderator edit: moved log to HJT Forum
  • HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
  • Disruptive posting: Flaming or offending other usersIllegal activities: Promote cracked software, or other illegal contentOffensive: Sexually explicit or offensive languageSpam: Advertisements or commercial links Submit report Cancel report Track this discussion
  • c:\documents and settings\Administrator\Local Settings\Application Data\{5060472B-A9E4-4FCD-AF94-EEAF3D17A4BE}\chrome.manifest c:\documents and settings\Administrator\Local Settings\Application Data\{5060472B-A9E4-4FCD-AF94-EEAF3D17A4BE}\chrome\content\_cfg.js c:\documents and settings\Administrator\Local Settings\Application Data\{5060472B-A9E4-4FCD-AF94-EEAF3D17A4BE}\chrome\content\overlay.xul c:\documents and settings\Administrator\Local Settings\Application Data\{5060472B-A9E4-4FCD-AF94-EEAF3D17A4BE}\install.rdf c:\documents and settings\All Users\Application Data\sysReserve.ini c:\documents and settings\All Users\Application Data\ZangoSA\ZangoSA.dat c:\documents
  • scanning hidden files ...
  • If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post).

Please try again now or at a later time. http://www.pcadvisor.co.uk/forum/helproom-1/really-bad-hijack-log-183692/ scanning hidden autostart entries ... Can anyone help with what I've got to kill here? O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O4 - HKLM\..\Run: [Wsegucokuhupo] rundll32.exe "C:\WINDOWS\ovohovojamazekud.dll",Startup O23 - Service: ASP.NET State

Acetyle New Member Messages: 23 I haven't used this site in awhile, and I do appreciate the work you guys do, as well as all the members who use these threads. this content CurlyWhirly 11:42 08 Feb 05 I would wait for an expert like Nellie2, as if you don't know what you are doing, then you could end up with an unbootable PC. The problem is that you are running a very outdated version of Windows. Once again I thank you for your patience and your cooperation.

c:\windows\Cpakuqoqiwogi.dat c:\windows\Utafedojodohuje.bin . ((((((((((((((((((((((((( Files Created from 2010-01-21 to 2010-02-21 ))))))))))))))))))))))))))))))) . 2010-02-21 16:55 . 2010-02-21 16:55 -------- d-----w- c:\documents and settings\Rami\Application Data\Malwarebytes 2010-02-20 20:05 . 2010-02-21 22:43 3868001 ----a-r- C:\ComboFix.exe HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Qoobox\Quarantine\C\WINDOWS\system32\H8SRTvouoktkibo.dll.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully. weblink Discussions cover Windows 2003 Server, Windows installation, adding and removing programs, driver problems, crashes, upgrading, and other OS-related questions.Real-Time ActivityMy Tracked DiscussionsFAQsPoliciesModerators General discussion Plz Check Messed up HijackThis Log by

C:\System Volume Information\_restore{297D43D6-5E4B-4AC5-80E9-002DF4B60EF0}\RP368\A0130213.dll (Trojan.TDSS) -> Quarantined and deleted successfully. Task Manager is working well too. I've completed a Hijack this scan, but I don't know how to determine which of these items may be malicious.

then post a new Hijackthis log to see what has been missed dvk01, Aug 24, 2003 #3 This thread has been Locked and is not open to further replies.

If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members. Before we begin, please note the following: The process of cleaning your system may take some time, so please be patient.Follow my instructions step by step if there is a problem Register a free account to unlock additional features at BleepingComputer.com Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Preview post Submit post Cancel post You are reporting the following post: Help with Hijack this log scan results This post has been flagged and will be reviewed by our staff.

If you want, you can go into services and disable the asp.net state service. scanning hidden autostart entries ... How is your system running now? check over here The computer is in much better shape than it was.

I have trouble browsing as the browser crashes the moment I try to open any website. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

© Copyright 2017 martop.net. All rights reserved.