Home > Solved Hijackthis > Solved: HijackThis Log File

Solved: HijackThis Log File

See in Thread ↓#1 Derek August 22, 2015 at 15:19:55 HijackThis is too outdated to be of any value.Start by running these freebies in the order given:AdwCleaner:http://www.bleepingcomputer.com/dow...(blue Download button near top I have used Astrill for years and never had any issues with it. Download SDFix or from Here and save it to your Desktop Double click SDFix.exe and it will extract the files to %systemdrive% (Drive that contains the Windows Directory, typically C:\SDFix) Please If you're not already familiar with forums, watch our Welcome Guide to get started. check over here

C:\WINDOWS\system32\TDSSofxh.dll (Rootkit.Agent) -> Quarantined and deleted successfully. O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O4 - HKLM\..\Run: [NI.GSCNS] "C:\DOCUME~1\RD769F~1.SES\LOCALS~1\Temp\winvsnet.exe" O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O20 - Winlogon Notify: dimsntfy - C:\Documents and Settings\rd.SESNET\Local Settings\Temporary Internet Files\Content.IE5\U7V1771Y\rbkyymzn[1].htm (Trojan.Clicker) -> Quarantined and deleted successfully. C:\Documents and Settings\rd\Local Settings\Temp\TDSSed6f.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully. https://forums.techguy.org/threads/solved-hijackthis-log-file-help-plz.240251/

Software ▼ Security and Virus Office Software PC Gaming See More... Firewall - AVAST Software - C:\Program Files\Alwil Software\Avast5\afwServ.exeO23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exeO23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exeO23 - Report • #19 t5b0s5 August 25, 2015 at 07:41:36 OK, so hopefully this time I have completed everything correctly. Trend MicroCheck Router Result See below the list of all Brand Models under .

What is HijackThis? O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent doesn't seem to exist anymore thanks for your help by the way Back to top #9 Juliet Juliet Advanced Member Trusted Here's the log, thanks a ton! Files Infected: C:\WINDOWS\system32\jsne87fidgf.dll (Trojan.Clicker) -> Quarantined and deleted successfully.

Will run both Farbar and ComboFix properly and zip both logs to Zippyshare. gowerpower, Jun 19, 2004 #9 Cookiegal Administrator Malware Specialist Coordinator Joined: Aug 27, 2003 Messages: 105,714 You're welcome! gowerpower, Jun 18, 2004 #3 Cookiegal Administrator Malware Specialist Coordinator Joined: Aug 27, 2003 Messages: 105,714 Please download and run the following programs: AD-AWARE Go here: http://www.lavasoftusa.com/support/download/ and download Ad-Aware 6 C:\Documents and Settings\rd\Local Settings\Temp\BN18.tmp (Rootkit.Agent) -> Quarantined and deleted successfully.

Open the extracted SDFix folder and double click RunThis.cmd to start the script. scanning hidden files ... Sign up now. C:\WINDOWS\system32\TDSSmrvd.dll (Rootkit.Agent) -> Quarantined and deleted successfully.

To see product information, please login again. Regards Report baby jane 72Posts Sunday March 28, 2010Registration date January 3, 2012 Last seen - May 26, 2011 09:25AM yeah, on and on again i have been infected by virus C:\Documents and Settings\rd\Local Settings\Temporary Internet Files\Content.IE5\D8XD7GEV\qjgtuhu[1].htm (Trojan.Agent) -> Quarantined and deleted successfully. I need to see the ComboFix results log when you can.

Please save it to a convenient location. * You can also access the log by doing the following: o Click on the Malwarebytes' Anti-Malware icon to launch the program. check my blog HijackThis log included. I've run spybot and sophos since as well. Please do not PM me for HJT help, we all benefit from posting on the open board.Want to help others?

  • I do not use Hyjackthis anymore because it only gives very partial information and sometimes they are not exact.
  • o Click on the log at the bottom of those listed to highlight it.
  • Please specify.
  • Advertisements do not imply our endorsement of that product or service.

c:\documents and settings\All Users\Application Data\vlc-0.9.4-win32.exe c:\windows\system32\MSINET.oca . ((((((((((((((((((((((((( Files Created from 2008-10-13 to 2008-11-13 ))))))))))))))))))))))))))))))) . 2008-11-11 13:58 . 2008-11-11 13:58

d-------- c:\documents and settings\All Users\Application Data\nView_Profiles 2008-11-11 13:54 . What AV are you using?Always pop back and let us know the outcome - thanks Report • #14 Johnw August 24, 2015 at 17:33:26 "What AV are you using?"It's in the Also please give me an update on how the computer is at the moment. this content All rights reserved.

C:\Documents and Settings\rd.SESNET\Local Settings\Temporary Internet Files\Content.IE5\I0S8JT6I\asuper3[1].htm (Trojan.Dropper) -> Quarantined and deleted successfully. And I don't use IE anyway, though I understand that Firerfox and Opera are sort of piggybacked onto the IE front end. Oops, something's wrong below.

Then, after rebooting, please post another log and we’ll see what’s left to get rid of.

Could be as soon as the infection hit you were able to get help immediately. Instructions on disabling these type of programs can be found in this topic.http://www.bleepingcomputer.com/for...http://www.techsupportforum.com/for...Once these two steps have been completed, double-click on the ComboFix icon found on your Desktop. C:\Documents and Settings\rd.SESNET\Local Settings\Temporary Internet Files\Content.IE5\I0S8JT6I\qjgtuhu[1].htm (Trojan.Agent) -> Quarantined and deleted successfully. First in the main window look in the bottom right-hand corner and click on Check for updates now and download the latest reference files.

Hi and welcome Print this topic or save to notepad, it will make it easier for you to follow the instructions and complete all of the necessary steps as we will The scan could take a while, so please be patient.message edited by Johnw Report • #13 Derek August 24, 2015 at 17:26:18 There's a lot more discussion here:http://answers.microsoft.com/en-us/...Seems the video driver Cookiegal, Jun 19, 2004 #4 gowerpower Thread Starter Joined: Jun 18, 2004 Messages: 6 Logfile of HijackThis v1.97.7 Scan saved at 12:22:30 PM, on 19/06/2004 Platform: Windows XP SP1 (WinNT 5.01.2600) http://visu3d.com/solved-hijackthis/solved-hijackthis-log-file-help.html Contents of the 'Scheduled Tasks' folder 2008-11-01 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34] 2008-11-13 c:\windows\Tasks\GoogleUpdateTaskUser.job - c:\documents and settings\rd.SESNET\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [] 2008-11-05 c:\windows\Tasks\SES scheduled virus scan (M,W,F at

Thanks very much. When finished, it shall produce a log for you. C:\Documents and Settings\rd.SESNET\Local Settings\Temporary Internet Files\Content.IE5\PZBTQSG9\asuper1[1].htm (Trojan.TDss) -> Quarantined and deleted successfully. You are strongly advised to do the following: * Disconnect the computer from the Internet and from any networked computers until it is cleaned. * Call all your banks, financial institutions,

Tick the checkbox of the malicious entry, then click Fix Checked.   Check and fix the hostfile Go to the "C:\Windows\System32\Drivers\Etc" directory, then look for the hosts file. Oops, something's wrong below. Report • #16 Johnw August 25, 2015 at 00:29:33 Extract from your Farbar logs."Running from D:\DloadZ"Download the latest version > Farbar Recovery Scan Tool 21.08.2015.3Run Farbar again, this time from the Reboot when finished.Exclude Step 2 ( Malwarebytes scan )http://i1-win.softpedia-static.com/...http://www.softpedia.com/get/Tweak/...http://i.imgur.com/UbaXHuV.gifhttp://www.tweaking.com/http://www.tweaking.com/content/pag...http://i.imgur.com/NWSHEUy.gifhttp://i.imgur.com/LTVThqF.gifhttp://i.imgur.com/tdlbsVH.gifThe logs are large, upload them using Zippy.

SUBMIT CANCEL Applies To: Antivirus+ Security - 2015;Antivirus+ Security - 2016;Antivirus+ Security - 2017;Internet Security - 2015;Internet Security - 2016;Internet Security - 2017;Maximum Security - 2015;Maximum Security - 2016;Maximum Security - Here is where mine are.http://i.imgur.com/MnrjwYF.gifCopy & Paste the dump (.dmp ) file onto your desktop & then upload it using ZippyShare. and why is it said to be missing when it isn't Back to top #11 Juliet Juliet Advanced Member Trusted Malware Techs 23,181 posts Gender:Female Posted 12 November 2008 - 07:52 So you managed to contract another infection!

Also uncheck "Hide protected operating system files" and "Hide extensions for known file types". Members can monitor the statuses of their requests from their account pages. C:\Documents and Settings\rd\Local Settings\Temp\loader.exe (Trojan.Dropper) -> Quarantined and deleted successfully. Go to the saved file then double click it to run JRT.

Only one of them will run on your system, that will be the right version.Double-click to run it.