Home > Solved Hjt > Solved: HJT Log Any Malware?

Solved: HJT Log Any Malware?

Anything you can aid me with would be most appreciated, as always I'm still finalising things, but i will say this - Toshogu probably won't be what you might be expecting....in Click "OK". 5. You should consider them to be compromised. Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. check over here

Register now to gain access to all of our features, it's FREE and only takes one minute. Advertisements do not imply our endorsement of that product or service. C:\Documents and Settings\All Users\Application Data\MPK\S0000 (Refog.Keylogger) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\AleWinSecure.exe (Trojan.Agent) -> Quarantined and deleted successfully. https://forum.avast.com/index.php?topic=39506.15

If you have RSIT already on your computer, please run it again. ERUNT is easy to use and since it creates a full backup, there are no options or choices other than to select the location of the backup files. C:\WINDOWS\system32\MPK\Help\English\filters.htm (Refog.Keylogger) -> Quarantined and deleted successfully. Check out the forums and get free advice from the experts.

  • Double click on RSIT.exe to run RSIT.
  • C:\WINDOWS\system32\MPK\Mpk64.dll (Refog.Keylogger) -> Quarantined and deleted successfully.
  • Share this post Link to post Share on other sites daytona    New Member Topic Starter Members 15 posts ID: 3   Posted July 9, 2011 Thanks for your reply, however
  • Sign In Sign In Remember me Not recommended on shared computers Sign in anonymously Sign In Forgot your password?
  • I can read English fluently and understand advanced instructions.
  • Highlight everything in the Results window, press CTRL+C or right-click, choose Copy, right-click again and Paste it in your next reply.
  • C:\WINDOWS\system32\MPK\Help\Spanish\delivery.htm (Refog.Keylogger) -> Quarantined and deleted successfully.
  • You seem to have CSS turned off.
  • Are you able to see the Run Command??
  • How to Create a Restore Point.

Name of infection / type of infection (not always possible i know!)2. C:\Documents and Settings\All Users\Application Data\MPK\CPDM\cpfm.bin (Refog.Keylogger) -> Quarantined and deleted successfully. The options provided below might help you solve the problem. C:\WINDOWS\system32\MPK\Help\English\password.htm (Refog.Keylogger) -> Quarantined and deleted successfully.

It's possible that I have been infected though firefox. Click the "More Options" Tab. 6. HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2.1 (Adware.PopCap) -> Quarantined and deleted successfully. https://forums.pcpitstop.com/index.php?/topic/162521-new-hjt-log/ Sign Up This Topic All Content This Topic This Forum Advanced Search Browse Forums Guidelines Staff Online Users Members More Activity All Activity My Activity Streams Unread Content Content I Started

C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Zinaps2008\Zinaps Anti-Spyware 2008.lnk (Rogue.Zinaps) -> Quarantined and deleted successfully. C:\WINDOWS\system32\MPK\MPK.exe (Refog.Keylogger) -> Quarantined and deleted successfully. C:\WINDOWS\system32\MPK\Help\Spanish\keyboard.htm (Refog.Keylogger) -> Quarantined and deleted successfully. C:\WINDOWS\system32\MPK\Spanish.lng (Refog.Keylogger) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\MPK\Help\English\logging.htm (Refog.Keylogger) -> Quarantined and deleted successfully. C:\WINDOWS\system32\MPK\unins000.dat (Refog.Keylogger) -> Quarantined and deleted successfully. Close any open browsers.2. Common sense is not evenly distributed, however, and no prevention will be absolute.

Click on that alert and then Click Install ActiveX component. Any special instructions either before or after running HJT - other tools, different modes etc - and if there were any randomly spawning files (you dont have to list these as C:\WINDOWS\system32\MPK\German.lng (Refog.Keylogger) -> Quarantined and deleted successfully. Ideally i'd like to see as many of us come together on this as humanly possible.Regards,Paperghost paperghost: okay, so Toshogu has suddenly grown in ambition - its now going to be

thanks. Close all applications and windows. Now, I ran both of those scans, here are the results to both: LOCKSEARCH ---------------------------------------------------------------- LockSearch by jpshortstuff ( Log created at 10:11 on 05/11/2009 (HP_Administrator) Scanning C:\ C:\hiberfil.sys ------------------------- C:\pagefile.sys http://visu3d.com/solved-hjt/solved-hjt-for-malware-problem-byxwt-dll.html This computer was turning into trash, and without your help, would still be in a sad shape.I want to ask one more thing.

ERUNT however creates a complete backup set, including the Security hive and user related sections. HKEY_CLASSES_ROOT\alewinsecure.winsecure.1 (Trojan.BHO) -> Quarantined and deleted successfully. Please re-enable javascript to access full functionality.

Create Account How it Works Javascript Disabled Detected You currently have javascript disabled.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread. Several functions may not work. The program should not take long to finish its jobOnce its finished it should reboot your machine, if not, do this yourself to ensure a complete cleanPlease download Malwarebytes' Anti-Malware from Make Internet Explorer more secure Click Start > RunType Inetcpl.cpl & click OKClick on the Security tabClick Reset all zones to default levelMake sure the Internet Zone is selected & Click

You seem to have CSS turned off. Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dllO2 - BHO: &Yahoo! HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.ShopperReports) -> Quarantined and deleted successfully. Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dllO4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"O4 - HKLM\..\Run: [VerizonServicepoint.exe] "C:\Program Files\Verizon\VSP\VerizonServicepoint.exe" /AUTORUNO4 - HKCU\..\Run: [Yahoo!

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message: Click on Yes, to continue scanning for malware. Please post the "C:\Combo-Fix.txt" for further review.**Note: Do not mouseclick combo-fix's window while it's running. You, and other fine malware fighters here, have helped me to learn many things to protect my computers and those of my family and friends. After download, double-click on erunt.exe and install by following the prompts. (use the default install settings but say no when asked if you want add ERUNT to the start-up folder.

The options provided below might help you solve the problem. "[Error number: 0x80070424]Microsoft security essentials will also not update properlyEverything else seems to be working/updating.I an ran malware bytes in safemode That renders the newest version (2.0.4) useless Posted 07/13/2013 All Reviews Recommended Projects Apache OpenOffice The free and Open Source productivity suite 7-Zip A free file archiver for extremely high compression Sign in to follow this Followers 1 Go To Topic Listing Resolved Malware Removal Logs Recently Browsing 0 members No registered users viewing this page. The music will take longest to restore, although it wasn't downloaded, but copied for portability and transfer to her iPod--so she has the originals.

Also, like the infected computer, its most sensitive use is for checking e-mail (Yahoo), so I wasn't in a hurry. Click "Check Now!".