Home > Please Help > Please Help Me And Look At My Highjackthis Log

Please Help Me And Look At My Highjackthis Log

Register a free account to unlock additional features at BleepingComputer.com Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. You said in your first post that you had already ran malwarebytes and possibly some other scanners, with malwarebytes finding over 125 items, most of those could have very well been Tech Reviews Tech News Tech How To Tech Buying Advice Laptop Reviews PC Reviews Printer Reviews Smartphone Reviews Tablet Reviews Wearables Reviews PC & Laptop Storage Reviews Antivirus Reviews Best Tech I think I now know where I went wrong before it was my fault as I suspected I deleted the wrong files when I went into safe mode -- this time

Nothing is listed in there that match any of the entries you are saying to delete.Maybe I am not looking the right way or in the right spot?? Could you maybe copy and paste the entries from my HijackThis logthat I should delete?Maybe that way I could find them easier. Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YCOMP5_3_12_0.DLLO3 - Toolbar: Starware - {D49E9D35-254C-4c6a-9D17-95018D228FF5} - C:\PROGRAM FILES\STARWARE\BIN\STARWARE.DLLO4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorunO4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exeO4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -sO4 - HKLM\..\Run: [SystemTray] Any help would be awesome.. internet

Now you have C:\HJT\ or C:\HijackThis\ folder. Please give me some time to look it over and I will get back to you as soon as possible. Sorry for the offtopic.

Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0527.DLLO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\MSN Messenger\MSMSGS.EXEO9 - Extra 'Tools' menuitem: MSN Messenger Service - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\MSN Messenger\MSMSGS.EXEO9 - Extra However I don't see anything in your log.. Nothing but nothing led to frustration, they couldn't figure it out, and to top it all off my Logitech mouse was not working, my battery was functioning, the red light was Enabled the "allow the computer to power off this device" setting and all will be working as it should, try this first and then you do not need the LSP-Fix (which

Read the article behind this link "How did I get infected". then see what it look's like after curlylad 23:50 05 May 05 OK , I started to follow your link then it all went pair shaped as it said the Rescan and post another log. If you can't see anything then I'm not going to bother posting another one.

I have posted my new log could you please have a look at it to see what I have done wrong and advise me how I can put back my original For information on the program click here.We ask that you post publicly so people with similar questions may benefit from the conversation.Was your question answered? Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended. I have lowered my security settings and noting seems to work.

Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quietO4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"O4 - Startup: Watch.lnk = C:\WINDOWS\TWAIN_32\1200UB\WATCH.exeO4 - Startup: reminder-ScanSoft Product Registration.lnk = C:\Program Files\TextBridge Classic 2.0\Ereg\REMIND32.EXEO4 - Startup: Microsoft Find Fast.lnk https://forums.malwarebytes.com/topic/20334-please-look-at-my-hijackthis-log/ curlylad 23:12 05 May 05 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = click hereR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = click hereR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Tiscali 10.0R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1O2 Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe--End of file - 13171 bytes Discussion is locked Flag Permalink You are posting a reply to: Please help me to analyse my hijackthis log The posting of I had to install win xp pro instead of xp home as I only had the xp pro cd-rom .I found out that repairing windows would have worked but it kept

Track this discussion and email me when there are updates If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and all of these are portable which means they dont have to be installed, just download and double click and run "DrWebCureIT" http://www.freedrweb.com/cureit/?lng=en "Normans Malware Cleaner" http://norman.com/support/support_tools/58732/en-us "Kaspersky Virus Removal Sorry, there was a problem flagging this post. Leila Back to top Back to Virus, Trojan, Spyware, and Malware Removal Logs 0 user(s) are reading this topic 0 members, 0 guests, 0 anonymous users Reply to quoted postsClear

I always use it when I clean one’s PC. I can't see any sign of malware. Could you maybe copy and paste the entries from my HijackThis logthat I should delete?Maybe that way I could find them easier. Please try again now or at a later time.

Please help me to figure it out what is wrong with my laptop?A few weeks ago I downloaded a java update, I read it online that this could have been a I also ran the malwarebytes free edition software and it found the Trojan.agent and it said it removed it just fine but still I get the pop up and can not In regards to the redirect, although both of the items below may, or may not be present, please check for them..

HELP!

Disruptive posting: Flaming or offending other usersIllegal activities: Promote cracked software, or other illegal contentOffensive: Sexually explicit or offensive languageSpam: Advertisements or commercial links Submit report Cancel report Track this discussion by Grif Thomas Forum moderator / April 6, 2009 1:38 PM PDT In reply to: Please help me to analyse my hijackthis log In order to get your Hijackthis log interpreted, Dashboard for XFINITY TV on the X1 Platform Get details on weather, traffic, sports and more all from your XFINITY TV on the X1 Platform Dashboard. Once in Device Manager, click "View" in the upper left, select "show hidden devices/drivers".3.

Please refer to our CNET Forums policies for details. I physically deleted SecurityTool from both my start menu and desktop previouslybut could locate them using the run box today. So I called the HP tech support, you know they're in India. For information on the program click here.We ask that you post publicly so people with similar questions may benefit from the conversation.Was your question answered?

Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quietO4 - Startup: Watch.lnk = C:\WINDOWS\TWAIN_32\1200UB\WATCH.exeO4 - Startup: reminder-ScanSoft Product Registration.lnk = C:\Program Files\TextBridge Classic 2.0\Ereg\REMIND32.EXEO4 - Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXEO4 - Startup: Office Of course you would do that before removing GatorO4 - HKLM\..\Run: [CMESys] "C:\PROGRAM FILES\COMMON FILES\CMEII\CMESYS.EXEO4 - Startup: GStartup.lnk = C:\Program Files\Common Files\GMT\GMT.exeO9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htmO9 - curlylad 22:17 06 May 05 Firstly I am now back up and running and no problems so far. Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YCOMP5_3_12_0.DLLO2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dllO2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLLO2 - BHO: Starware -

I am an XFINITY Forum Expert and I am here to help.We ask that you post publicly so people with similar questions may benefit.Was your question answered? Mark it as an accepted solution!I am not a Comcast employee. It will take a bit longer, but this way the program can be used as-isdownload link: http://www.cexx.org/LSPFix.exeand: http://www.cexx.org/lspfix.txtpolonus Spiritsongs: :) Hi Chelsjas :To actually USE "LSP-Fix", it would be wise to Could you maybe copy and paste the entries from my HijackThis logthat I should delete?Maybe that way I could find them easier.

Once reported, our moderators will be notified and the post will be reviewed. my advice would be to boot into safe mode with networking, then download and run at least two of these tools, letting them clean anything they find. Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0527.DLLO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\MSN Messenger\MSMSGS.EXEO9 - Extra 'Tools' menuitem: MSN Messenger Service - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\MSN Messenger\MSMSGS.EXEO14 - IERESET.INF: This type of software, known as a Layered Service Provider or LSP, typically handles low-level Internet-related tasks, and data is passed through a chain of these programs on its way to

I also cannot find these entries in the registry usingregedit from the run box. from whats already been run on there that should get rid of the rest of the infection.