Home > Please Look > Please Look Over My Hijack This Log

Please Look Over My Hijack This Log

Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\ycomp5_6_0_0.dllO2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dllO3 - Toolbar: Yahoo! Shane Super Moderator Staff Member Messages: 20,440 Hello, according to Spybot search and destroy i have a VIRTUALMONDE.SCI trojan virus which logs keystrokes and is very nasty. Sign In Sign In Remember me Not recommended on shared computers Sign in anonymously Sign In Forgot your password? Run another Panda scan...save and post it's log here. __________________ We Are The BORG Spyware KILLER and Adware Destroyer! 06-27-2005, 07:02 PM #3 hollisterco Registered Member Join Date: have a peek at these guys

Help.lnk = C:\Program Files\BT Yahoo! As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged thanks anyway. Bring the results with you on your next post. « Spyware message on desktop..(HJT log) | Crazy popups - Please help analyze this Hijackthis log. » Thread Tools Show http://forums.xfinity.com/t5/Anti-Virus-Software-Internet/Please-look-over-my-Hijack-this-log-file/td-p/301772

Thanks so much. BroadbandO2 - BHO: Yahoo! Someone Please Look At My Hijackthis Log Started by gsumax , Nov 19 2006 06:38 PM Please log in to reply 1 reply to this topic #1 gsumax gsumax Members 9 Share Options Subscribe to RSS Feed Mark Topic as New Mark Topic as Read Float this Topic to the Top Bookmark Subscribe Printer Friendly Page All Forum Topics Previous Topic Next

  • Sidebar - {51085E3D-A958-42A2-A6BE-A6A9B0BAF276} - C:\Program Files\Yahoo!\browser\ysidebarIE.dllO9 - Extra 'Tools' menuitem: BT &Yahoo!
  • Then click the Fix button:R3 - Default URLSearchHook is missingO15 - Trusted Zone: *.frame.crazywinnings.comO15 - Trusted Zone: *.awmdabest.com (HKLM)O15 - Trusted Zone: *.frame.crazywinnings.com (HKLM)O15 - Trusted IP range: 206.161.125.149O23 - Service:
  • This forum is so helpful and friendly and I greatly appreciate those who take the time to Thread Tools Search this Thread 06-24-2005, 02:50 PM #1 hollisterco Registered
  • Advertisement tec_41 Thread Starter Joined: Nov 6, 2004 Messages: 332 Well i have tried everything to fix my crashing programs problem, so i might as well post a hijack this log.
  • Antivirus programs cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user.http://www.beyondlogic.org/consulting/proc...processutil.htm "Nothing could be finer than to be in South Carolina ............" Member ASAP

Though we help people with spyware and viruses here at BC, we also help people with other computer problems! Stay logged in Sign up now! Posted February 4, 2010 · Report post Due to the lack of feedback this Topic is closed.   If you need this topic reopened, please tell the moderating team by replying Sidebar - {51085E3D-A958-42A2-A6BE-A6A9B0BAF276} - C:\Program Files\Yahoo!\browser\ysidebarIE.dllO9 - Extra 'Tools' menuitem: BT &Yahoo!

O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Program Files (x86)\Megaupload\Mega Manager\mm_file.htm O8 - Extra context menu item: Google Sidewiki - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html O9 - Jump to content Sign In Create Account Search Advanced Search section: This topic Forums Members Help Files Calendar View New Content Forum Rules BleepingComputer.com Forums Members Tutorials Startup List Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\ycomp5_6_0_0.dllO3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.1601.0\en-us\msntb.dllO3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocxO4 - HKLM\..\Run: [AtiPTA] Atiptaxx.exeO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE Click here to Register a free account now!

You put other internet users at risk without AV protection and only serve as a carrier and infector to others. Please start a New Thread if you're having a similar issue.View our Welcome Guide to learn how to use this site. Your router should be fine as a firewall.


My help is ALWAYS FREE but if you'd like to donate click here.[/b] "Learn all there is to be Are you looking for the solution to your computer problem?

LOG: Logfile of HijackThis v1.99.1 Scan saved at 4:50:53 PM, on 24/06/2005 Platform: Windows ME (Win9x 4.90.3000) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32.EXE C:\WINDOWS\SYSTEM\mmtask.tsk C:\WINDOWS\SYSTEM\MPREXE.EXE C:\WINDOWS\SYSTEM\STIMON.EXE C:\PROGRAM No, create an account now. Great job!Disable and Enable System Restore. - If you are using Windows ME or XP then you should disable and reenable system restore to make sure there are no infected files Sidebar (HKLM)O9 - Extra 'Tools' menuitem: BT &Yahoo!

Site Changelog Community Forum Software by IP.Board Sign In Use Facebook Use Twitter Need an account? http://nuvisiongraphx.com/please-look/please-look-at-this-hijack.html Sign In Sign In Remember me Not recommended on shared computers Sign in anonymously Sign In Forgot your password? Sidebar - {51085E3D-A958-42A2-A6BE-A6A9B0BAF276} - C:\Program Files\Yahoo!\browser\ysidebarIE.dllO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXEO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXEO9 - Extra button: Homepage - Thanks in advance.Logfile of HijackThis v1.99.1Scan saved at 6:29:39 PM, on 11/19/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Intel\Wireless\Bin\EvtEng.exeC:\Program Files\Intel\Wireless\Bin\S24EvMon.exeC:\Program Files\Intel\Wireless\Bin\WLKeeper.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\Program Files\Common Files\Symantec

Site Changelog Community Forum Software by IP.Board Sign In Use Facebook Use Twitter Need an account? No, create an account now. I was able to attach those files w/o a problem the other day, yet earlier it wouldn't let me. 06-28-2005, 02:40 AM #4 POADB TSF Enthusiast check my blog Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm O9 - Extra button: Yahoo!

Several functions may not work. Sign Up This Topic All Content This Topic This Forum Advanced Search Browse Forums Guidelines Staff Online Users Members More Activity All Activity My Activity Streams Unread Content Content I Started Sign in to follow this Followers 0 Please look over my Hijackthis log Started by Jan25, January 14, 2010 5 posts in this topic Jan25 Member Full Member 2 posts

BTW, I cannot delete the easywebsearch thing, I have tried repeatedly!

Started by jozz , May 17 2005 09:32 AM Please log in to reply 10 replies to this topic #1 jozz jozz Members 6 posts OFFLINE Local time:05:26 AM Posted Please do the following:Please make sure that you can view all hidden files. Register now! Back to top #5 jozz jozz Topic Starter Members 6 posts OFFLINE Local time:05:26 AM Posted 19 May 2005 - 11:45 AM I removed those five from Hijack this and

I would seriously reconsider your attitude towards anti-virus software and get your head out of the sand. Share this post Link to post Share on other sites nasdaq Forum Deity Global Moderator 49,259 posts Gender:Male Location:Montreal, QC Canada. Press the Scan button and then when it is done, the Save Log button. news I was told to run this hijackthis because Hotmail was telling me there was a virus in my photos I was trying to attach to an email.

Register a free account to unlock additional features at BleepingComputer.com Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members. Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\ycomp5_6_0_0.dllO3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.1601.0\en-us\msntb.dllO3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocxO4 - HKLM\..\Run: [AtiPTA] Atiptaxx.exeO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE Username Forum Password I've forgotten my password Remember me This is not recommended for shared computers Sign in anonymously Don't add me to the active users list Privacy Policy

Jump

BroadbandO2 - BHO: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes.dll O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Director I/T Members 4,310 posts OFFLINE Local time:04:26 AM Posted 20 November 2006 - 12:46 PM Please download SmitfraudFix (by S!Ri)Extract the content (a folder named SmitfraudFix) to your Desktop.Open Well get them next step.Please copy/paste the content of that report into your next reply.Note : process.exe is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "RiskTool"; it is

It's weird. Please run the online virus scan at Panda and save the results. When it is done, your Temporary Internet Files will now be deleted.Finally, and definitely the MOST IMPORTANT step, click on the following tutorial and follow each step listed there:Simple and easy Stay informed with Comcast Alerts Alerts are an easy, quick way to manage your account and get information - like payment confirmations and your current balance.

Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\ycomp5_6_0_0.dllO2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dllO3 - Toolbar: Yahoo! Yes, my password is: Forgot your password? At the General tab, which should be the first tab you are currently on, click on the Delete Files button and put a checkmark in Delete offline content. User Name Remember Me?

Interests:Golf, Pool (Snooker), Enjoying retirement. If this log is clear, does that mean my computer is safe to browse the web again? Just want to make sure there is nothing you guys see... Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab28578.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} (ZoneAxRcMgr Class) - http://messenger.zone.msn.com/binary/ZAxRcMgr.cab O16 -

Old_John_McKenna View Public Profile Send a private message to Old_John_McKenna Find all posts by Old_John_McKenna #5 19-05-05, 22:11 yz388 Newbie Join Date: May 2005 Location: CT Posts: 9