Home > Possible Virus > Possible Virus + HJT Log

Possible Virus + HJT Log

Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_5_7_0.dll (file missing)O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dllO2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dllO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} Definitely no peer to peer stuff, so i would be suprised if it is a genuine virus. Attach that zipped file in your next reply as well Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015 Back to top #3 DivusAugustus DivusAugustus Topic Starter Members 3 posts OFFLINE The BRat, Nov 5, 2004 #2 This thread has been Locked and is not open to further replies. http://nuvisiongraphx.com/possible-virus/possible-virus-please-help.html

It says that it's a variant of WIN32/Kryptik.GN trojan. I just remembered that Iobit owns "Advanced system care" which I loathe beyond proportions". Register now! HJT Log Privacy Policy Contact Us Back to Top Malwarebytes Community Software by Invision Power Services, Inc. × Existing user? https://www.bleepingcomputer.com/forums/t/457865/possible-virus-hijackthis-log/

Thats what removed a similar virus in my own browser. Ask a Question See Latest Posts TechSpot Forums are dedicated to computer enthusiasts and power users. Please start a New Thread if you're having a similar issue.View our Welcome Guide to learn how to use this site. Got anti virus software?

Just for your information, when following the last bit of your directions, I automatically assumed that you wanted me to scan the entire C drive and so I began to do As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged All rights reserved. Once the program has loaded, select Perform full scan and then Scan.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015 Back to top #6 CatByte CatByte bleepin' tiger Malware Response Team 14,664 posts OFFLINE Gender:Not Telling Location:Canada Local time:05:50 AM Posted Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_5_7_0.dll (file missing)O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exeO4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exeO4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exeO4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"O4 - Register now to gain access to all of our features, it's FREE and only takes one minute. https://forums.techguy.org/threads/possible-spyware-or-virus-hjt-log-enclosed.292945/ Several functions may not work.

Logfile of HijackThis v1.99.1Scan saved at 8:08:46 PM, on 4/12/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\csrss.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Common Files\Symantec Shared\ccProxy.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\Program Files\Norton Internet Security\ISSVC.exeC:\Program Files\Common Kopieren Sie dazu einfach den Inhalt Ihres Logfiles in die untenstehende Textbox. HJT log attached By Sick Puppy in forum PressF1 Replies: 10 Last Post: 26-11-2008, 12:10 AM System Freezes on Browser exit - Hijack this log attached By Dadzka in forum PressF1 Logs are attached.

  • It also restarted my computer by itself.
  • m 0 l Best solution Lag May 19, 2015 7:10:27 AM SR-71 Blackbird said:Iobit malware fighter is very very poor at finding anything..don't bother.
  • Yes, my password is: Forgot your password?
  • Since, then, AVast has done further file updates and it still gives the same message.
  • I could be wrong, of course, and that is why I am posting in this forum.
  • Also there have been files that I am not recognizing.
  • Login now.
  • Basically, this prevents your coputer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computerGoogle Toolbar <= Get the free google toolbar to help stop pop
  • I've ran Adaware and Spybot and removed a few spyware things, but it still seems to be quite slow.(Also scanned with McAfee but didn't find anything) Can someone plz look at
  • haxdoor key: twpR searching for services....services not found checking if files are found.....twpR32.dll existtwpR64.sys existtwpR32.sys not foundtwpR16.dll not foundtwpR16.sys not foundtwpR24.sys not foundtwpRxt.dll not foundtwpRxt.sys not foundtwpRxm.sys not foundtwpRtt.dll not foundtwpRtt.sys

Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\Common\yiesrvc.dll O9 - Extra button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk O9 - Extra 'Tools' menuitem: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton navigate here Post that log in your next reply Note: Do not mouseclick combofix's window whilst it's running. Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn7\yt.dll O3 - Toolbar: Yahoo! Death to the salad eaters!

Join thousands of tech enthusiasts and participate. http://nuvisiongraphx.com/possible-virus/possible-virus.html Applications Atmosphere Avid Core Runtime Avid DIO Runtime AvPropPlugin 1.0.0.1 Belkin 802.11g Wireless PCI Card Bonjour Buddy Icon Maker 1.0.0.1 CCleaner (remove only) Click-To-Call 1.0.0.1 Cool Edit Pro 2.1 Dell Digital Sign In Create Account Body Background skin color theme reset What the Tech Search Advanced Search section: Google This topic Forums Members Help Files Downloads Unreplied Topics View New Content Close the HijackThis window.

I stopped two processes on startup: YTdownloader and WindeskWinsearch. HiJackThis Log Included Nov 14, 2010 Computer infected with spyware, HijackThis log included Feb 8, 2008 Add New Comment You need to be a member to leave a comment. Here is my hijack this log. More about the author Attached is my HijackThis log: Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 9:02:19 AM, on 5/18/2015 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17801) FIREFOX: 37.0.2

Register now! I think it was a runtime error or something and it'd say something about C+ or C++ I don't really remember... Once the updates are installed do the following:REBOOT into Safe ModeRun EWIDOClick on scannerClick on Start ScanLet the program scan the machineWhile the scan is in progress you will be prompted

Pager] C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe -quietO4 - Global Startup: Event Planner Reminders Tray Icon.lnk = ?O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exeO4 - Global Startup: HP Image Zone Fast

It will return when ComboFix is done. And I'll delete those entries you've marked, we're not Asian/Chinese so I don't know how those settings would have got there. Ask ! I recommend Online Armor FreeA little outdated but good reading on how to prevent MalwareKeep safe online and happy surfing.Since this issue is resolved I will close the thread to prevent

Reboot Your System Finally, RUN Hijackthis again and produce a new HJT log. Several functions may not work. Possible virus, HijackThis log Started by DivusAugustus , Jun 21 2012 06:52 PM This topic is locked 8 replies to this topic #1 DivusAugustus DivusAugustus Members 3 posts OFFLINE Local click site TechSpot is a registered trademark.

Guidlines followed but ...[Virus] 100% cpu usage when browsing[Trojan] Trojan Detection[Malware] Persistent bug[Trojan] Trojan.Agent Trouble Forums → The Site → Old Forums → Security Cleanup → [Smitfraud] HJT Log - Possible Create Account How it Works Javascript Disabled Detected You currently have javascript disabled. PCWorld Home Forum Today's Posts FAQ Calendar Community Groups Albums Member List Forum Actions Mark Forums Read Quick Links View Forum Leaders Who's Online What's New? Possible virus/malware?

You also need to go to Add/Remove Programs and uninstall Java 2 Runtime Environment, SE v1.4.2_03 as it poses a security risk. Start here -> Malware Removal Forum. Share this post Link to post Share on other sites AdvancedSetup    Staff Root Admin 64,231 posts Location: US ID: 7   Posted February 10, 2009 Great, all looks good now.I'll All rights reserved.