Home > Help Me > Help Me With My Hijack This Log( PLEASE)

Help Me With My Hijack This Log( PLEASE)

Sorry, there was a problem flagging this post. Logfile of HijackThis v1.99.1 Scan saved at 1:17:11 PM, on 2/11/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe Don't click on the window while the fix is running, because that will cause your system to hang.   When finished and after reboot (in case it asks to reboot), it curlylad 23:09 05 May 05 Part 1 Logfile of HijackThis v1.99.1Scan saved at 23:01:39, on 05/05/2005Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exeC:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exeC:\WINDOWS\system32\ZONELABS\vsmon.exeC:\Program Files\Zone Labs\ZoneAlarm\zlclient.exeC:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exeC:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exeC:\Program Files\Common Files\Real\Update_OB\realsched.exeC:\Program have a peek at this web-site

Other rootkitrevealers don't.   p.s. Click the green arrow at the right, and the scan will start. To see product information, please login again. Then copy them to the problem PC.

Reboot into Safe Mode by tapping F8 after the BIOS has loaded. Then i posted a message in hi's blog for revenge stating that spamming is not allowed at thoughts.com and then i received death threat from someone called PhantomAvengers saying that he Legal Policies and Privacy Sign inCancel You have been logged out.

All rights reserved. The report will be called DrWeb.csv Close Dr.Web Cureit. Back to top #9 Daemon Daemon Retired Staff-Malware Expert Authentic Member 3,521 posts Posted 12 February 2006 - 04:45 PM Glad we could be of assistance. I am not familiar with it and in todays time there is absolutely no reason to be involved with an unknown AV.

Help Home Top RSS Terms and Rules All content Copyright ©2000 - 2015 MajorGeeks.comForum software by XenForo™ ©2010-2016 XenForo Ltd. I'll post them again: Please read ALL of this message including the notes before doing anything. Similar Topics Please check my HijackThis Log. http://www.hijackthis.de/ The solution did not resolve my issue.

HKLM\SOFTWARE\Classes\cfexefile\shellex\PropertySheetHandlers\PifProps 2007-08-03 00:22 0 bytes Security mismatch. Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: ELSBLaunch.lnk I think that Trend micro should add somekinda rootkit detector to their hijack this program.Edited by Bomb123 - 14 December 2009 at 8:59am Post Reply Page 12> Tweet Forum Virus cleanup?

Nov 1, 2007 #2 (You must log in or sign up to reply here.) Show Ignored Content Topic Status: Not open for further replies. Please note that many features won't work unless you enable it. About CNET Privacy Policy Ad Choice Terms of Use Mobile User Agreement Help Center HijackThis.de Security HijackThis log file analysis HijackThis Copy the text from that log and paste it into your post.   Note: Some firewalls may warn that sigcheck.exe is trying to access the internet.

Interests:Golf, Pool (Snooker), Enjoying retirement. You can use Notepad to open the DrWeb.cvs report. Stay logged in MajorGeeks.Com Support Forums Home Forums > ----------= PC, Desktop and Laptop Support =------ > Malware Help - MG (A Specialist Will Reply) > MajorGeeks.Com Menu MajorGeeks.Com \ All C:\Program Files\FormScapeSoftware\FormScape\data\processes\FSD\9432 2007-08-08 00:20 0 bytes Visible in Windows API, but not in MFT or directory index.

Double-click on dss.exe to run it, and follow the prompts. 4. C:\Program Files\FormScapeSoftware\FormScape\data\processes\FSD\8336\proc-descr.txt 2007-08-08 00:41 179 bytes Hidden from Windows API. Please try again.Forgot which address you used before?Forgot your password? http://faviconize.com/help-me/help-me-http-540-scmg-net-randomsites-banner-aspx-hijack.html Register now!

Click Start, Programs, Windows Defender Click on Tools, General Settings. Use the forums!Don't let BleepingComputer be silenced. Dec 6, 2007 Please check my hijackthis log Oct 23, 2007 please check my hijackthis log May 24, 2007 Please check my Hijackthis Log Jun 26, 2005 Please check my Hijackthis

Malwarebytes is a good on demand scanner.

Please follow the instructions in the below link: READ & RUN ME FIRST. Log in with Facebook Log in with Twitter Log in with Google Your name or email address: Do you already have an account? Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm O8 - Extra context C:\Program Files\FormScapeSoftware\FormScape\data\processes\FSD\8340\proc-descr.txt 2007-08-07 23:10 179 bytes Visible in Windows API, but not in MFT or directory index.

Do not bother contacting us if you are not the topic starter. Logfile of Trend Micro HijackThis v2.0.2Scan saved at 12:45:04, on 6.12.2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Rising\Rav\CCENTER.EXEC:\WINDOWS\System32\svchost.exeC:\Program Files\Rising\Rav\RavTask.exeC:\Program Files\Rising\Rav\RavMonD.exeC:\Program Files\Rising\Rav\rsnetsvr.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\Ati2evxx.exeC:\Program Files\a-squared Free\a2service.exeC:\Program Files\Java\jre6\bin\jqs.exec:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exeC:\Program Files\PC Using the site is easy and fun. Share this post Link to post Share on other sites kkoitla Member Full Member 12 posts Posted August 2, 2007 · Report post Region is set Estonia, the same with

I assume you have or have had them installed at one time. Please refer to our CNET Forums policies for details. Thanks again. TechSpot is a registered trademark.

Ask a Question See Latest Posts TechSpot Forums are dedicated to computer enthusiasts and power users. SHOW ME NOW CNET © CBS Interactive Inc.  /  All Rights Reserved. VoG II 21:42 05 May 05 Can you post another HJT log please? I have them stored in my malicious file storage though.