Home > Hjt Log > HJT Log - Loads Of Junk

HJT Log - Loads Of Junk

Trojan Horse Downloader.Agent.12.H 12.BF 11.Q 12.D Trojan Horse Start Page 19.A0 21.AR and probably a whole lotta others as well.....it healed something like 819 infected files in the computer...but now, the HOWEVER ... Thank you very much for your help & patience. Final Check:Remaining Services:------------------Authorized Application Key Export:[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019""%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000""C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes""C:\\Program Files\\uTorrent\\utorrent.exe"="C:\\Program Files\\uTorrent\\utorrent.exe:*:Enabled:ƦTorrent""C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype""C:\\Program Files\\Kontiki\\KService.exe"="C:\\Program Files\\Kontiki\\KService.exe:*:Disabled:Delivery Manager Service""C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Disabled:Windows Live Messenger 8.0 (Phone)""C:\\Program Files\\Warcraft III\\Warcraft III.exe"="C:\\Program Files\\Warcraft III\\Warcraft

Infected with junk (searchprotect and others) Started by FeedMeInfo , Mar 25 2015 09:34 PM Page 1 of 2 1 2 Next This topic is locked 20 replies to this topic If you can not post all logfiles in one reply, feel free to use more posts.If I don't hear from you within 5 days from this initial or any subsequent post, Microsoft Windows 7 Home Premium Boot Device: DeviceHarddiskVolume1 Install Date: 12/2/2009 11:25:17 PM System Uptime: 10/5/2012 1:18:50 AM (0 hours ago) . Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN0\YT.DLL O2 - BHO: &Yahoo!

Started by Connie1962 , Jun 30 2007 06:48 AM This topic is locked 14 replies to this topic #1 Connie1962 Connie1962 New Member New Member 9 posts Posted 30 June 2007 Discussions cover how to detect, fix, and remove viruses, spyware, adware, malware, and other vulnerabilities on Windows, Mac OS X, and Linux.Real-Time ActivityMy Tracked DiscussionsFAQsPoliciesModerators Question virus removal - malware bytes Also I have experienced in the past that adaware get's stuck at initializing. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

WE'RE SURE THAT YOU'LL LOVE US! If not prompted, manually reboot the machine anyway to ensure a complete clean. IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRAM FILES\YAHOO!\COMMON\YIESRVC.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_12\bin\ssv.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL O2 - I opened it and noticed there are loads of junk on the laptop.

The file will not be moved unless listed separately.) R2 3a37b93a; c:\Program Files (x86)\Optimizer Pro 3.64\OptProMon.dll [2292264 2015-03-25] () R2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [53832 2014-11-25] (Just Develop It) Download - ATF Cleaner» Double-click ATF-Cleaner.exe to run the program. If TFC prompts you to reboot, please do so immediately. you could check here or its subsidiaries) R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-03-10] (McAfee, Inc.) R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed] R2 igfxCUIService1.0.0.0;

Register a free account to unlock additional features at BleepingComputer.com Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged Logged charlie.sanchez Newbie Posts: 12 Re: Mail Svc Virus (My pc is spamming junk mail) « Reply #18 on: October 25, 2007, 12:37:06 AM » And the subsequent HTJ log:and then regards,deeprybka - Malware Removal Instructor @ - (german malware removal forum) Neminem laede, immo omnes, quantum potes, iuva.

Back to top #12 LDTate LDTate Forum God Root Admin 57,127 posts Posted 01 July 2007 - 04:25 PM If it's running fine in Normal Mode, that's how I'd leave it Did a scan with CCleaner, which cleared out lots of junk. right click the .bat file and choose to run as Administrator. Press any Key and it will restart the PC.

Upload Suspicious Files to Lavasoft.Malware removal assistance? Proud graduate of TC/WTT Classroom Back to top #3 Connie1962 Connie1962 New Member New Member 9 posts Posted 30 June 2007 - 02:00 PM LDTate ... You really need to have that running. Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN0\YT.DLL O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX O4 - HKLM\..\Run: [SystemTray] SysTray.Exe O4 - HKLM\..\Run: [LexStart] lexstart.exe O4 - HKLM\..\Run: [Lexmark 3100 Series] "C:\Program

Your system will take longer that normal to restart as the fixtool will be running and removing files. Also, when booting computer (or RE-booting) we get past logon screen, wallpaper loads, then no icons or taskbar for at least 2 minutes even in selective start-up. being disabled as she is. Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm O8 - Extra context menu

Unknown Malware creating issues in Chrome Browser Started by CVTPo , Today, 10:58 AM Please log in to reply 5 replies to this topic #1 CVTPo CVTPo Members 3 posts ONLINE service which failed to start because of the following error: A device attached to the system is not functioning. 10/1/2012 10:46:14 PM, Error: Service Control Manager [7001] - The Network Location It has done this 1 time(s). 10/5/2012 1:20:52 AM, Error: Service Control Manager [7034] - The Windows Presentation Foundation Font Cache service terminated unexpectedly.

Did a full scan with Malwarebytes, which found nothing.

or its subsidiaries) ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ I did go to hijack this based on reading other comments. My computer is slow---My Blog---Follow me on Twitter.My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!Asking for help Disruptive posting: Flaming or offending other usersIllegal activities: Promote cracked software, or other illegal contentOffensive: Sexually explicit or offensive languageSpam: Advertisements or commercial links Submit report Cancel report Track this discussion

See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] FireFox: ======== FF ProfilePath: C:\Users\Tammy\AppData\Roaming\Mozilla\Firefox\Profiles\ckxz9qdt.default-1411706757382 FF Homepage: about:home FF SelectedSearchEngine: Google FF NewTab: about:newtab FF DefaultSearchEngine: Google FF Plugin: @adobe.com/FlashPlayer -> Proud graduate of TC/WTT Classroom Back to top #15 LDTate LDTate Forum God Root Admin 57,127 posts Posted 01 July 2007 - 04:34 PM Since this issue appears to be Win98 *normal* splash screen appears 2. *NORMAL* wallpaper loads 3. It seems that the logging in part, is one way the bot an get new instructions.The McColo Corporation, that DavidR asked you about, apparently rents out server space.

Brian Cooley found it for you at CES 2017 in Las Vegas and the North American International Auto Show in Detroit. Please read this first.After following the instructions, open a new thread in the HijackThis Forum where you can copy/paste your HJT log.Note: do not bump HJT threads by replying - volunteer