Home > Hijack This > HiJack This Log - 2nd PC Infected

HiJack This Log - 2nd PC Infected

If the malware did come back, use this sequence of actions:a) Turn off System Restoreb) Repeat the cleaning procedure used earlierc) Rebootd) Only then turn on System Restoree) Rebootf) RescanIf the C:\Program Files\SelectRebates\Toolbar\logo_24.bmp (Adware.SelectRebates) -> Quarantined and deleted successfully. Some of the other linked products are no longer available, invalid or do not apply/aren't compatible with the newer operating systems or 64 bit processors.2012-08-16 13:17:41 my pc is nearly infected. I've used Avast and AVG AntiVirus programs and also SuperAntiSpyware. this contact form

C:\Program Files\SelectRebates\Toolbar\ShopAtHomeToolbar.dll (Adware.SelectRebates) -> Quarantined and deleted successfully. Thread Status: Not open for further replies. If not please perform the following steps below so we can have a look at the current condition of your machine. Join our site today to ask your question. https://forums.techguy.org/threads/hijack-this-log-2nd-pc-infected.208093/

Determine the steps to clean the computer, and clean the computer11. Register a free account to unlock additional features at BleepingComputer.com Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Registry Data Items Infected: (No malicious items detected) Folders Infected: C:\Program Files\SelectRebates (Adware.SelectRebates) -> Delete on reboot. Removed AboutBuster from list of removal tools (obsolete and no longer supported)03 April 2007 by CalamityJane:Section 4 removed temporarily for revision.

All rights reserved. There's some bad stuff in your PC but it's not really a great deal.Backup Your Registry with ERUNTPlease use the following link and scroll down to ERUNT and download it. If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab:Make sure the "Perform Full Scan" option is C:\Program Files\SelectRebates\SRebates.dll (Adware.SelectRebates) -> Delete on reboot.

In particular, be sure to submit copies of suspect files that:- Got on to your system undetected by an up-to-date AV monitor- Are not consistently detected by some AV scans- Are C:\Program Files\SelectRebates\Toolbar\RightControls.dym (Adware.SelectRebates) -> Quarantined and deleted successfully. The submit malware email function is out of date. 2010-02-22 08:28:32 (Cho Baka )I think we should take this whole part out of the email since the malware forum doesn't exist Your iexplorer.exe may not be the same as someone else's iexplorer.exe.d) When a step indicates running an update, activate the update function of the program.

If there is some abnormality detected on your computer HijackThis will save them into a logfile. Update and run any anti-virus (AV), anti-trojan (AT) and anti-spyware (AS) products you already have installed on your computer. Do full scans of your computer. Advertisements do not imply our endorsement of that product or service. C:\Program Files\SelectRebates\FFToolbar\chrome.manifest (Adware.SelectRebates) -> Quarantined and deleted successfully.

It is file contents that determine what a file actually does. https://www.wilderssecurity.com/threads/hijackthis-log-from-infected-computer.41819/ If only part of the path to the file is shown by the AV scanner, use the Windows search tool (Start button / Search) to locate the file and write down Registry Values Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\selectrebates (Adware.SelectRebates) -> Quarantined and deleted successfully. The following are the requested items: *************************************************************************** *************************************************************************** ~~~OTM Results~~~ ========== FILES ========== c:\windows\TMP0001.TMP moved successfully.

It will scan and the log should open in notepad. * When the scan is finished, the "Scan" button will change into a "Save Log" button. weblink Advertisement Recent Posts Used VPN to change location and... In Windows XP and Me, to prevent important system files being deleted accidentally, System Restore makes backups of them and restores the backups if the original file goes missing. Please note that your topic was not intentionally overlooked.

Submit suspected malware.9.2 If a removal tool is required, it is best to first try the tool of the scanner's vendor. Using the site is easy and fun. c:\windows\DUMP35b6.tmp moved successfully. http://pcialliance.org/hijack-this/hijack-this-please-i-think-i-ve-been-infected.html Advertisement bsacco Thread Starter Joined: Jun 11, 2003 Messages: 709 Logfile of HijackThis v1.97.7 Scan saved at 10:47:13 AM, on 3/1/2004 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00

Whenever I go idle for more than about 30 seconds, upon trying to move my mouse or do anything, the computer freezes up for anywhere between 2-5 minutes. C:\Program Files\SelectRebates\SelectRebatesBT.dat (Adware.SelectRebates) -> Quarantined and deleted successfully. Click here to Register a free account now!

Click 'Show Results' to display all objects found".Click OK to close the message box and continue with the removal process.Back at the main Scanner screen, click on the Show Results button

Update and run the defensive tools already on your computer2. Log in or Sign up Tech Support Guy Home Forums > Security & Malware Removal > Virus & Other Malware Removal > Computer problem? Then find this file C:\WINNT\system32\MSTask.exe and have it checked here http://www.kaspersky.com/remoteviruschk.html Post the results. This is because a backdoor allows a hacker to make other changes that may reduce your security settings, but that are not readily detectable with current tools.- After what kinds of

C:\Program Files\SelectRebates\SelectRebatesDownload.exe (Adware.SelectRebates) -> Quarantined and deleted successfully. Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll mURLSearchHooks: AIM Toolbar Search Class: {03402f96-3dc7-4285-bc50-9e81fefafe43} - c:\program files\aim toolbar\aimtb.dll mURLSearchHooks: Yahoo! C:\Program Files\SelectRebates\SelectRebates.ini (Adware.SelectRebates) -> Quarantined and deleted successfully. his comment is here Please perform the following scan:Download DDS by sUBs from one of the following links.

If applicable, report identity theft, cancel credit cards and change passwords.13. C:\Program Files\SelectRebates\Toolbar (Adware.SelectRebates) -> Quarantined and deleted successfully. c:\windows\DUMP4ad4.tmp moved successfully. You will go through most of the steps quite quickly, although a couple of scans may take a half-hour to run.

C:\Program Files\SelectRebates\FFToolbar\defaults\preferences\sahtoolbar.js (Adware.SelectRebates) -> Quarantined and deleted successfully. Be sure to both download and install the latest version of the program, and then update each products database. Staff Online Now etaf Moderator valis Moderator Macboatmaster Trusted Advisor Advertisement Tech Support Guy Home Forums > Security & Malware Removal > Virus & Other Malware Removal > Home Forums Forums C:\Program Files\SelectRebates\Toolbar\ImageCache (Adware.SelectRebates) -> Quarantined and deleted successfully.

Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll BHO: AIM Toolbar Loader: {b0cda128-b425-4eef-a174-61a11ac5dbf8} - c:\program files\aim toolbar\aimtb.dll Submit the suspected malware to AV and AT vendors. Now What Do I Do?12.2 If a keystroke logger or backdoor was detected, then hackers may have access to what was typed into your computer, including passwords, credit card numbers and If you previously had Ad-aware installed, grant the installer permission to uninstall it when it asks.b) As the installation ends, leave these boxes checked: (i) Perform a full scan now, (ii)

c:\windows\DUMPb66f.tmp moved successfully. Stay logged in Sign up now! If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the