Home > Hijackthis Log > Hijackthis Log - Apntex.exe (XP Antispyware 2010 Virus)

Hijackthis Log - Apntex.exe (XP Antispyware 2010 Virus)

Close any open browsers and any other programs you might have running Double click on combofix.exe & follow the prompts.If you are using windows XP It might display a pop up Here is my log - thanks for the help in advance. Register a free account to unlock additional features at BleepingComputer.com Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. msbobo83, Feb 26, 2010 #9 dvk01 Derek Moderator Malware Specialist Joined: Dec 14, 2002 Messages: 50,466 yes that is done dvk01, Feb 26, 2010 #10 Sponsor This thread has his comment is here

HiJackThis log (1/2) > >> opivyattack: Hello,I'm not sure if the computer is infected or not. We are very busy.You have Viewpoint installed.Viewpoint Media Player/Manager/Toolbar is considered as Foistware instead of malware since it is installed without users approval but doesn't spy or do anything "bad".More information: It seems that every anti-spyware and virus detection program has gotten corrupted by something, and my CPU will spike to 100% sustained. Virus cleanup?

Jump to content Sign In Create Account Search Advanced Search section: This topic Forums Members Help Files Calendar View New Content Forum Rules BleepingComputer.com Forums Members Tutorials Startup List Updater (YahooAUService) - Yahoo! Macboatmaster replied Feb 10, 2017 at 5:20 PM 4 Word Story continued (#6) cwwozniak replied Feb 10, 2017 at 5:17 PM BIOS speaker does not beep...

Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLLO9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exeO9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - Attached Files DDS.txt 16.63KB 0 downloads Back to top #9 wolfpackfans wolfpackfans Topic Starter Members 123 posts OFFLINE Location:Wilmington, NC Local time:05:44 PM Posted 18 December 2010 - 01:08 PM Did we mention that it's free. The forum is run by volunteers who donate their time and expertise.Want to help others?

HiJackThis log « previous next » Print Pages: [1] Go Down Author Topic: Possible virus? Registry Data Items Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. c:\documents and settings\fmm.FMM\Local Settings\Application Data\av.exe c:\documents and settings\fmm.FMM\Local Settings\Application Data\MSASCui.exe c:\documents and settings\fmm.FMM\Local Settings\Temporary Internet Files\64OKABA.jpg c:\documents and settings\fmm.FMM\Local Settings\Temporary Internet Files\maX55.jpg c:\documents and settings\fmm.FMM\Local Settings\Temporary Internet Files\ox637.jpg c:\documents and settings\fmm.FMM\Local No, create an account now.

The fixes are specific to your problem and should only be used for this issue on this machine.3. I won't go ahead of you again...I promise. if you haven't already done so. You might want to print these instructions out.

I will be working on your Malware issues. Before posting on our computer help forum, you must register. My name is Gringo and I'll be glad to help you with your computer problems. Try What the Tech -- It's free!

HKEY_CLASSES_ROOT\Interface\{4d25f923-b9fe-4682-bf72-8ab8210d6d75} (Adware.MyWebSearch) -> Quarantined and deleted successfully. this content All rights reserved. Click here to Register a free account now! Tech Support Guy is completely free -- paid for by advertisers and donations.

Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exeO23 - Service: avast! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dllO2 - BHO: &Yahoo! Preloader] "c:\program files\act\act for windows\ActSage.exe" -preload mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe" mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mPolicies-explorer: NoWelcomeScreen = 1 (0x1) IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000 IE: http://pcialliance.org/hijackthis-log/hijackthis-log-and-virus.html Temporarily disable your anti-virus and anti-malware real-time protection and any script blocking components of them or your firewall before performing a scan.

Please do so. ( Press YES on the alert) If you receive an (Error Loading xxxxxxxxxx .dll) error on reboot please reboot a second time . As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exeO23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exeO23 - Service: CeEPwrSvc - COMPAL ELECTRONIC INC. - C:\Program Files\Toshiba\Power Management\CeEPwrSvc.exeO23 -

Please include the C:\ComboFix.txt in your next reply.

Attach.zip 5.8KB 1 downloadsI am getting an error that I can't attach the report from Rootkit Unhooker. If you are using Vista please right click and run as Admin!A black screen will briefly flash indicating a successful run.If this does not occur please delete that application and download Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\Documents and Settings\fmm.FMM\Favorites\Free Porn Videos & XXX Sex The reason for this is so we know what is going on with the machine at any time.

scan completed successfully hidden files: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\N360] "ImagePath"="\"c:\program files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\3.5.2.11\diMaster.dll\" /prefetch:1" . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site. Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dllO4 - HKLM\..\Run: [CeEPOWER] C:\Program Files\TOSHIBA\Power Management\CePMTray.exeO4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exeO4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exeO4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exeO4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exeO4 - check over here Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exeO23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exeO23 - Service: CeEPwrSvc - COMPAL ELECTRONIC INC. - C:\Program Files\Toshiba\Power Management\CeEPwrSvc.exeO23 -

If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine. Notes: 1.Do not mouse-click Combofix's window while it is running. I keep getting balloon notifications saying an intrusion has been detected, etc. You can also do a search for mbr.log.

opivyattackTopic StarterGreenhorn Experience: Beginner OS: Unknown Possible virus? By doing this and then choosing Immediate E-Mail notification and then clicking on Proceed you will be advised when we respond the your topic and facilitate the cleaning of your machine.After Edited by thewall, 12 January 2010 - 04:53 PM. Once the program has loaded, select Perform quick scan, then click Scan.

Join 91131 other members! Updater (YahooAUService) - Yahoo! Malwarebytes' Anti-Malware 1.44 Database version: 3794 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 2/25/2010 8:52:02 PM mbam-log-2010-02-25 (20-52-02).txt Scan type: Quick Scan Objects scanned: 169658 Time elapsed: 8 minute(s), 56 then Click OK.Wait till the scanner has finished and then click File, Save Report.Save the report somewhere where you can find it.

That may cause it to stall. 2. Cluster headaches forced retirement of Tom in 2007, and the site was renamed "What the Tech". Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe--End of file - 11293 bytes harry 48: go to below and post the other 2 logs an expert will need them http://www.computerhope.com/forum/index.php/topic,46313.0.html opivyattack: Great, thanks for the