Home > Hijackthis Log > HijackThis Log -- Just Housekeeping

HijackThis Log -- Just Housekeeping

I hope some virus/trojan killer can use this information to save some other poor fool from having his system trashed! Registry Values Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\antivirus (Rogue.Antivirus) -> Quarantined and deleted successfully. Pre-Run: 5,867,773,952 bytes free Post-Run: 5,877,202,944 bytes free . - - End Of File - - 481C7C2678E60D48743BA15073A11090 Edited by Croftie, 23 November 2011 - 11:57 AM. Thanks for all your help! http://pcialliance.org/hijackthis-log/hijackthis-exe-itself-is-not-opening-cant-able-to-get-the-hijackthis-log-file.html

NOTE: ComboFix has removed "Hotfix EXtr4cT0r.exe" which is a compiled Autoit script I made myself so it should be clean unless a virus has infected it.Anyway here are the logs. C:\Documents and Settings\Matt\Application Data\rhc70jj0ea35\Quarantine\Autorun\HKCU (Rogue.Multiple) -> Quarantined and deleted successfully. Started by Croftie , Nov 13 2011 09:04 PM This topic is locked 11 replies to this topic #1 Croftie Croftie Members 5 posts OFFLINE Local time:10:41 PM Posted 13 KeePass is a small utility that allows you to manage all your passwords. http://www.bleepingcomputer.com/forums/t/518888/hijackthis-log-please-help-diagnose/

No input is needed, the scan is running. C:\WINDOWS\system32\blphc30jj0ea35.scr (Trojan.FakeAlert) -> Quarantined and deleted successfully. The connection is automatically restored before CF completes its run. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowControlPanel (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.

C:\WINDOWS\privacy_danger\images\down.gif (Trojan.FakeAlert) -> Quarantined and deleted successfully. Hide file extensions, if required. Next I ran spybot, nothing detected. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowSearch (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.

We invite you to ask questions, share experiences, and learn. scan completed successfully hidden files: 0 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . Username Forum Password I've forgotten my password Remember me This is not recommended for shared computers Sign in anonymously Don't add me to the active users list Privacy Policy

https://www.bleepingcomputer.com/forums/t/529894/hijackthis-log-please-help-diagnose/page-2 Have a look at this page.http://noscript.net/featuresYou may be able to find the culprit.

Canada Local time:05:41 PM Posted 03 January 2014 - 08:46 AM All is well:Time for some housekeepingThe following will implement some cleanup procedures as well as reset System Restore points:Click Start Everyone else please begin a New Topic. It's better to be sure and safe than sorry.Please reply to this thread. Then AVG free, It detected and removed half the 8 files it detected labeled Trojan Agent_r.KJ but the other half it could not access without restarting but I get blue screens

The Windows Recovery Console may be needed to restore it. http://www.hijackthis.de/ Ask a new question Read More Icons Microsoft Windows XP Related Resources In my windows 7 the Exe. Scanning your system regularly will make it harder for malware to reside on your system.A tutorial on using MBAM can be found here.Please Note: Only the paid for version has real Back to top #6 nasdaq nasdaq Malware Response Team 35,078 posts OFFLINE Gender:Male Location:Montreal, QC.

RE: Nuwar vsarint as Flash update ? check over here As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. Click here to Register a free account now! ERUNT (Emergency Recovery Utility NT) allows you to keep a complete backup of your registry and restore it when needed.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispScrSavPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Please download and run this DDS Scanning Tool. AV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} . ============== Running Processes ================ . his comment is here With the help of this automatic analyzer you are able to get some additional support.

Tomk ------------------------------------------------------------ Topics are closed after 5 days without response Back to top #11 anisbet anisbet New Member New Member 6 posts Posted 27 August 2008 - 07:38 PM I guess Currently I can really only get into safe mode without a ton of windows/popups/etc that control the screen, so I had to run HijackThis in safe mode. Good Luck Granny Kate Reports: · Posted 6 years ago Top marks100 Posts: 4507 This post has been reported.

Try: http://www.superantispyware.com/ Free version,or download the portable version on another computer first.

It also replaced my wallpaper with a file called "DC9.scr", a joke blue screen. I can recommend:If you are satisfied with your current protection programs you can ignore the instructions on Antivirus or Firewall listed below.avast! and a reinstall of the drive seems to have solved the problem. WE'RE SURE THAT YOU'LL LOVE US!

Register a free account to unlock additional features at BleepingComputer.com Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Like Show 0 Likes(0) Actions 5. C:\Documents and Settings\Matt\Local Settings\Temp\sfsrv.exe (Trojan.Agent) -> Quarantined and deleted successfully. weblink its been replaced with notepad Lost Taskbar Notification Icons Lost most of window xp program icons Lost transparent look on desktop icons Windows xp toolbar and icons lost I lost my

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\win77.exe (Trojan.Agent) -> Quarantined and deleted successfully. Completion time: 2011-11-23 16:40:40 ComboFix-quarantined-files.txt 2011-11-23 16:40 ComboFix2.txt 2011-11-22 20:31 ComboFix3.txt 2011-11-08 02:59 C:\DeQuarantine.txt . Please first disable any CD emulation programs using the steps found in this topic: Why we request you disable CD Emulation when receiving Malware Removal Advice Then create another GMER log Just paste your complete logfile into the textbox at the bottom of this page.

C:\Documents and Settings\Matt\Application Data\rhc70jj0ea35\Quarantine\Autorun\HKCU\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully. Please save it to a convenient location and post the results.Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the Related Resources solved Lost all my icons in XP solved Files lost thumbnails/icons after force shut down of PC solved Desktop icons deleted by Norton Security, all programs lost solved Win Download DDS by sUBs from one of the following links if you no longer have it available.

Post the logs at any of the following forums for free expert advise.... C:\Documents and Settings\Matt\Favorites\Error Cleaner.url (Rogue.Link) -> Quarantined and deleted successfully.