Home > Hjt Log > HJT Log - 2/18/2010

HJT Log - 2/18/2010

Mail Scanner;avast! The below scan can take up to an hour or longer, so please be patient. *Note It is recommended to disable onboard antivirus program and antispyware programs while performing scans so Record Number: 822 Source Name: Application Hang Time Written: 20100221140519.000000-480 Event Type: error User: Computer Name: HOME-COMPUTER Event Code: 1000 Message: Faulting application winamp.exe, version 5.5.7.2830, faulting module in_mp3.dll, version 0.0.0.0, Do not re-enable these drivers until otherwise instructed.

A pop up box will appear advising this process will permanently delete files from your system. 6. Music Jukebox   ==== Event Viewer Messages From Past Week ========   3/6/2010 11:13:46 AM, Error: FW1 [1] - FW1: FW-1: last packet seen 53266 seconds ago, assumi--> 3/5/2010 7:48:15 AM, How do you remove the virus in Avira? Also, in order to get on the Internet this morning--it's now 9:22a.m. I just want to be able to turn the thing on. https://forums.spybot.info/showthread.php?55575-HJT-Log-Malware-infection

Do not re-enable these drivers until otherwise instructed. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ NEXT** download GMER Rootkit Scanner from here.Extract the contents of the zipped file to desktop. Download Mirror #1 Download Mirror #2Double-click SystemLook.exe to run it. My last resort before frustration causes me to wipe XP for another install.

o Click on the log at the bottom of those listed to highlight it. Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7E7DA000-D70A-3F29-26BB-ACD66BDC8873} Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7E7DA000-D70A-3F29-26BB-ACD66BDC8873}@jakonhmdakdjhonjplck 0x6A 0x61 0x67 0x64 ... Antivirus BitTorrent BS.Player PRO BufferChm CCleaner (remove only) Compatibility Pack for the 2007 Office system CustomerResearchQFolder DAMN NFO Viewer v2.10.0032.RC3 (Remove Only) Dassault Systemes Software B12 Destinations DeviceFunctionQFolder DeviceManagementQFolder DNA eSupportQFolder When done, DDS will open two (2) logs: DDS.txt Attach.txtSave both reports to your desktop.Please include the contents of both logs in your next reply.

Some programs can interfere with others and hamper the recovery process.Even if you have already provided information about your PC, we need a new log to see what has changed since Please post this log in your next reply. Using Internet Explorer, visit http://www.kaspersky...n=1260122209224 Other available links Kaspersky Online Scanner or from here http://www.kaspersky.com/virusscanner Note: If you are using Windows Vista, open your browser by right-clicking on its icon and Visit Website Don't keep going on.

Share this post Link to post Share on other sites ashby Member Full Member 6 posts Posted February 27, 2010 · Report post Thanks Nasdaq, I followed your steps. Place a check against each of the following, making sure you get them all and not any others by mistake:   O4 - HKLM\..\Policies\Explorer\Run: [] O4 - HKUS\S-1-5-19\..\RunOnce: [] (User 'LOCAL If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. self protection module/ALWIL Software) ZwOpenKey [0xEE2EE64E] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast!

Definitions up-to-date, and scans show no more than tracking cookies which are deleted automatically. So I don't know why it appeared. We recommend Gmail.   The notifications won't even be in your Spam folder - they just go down a black hole. Norton AntiVirus WMIC entry does not exist for antivirus; attempting automatic update. `````````````````````````````` Anti-malware/Other Utilities Check: Ad-Aware HijackThis 2.0.2 Java SE Runtime Environment 6 Adobe Flash Player 10 Adobe Reader 8.1.2

As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. Virus & Other Malware Removal Need help removing spyware, viruses or other types of malware? Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exeO23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exeO23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exeO23 Record Number: 2510 Source Name: W32Time Time Written: 20100131215612.000000-480 Event Type: warning User: Computer Name: HOME-COMPUTER Event Code: 36 Message: The time service has not been able to synchronize the system

IE 11 copy/paste problem It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. Web 2K/XP-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3FCAADB8-EB1B-11D6-AB2D-0090271A23A2}\Setup.exe" -l0x9 Spybot - Search & Destroy-->"D:\Program Files\Spybot - Search & Destroy\unins000.exe" Tiger Woods PGA TOUR 08-->D:\Program Files\EA Sports\Tiger Woods PGA TOUR 08\EAUninstall.exe TW Caddie Let me know if you see any issues to fix. It is likely that everyone who visits after the upgrade will need to log in again, so please keep this in mind.   Update again - Feb 7 - We have

After the files have been downloaded on the left side of the page in the Scan section select My Computer. Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) O3 - Toolbar: AIM Toolbar - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files (x86)\AIM Toolbar\aimtb.dll O4 - Antivirus;avast!

self protection module/ALWIL Software) ZwSetValueKey [0xEE2EE8AE] INT 0x3A ? 821B6F00 INT 0x3A ? 821B6F00 INT 0x3B ? 821B6F00 INT 0x3B ? 821B6F00 INT 0x3E ? 823DDBF8 INT 0x3F ? 823DDBF8 ----

Click on the Accept button and install any components it needs. I want to learn how to remove malware from computers so I can help others in forums like this. Click on the Malwarebytes' Anti-Malware icon to launch the program. Please continue to review my answers until I tell you your machine is clear.

Click here to install these updates''. Request blocked. Now shut down the computer. It has done this 1 time(s).

When the scan is complete, click OK, then Show Results to view the results. Right now the computer is working fine. Back to top #3 Zenfly Zenfly Member Members 10 posts Posted 18 February 2010 - 10:43 PM How is you computer performing now, any further symptoms and or problems encountered? If you have questions about smartphones, please feel free to post them and we will do our best to help you with them.

File not found O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-9-9 114768] R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2008-5-13 8944] R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2008-5-13 55024] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-9-9 20560] R2 avast! If you have email address at Hotmail, Hotmail.uk, etc etc then you will not get notifications and need to manually check for new replies. I think the reason is because its .cab location (target folder).

Note: The log can also be found on your Desktop entitled SystemLook.txt   Repeat the search for these two files as well.   NvMcTray.dll NvCpl.dll   Post the the results. I think I see a couple of reg entries from an incomplete uninstall of McAfee? ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Let's try to reset your router. The following error occurred: The semaphore timeout period has expired.. NEXT Download GMER Rootkit Scanner from here or here.