Home > Hijackthis Download > Need Help Checkign HJT Log

Need Help Checkign HJT Log

Contents

Thread Status: Not open for further replies. Oct 13, 2006 Can someone please help me with this HJT log file? She thought she had a worm or trojan program running but I couldn't find anything. If you're not already familiar with forums, watch our Welcome Guide to get started.

This applies only to the original topic starter. scanning hidden autostart entries ... No, create an account now. Jump to content Sign In Create Account Search Advanced Search section: This topic Forums Members Help Files Calendar View New Content Forum Rules BleepingComputer.com Forums Members Tutorials Startup List

Hijackthis Log Analyzer

Just paste your complete logfile into the textbox at the bottom of this page. free 17.1.2286/ Outpost Firewall Pro9.3/ Firefox 51.0.1, uBlock Origin, RequestPolicy/ MailWasher Pro7.8.0/ DropMyRights/ MalwareBytes AntiMalware Premium 2.2.0/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! All Rights Reserved. Javascript You have disabled Javascript in your browser.

Super Home2010-09-16 11:32 . 2004-11-20 10:14 -------- d--h--w- c:\program files\InstallShield Installation Information2010-09-16 06:17 . 2005-07-21 15:57 -------- d-----w- c:\program files\GH2010-09-07 15:11 . 2008-09-24 18:48 167592 ----a-w- c:\windows\system32\aswBoot.exe2010-09-07 14:52 . 2008-09-24 18:48 DavidR Avast Überevangelist Certainly Bot Posts: 76586 No support PMs thanks Re: hijackthis log analyzer « Reply #5 on: March 25, 2007, 10:11:44 PM » There really is nothing wrong with scan completed successfullyhidden files: 0**************************************************************************.--------------------- LOCKED REGISTRY KEYS ---------------------[HKEY_USERS\S-1-5-21-781878022-3114317985-875658923-1006\Software\Microsoft\SystemCertificates\AddressBook*]@Allowed: (Read) (RestrictedCode)@Allowed: (Read) (RestrictedCode)[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]"Enabled"=dword:00000001[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]@Denied: (A 2) (Everyone)@="IFlashBroker4"[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}"[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".Completion time: 2010-09-25 10:40:24ComboFix-quarantined-files.txt 2010-09-25 15:40ComboFix2.txt 2010-09-25 03:05Pre-Run: 32,948,195,328 bytes freePost-Run: 32,931,811,328 bytes F2 - Reg:system.ini: Userinit= And then we have noadfear among the members of our webforum, developer of may special cleansing tools himself..

So it may not be fast like what is out there now but it's faster than the original laptop I had-think it had 50mb of ram-older Toshiba Satellite I will free Mail Scanner)SRV - [2010/09/07 10:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! I did also notice it looks like Avast?? The list is not all inclusive.)Double click on Combofix.exe and follow the prompts.As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed.

Its just a couple above yours.Use it as part of a learning process and it will show you much. Hijackthis Download Windows 7 I love this forum. Cheeseball81, Nov 1, 2010 #2 Scottyman61 Thread Starter Joined: Dec 14, 2006 Messages: 59 Hi, thank you for the looking it over for me. Cheeseball81, Nov 1, 2010 #4 This thread has been Locked and is not open to further replies.

Hijackthis Download

when I go to shut down or restart my computer would delay then say this program is not responding...can wait or cancel message. Could you tell me why I need to reset this IE as I might still need the add on and resetting it would disable my add on ? Hijackthis Log Analyzer I think my pc is clean now but just want to make sure it is. Hijackthis Windows 10 This thread is now locked and can not be replied to.

Terms of Use Privacy Policy Licensing Advertise International Editions: US / UK India Jump to content Resolved Malware Removal Logs Existing user? Please start a New Thread if you're having a similar issue.View our Welcome Guide to learn how to use this site. Already have an account? Sign in to follow this Followers 2 New, check HJT logs?? Hijackthis Windows 7

Thanks, tea Please make a donation so I can keep helping people just like you.Every little bit helps! I do photography, have 3 folders from my 2 different cameras and it looked like I had a folder in a Local Settings\Temp folder-looked like something "moved" the photo filess-I'm talking Yes, my password is: Forgot your password? Logs can take some time to research, so please be patient with me.

Share this post Link to post Share on other sites ko57    Regular Member Topic Starter Honorary Members 71 posts Location: s/e Louisiana ID: 3   Posted September 23, 2010 Elise,I How To Use Hijackthis To Daniel : Nice to see your post again Dan. You would not believe how much I learned from simple being into it.

Do not include the word "Code":otlIE - HKU\S-1-5-21-781878022-3114317985-875658923-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = localhost:12080:commands[emptytemp]Push OTL may ask to reboot the machine.

Without further adeu, here it is:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 3:18:10 PM, on 12/3/2007Platform: Windows XP SP1 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\System32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\spoolsv.exeC:\Program Files\eMachines etc. Not a good thing.Some more links you might find of interest:Miekies' prevention suggestionsSo How did I get infected?Microsoft - 'Security at home'Calendar of Updates: See which updates have been released.How to Trend Micro Hijackthis Oct 4, 2008 #4 kenaki TS Rookie Topic Starter Posts: 47 Thanks to all of you for the advices.

So VoG , Nellie2 if you're out there I could do with some help. Database Statistics Bad Entries: 190,982 Unnecessary: 119,579 Good Entries: 147,839

From Twitter Follow Us Get in touch support@hijackthis.co Contact Form HiJackThisCo RSS Twitter Facebook LinkedIn © 2011 Activity Labs. TechSpot is a registered trademark. Ask a question and give support.

Avast Evangelists.Use NoScript, a limited user account and a virtual machine and be safe(r)! Login now. Jun 13, 2005 Can someone please help me with this HJT Log Jul 11, 2008 Someone please help me analyze this HJT log appreciate it May 31, 2012 Could someone check Share this post Link to post Share on other sites ko57    Regular Member Topic Starter Honorary Members 71 posts Location: s/e Louisiana ID: 22   Posted September 28, 2010 Here

Logged "If at first you don't succeed keep on sucking 'till you do succeed" - Curley Howard in Movie Maniacs (1935) polonus Avast Überevangelist Maybe Bot Posts: 28564 malware fighter Re: Logged "If at first you don't succeed keep on sucking 'till you do succeed" - Curley Howard in Movie Maniacs (1935) DavidR Avast Überevangelist Certainly Bot Posts: 76586 No support PMs Click here to Register a free account now! Do not include the word "Code":otlIE - HKU\S-1-5-21-781878022-3114317985-875658923-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = localhost:12080:commands[emptytemp]Push OTL may ask to reboot the machine.

Could you tell me why I need to reset this IE as I might still need the add on and resetting it would disable my add on ?Click to expand... mauserme Massive Poster Posts: 2475 Re: hijackthis log analyzer « Reply #11 on: March 25, 2007, 11:30:45 PM » Was it an unknown process? Loading... This site is completely free -- paid for by advertisers and donations.

Started by ko57, September 21, 2010 33 posts in this topic Prev 1 2 Next Page 1 of 2 ko57    Regular Member Topic Starter Honorary Members 71 posts Location: To Tw0rld : I followed the steps but when it is doing the resetting, it failed to disable the add on, and resetting user customization. Here is the combofix log:ComboFix 10-09-23.01 - Kerry Owen 09/25/2010 10:21:46.2.1 - x86Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2014.1377 [GMT -5:00]Running from: c:\documents and settings\Kerry Owen\Desktop\ComboFix.exeAV: avast!