Home > Am I > Am I Still Infected? Securepccleaner - Hijackthis Log

Am I Still Infected? Securepccleaner - Hijackthis Log

contact... - {6F431AC3-364A-478b-BBDB-89C7CE1B18F6} - mscoree.dll (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmat...enWebRadio.html (file missing) O9 contact... - {6F431AC3-364A-478b-BBDB-89C7CE1B18F6} - mscoree.dll (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmat...enWebRadio.html (file missing) O9 Back to top #4 miekiemoes miekiemoes Malware Killer Dog Volunteer Security Advisor 4092 posts Posted 05 September 2007 - 09:41 AM First of all, I notice from the log that there Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat this contact form

Please download FixWareout from one of these sites: http://download.blee.../Fixwareout.exe Save it to your desktop and run it. If you have any problems with the logs, both can be found in C:\Deckard\System Scanner. The tool also checks if a relevant file, wininet.dll, is infected. I also ran SuperAntiSpyware (purchased). view publisher site

Thanks for this great site!Logfile of Trend Micro HijackThis v2.0.2Scan saved at 12:05:00 PM, on 16/03/2008Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.5730.0011)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Ahead\InCD\InCDsrv.exeC:\Program Files\Common Files\Symantec This will start ComboFix again. Make sure that the box next to Scan for rootkits has a tick in it and that the box next to Automatically disable any rootkits found does not have a tick

Click on the traffic light icon and OK the prompt. Trojan? Start a new thread instead and someone will help you asap.Bumping your thread won't help to receive help in a faster way, this since we always look at the posts with But you should be using some kind of pop-up blocker.

Hosts file was reset, If you use a custom hosts file please replace it »»»»» End report »»»»» Logfile of HijackThis v1.99.1 Scan saved at 12:58:13 AM, on 8/12/2007 Platform: Windows Back to top #3 David O David O New Member Authentic Member 14 posts Posted 11 August 2007 - 10:57 PM Hello David O and welcome to the TomCoyote Forums My The tool also checks if a relevant file, wininet.dll, is infected. Feb 28, 2008 #5 Bobbye Helper on the Fringe Posts: 16,335 +36 Don't run Spybot in Safe Mode unless that's the only way you can run it.

Register now! Pay particular attention to this :- Make sure the word File:: is on the first line of the text file you save (no blank line above it, & no space in Try What the Tech -- It's free! This security permission can be modified using the Component Services administrative tool.Event Record #/Type4933 / ErrorEvent Submitted/Written: 04/05/2008 07:27:03 AMEvent ID/Source: 10016 / DCOMEvent Description:The application-specific permission settings do not grant

Click on the magnifying glass icon. You may also... Jul 8, 2006 Add New Comment You need to be a member to leave a comment. Click the check boxes to Search system folders and Search hidden files and folders.

Ask a Question See Latest Posts TechSpot Forums are dedicated to computer enthusiasts and power users. weblink Back to top #6 David O David O New Member Authentic Member 14 posts Posted 12 August 2007 - 12:24 AM Hi Trevuren - hope I'm sending this without previous messages Dismiss Notice TechSpot Forums Forums Software Virus and Malware Removal Today's Posts My computer crushed when I ran spybot insafemode? answer Y (yes) and hit Enter in order to remove the Desktop background and clean registry keys associated with the infection.

If you opt to remove this program, please go to Start > Control Panel > Add or Remove Programs and uninstall (if present) MyWay Search Assitant or MyWaySA. Click Yes. Search again this time for winpcdoctor If any instances are shown Delete them Reboot the computer into Normal Mode Run a fresh Scan with Hijackthis and attach the log here along navigate here Lawrence Abrams Don't let BleepingComputer be silenced.

Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dllO2 - BHO: Yahoo! My computer is slow!---My Blog---Follow me on Twitter.Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.DO NOT Several functions may not work.

B.

Do not attach them or include them codeboxes going forward.Download Deckard's System Scanner (DSS) to your Desktop. Back to top #8 Aaflac Aaflac Affy Trusted Malware Techs 3,317 posts Gender:Not Telling Location:Illinois, USA Posted 24 August 2007 - 10:05 AM Yep!! This to avoid confusion. I have tried using removal tools and spybot s&d to no avail...

Register now to gain access to all of our features, it's FREE and only takes one minute. Help Home Top RSS Terms and Rules All content Copyright ©2000 - 2015 MajorGeeks.comForum software by XenForo™ ©2010-2016 XenForo Ltd. Yes, my password is: Forgot your password? http://100linux.com/am-i/am-i-infected-hijackthis-log-file-attached.html Your cache administrator is webmaster.

Back to top #2 miekiemoes miekiemoes Malware Killer Dog Volunteer Security Advisor 4092 posts Posted 05 September 2007 - 09:36 AM Hello,* Download Trend Micro Hijack This™ Doubleclick the HJTInstall.exe to If you bump your thread, we assume that someone is already helping you, so your thread may be ignored. Following is the report.txt resulting from running FixWareout, and a new HiJackthis log. Did we mention that it's free.

Jan 29, 2007 hijack this log. If we had you run Avenger, you can delete all files related to Avenger now. If you wish to show your appreciation, then you may donate to help keep us online. Select NO In the 'Full path of file to delete' box,copy and paste: Code: C:\WINDOWS\system32\drivers\hprocess.sys Then press the red button with the white cross.

Check the 'Input script manually' box.