hosting3.net

Subscribe RSS
 
Home > Please Help > Please Help Another Poor Newbie-with Hijack This Log

Please Help Another Poor Newbie-with Hijack This Log

The folder C:\QooBox should now be gone from your system and files and folders should now be back to their default hidden state and if your time was off it should IF IT AIN'T BROKE - DON'T FIX IT!!! Please re-enable javascript to access full functionality. It is good when you're Product Id changed when you reinstall the OS?but still … Slow computer, pop up in web browser 3 replies Help require to clean up my laptop. http://hosting3.net/please-help/please-help-this-poor-soul-hijackthis-log-for-about-blank-problem.html

Please save it to a convenient location and post it back when you replyThen look for the following Java folders and if found delete them.C:\Program Files\JavaC:\Program Files\Common Files\JavaC:\Documents and Settings\All Users\Application I just created a new account. Please note that many features won't work unless you enable it. Several functions may not work.

Administrator Hero Member Join Date: Sep 2011 Posts: 9268Location: USA Karma: 134 "Knowledge should be shared not hidden." Re: hijackthis log « Reply #2 on: January 12, 2015, 01:11:18 PM » The other account is ... button to save the scan results to your Desktop. I later learned that it leads to some vietnamese dating site or whatever. (Whenever I try to click on the link, IE doesnt want to open the site.)Anyway, here is what

Someone please explain to me fromt he very start how to get rid of this I can't figure it out Back to top #52 zabb zabb Newbie Members 1 posts Posted HERE's the LOg:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 2:08:57 PM, on 3/9/2008Platform: Windows XP SP1 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Ahead\InCD\InCDsrv.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\System32\RunDll32.exeC:\WINDOWS\System32\RUNDLL32.EXEC:\Program Files\Ahead\InCD\InCD.exeC:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exeC:\Program Files\Grisoft\AVG6\avgcc32.exeC:\WINDOWS\System32\qttask.exeC:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXEC:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exeC:\Program Logfile of HijackThis v1.97.7 Scan saved at 21:59:08, on 31/05/2004 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe Share this post Link to post Share on other sites Blue Mermaid    Regular Member Topic Starter Members 79 posts Location: UK ID: 46   Posted April 23, 2009 I noticed

Clock is fine.I followed Step B but Windows couldn't find %windir%\gmer_uninstall.cmd. You will need a SECOND non- infected computer to get the software to attack this thing and conduct any research you want to do. Dell Optiplex 7020Windows 10 ProVersion 151164 bit operating system8GB RamProcessor - Intel Core i7-4790 @ 3.6GHzCrucial SSD - 222GB - for operating systemOptical Drive - 500GB - for data Flag Permalink If you do have problems then yes the PC Help forum would be the place to post for that.For speed it could be a few things so I'll give you a

It used to open immediately when I clicked on Favourites but now there is a long pause before it opens. Any help would very much be appreciated! Share this post Link to post Share on other sites AdvancedSetup    Staff Root Admin 63,871 posts Location: US ID: 43   Posted April 22, 2009 Yes I'm sure it was Download SmitfraudFix (by S!Ri) to your Desktop (Win2k/WinXP only!).http://siri.urz.free...mitfraudFix.zipExtract all the files to your Destop.

When I boot it up my CPU usage immediately rockets to 100%. None of the antispyware tools either prevent this or remove it. by R. Answer Yes to the question "Replace infected file ?" by typing Y and hit Enter.A reboot may be needed to finish the cleaning process, if you computer does not restart automatically

And you do it for no other reason than the fact that you're smarter than they are. After all this you will STILL be infected; but will have gotten rid of some of the bits and pieces and some of the other stuff this nasty D*mn program will Back to top #43 brooksbusa brooksbusa Newbie Members 1 posts Posted 10 June 2006 - 03:10 AM Thanks for the help on this dasterdly crap. or read our Welcome Guide to learn how to use this site.

In order to find out what entries are nasty and what are installed by the user, you need some background information.A logfile is not so easy to analyze. I tried running SpyBot S&D, (which found 115 problems by the way!!!!!) and Norton AV but to no avail. I'm not engaging in sock-puppetry here and you won't find 100 upvotes and comments about how helpful AssertNull is in answering questions and I won't be answering programming questions under this Pls pls somebody help me...

We do not give a personal support via PM The way to request help is to post a NEW TOPIC in the appropriate forum. I cannot close it (I cant even activate my task manager). I had the same infection yesterday.

and sorry for my English.

Close all (browser) windows & rescan with hijackthis. We do not give a personal support via PM The way to request help is to post a NEW TOPIC in the appropriate forum. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"Click Yes, then click Ok.Click Yes again when prompted with "Are you sure Here in the forums, replies are posted to topics only.

Thanks again. Please note that this is under the supervision of an expert analyst. Thanks very much for the links as well, so that I can look into it. http://hosting3.net/please-help/please-help-a-newbie-hijackthis-log.html Poker - http://download.games.yahoo.com/games/clients/y/pt1_x.cab O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab O16 - DPF: {12398DD6-40AA-4C40-A4EC-A42CFC0DE797} (Installer Class) - http://www.xxxtoolbar.com/ist/softwares/v4.0/0006_regular.cab O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab O16 - DPF:

I know I should do it regularly. Thank you for helping us maintain CNET's great community. but really, i dont know what to do... If a clean version is found, you will be prompted to replace wininet.dll.

Thanksm0le is a proud member of UNITE Back to top Back to Virus, Trojan, Spyware, and Malware Removal Logs 0 user(s) are reading this topic 0 members, 0 guests, 0 anonymous

 
 
 

© Copyright 2017 hosting3.net. All rights reserved.