Home > Hijackthis Log > Hijackthis Log: Dollarrevenue Hijack

Hijackthis Log: Dollarrevenue Hijack

BLEEPINGCOMPUTER NEEDS YOUR HELP! I used Google to find DollarRevenue hijack, and came across you site. I'm sure that will speed up my computer.Here is the latest Hijack This log from my computerLogfile of Trend Micro HijackThis v2.0.2Scan saved at 6:14:51 PM, on 8/16/2007Platform: Windows XP SP2 The time now is 12:17 AM. http://softsystechnologies.com/hijackthis-log/hijackthis-log-link-hijack-both-ie-and-ff.html

Back to top Back to Resolved or inactive Malware Removal 2 user(s) are reading this topic 0 members, 2 guests, 0 anonymous users Reply to quoted postsClear SpywareInfo Forum → I also uninstalled the Firefox extension that used it.Downloaded and ran ATF Cleaner. I'm surprised to find out that Free Download Manager is a problem program. and that is the reason why you are now infected, because, when your windows was up to date, the securitypatches could prevent this.So, what I want you to do right now

This applies only to the original topic starter. I notice from your log that you have running two different firewalls (Norton AntiVirus Firewall and ZoneAlarm) with Auto-protect enabled. Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll O2 - BHO: &Yahoo! This is only a short scan.Once the short scan has finished, mark the drives that you want to scan.Select all drives.

Thanks for your patience. Forum New Posts FAQ Forum Actions Mark Forums Read Quick Links Today's Posts View Site Leaders What's New? Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quietO4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exeO4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')O4 - Then please restart your computer.3) Also there is one item to remove in HijackThis.

Panda Software found some Xupiter(spelling?) Internet Explorer links, which I deleted.When I ran Stinger from McAffee, my computer restarted. Please re-enable javascript to access full functionality. A red dot shows which drives have been chosen.Click the green arrow at the right, and the scan will start.Click 'Yes to all' if it asks if you want to cure/move I ran a HijackThis scan, and a RootkitRevealer scan as well, both of which I am posting.I would really appreciate whatever help you can give me figuring this out.Thanks!WindCity99HijackThis LogLogfile of

Norton did not find any viruses, Spybot found no viruses, A-Squared removed spyware (Blubster and Radlight), and Spybot did not indicate viruses or worms. I canT sTart my hijack THIs ![CLOSED] Started by adidas_4040 , May 28 2006 11:14 PM This topic is locked #1 adidas_4040 Posted 28 May 2006 - 11:14 PM adidas_4040 New Bingo - http://download.game...nts/y/xt0_x.cabO16 - DPF: Yahoo! Staff Online Now Cookiegal Administrator Macboatmaster Trusted Advisor Noyb Trusted Advisor Advertisement Tech Support Guy Home Forums > Security & Malware Removal > Virus & Other Malware Removal > Home Forums

This is very serious problem for me as I have alot of information in my comp that important to my work. IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\Common\yiesrvc.dllO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dllO2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dllO2 - BHO: Google Toolbar Notifier To learn more and to read the lawsuit, click here. Sign In Use Facebook Use Twitter Use Windows Live Register now!

Reply With Quote August 24th, 2007,11:01 AM #2 SirDice View Profile View Forum Posts Just Another Geek Join Date Jul 2002 Location Rotterdam, Netherlands Posts 3,401 At quick glance, these: O15 navigate here it wasnt on my computer to begin with it was one of my friends who isnt very computer savy asked me to do it 4 them and i already took off Jump to content FacebookTwitter Geeks to Go Forum Security Virus, Spyware, Malware Removal Welcome to Geeks to Go - Register now for FREE Geeks To Go is a helpful hub, where Tech Support Guy is completely free -- paid for by advertisers and donations.

You may have to register before you can post: click the register link above to proceed. Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dllO2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dllO2 - BHO: IEToolbarBHO Class - {1A1DAC8C-074D-440F-8707-7009A672D7D1} - C:\Program Files\LinkedIn\IE Toolbar\2.1.0.1019\LinkedInIEToolbar.dllO2 - Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dllO2 - BHO: Yahoo! Check This Out Username or email: I've forgotten my password Forum Password Remember me This is not recommended for shared computers Sign in anonymously Don't add me to the active users list Community Forum

CONTRIBUTE TO OUR LEGAL DEFENSE All unused funds will be donated to the Electronic Frontier Foundation (EFF). Advanced Search Forum Security Discussions Spyware / Adware HiJack this Log If this is your first visit, be sure to check out the FAQ by clicking the link above. Uncheck the box on the right that says 'Run at Windows Startup'3.

At this point I downloaded Spyware Doctor from Google tools, which removed bad links from Internet Explorer, viruses, and other malware.

With the help of this automatic analyzer you are able to get some additional support. IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\Common\yiesrvc.dllO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dllO2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dllO2 - BHO: Google Toolbar Notifier To start viewing messages, select the forum that you want to visit from the selection below. Back to top #3 WindyCity99 WindyCity99 Topic Starter Members 4 posts OFFLINE Local time:06:17 PM Posted 13 August 2007 - 05:02 PM Hello Falu,I am still having trouble with this

Style Default Style Contact Us Help Home Top RSS Terms and Rules Copyright © TechGuy, Inc. My help is free, but if you wish to help keep these forums running please consider a donation, see this topic for details. Register now! this contact form I'm having a real problem with my computer.

BUt it seems that the server is down cuz i can access the website. Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dllO3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dllO4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exeO4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exeO4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"O4 Inc. - C:\WINDOWS\system32\YPCSER~1.EXE--End of file - 21433 bytesRootkit Revealer LogHKU\.DEFAULT\RemoteAccess\InternetProfile 2/1/2007 1:43 PM 25 bytes Data mismatch between Windows API and raw hive data.HKU\S-1-5-18\RemoteAccess\InternetProfile 2/1/2007 1:43 PM 25 bytes Data mismatch Remember that your system is extremely vulnerable without the necessary security patches/updates, so malware can get installed automatically while surfing without any problems...

Please start a New Thread if you're having a similar issue.View our Welcome Guide to learn how to use this site. Secondly as SirDice stated, strongly suggest you update to SP2 Also you don't need to be running two Anti-Virus programs (McAfee and AVG), take one offline (or disable realtime scanning) and My computer is slow!---My Blog---Follow me on Twitter. It found no infections.Ran A-Squared Free with the latest updates.

Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 This site is completely free -- paid for by advertisers and donations. When I checked the log in Peerguardian2, I see a message that it is blocking a connection going to Inktomi Corporation, sexybabesx.com/dollarrevenue hijack, from my ip to 68.142.229.13:110. KKincaid33 replied Jan 24, 2017 at 6:10 PM internal hard drives johnnyquest replied Jan 24, 2017 at 6:09 PM A-Z Animals dotty999 replied Jan 24, 2017 at 6:01 PM Looking for

PC Registered user # 2,336,789,457... "When the water reaches the upper level, follow the rats." Claude Swanson Reply With Quote August 24th, 2007,06:32 PM #4 nihil View Profile View Forum Posts Older versions have vulnerabilities that malware can use to infect your system. Inc. - C:\WINDOWS\system32\YPCSER~1.EXE--End of file - 21451 bytesThanks for the help! When your log is clean, you can enable them again: I will let you know.> Teatimer* Run Spybot S&D, go to the Mode menu and select Advanced Mode;* On the left

Results 1 to 8 of 8 Thread: HiJack this Log Tweet Thread Tools Show Printable Version Subscribe to this Thread… Display Linear Mode Switch to Hybrid Mode Switch to Threaded Mode It found no infections.Ran Spybot Search and Destroy with the latest updates. Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dllO2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dllO2 - BHO: IEToolbarBHO Class - {1A1DAC8C-074D-440F-8707-7009A672D7D1} - C:\Program Files\LinkedIn\IE Toolbar\2.1.0.1019\LinkedInIEToolbar.dllO2 -