Home > Hijackthis Log > Hijackthis Log File For About:blank Trouble

Hijackthis Log File For About:blank Trouble

TYPE : 120 WIN32_SHARE_PROCESS INTERACTIVE_PROCESS START_TYPE : 2 AUTO_START ERROR_CONTROL : 0 IGNORE BINARY_PATH_NAME : C:\WINDOWS\System32\svchost.exe -k netsvcs LOAD_ORDER_GROUP : TAG : 0 DISPLAY_NAME : Secondary Logon DEPENDENCIES : SERVICE_START_NAME: LocalSystem TYPE : 10 WIN32_OWN_PROCESS START_TYPE : 3 DEMAND_START ERROR_CONTROL : 1 NORMAL BINARY_PATH_NAME : C:\WINDOWS\System32\imapi.exe LOAD_ORDER_GROUP : TAG : 0 DISPLAY_NAME : IMAPI CD-Burning COM Service DEPENDENCIES : SERVICE_START_NAME: LocalSystem SERVICE_NAME: I still have problems with starting up in safe mode, though, but obviously that has another reason.... *heads to appropriate section of forum* Thanks! CONTRIBUTE TO OUR LEGAL DEFENSE All unused funds will be donated to the Electronic Frontier Foundation (EFF). have a peek here

ID: 2   Posted November 29, 2005 Hello rocksteady and Welcome! Then press the OK button. Download http://www.downloads.subratam.org/DllCompare.exe Run Dllcompare, by clicking the "Run Locate.com" then click Compare button... TYPE : 10 WIN32_OWN_PROCESS START_TYPE : 3 DEMAND_START ERROR_CONTROL : 1 NORMAL BINARY_PATH_NAME : C:\WINDOWS\system32\clipsrv.exe LOAD_ORDER_GROUP : TAG : 0 DISPLAY_NAME : ClipBook DEPENDENCIES : NetDDE SERVICE_START_NAME: LocalSystem SERVICE_NAME: COMSysApp Manages

For instructions click hereGet into Safe Mode using the F8 Key on your keyboard:1.) Locate the F8 key on your keyboard and then reboot your PC. (Start, Shutdown, Restart)2.) As soon If You are getting an error when updating, please let me know first before you proceed with the next steps.* Download and install CCleanerDo not use it yet.* Download CWShredder. Please follow these instructions:1.) To run the eScan Antivirus Toolkit program, look for a file called mwavscan.com inside the C:\Kaspersky folder. 2.) Double-click on the mwavscan.com file; this will open the

TYPE : 20 WIN32_SHARE_PROCESS START_TYPE : 2 AUTO_START ERROR_CONTROL : 1 NORMAL BINARY_PATH_NAME : C:\WINDOWS\system32\svchost.exe -k netsvcs LOAD_ORDER_GROUP : TAG : 0 DISPLAY_NAME : Cryptographic Services DEPENDENCIES : RpcSs SERVICE_START_NAME: LocalSystem Using Windows Explorer, open the FindnFix folder (I think it will be in "C:\FINDnFIX") and double click on !LOG!.bat. TYPE : 20 WIN32_SHARE_PROCESS START_TYPE : 2 AUTO_START ERROR_CONTROL : 1 NORMAL BINARY_PATH_NAME : C:\WINDOWS\System32\svchost.exe -k NetworkService LOAD_ORDER_GROUP : TDI TAG : 0 DISPLAY_NAME : DNS Client DEPENDENCIES : Tcpip SERVICE_START_NAME: If this service is stopped, software-based volume shadow copies cannot be managed.

Register a free account to unlock additional features at BleepingComputer.com Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. TYPE : 20 WIN32_SHARE_PROCESS START_TYPE : 2 AUTO_START ERROR_CONTROL : 1 NORMAL BINARY_PATH_NAME : C:\WINDOWS\System32\svchost.exe -k netsvcs LOAD_ORDER_GROUP : TAG : 0 DISPLAY_NAME : Computer Browser DEPENDENCIES : LanmanWorkstation : LanmanServer TYPE : 20 WIN32_SHARE_PROCESS START_TYPE : 3 DEMAND_START ERROR_CONTROL : 1 NORMAL BINARY_PATH_NAME : C:\WINDOWS\System32\cisvc.exe LOAD_ORDER_GROUP : TAG : 0 DISPLAY_NAME : Indexing Service DEPENDENCIES : RPCSS SERVICE_START_NAME: LocalSystem SERVICE_NAME: ClipSrv Sign Up This Topic All Content This Topic This Forum Advanced Search Browse Forums Guidelines Staff Online Users Members More Activity All Activity My Activity Streams Unread Content Content I Started

here is my hijack this log file: ------------ Logfile of HijackThis v1.97.7 Scan saved at 5:53:18 PM, on 11/4/2004 Platform: Windows ME (Win9x 4.90.3000) MSIE: Internet Explorer v5.50 (5.50.4134.0100) Running processes: This may be a factor. To learn more and to read the lawsuit, click here. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Help?Logfile of HijackThis v1.99.1Scan saved at 4:34:45 PM, on 4/13/2005Platform: Windows ME (Win9x 4.90.3000)MSIE: Internet Explorer v5.50 (5.50.4134.0100)Running processes:C:\WINDOWS.000\SYSTEM\KERNEL32.DLLC:\WINDOWS.000\SYSTEM\MSGSRV32.EXEC:\WINDOWS.000\SYSTEM\mmtask.tskC:\WINDOWS.000\SYSTEM\MPREXE.EXEC:\PROGRAM FILES\NORTON UTILITIES\NPROTECT.EXEC:\WINDOWS.000\EXPLORER.EXEC:\WINDOWS.000\TASKMON.EXEC:\WINDOWS.000\SYSTEM\SYSTRAY.EXEC:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXEC:\WINDOWS.000\SYSTEM\WMIEXE.EXEC:\WINDOWS.000\LOADQM.EXEC:\WINDOWS.000\RUNDLL32.EXEC:\PROGRAM FILES\MSN APPS\UPDATER\01.02.3000.1001\NL\MSNAPPAU.EXEC:\PROGRAM FILES\INTERMUTE\SPYSUBTRACT\SPYSUB.EXEC:\WINDOWS.000\SYSTEM\PSTORES.EXEC:\WINDOWS.000\SYSTEM\STIMON.EXEC:\WINDOWS.000\SYSTEM\DDHELP.EXEC:\WINDOWS.000\TEMP\ICD2.TMP\JINSTALL.EXEC:\WINDOWS.000\TEMP\JINSTALLER142.EXEC:\PROGRAM FILES\HIJACKTHIS\HIJACKTHIS.EXER1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar TYPE : 20 WIN32_SHARE_PROCESS START_TYPE : 3 DEMAND_START ERROR_CONTROL : 1 NORMAL BINARY_PATH_NAME : C:\WINDOWS\System32\svchost.exe -k LocalService LOAD_ORDER_GROUP : TAG : 0 DISPLAY_NAME : SSDP Discovery Service DEPENDENCIES : SERVICE_START_NAME: NT Please make sure that you can view all hidden files. Reboot your computer into Safe Mode and follow these steps: Step 1: Click on start, then control panel, then administrative programs, then services.

TYPE : 20 WIN32_SHARE_PROCESS START_TYPE : 2 AUTO_START ERROR_CONTROL : 1 NORMAL BINARY_PATH_NAME : C:\WINDOWS\System32\svchost.exe -k LocalService LOAD_ORDER_GROUP : TDI TAG : 0 DISPLAY_NAME : TCP/IP NetBIOS Helper DEPENDENCIES : NetBT navigate here Please do the following:Please make sure that you can view all hidden files. Download FindnFix.exe. 2. It's a trace of the spyware that reset your home page.

Remove the old version by deleting the file manually. TYPE : 20 WIN32_SHARE_PROCESS START_TYPE : 3 DEMAND_START ERROR_CONTROL : 1 NORMAL BINARY_PATH_NAME : C:\WINDOWS\System32\svchost.exe -k netsvcs LOAD_ORDER_GROUP : TAG : 0 DISPLAY_NAME : Windows Management Instrumentation Driver Extensions DEPENDENCIES : If we have ever helped you in the past, please consider helping us. http://softsystechnologies.com/hijackthis-log/hijackthis-log-xp-has-trouble-shutting-down.html Advertisement traderjjohn Thread Starter Joined: Apr 5, 2005 Messages: 36 I need serious help with my business partners computer.

Finance MarketTracker - http://finance.yahoo.com/jmt/mt.cab O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab O16 - DPF: {0837121A-6472-43BD-8A40-D9221FF1C4CE} - http://download.sidestep.com/get/k00726/sb028.cab O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - My computer is slow---My Blog---Follow me on Twitter.My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!Asking for help Preferred is a zip file with the log in it, instead of posted text, as posted text will require several posts.

We may have to try a number of things.

TYPE : 120 WIN32_SHARE_PROCESS INTERACTIVE_PROCESS START_TYPE : 3 DEMAND_START ERROR_CONTROL : 1 NORMAL BINARY_PATH_NAME : C:\WINDOWS\System32\msiexec.exe /V LOAD_ORDER_GROUP : TAG : 0 DISPLAY_NAME : Windows Installer DEPENDENCIES : RpcSs SERVICE_START_NAME: LocalSystem TYPE : 120 WIN32_SHARE_PROCESS INTERACTIVE_PROCESS START_TYPE : 2 AUTO_START ERROR_CONTROL : 1 NORMAL BINARY_PATH_NAME : C:\WINDOWS\system32\lsass.exe LOAD_ORDER_GROUP : TAG : 0 DISPLAY_NAME : Protected Storage DEPENDENCIES : RpcSs SERVICE_START_NAME: LocalSystem SERVICE_NAME: TYPE : 20 WIN32_SHARE_PROCESS START_TYPE : 3 DEMAND_START ERROR_CONTROL : 1 NORMAL BINARY_PATH_NAME : C:\WINDOWS\System32\svchost.exe -k imgsvc LOAD_ORDER_GROUP : TAG : 0 DISPLAY_NAME : Windows Image Acquisition (WIA) DEPENDENCIES : RpcSs I know this is common.

If this service is stopped, these tasks will not be run at their scheduled times. If this service is stopped, protected content might not be down loaded to the device. TYPE : 20 WIN32_SHARE_PROCESS START_TYPE : 3 DEMAND_START ERROR_CONTROL : 1 NORMAL BINARY_PATH_NAME : C:\WINDOWS\System32\svchost.exe -k netsvcs LOAD_ORDER_GROUP : TAG : 0 DISPLAY_NAME : Remote Access Auto Connection Manager DEPENDENCIES : http://softsystechnologies.com/hijackthis-log/hijackthis-log-multiple-viruses-and-trouble-with-gmer.html TYPE : 20 WIN32_SHARE_PROCESS START_TYPE : 2 AUTO_START ERROR_CONTROL : 1 NORMAL BINARY_PATH_NAME : C:\WINDOWS\system32\svchost.exe -k netsvcs LOAD_ORDER_GROUP : TAG : 0 DISPLAY_NAME : Distributed Link Tracking Client DEPENDENCIES : RpcSs

TYPE : 20 WIN32_SHARE_PROCESS START_TYPE : 2 AUTO_START ERROR_CONTROL : 1 NORMAL BINARY_PATH_NAME : C:\WINDOWS\System32\svchost.exe -k netsvcs LOAD_ORDER_GROUP : TAG : 0 DISPLAY_NAME : Server DEPENDENCIES : SERVICE_START_NAME: LocalSystem SERVICE_NAME: lanmanworkstation TYPE : 20 WIN32_SHARE_PROCESS START_TYPE : 3 DEMAND_START ERROR_CONTROL : 1 NORMAL BINARY_PATH_NAME : C:\WINDOWS\System32\svchost.exe -k netsvcs LOAD_ORDER_GROUP : TAG : 0 DISPLAY_NAME : Background Intelligent Transfer Service DEPENDENCIES : Rpcss Download CWShredder v1.59.1. Click OK, Update, Check For Update and download the updates if present.

If this service is stopped, the registry can be modified only by users on this computer. CONTRIBUTE TO OUR LEGAL DEFENSE All unused funds will be donated to the Electronic Frontier Foundation (EFF). TYPE : 20 WIN32_SHARE_PROCESS START_TYPE : 3 DEMAND_START ERROR_CONTROL : 1 NORMAL BINARY_PATH_NAME : C:\WINDOWS\System32\svchost.exe -k netsvcs LOAD_ORDER_GROUP : TAG : 0 DISPLAY_NAME : Remote Access Connection Manager DEPENDENCIES : Tapisrv If this service is stopped, these connections will be unavailable.

TYPE : 20 WIN32_SHARE_PROCESS START_TYPE : 2 AUTO_START ERROR_CONTROL : 1 NORMAL BINARY_PATH_NAME : C:\WINDOWS\System32\svchost.exe -k netsvcs LOAD_ORDER_GROUP : UIGroup TAG : 0 DISPLAY_NAME : Themes DEPENDENCIES : SERVICE_START_NAME: LocalSystem FAIL_RESET_PERIOD Total of file sizes: 235,479,440 bytes 224.57 M Administrator Account = True --------------------End log--------------------- Hijack this log: Logfile of HijackThis v1.99.0 Scan saved at 10:33:30 PM, on 12/21/2004 Platform: Windows XP Back to top #5 Dahabibi Dahabibi Topic Starter Members 6 posts OFFLINE Local time:06:03 PM Posted 14 April 2005 - 03:31 PM After fixing the 4 files in HijackThis, IE Instructions on how to do this can be found here: How to see hidden files in Windows Please download About:Buster from here: http://tools.zerosrealm.com/AboutBuster.zip Once it is downloaded extract it to c:\aboutbuster.

If this service is disabled, any services that explicitly depend on it will fail to start. If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members. Now please copy and paste the contents of report.txt and the silent runners log here in this thread for review. AntispywareScanners---Antivirus Scanners---Firewalls---Online Scanners---Prevention---Help!

No, create an account now. Tech Support Guy is completely free -- paid for by advertisers and donations. If this service is disabled, any services that explicitly depend on it will fail to start. Reboot when done.

Back to top Back to Virus, Trojan, Spyware, and Malware Removal Logs 1 user(s) are reading this topic 0 members, 1 guests, 0 anonymous users Reply to quoted postsClear BleepingComputer.com The www ---.com you can put whatever page you want.