Home > Hijackthis Log > Hijackthis Log For Stealthy Spam Proxy

Hijackthis Log For Stealthy Spam Proxy

Action Taken: No Action Taken.Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".mys". I wish I felt better about the computer than I do though. Even for an advanced computer user. When finished, it shall produce a log for you. have a peek here

My computer does not have this folder. bricat View Public Profile Send a private message to bricat Find all posts by bricat #5 20-01-10, 19:00 BobA1 Familiar face Join Date: Apr 2008 Location: Hull Posts: ComboFix 10-01-19.08 - Bob 20/01/2010 18:26:58.1.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.895.373 [GMT 0:00] Running from: c:\users\Bob\Desktop\ComboFix.exe SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . Close any open browsers.

Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! I don't see any signs of viruses or malware in the log. Go back to the Edit menu and this time select the Copy.

Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O1 - Hosts: ::1 localhost O2 - BHO: Yahoo! Disable the Remote Assistance ( does make for better security) Uncheck the LMHosts (file is probably not needed anyways). I'm on my way to work, so I haven't had time to try the suggestions in your previous message, (although I've already ran some of the programs, and my computer hangs Action Taken: No Action Taken.Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".mpga".

I was merely showing the attempts made to find and contact this server. Thanks for your help!Logfile of Trend Micro HijackThis v2.0.2Scan saved at 6:28:30 PM, on 10/2/2009Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\Apple\Mobile Device When I went to save the file it was ready to save it in system32 folder. Book your tickets now and visit Synology.

Older versions may contain security risks. Double click on combofix.exe & follow the prompts.Note: If you receive a popup with a Disclaimer, read that and answer Y for yes (or N for no)Y is recommended (if you Any proprietory software from the Internet Provider installed on the PC that needs to be contacted by your Provider? Make sure the full time guard of the resident antivirus is disabled, when doing the online scans.

Save it to your desktop. Action Taken: No Action Taken.Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\System32\iuctl.dll". The online scanners often get very busy and the servers overloaded, which is why we give several to choose from - if one won't work, try another.Programs can change, especially right Action Taken: No Action Taken.Entry "HKCR\Photoshop.Application.6" refers to invalid object "{6DECC242-87EF-11cf-86B4-444553540000} ".

The recommended scans came clean. http://softsystechnologies.com/hijackthis-log/hijackthis-log-help-me-please.html After cleaning it up the McAfee warning window came up two more times stating that it was trying to open. Logfile of Trend Micro HijackThis v2.0.2Scan saved at 5:54:57 PM, on 9/17/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\S24EvMon.exeC:\WINDOWS\system32\WLKeeper.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeC:\Program How ever the ZA did the job well, I think.

Type tasklist /svc /fi "imagename eq svchost.exe" and press the enter key (use the quotation marks and all). It maybe complicated the first few times, but after that it is easy. It started to scan and stated the time left. Check This Out I originally downloaded the 15 day trial, but I was not sure how well that worked and I since uninstalled.The eTrust came back with nothing found.The Trend Micro test did not

Take care, Oldsod BTW Have you contacted the Provider about theses connection attempts? Has not happened for a day or two now. · actions · 2007-Jan-14 10:32 pm · (locked) ken5 ken5 Member 2007-Jan-16 8:28 am Re: [unknown] hjt log - sent spam mailDid You could even download the latest drivers and save them to a media disk or USB.

Action Taken: No Action Taken.Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".mp1".

Click OK afterwards. TANSTAAFL!!I am not a Comcast employee, I am a paying customer just like you!I am an XFINITY Forum Expert and I am here to help. Let us know if anything is found. Action Taken: No Action Taken.Entry "HKCR\Alg.AlgSetup" refers to invalid object "{27D0BCCC-344D-4287-AF37-0C72C161C14C}".

Comcast Customer service couldn't help to identify the specific cause, other than it apparently was not a case of an individual reporting receiving spam from me. THANK YOU oldsodFebruary 1st, 2007, 06:18 AMMy mistake- those are the same things. Post that log in your next reply · actions · 2007-Jan-23 7:30 am · (locked) ken5join:2003-08-20Princeton Junction, NJ

ken5 Member 2007-Jan-26 4:13 pm Hi CalamityJane,Sorry it took a day to get this contact form Database Statistics Bad Entries: 190,982 Unnecessary: 119,579 Good Entries: 147,839

From Twitter Follow Us Get in touch [email protected] Contact Form HiJackThisCo RSS Twitter Facebook LinkedIn © 2011 Activity Labs.

Then left click the icon in the upper left corner left of the name Command Prompt and select the Edit and select the Select All. We have run Malawarebyte and it has found a rootkit which it says it has deleted - it quotes Kubhrn.sys as the root Kit We need the computer for the wifes If you are using Windows XP's Category View, select the Network and Internet Connections category otherwise double click on Network Connections. The command netstat -ano shows all remote addreses, local addresses, ports used and the actual PID of the process.

Action Taken: No Action Taken.Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB826939". If not do so and save either them to media disks or a seperate USB drive or USB flash drive. i saw an earlier post where a user was terminated for spam, so i also am wary of perhaps someone else using my account? 0 Kudos 8 REPLIES Posted by CajunTek