Home > Hijackthis Log > Hijackthis Log For Suspected Keylogger

Hijackthis Log For Suspected Keylogger

Register now! button to save the scan results to your Desktop. Adobe Flash Player 10 Adobe Reader 8.1.6 Japanese Fonts Support For Adobe Reader 8 `````````````````````````````` Process Check: objlist.exe by Laurent Ad-Aware AAWService.exe Ad-Aware AAWTray.exe is disabled! ``````````````````````````````DNS Vulnerability Check: GREAT! (Not com/svs/rdr?TYPE=3&tp=iehome&locale=EN_GB&c=71&bd=Presario&pf=desktopR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft. have a peek here

Attached below are the MBAM log and HijackThis log, as requested in the FAQ. I have the 64-bit edition of Windows 7. After downloading the tool, disconnect from the internet and disable all antivirus protection. Advertisements do not imply our endorsement of that product or service.

Adam Smith Glasgow, 1760 Back to top #4 Oodles Oodles Member Full Member 2 posts Posted 03 December 2009 - 10:59 AM Security Check Results of screen317's Security Check version 0.99.1 LoginContact Search Members Ozzu Gallery Ozzu RSS Feeds FAQ The team As such, if your system is infected, any assistance we can offer is limited and there is no guarantee all types of infections can be completely removed.Please post the results of

Thread Status: Not open for further replies. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. Register now! HKEY_CLASSES_ROOT\Interface\{fe8a736f-4124-4d9c-b4b1-3b12381efabe} (Adware.PopCap) -> Quarantined and deleted successfully.

If TFC prompts you to reboot, please do so immediately. All trademarks are the property of their respective owners. Save it to your desktop.DDS.comDDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. Thank you!

Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra 'Tools' menuitem: Yahoo! WOW64 is the x86 emulator that allows 32-bit Windows-based applications to run on 64-bit Windows but x86 applications are re-directed to the x86 \syswow64 when seeking the x64 \system32. Save the file as gmer.log.Click the Copy button and paste the results into your next reply.Exit GMER and re-enable all active protection when done.-- If you encounter any problems, try running C:\WINDOWS\system32\silc.dat (Spyware.MarketScore) -> Quarantined and deleted successfully.

Our help, and the tools we use are always 100% free. You enjoy a clean, safe computer. I will truly appreciate your help. -------------------------------------------------------------------------------- Malwarebytes' Anti-Malware 1.41 Database version: 3264 Windows 5.1.2600 Service Pack 3 11/30/2009 6:46:56 PM mbam-log-2009-11-30 (18-46-56).txt Scan type: Full Scan (C:\|) Objects scanned: 182227 com/player/DivXBrowserPlugin.cabO16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully. http://softsystechnologies.com/hijackthis-log/hijackthis-log-keylogger.html Staff Online Now Cookiegal Administrator Macboatmaster Trusted Advisor Noyb Trusted Advisor Advertisement Tech Support Guy Home Forums > Security & Malware Removal > Virus & Other Malware Removal > Home Forums Place a check against each of the following, making sure you get them all and not any others by mistake:R3 - URLSearchHook: Yahoo! I changed the password and they must of found it out cause now I can't get on at all.

Everyone else please begin a New Topic. I have not yet logged into game so I can't confirm/deny that I actually do have a keylogger. To do this, right-click on the IE icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run As Administrator from the context menu.Click the green button.Read Check This Out No input is needed, the scan is running.Notepad will open with the results.Follow the instructions that pop up for posting the results.Close the program window, and delete the program from your

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff Are you looking for the solution to your computer problem? A case like this could easily cost hundreds of thousands of dollars.

Main Menu You are Here Ozzu Webmaster Forum Microsoft Windows ForumDo I have a keylogger?

Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra 'Tools' menuitem: Yahoo! This site is completely free -- paid for by advertisers and donations. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.If you have since resolved the original problem you Registry Values Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\WINDOWS\Downloaded Program Files\popcaploader.dll (Adware.PopCap) -> Quarantined and deleted successfully.

Vista/Windows 7 users need to run Internet Explorer as Administrator. com/binary/msgrchkr.cab56986.cabO16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai. Please note that your topic was not intentionally overlooked. this contact form No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know.

Files Infected: C:\WINDOWS\Downloaded Program Files\popcaploader.dll (Adware.PopCap) -> Quarantined and deleted successfully. regards, schrauber If I've not posted back within 48 hrs., feel free to send a PM with your topic link. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/popcaploader.dll (Adware.PopCap) -> Quarantined and deleted successfully. Loading...

Adam Smith Glasgow, 1760 Back to top Back to Resolved or inactive Malware Removal 1 user(s) are reading this topic 0 members, 1 guests, 0 anonymous users Reply to quoted postsClear C:\Program Files\RegistrySmart\Log\log_2007_01_22_13_47_14.eklog (Rogue.RegistrySmart) -> Quarantined and deleted successfully. Ozzu is a registered trademark of Unmelted, LLC. Push the button, then Finish.Copy and paste the contents of ESETScan.txt in your next reply.Note: A log.txt file will also be created and automatically saved in the C:\Program Files\EsetOnlineScanner\ folder.If you

RegisterWhy Register? HKEY_CLASSES_ROOT\Interface\{e4e3e0f8-cd30-4380-8ce9-b96904bdefca} (Adware.PopCap) -> Quarantined and deleted successfully. You may have to disable the real-time protection components of your existing anti-virus and try running the scan again. Register a free account to unlock additional features at BleepingComputer.com Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers.

Please perform the following scan:Download DDS by sUBs from one of the following links. Thank you!