Home > Hijackthis Log > HijackThis Log - Google Redirect Malware

HijackThis Log - Google Redirect Malware

C:\WINDOWS\system32\MPK\Help\English\invisible.htm (Refog.Keylogger) -> Quarantined and deleted successfully. Here is the post of my current hijack this log. NET State Service (aspnet_state) - Unknown owner - (no file)O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe (file missing)O23 - Service: AVG Security Toolbar The backup set includes a small executable that will launch the registry restore if needed. have a peek here

C:\WINDOWS\system32\MPK\unins000.exe (Refog.Keylogger) -> Quarantined and deleted successfully. Messenger" = Yahoo! Updater (YahooAUService) - Yahoo! grinch2171 Moderator Posts: 6819Loc: Martinsburg, WV 3+ Months Ago demonmaestro wrote:wtf - to me this looks like malware.O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttrayMalwareBytes is an actual scanner

Yet still, getting redirected if I'm not opening a new tab. HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2 (Adware.PopCap) -> Quarantined and deleted successfully. GooredFix v1.92 by jpshortstuff Log created at 12:51 on 16/04/2009 running Option #1 (Mike) Firefox version 3.0.8 (en-US) =====Suspect Goored Entries===== =====Dumping Registry Values===== [HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox 3.0.8\extensions] "Plugins"="C:\Program Files\Mozilla Firefox\plugins" [HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Zinaps2008\Uninstall Zinaps Anti-Spyware 2008.lnk (Rogue.Zinaps) -> Quarantined and deleted successfully.

Recovery Console - Recent trends appear to indicate that future infections will include attacks to the boot sector of the computer. Sign In Create Account Body Background skin color theme reset What the Tech Search Advanced Search section: Google This topic Forums Members Help Files Downloads Unreplied Topics View New Content C:\Documents and Settings\All Users\Application Data\MPK\CPDM (Refog.Keylogger) -> Quarantined and deleted successfully. OTListIt.Txt and Extras.Txt.

C:\WINDOWS\system32\MPK\Help\English\clipboard.htm (Refog.Keylogger) -> Quarantined and deleted successfully. Jump to content Sign In Create Account Search Advanced Search section: This topic Forums Members Help Files Calendar View New Content Forum Rules BleepingComputer.com Forums Members Tutorials Startup List Step #1 Please download GooredFix from one of the locations below and save it to your Desktop Download Mirror #1 Download Mirror #2 Double-click GooredFix.exe to run it. Check out the forums and get free advice from the experts.

Companion" = Yahoo! HKEY_CLASSES_ROOT\Typelib\{58696980-c6b3-4ad2-ab53-718f1c3c57ca} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{a93a1ba9-9ee8-469f-a9fe-fd1c26700bda} (Trojan.BHO) -> Quarantined and deleted successfully. Please re-enable javascript to access full functionality.

The results themselves seem to show up as they should when I run a search, I just can't get to where I should. Format your PC would be my suggestion. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".Click on this link to see a list of programs that should be disabled. C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Zinaps2008\Zinaps Anti-Spyware 2008.lnk (Rogue.Zinaps) -> Quarantined and deleted successfully.

Register to remove all ads. navigate here net - C:\Windows\system32\libusbd-nt.exeO23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exeO23 - Service: MediaMall Server - MediaMall Technologies, Inc. - C:\Program Files (x86)\MediaMall\MediaMallServer.exeO23 - Service: @comres.dll,-2797 (MSDTC) - The scan may take some time to finish,so please be patient.When the scan is complete, click OK, then Show Results to view the results.Make sure that everything is checked, and click The specified domain either does not exist or could not be contacted.

Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site. Several functions may not work. C:\WINDOWS\system32\MPK\Help\Spanish\users_node.htm (Refog.Keylogger) -> Quarantined and deleted successfully. Check This Out Turn off System Restore and scan again (Windows only) System Restore is a Windows backup feature; it periodically backs up files on your computer in case you need to revert to

C:\WINDOWS\system32\MPK\Help\Spanish\internet.htm (Refog.Keylogger) -> Quarantined and deleted successfully. Here's how it works. ERUNT (Emergency Recovery Utility NT) allows you to keep a complete backup of your registry and restore it when needed.

Member site: UNITE Against Malware Board index Powered by phpBB Forum Software © phpBB Group Style designed by Artodia.

HKEY_CLASSES_ROOT\CLSID\{a1789eb6-b263-4bd6-8830-d3daaf78949a} (Trojan.BHO) -> Quarantined and deleted successfully. Create Account How it Works Javascript Disabled Detected You currently have javascript disabled. Messenger (Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: &Yahoo!

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread. It is. C:\Documents and Settings\All Users\Application Data\MPK\3\D0000 (Refog.Keylogger) -> Quarantined and deleted successfully. this contact form Double-click System.

Group Policy processing aborted. If you are asked to reboot the machine choose Yes. HKEY_CLASSES_ROOT\AppID\AleWinSecure.exe (Trojan.Agent) -> Quarantined and deleted successfully.