Home > Hijackthis Log > Hijackthis Log Reassurance Please

Hijackthis Log Reassurance Please

Please re-enable javascript to access full functionality. I have never had a need to format a computer in all the years that I have had one but, to me, it sounds like a drastic move to remove malware All the best! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dllO4 - HKLM\..\Run: [LTWinModem1] ltmsg.exe 9O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exeO4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exeO4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common have a peek here

Please be patient while it scans your computer. After the scan is complete a summary box will appear. Started by hi007, Nov 26 2006 06:40 PM This topic is locked 15 replies to this topic #1 hi007 hi007 Member Full Member 16 posts Posted 26 November 2006 - 06:40 I can see by the name of the path that it lies in a folder named Trusteer. Klogini.dll is not a valid windows image..check your instalation diskette.

This applies only to the original topic starter.Everyone else please begin a New Topic. Though I'm not certain that's true, the above findings DO convince me that questionable business is going on.I also looked at the Device Manager and at the Non-Plug and Play Drivers We apologize for the delay; our helpers have been very busy.If you have not received help after 3 days, please CLICK HERE, and post a link to your log and the Please Help!

I have run the latest updates of AntiVir, Spy bot and AdAware. I am still getting the syptoms of this virus (screen blanking out saying windows has to shut down to prevent damage).Any other suggestions on how to get rid of this short All my above mentioned programs and Windows updates are up to date.Also i have run a full computer scan with Kaspersky online scanner version and no virus, infection or suspicion Well, what more can i say and we do i mean we have gone as far as i road could get and beyond!

The help file may help you change the permission on the norton keys.Before you do make sure you have a good restore point and backup the registry.Your call. Several functions may not work. Now you have C:\HJT\ or C:\HijackThis\ folder. Even in safe mode the comp is rebooting...i have it on break so it stops when it gets to the message thing bout needing to close.I ran spybot again and it

More info on Trusteer Rapport can be found at this link. Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dllO2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dllO2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO2 - BHO: PCTools Site Guard - Register now! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dllO4 - HKLM\..\Run: [LTWinModem1] ltmsg.exe 9O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exeO4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exeO4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common

My scan list does show fewer registry issues now so i guess it does work! That's me.You can download this tool.http://www.resplendence.com/regliteWhen running on Windows XP,2000 or NT, all security features are supported by offering editors which allow you to set registry key permissions, auditing and ownership.I Also, please don't forget to resume the Kaspersky that you paused. Wonder what made me install Norton in the first place!

Even for an advanced computer user. navigate here So I'm guessing ComboFix found all the stuff, whereas Kaspersky was only finding a few files that were created by the root cause of the issue, as opposed to being the BTW i was reading an interesting article on regedit and i know what you are saying OH NO not again!!!??? Sign Up All Content All Content Advanced Search Browse Forums Guidelines Staff Online Users Members More Activity All Activity My Activity Streams Unread Content Content I Started Search More Malwarebytes.com Malwarebytes

Service & Support HijackThis.de Supportforum Deutsch | English Forospyware.com (Spanish) www.forospyware.com Malwarecrypt.com www.malwarecrypt.com Computerhilfen www.computerhilfen.com Log file Show the visitors ratings © 2004 - 2017 Logfile of HijackThis v1.99.1Scan saved at 2:31:47 AM, on 11/27/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.5730.0011)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Intel\Wireless\Bin\EvtEng.exeC:\Program Files\Intel\Wireless\Bin\S24EvMon.exeC:\Program Files\Intel\Wireless\Bin\WLKeeper.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\ZoneLabs\vsmon.exeC:\WINDOWS\system32\spoolsv.exeC:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exeC:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exeC:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exeC:\Program Files\Dell\QuickSet\NICCONFIGSVC.exeC:\Program Files\Intel\Wireless\Bin\RegSrvc.exeC:\WINDOWS\system32\hkcmd.exeC:\WINDOWS\system32\igfxpers.exeC:\WINDOWS\system32\igfxsrvc.exeC:\WINDOWS\stsystra.exeC:\Program Files\Intel\Wireless\bin\ZCfgSvc.exeC:\Program Files\Intel\Wireless\Bin\ifrmewrk.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\WINDOWS\system32\rundll32.exeC:\Program Files\Common Here's the ComboFix log:Click to view attachmentWhich even to my fairly untrained eye seems to explain the problem - those 2 things weren't the only issue. Check This Out Looks like a loooooooong wait ahead doesn't it?

Register now! I wonder why they cant be removed!? Please let me know if there is any problem with my system.

I'm pasting the HijackThis log with the Startup list generated today.

Site Changelog Community Forum Software by IP.Board Sign In Use Facebook Use Twitter Need an account? Due to a few misunderstandings, I just want to make it clear that this site provides only an online analysis, and not HijackThis the program. Click Start, Programs, Windows Defender Click on Tools, General Settings. Please re-enable javascript to access full functionality.

Possible infection - please help Started by Swooshman , Feb 16 2008 03:49 PM Please log in to reply No replies to this topic #1 Swooshman Swooshman Newbie Members 2 posts Disruptive posting: Flaming or offending other usersIllegal activities: Promote cracked software, or other illegal contentOffensive: Sexually explicit or offensive languageSpam: Advertisements or commercial links Submit report Cancel report Track this discussion Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended. this contact form Select the Privacy Tab of the Internet Options menu.4.

So I clicked it, and although it looked different from the get go it wasn't actually - it really did just find the same stuff, just in a different wrapper, basically. Open Microsoft Windows Defender. Save the file to your desktop.Now, please make sure no other programs are running, close all other windows and pause Kaspersky (Choose the option "resume manually" if still active) until after If you accept cookies from this site, you will only be shown this dialog once!You can press escape or click on the X to close this box.

Thank you for helping us maintain CNET's great community. Discussions cover how to detect, fix, and remove viruses, spyware, adware, malware, and other vulnerabilities on Windows, Mac OS X, and Linux.Real-Time ActivityMy Tracked DiscussionsFAQsPoliciesModerators General discussion Haxdoor by stu_e / Copy and paste the content of 'hijackthis.log' and post it at one of these forums. And I got a green light on my Kaspersky window, whereas it'd been red before, which was very reassuring.I then ran another full scan again since that one found so many

Thanks also for quick response, and for the software!!!! Please try again now or at a later time. There is this way it elaborates that if certain junk registry keys dont go with your normal regedit delete command then after making the prerequisite backups, system restore or ERUNT you Director I/T Members 4,310 posts OFFLINE Local time:06:16 PM Posted 11 January 2007 - 04:32 PM Looks good, but I'd do this to make sureDownload Superantispywarehttp://www.superantispyware.com/superantis...efreevspro.html Install it and double-click

Put your HijackThis.exe there, and double click to run it.Click 'Scan' button. If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Before scanning my computer with HijackThis i have removed all the junk with CCleaner and run a complete scan in normal and safe mode using AVG (antivirus) version 7.5.430, AVG antispyware, Back to top #5 nasdaq nasdaq Forum Deity Global Moderator 49,124 posts Posted 30 November 2006 - 04:27 PM Hi,To fully remove norton follow these directives.To fully remove Norton AntiVirus, you

Save the 'hijackthis.log' in your desktop. Adam Smith Glasgow, 1760 Back to top #12 hi007 hi007 Member Full Member 16 posts Posted 05 December 2006 - 01:46 PM Hi again,I guess i have to live with it If we have ever helped you in the past, please consider helping us. You'll have to join whichever forum you decide to bring it to but that is not a big deal and is the same as joining CNET.

Back to top #4 MFDnSC MFDnSC Ret. Flag Permalink This was helpful (0) Collapse - See if you can download by roddy32 / April 22, 2005 1:05 AM PDT In reply to: hacktool.hide and run HijackThis and bring I removed Norton with add remove option on Windows XP , ran the Norton Removal Tool available at Norton's website, ran the CCleaner, tried removing Norton's registries through RegSeeker 1.52. But I told it to delete them again this way, thinking maybe it'd work this time, and it wanted to restart to do its business, so I restarted it again and