Home > Hjt Log > Hjt Log Along With F-secure Blacklight

Hjt Log Along With F-secure Blacklight

Or something specific?


    If you PM me for help, expect an irritated response... be very cautious about any security software that advertises in popups or other intrusive ways, they are not only usually useless, but also often have malware in them.... To be able to help you, the Security Labs needs the following log files for further investigation: Execute F-Secure BlackLight. Thanks for any help you can provide!

    Do not worry if there are a large number of items, this is normal. Select "Delete on Reboot" option.4. This tool is available at ftp://ftp.f-secure.com/anti-virus/tools/fsbl.exe. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged

    Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". This type of log assists in locating infected files . Find The PC Guide helpful? In addtion to the regular steps for scanning and pre-cleaning, you'll need to run some rootkit scanners.

    Please post back if you are still having any problems.... Caveat Emptor.... CONTRIBUTE TO OUR LEGAL DEFENSE All unused funds will be donated to the Electronic Frontier Foundation (EFF). If you get any kind of warning message about scripts, please choose to allow the script to run.

    Other adware? • Suspected VUNDO problem? » Wikingjoin:2007-07-02Fort Saskatchewan, AB1 edit Wiking Member 2007-Jul-2 1:02 am [Virus] HJT Log: Virus problemsHello everybody, first time poster hoping one of you intelligent individuals If there's anything that you don't understand, ask your question(s) before proceeding with the fixes.Step #1Scan again with HijackThis and check the following items:O4 - HKLM\..\Run: [dmchy.exe] C:\WINDOWS\System32\dmchy.exeAfter checking these items, Thanks for all your help! Since System Restore is a protected directory, your tools can not access it to delete these bad files which can reinfect your system.

    Post a complaint about malware here!! What should I being doing or what am I doing wrong now that bfu is now in fixwareout? Post the contents of it and a new Hijackthis log in your next reply. I would kick myself if I weren't so happy!Davey, I was not putting bfu into fixware out properly( obviously).

    I click on fixit and finish, This is where the black cprompt type box open and the only two prompts to follow are "Y" to open the website or "E" to Back to top #19 didom didom Members 1,389 posts OFFLINE Gender:Male Local time:01:01 AM Posted 18 August 2006 - 03:32 AM I see only "no action taken" on the Ewido WgaLogon\DLLName = "WgaLogon.dll" [MS] HKLM\Software\Classes\*\shellex\ContextMenuHandler s\ Symantec.Norton.Antivirus.IEContextMenu\(Default) = "{5345A4D5-41EB-4A2F-9616-CE1D4F6C35B2}" -> {HKLM...CLSID} = "IEContextMenu Class" \InProcServer32\(Default) = "C:\Program Files\Norton AntiVirus\NavShExt.dll" ["Symantec Corporation"] HKLM\Software\Classes\Folder\shellex\ContextMenuHa ndlers\ Symantec.Norton.Antivirus.IEContextMenu\(Default) = "{5345A4D5-41EB-4A2F-9616-CE1D4F6C35B2}" -> {HKLM...CLSID} = "IEContextMenu Class" This article in other languages:Finnish, Swedish, German, French, Japanese, Italian, Danish, Norwegian, Dutch, Polish Version History Revision #: 18 of 18 Last update: ‎16-05-2016 11:32 AM Updated by: Jali   View

    RTF CPL WIZ HTA PP? No, they weren't a problem... BIN SCR DLL SHS HTM HTML HTT VBS JS INF VXD DO? You may have to register before you can post: click the register link above to proceed.

    Preferred shop - Amazon? Use the Add Reply button to post your new logs back here along withas details of any problems you encountered performing the above steps and I will review it when Sign In Sign Up Browse Back Browse Forums Guidelines Staff Online Users Members Activity Back Activity All Activity My Activity Streams Unread Content Content I Started Search Malwarebytes.com Back Malwarebytes.com Malwarebytes

    Powered by vBulletin Version 4.2.2 Copyright © 2017 vBulletin Solutions, Inc.

    Members 2,277 posts Gender:Male Location:Califor ny A Posted 07 December 2006 - 02:41 PM I'm stupid, soooooo stupid, its me, I'm stupid!!!!!!THANK YOU!!! Jump to content Sign In Create Account Search Advanced Search section: This topic Forums Members Help Files Calendar View New Content Forum Rules BleepingComputer.com Forums Members Tutorials Startup List Click here to Register a free account now! Helpful links SpywareBlaster...

    When finished, it shall produce a log for you, Combofix.txt. Your system may take longer than usual to load; this is normal.When your system reboots, a logfile named report.txt will open. Then in Killbox, go to the File menu, choose "Paste from Clipboard".6. Hopefully, all is good now.

    Thanks for any help.Logfile of HijackThis v1.99.1Scan saved at 6:17:00 PM, on 8/9/2006Platform: Windows XP (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 (6.00.2600.0000)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\csrss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeE:\Program Files\iTunesHelper.exeC:\Program Files\Common Files\Symantec Members 2,277 posts Gender:Male Location:Califor ny A Posted 08 December 2006 - 11:21 AM Thanks Mucho Quiet man YOU ( and Davey of course) are awesome...java was done after I finished Members 2,277 posts Gender:Male Location:Califor ny A Posted 07 December 2006 - 05:45 PM Thanks Quietman: Here is the fsecure log12/07/06 14:34:27 [Info]: BlackLight Engine 1.0.47 initialized12/07/06 14:34:27 [Info]: OS: 5.1 This tool is available from Microsoft at http://www.microsoft.com/technet/sysinternals/SystemInformation/Autoruns.mspx.

    Post that log in your next reply · actions · 2007-Jul-2 10:08 am · (locked) Forums → The Site → Old Forums → Security Cleanup« HTJ Log: Vundo? Since you have evidence of a rootkit, run one or all three of these to find it... Click "OK".5. It made me get a bfu program from merjin and they are not talking to each other!

    Maybe your AV detected and deleted them...

    1. Please go HERE to run Panda's ActiveScan

    • Once you are on Select the Tools menu and click Folder Options. F-Secure Blacklight: http://www.f-secure.com/blacklight/try.shtml Double-click blbeta.exe then accept the agreement. BlackLight will create a log in C:\ drive named "fsbl-xxxxxxx.log" (the xxxxxxx will be the date and time of the scan).The log will have a list of all items found.

      If we have ever helped you in the past, please consider helping us. I want to see the log first, because legit items can also be present there... If we have ever helped you in the past, please consider helping us. Post a complaint about malware here!!

      It is possible that the software shows an infection that doesn't exist, that the software claims to clean an infection but does nothing or that it installs a real trojan. Do not choose to rename any yet! Members 2,277 posts Gender:Male Location:Califor ny A Posted 07 December 2006 - 06:55 PM All done quietman! HijackThis...