Home > Hjt Log > Hjt Log. Domino.exe And Winlogon.exe

Hjt Log. Domino.exe And Winlogon.exe

Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Yahoo! hmmmmHave no more suggestions until hearing from you!Good luckand thank you for reading and being patient phool4fool 28.02.2007 12:26 Yesterday, I did scan with EMCO Malware Destroyer & it has found Here is a copy of my HJT log. Web Scannerwscntfy.exeSystem taskMicrosoft Windows Security Centeralg.exeSystem taskApplication Layer Gateway Servicecsrcs.exeVirusCSRCS.ExeRUNDLL32.EXESystem taskMicrosoft Rundll32RTHDCPL.EXEDriverRealtek HD Audio Sound Effect ManagerashDisp.exeVirusscanAvast AntiVirusjusched.exeBackgroundtaskSun Java Update SchedulerVMSnap3.EXEUnknown taskUnknown taskDomino.EXEUnknown taskUnknown taskLAUNCH~1.EXEBackgroundtaskPC Suitemsmsgs.exeApplicationMSN MessengermRouterConfig.exeBackgroundtaskIntuwave Connection ManagermRouterRuntime.exeUnknown taskUnknown taskServiceLayer.exeBackgroundtaskNokia

But I cannot assure the harmlessness..-= F2 - REG:system.ini: Shell=Explorer.exe csrcs.exe Part of csrcs.exe..-= O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\DOCUME~1\kim\LOCALS~1\Temp\RarSFX0\jccatch.dll (file missing) This is already Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exeO23 - Service: avast! This Registry value located at HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows loads a DLL into memory when the user logs in, after which it stays in memory until logoff. as you said that this is a registry entries problem then plz can you guide me about those entries???I'll scan with your suggested antispywarethanks alot!QUOTE(lucianbara @ 17.02.2007 14:59)the log file looks

C:\WINDOWS\system32\csrcs.exeBAD entry. This applies only to the original topic starter. Please re-enable javascript to access full functionality.

Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dllF2 - REG:system.ini: Shell=Explorer.exe csrcs.exeF2 - REG:system.ini: UserInit=userinit.exeO2 - BHO: &Yahoo! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members. Sign In Sign Up Browse Back Browse Forums Guidelines Staff Online Users Members Activity Back Activity All Activity My Activity Streams Unread Content Content I Started Search Malwarebytes.com Back Malwarebytes.com Malwarebytes Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: &Yahoo!

Lucian Bara 23.02.2007 14:54 if it still occurs then the malware is still active somewhere.try a scan with gmer and post the log: http://www.gmer.net/gmer.zip phool4fool 24.02.2007 13:54 here is the gmer Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quietO4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /backgroundO4 - HKCU\..\Run: [mRouterConfig] "C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe"O4 - HKLM\..\Policies\Explorer\Run: [csrcs] C:\WINDOWS\system32\csrcs.exeO4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXEO6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel If you do, open it and post the contents here.If you don't find any such files, could you upload a snapshot after entering drive C enabling 'show hidden files & folders' Hingle replied Jan 24, 2017 at 7:12 PM Loading...

Try our mobile theme. Please start a New Thread if you're having a similar issue.View our Welcome Guide to learn how to use this site. Very few legitimate programs use it; most often it is used by trojans or agressive browser hijackers.*** Logged Self-built desktop (8 years old) - AMD64 3200+_Gigabyte GA-K8NS Ultra-939_4 gb RAM_GeForceFX 5800w/256 Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\YAHOO!\MESSEN~1\YPAGER.EXEO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO16 - DPF: Yahoo!

Join our site today to ask your question. Come back here and post the new Hijack This log. Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: Yahoo! You can use separate posts here when replying and posting the log files if needed.

V9.0 Free, IE10P4 2.8GHZ, 1.5GB RAM, 40GB HD, XP Pro SP3 32bit, avast! Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site. Hjt Log. Logged CharleyO Avast Evangelist Starting Graphoman Posts: 7094 Be alert for error code - ID 10T Re: Virus cant be cleaned by avast on boot scan « Reply #5 on: May

Tech Support Guy is completely free -- paid for by advertisers and donations. Avast Evangelist Super Poster Posts: 1780 Thinking with Portals Re: Virus cant be cleaned by avast on boot scan « Reply #3 on: May 10, 2009, 12:27:04 PM » -= Whoa.. ok send the the file that attempted to modify the registry key to KLNo? Jump to content Sign In Create Account Search Advanced Search section: This topic Forums Members Help Files Calendar View New Content Forum Rules BleepingComputer.com Forums Members Tutorials Startup List

This is a "lo-fi" version of our main content. phool4fool 28.02.2007 16:16 QUOTE(lucianbara @ 28.02.2007 16:58)the second entry is avp, it's kaspersky the first, i don't know the first entry has no details to where the heck the infection is.Well! Sign in to follow this Followers 1 Go To Topic Listing Resolved Malware Removal Logs Recently Browsing 0 members No registered users viewing this page.

Similar Threads - hijackthis help Solved HELP! 11b1 and bafa issues.

After you get SP1 installed, restart your computer. do uncheck all the exclusion masks and all trusted applications and try the scenario again.After doing that, did Kaspersky alert you and tell you about the attempting to modify that key?Yes? Microsoft MVP Consumer Security Back to top Back to Virus, Trojan, Spyware, and Malware Removal Logs 0 user(s) are reading this topic 0 members, 0 guests, 0 anonymous users Reply to Thanks a lot!

If CTH has helped you, please consider liking and sharing us on Facebook Search Forums Show Threads Show Posts Advanced Search Go to Page... Jump to content Home Existing user? If you need this topic reopened, please request this by sending the moderating team a PM with the address of the thread. Share this post Link to post Share on other sites This topic is now closed to further replies.

Might be part of c:\windows\system32\bzifsst.dll-= Try downloading Malwarebytes Antimalwareor SuperAntiSpyware, install, update & run a scan.. Hi there! If not please perform the following steps below so we can have a look at the current condition of your machine.Upon completing the steps below a staff member will review and Logged E5200 2.5GHZ, 4GB RAM, 320GB HD, Windows 7 Home Premium 64bit, avast!

Reasons maybe:(1.) You are using the windows firewall or a hardware firewall.(2.) You are using a firewall of an unknown vendor.(3.) You are using a firewall, but for unknown reasons it As your machine stands now it is wide open to attack from all sorts of nasties.