Home > Hjt > HJT & MBAM Logs To Analyze

HJT & MBAM Logs To Analyze

I ended up using the download from CNET. The following corrective action will be taken in 120000 milliseconds: Restart the service. 6/1/2012 9:57:14 PM, Error: Service Control Manager [7031] - The Base Filtering Engine service terminated unexpectedly. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. All Activity Home Malware Removal Help Malware Removal for Windows Resolved Malware Removal Logs Need help analyzing this HJT log. http://softsystechnologies.com/hjt/hjt-combofix-logs.html

I did the OTL as a reference for you to see, as it has been since 9/20/09 that HJT & MBAM were run. Click here to Register a free account now! If you would like us to check the system for malware, please follow these steps: Preliminary Virus and Malware Removal. It has done this 1 time(s).

mfebopk;c:\windows\system32\drivers\mfebopk.sys [2009-1-12 35272]S3 mferkdk;McAfee Inc. The following corrective action will be taken in 120000 milliseconds: Restart the service. 6/1/2012 9:57:14 PM, Error: Service Control Manager [7031] - The Diagnostic Policy Service service terminated unexpectedly. Using the site is easy and fun. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2009-1-12 35272]R3 mfesmfk;McAfee Inc.

If not please perform the following steps below so we can have a look at the current condition of your machine. The following corrective action will be taken in 300000 milliseconds: Restart the service. 5/31/2012 3:38:40 PM, Error: Service Control Manager [7031] - The Desktop Window Manager Session Manager service terminated unexpectedly. Jun 1, 2012 #6 marcela TS Rookie Topic Starter Posts: 17 good morning I will past the following mbytes, gmer and the dds log thank you for your help Malwarebytes Anti-Malware The following corrective action will be taken in 60000 milliseconds: Restart the service. 6/2/2012 10:29:29 PM, Error: Service Control Manager [7031] - The Portable Device Enumerator Service service terminated unexpectedly.

BLEEPINGCOMPUTER NEEDS YOUR HELP! Read my instructions carefully. The following corrective action will be taken in 60000 milliseconds: Restart the service. 6/2/2012 10:29:29 PM, Error: Service Control Manager [7031] - The Program Compatibility Assistant Service service terminated unexpectedly. Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dllO2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dllO2 - BHO: agihelper.AGUtils - {0bc6e3fa-78ef-4886-842c-5a1258c4455a} - mscoree.dll (file missing)O2 - BHO: Yahoo!

It has done this 2 time(s). It has done this 2 time(s). Please re-enable javascript to access full functionality. We do not screen for malware using HijackThis.

thx. -tMB removal log:--------------------Malwarebytes' Anti-Malware 1.44Database version: 3670Windows 5.1.2600 Service Pack 3Internet Explorer 6.0.2900.55121/31/2010 11:35:56 PMmbam-log-2010-01-31 (23-35-56).txtScan type: Quick ScanObjects scanned: 150222Time elapsed: 15 minute(s), 3 second(s)Memory Processes Infected: 0Memory Modules It has done this 1 time(s). Display as a link instead × Your previous content has been restored. Help us fight Enigma Software's lawsuit! (more information in the link)Follow BleepingComputer on: Facebook | Twitter | Google+ Back to top #3 ken S ken S Topic Starter Members 45 posts

its just that I was a bit confuse from your note it said if you already had any scanning programs on the computer to please remove them and download the version. See attachment.I attempted to save it under C: but same problem.-t Attached Files combofix_trojan.JPG 27.68KB 6 downloads Back to top #7 falco falco Topic Starter Members 20 posts OFFLINE Local Thank you. It has done this 2 time(s).

The following corrective action will be taken in 120000 milliseconds: Restart the service. 6/2/2012 10:12:08 PM, Error: EventLog [6008] - The previous system shutdown at 10:05:43 PM on 6/2/2012 was unexpected. A case like this could easily cost hundreds of thousands of dollars. And for these preliminary programs, you do not need to disable the security programs. Thank you!

Use the forums!Don't let BleepingComputer be silenced. Alternatively, you can click the button at the top bar of this topic and Track this Topic. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2009-1-12 214664]R3 mfeavfk;McAfee Inc.

R0 CSCrySec;InfoWatch Encrypt Sector Library driver;C:\Windows\system32\DRIVERS\CSCrySec.sys --> C:\Windows\system32\DRIVERS\CSCrySec.sys [?] R0 KLBG;Kaspersky Lab Boot Guard Driver;C:\Windows\system32\DRIVERS\klbg.sys --> C:\Windows\system32\DRIVERS\klbg.sys [?] R1 CSVirtualDiskDrv;InfoWatch Virtual Disk driver;C:\Windows\system32\DRIVERS\CSVirtualDiskDrv.sys --> C:\Windows\system32\DRIVERS\CSVirtualDiskDrv.sys [?] R1 KLIM6;Kaspersky Anti-Virus NDIS 6

Do not start a new topic. The following corrective action will be taken in 120000 milliseconds: Restart the service. 5/31/2012 3:38:40 PM, Error: Service Control Manager [7034] - The Diagnostic System Host service terminated unexpectedly. When you have finished, leave the logs for review in your next reply . Threads are closed after 5 days if there is no reply.

so that's ok correct? The following corrective action will be taken in 100 milliseconds: Restart the service. 5/31/2012 3:38:40 PM, Error: Service Control Manager [7031] - The Human Interface Device Access service terminated unexpectedly. Don't try to get around it yourself. If you accept cookies from this site, you will only be shown this dialog once!You can press escape or click on the X to close this box.

Inc.)IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = IE - HKU\S-1-5-21-2141977767-2994533718-58751993-500\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htmIE - HKU\S-1-5-21-2141977767-2994533718-58751993-500\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1IE - HKU\S-1-5-21-2141977767-2994533718-58751993-500\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearchIE Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site. C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k mferkdk;c:\windows\system32\drivers\mferkdk.sys [2009-1-12 34248]S3 pmxmouse;PMXMOUSE;c:\windows\system32\drivers\pmxmouse.sys [2008-1-13 18432]S3 pmxusblf;PMXUSBLF;c:\windows\system32\drivers\pmxusblf.sys [2008-1-13 14336]=============== Created Last 30 ================2010-02-01 02:28:17 0 d-----w- c:\program files\Malwarebytes' Anti-Malware22010-01-31 23:24:46 0 d-----w- c:\program files\Amazon2010-01-15 04:02:37 0 d-----w- c:\program files\common files\PQDVD2010-01-13 04:45:56

The following corrective action will be taken in 300000 milliseconds: Restart the service. 5/31/2012 3:38:40 PM, Error: Service Control Manager [7031] - The Distributed Link Tracking Client service terminated unexpectedly. Everything seems to be fixed and McAfee running OK, but I did see some errors noted in the Extras.txt log. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2009-1-12 214664]R2 AdobeActiveFileMonitor;Adobe Active File Monitor;c:\program files\adobe\photoshop elements 3.0\PhotoshopElementsFileAgent.exe [2004-10-4 98304]R2 AGCoreService;AG Core Services;c:\program files\agi\core\4.2.0.10752\AGCoreService.exe [2010-1-21 20480]R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-9-24 1181328]R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program Any direction on my next step w/ the log info below would be greatly appreciated.

It runs SO slow and seems to hose? The following corrective action will be taken in 60000 milliseconds: Restart the service. 5/31/2012 3:39:44 PM, Error: Service Control Manager [7034] - The Superfetch service terminated unexpectedly. The topics you are tracking can be found here.Please take note of some guidelines for this fix:Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the Please don't send help request via PM, unless I am already helping you.

It has done this 2 time(s). Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dllTB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dllEB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dlluRun: [ctfmon.exe] c:\windows\system32\ctfmon.exeuRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /backgrounduRun: [Google Update] "c:\documents and settings\my home\local settings\application data\google\update\GoogleUpdate.exe" /cmRun: [IgfxTray] c:\windows\system32\igfxtray.exemRun: Please note that your topic was not intentionally overlooked. UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2009-1-12 79816]R3 mfebopk;McAfee Inc. Sign Up All Content All Content Advanced Search Browse Forums Guidelines Staff Online Users Members More Activity All Activity My Activity Streams Unread Content Content I Started Search More Malwarebytes.com Malwarebytes