Home > Ht Log > HT Log - Please Help

HT Log - Please Help

Accept that some days you are the pigeon and some days the statue. If you wish to show your appreciation, then you may donate to help keep us online. Click to expand... Proud member of ASAP since 2005 The help you receive here is free.

http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/sp2brows.mspx#XSLTsection125121120120 Have these instructions printed or in a convenient Notepad (or Wordpad) file so you can view them in Safe Mode. Does this mean that it's still on my system? Join 91132 other members! Click on Fix Checked when finished and exit HijackThis.

Proud member of ASAP since 2005 The help you receive here is free. I have not installed anything else except for Kazaa Lite 2.4.3 (which I have since removed), but that was from a file in my downloads folder, the original that I first Recent surveys show that about 50 % of all downloaded files in Kazaa are infected with one thing or another... Once I have removed it it seems to do very little and once I run the spyware again they seem to have reappeared.

  1. I will take a look at it. « LoadingWebSite | Trojan Virus- Hijack Log analysis needed » Thread Tools Show Printable Version Download Thread Search this Thread Advanced Search
  2. Attempting to delete: C:\WINNT\system32\kjdit142.dll C:\WINNT\system32\kjdit142.dll Deleted successfully!
  3. Sign in to follow this Followers 0 Someone please help review ht log Started by rogvol, July 4, 2004 2 posts in this topic rogvol Member Full Member 2 posts

Here is my new HT log. It's IMPORTANT to carry out the instructions in the sequence listed below. 1. C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\system32\VTTimer.exe C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe C:\Program Files\Java\j2re1.4.2_15\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Video ActiveX Object\isamonitor.exe C:\Program Files\Video ActiveX Object\pmsngr.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Maxtor\OneTouch\utils\Onetouch.exe C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe C:\Program Files\Ipwindows\ipwins.exe C:\WINDOWS\SYSTEM32\qttask.exe C:\Program

Close any open browsers. 2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix. Open *notepad* and copy/paste the text in I go to suprnova.org a lot. Scan with HijackThis. recommended you read MushroomWorld18, Nov 12, 2016, in forum: Virus & Other Malware Removal Replies: 0 Views: 168 MushroomWorld18 Nov 12, 2016 Solved Please Help!

Want to help others? Click on "Edit" => "Copy". We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it. Please do the following: STEP 1. ====== Look2Me-Destroyer - Written by Atribune Please download Look2Me-Destroyer.exe to your desktop.

within the Inactive Malware Help Topics forums, part of the Tech Support Forum category. We recommend Gmail.   The notifications won't even be in your Spam folder - they just go down a black hole. Oooh, wait - I think I looked for a download somewhere else, of the same thing, and risked it I have done so much, I am losing track! Attempting to delete: C:\WINNT\system32\mzcltui.dll C:\WINNT\system32\mzcltui.dll Deleted successfully!

do not run the fix portion without fixing this first. warbs2000 View Public Profile Send a private message to warbs2000 Find all posts by warbs2000 #2 27-10-08, 14:37 bricat Global Moderator Join Date: Jun 2003 Location: belfast Posts: Please help with my HT log. Click the Install button to extract the files and follow the prompts, then open the newly added l2mfix folder on your desktop.

I have tried to resolve without any joy and seem to see that a HT log seems to help you guys resolve the problems so here goes; If I have not Jazz Edited by jazzie, 03 September 2006 - 06:03 AM. Rollin' Rog, Aug 27, 2004 #2 Malmorcan Thread Starter Joined: Aug 27, 2003 Messages: 20 Ok, I did all that, and here's my new log file, but as I was posting Hows it looking?

scanning hidden autostart entries ... C:\Documents and Settings\All Users\Application Data\Secure Solutions C:\Documents and Settings\Owner\My Documents\My Documents.url C:\Documents and Settings\Owner\My Documents\My Music\My Music.url C:\Documents and Settings\Owner\My Documents\My Pictures\My Pictures.url C:\Documents and Settings\Owner\My Documents\My Videos\My Video.url C:\Program Files\Applications\myd.ico HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall Rollin' Rog, Aug 27, 2004 #6 Malmorcan Thread Starter Joined: Aug 27, 2003 Messages: 20 Isn't that the truth.

http://www.google.com/search?hl=en&...c2coff=1&q="suprnova.org"+spyware&btnG=Search Rollin' Rog, Aug 27, 2004 #11 Malmorcan Thread Starter Joined: Aug 27, 2003 Messages: 20 Got rid of Kazaa lite 2.4.3, even though I haven't had a problem with

Contents of the 'Scheduled Tasks' folder 2008-10-22 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job - C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34] 2008-10-22 C:\WINDOWS\Tasks\Norton Security Scan.job - C:\Program Files\Norton Security Scan\Nss.exe [] . - - - - ORPHANS Click Start, Programs, Windows DefenderClick on Tools, General Settings.Under Real-time protection options, unselect the Turn on real-time protection check boxClick SaveAfter all of the fixes are complete it is very important as Kazaa Lite is an illegal, hacked version of Kazaa. Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: 119987 helper - {2231839A-F38E-4066-BF3C-959006189942} - (no file) O2 - BHO: 917671 helper - {34B9C611-629C-43AA-9F9D-4B58086EA729} - C:\WINDOWS\system32\917671\917671.dll O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4

Here's the new log. I have tried everything I know to clean her laptop but I just keep getting reinfected with popups - amaeana, qwikfind, bigdespatch, drive cleaner and loads of others. Now run this online scan using Internet Explorer: Kaspersky Online Scanner from http://www.kaspersky.com/virusscanner Next Click on Launch Kaspersky Online Scanner You will be prompted to install an ActiveX component from Kaspersky, Please tell me how you obtained the Administrator priviledges back.

Back to top #15 Susan528 Susan528 SuperMember Authentic Member 3,194 posts Posted 22 September 2006 - 06:08 AM How you doing Jazzie? Logfile of HijackThis v1.98.2 Scan saved at 9:21:38 PM, on 8/26/2004 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe Want to help others? IE 11 copy/paste problem It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum.

Jazz Back to top #9 Susan528 Susan528 SuperMember Authentic Member 3,194 posts Posted 28 August 2006 - 02:35 PM Okay, I will watch for your post although I should be notified Also ensure you do NOT have "hide file extensions..." enabled in Folder Options > View 1 >> Restart in Safe Mode: http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2001052409420406 In Safe Mode, run HijackThis and check and "fix" Just hit exit (close) It will drop a log on Desktop that starts with fsbl....big number CWShredder Please download and run CWShredder Make sure that all browser windows are closed with I just hit X.

If you use FireFox, rightclick on the link and choose "Save Link As") and run it. Inc. - C:\WINDOWS\system32\YPCSER~1.EXE -- End of file - 8634 bytes warbs2000 View Public Profile Send a private message to warbs2000 Find all posts by warbs2000 #4 28-10-08, 10:59 bricat Contacts About Web User Contact Us Advertising Info Top 10 Website - HitWise 2008 Follow Web User on Twitter Join the Web User Facebook group Watch the Web User Youtube channel If you wish to show your appreciation, then you may donate to help keep us online.

AnnMarie View Public Profile Find all posts by AnnMarie Bookmarks Digg del.icio.us StumbleUpon Google « Previous Topic | Next Topic » Topic Tools Show Printable Version Email this Page Posting Rules Do you have a System Restore date just prior to (before anything new was installed)? Here is my latest HT log. Volume Serial Number is 2674-17F4 Directory of C:\WINNT\System32 08/27/2006 08:07p 245,760 dedskmgr.dll 08/27/2006 07:03p 245,760 guard.tmp 08/27/2006 05:15p 245,760 kjdit142.dll 08/27/2006 04:59p 245,760 mzcltui.dll 08/24/2006 01:51p 245,760 o0nsla571d.dll 08/23/2006 06:30p 235,336

Malmorcan, Aug 28, 2004 #12 Rollin' Rog Joined: Dec 9, 2000 Messages: 45,855 Alright, I'll give you one more set of clean up instructions, which will largely be a replay of It will take you to download page. I reverted back to Kazaa Lite 2.4.3 and now have no more junk. When I restarted after the AdAware SE scan I ran SpyBot S&D and it found 5 problems DSO Exploit.

Reboot into Safe Mode (hit F8 key until menu shows up). Then run HijackThis and check and "fix" the following entries: O2 - BHO: brdg Class - {9C691A33-7DDA-4C2F-BE4C-C176083F35CF} - C:\WINDOWS\system32\bridge.dll O2 - BHO: NLS UrlCatcher Class - {AEECBFDA-12FA-4881-BDCE-8C3E1CE4B344} - C:\WINDOWS\system32\nvms.dll O2 - It's 100% free. Sign In Sign Up Browse Back Browse Forums Calendar Staff Online Users Activity Back Activity All Activity Search Jump to content Build Theme!