Home > Please Help > Please Help Me With This Flippin' Computer (hijackthis Log)

Please Help Me With This Flippin' Computer (hijackthis Log)

You geezers have helped me fix a horrible problem with IE before so please give us a hand again. Several trojan hijackers use a homemade service in adittion to other startups to reinstall themselves. Now, I would really appreciate the help I can receive if possible from any skilled person who knows how to deal with Trojans. Please navigate to the system tray on the bottom right hand corner and look for a sign.click it -> click on the button.a popup will warn that protection will now be have a peek here

Click on View Scan Report.You will see a list of infected items there. Back to top #4 jpshortstuff jpshortstuff Teacher Emeritus Authentic Member 5,710 posts Posted 06 December 2008 - 12:27 PM Hi LimeWire You have LimeWire, a P2P/file sharing programs installed on your Try Shoot the Messenger; it might stop some of the crud. Generated Thu, 26 Jan 2017 00:41:44 GMT by s_hp87 (squid/3.5.23) https://www.bleepingcomputer.com/forums/t/274659/infected-with-systemguard2009-browswer-hi-jacker/?view=getnextunread

My network is locked down tighter than Fort Knox. hinaraees -5 6 posts since Jun 2011 Newbie Member More Recommended Articles About Us Contact Us Donate Advertising Vendor Program Terms of Service API Newsletter Archive Community Forums Recent Articles Recommended Please get the latest version (1.98.2) and post the log that version generates. 0 Discussion Starter geezer 12 Years Ago You are running an outdated version of HijackThis.

I still get times where I touch media files on my computer and then it will go to blue screen and tell me what happened and that it's going to throw Required *This form is an automated system. xD Needs some help.Yeah, I had felt that the Autorun was malware. Try going into Task Manager and ending the qttask.exe process before removing the "Run" entry in the registry and renaming/delete the file.

Click "OK" 9. The scan will begin and "Scan in progress" will show at the top. Back to top #5 Gorga53 Gorga53 New Member Authentic Member 19 posts Posted 08 December 2008 - 05:32 PM Viewpoint uninstall, successful. Source BLEEPINGCOMPUTER NEEDS YOUR HELP!

Is there any point until this thing's sorted? Unfortunately, in modern versions of Windows you can't uninstall Internet Exploder; it is integral to the operating system itself (which is one of the reasons it's so prone/vulnerable to attack). There are many different backup options (another hard drive/a zip drive/a tape drive, burn to CD/DVD, etc.) some of which depend on just how much data you need to archive. DSLO2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dllO2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dllO2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

  • Reverend Jim 1,454 7,923 posts since Aug 2010 Moderator Featured How does "real time collaborative coding" work Last Post 3 Days Ago Hey can anybody explain me how "real time collaborative
  • If asked to restart the computer, please do so immediately.
  • scan completed successfullyhidden files: 0**************************************************************************.------------------------ Other Running Processes ------------------------.C:\WINDOWS\system32\ati2evxx.exeC:\WINDOWS\system32\ati2evxx.exeC:\WINDOWS\system32\HPZipm12.exeC:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYSC:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exeC:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exeC:\WINDOWS\system32\wdfmgr.exeC:\PROGRA~1\AVG\AVG8\avgam.exeC:\PROGRA~1\AVG\AVG8\avgrsx.exeC:\PROGRA~1\AVG\AVG8\avgnsx.exeC:\Program Files\HP\Digital Imaging\bin\hpqgalry.exeC:\PROGRA~1\Yahoo!\MESSEN~1\Ymsgr_tray.exe.**************************************************************************.Completion time: 2008-07-26 19:52:11 - machine was rebootedComboFix-quarantined-files.txt 2008-07-26 23:51:17Pre-Run: 63,690,960,896 bytes
  • Once installed, you should see a blue screen prompt that says: "The Recovery Console was successfully installed."Very Important!

This program is for Windows 2000/XP ONLY.-- When using this tool, you must use the Administrator's account or an account with "Administrative rights"-- Disconnect from the Internet and temporarily disable your If anyone can solve this problem, I'll be so grateful since this is my new computer. Posted 01 February 2009 - 01:22 PM SDFIX report:Microsoft Windows XP [Version 5.1.2600]Running From: C:\SDFIXChecking Services :Restoring Default Security ValuesRestoring Default Hosts FileRebootingChecking Files : No Trojan Files FoundRemoving Temp FilesADS If you didn't add the listed domain to the Trusted Zone yourself, have HijackThis fix it.O16 - ActiveX Objects (aka Downloaded Program Files)What it looks like: O16 - DPF: Yahoo!

Double click on ComboFix.exe & follow the prompts. navigate here Click on Open the Misc Tools section. Please provide your comments to help us improve this solution. I've since tried even more in depth stuff and still no joy.

scanning hidden files ... Here is a HijackThis log. Proud Graduate of the TC/WTT Classroom At weekends (GMT) I may not be able to reply promptly due to various commitments. Check This Out Go to the Notepad window and click Edit > Paste4.

I also don't know if this is the right place to post this problem since I'm new to forums I'm usually decent to computers but this problem is beyond me. Oh yeah, the page that comes up (still) is a whole page full of advertising links not a toolbar extension. You can always have HijackThis fix these, unless you knowingly put those lines in your Hosts file.The last item sometimes occurs on Windows 2000/XP with a Coolwebsearch infection.

If it's not a huge amount of data, you can just do manual copies to one of the types of media I just mentioned.

Please help me. the CLSID has been changed) by spyware. I promise to get AVG 8.0 as soon as possible to really protect my computer fully. Please download ATF Cleaner by Atribune.

In the BHO List, 'X' means spyware and 'L' means safe.O3 - IE toolbarsWhat it looks like: O3 - Toolbar: &Yahoo! Stop using Internet Explorer as your *$#$% web browser, ya foul-mouthed Geezer! :mrgreen: Use Netscape, Firefox, or Opera instead; they're pretty much immune to the spyware/adware/etc. Tricky when you're as flippin wound up as I am now rant rave snarl etc.... this contact form So I'm reinstalling Windows XP on the new harddrive.

After reboot, (in case it asks to reboot), please post the following reports/logs into your next reply:Combofix.txt A new HijackThis log. And lol at Fort Knox. Posted 31 January 2009 - 07:32 PM Logfile of Trend Micro HijackThis v2.0.2Scan saved at 6:30:57 PM, on 1/31/2009Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning The known baddies are 'cn' (CommonName), 'ayb' (Lop.com) and 'relatedlinks' (Huntbar), you should have HijackThis fix those.

If you didn't install it, or if you did but you no longer use it, I recommend you get rid of it. scanning hidden autostart entries ...HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce OOBEDDDemise = cmd /x /c erase C:\WINDOWS\System32\oobe\msoobe.exe????C?w????e??i?wis??H???*&?|l?&?|??-w?`??|?&?|??&?|B%?|?|?$?|???-wC scanning hidden files ... windows-virus This article has been dead for over six months. I know them particularly well, even since when I used to have a Windows 98 and I had no idea of Anti-Virus programs.

Posted 02 February 2009 - 05:12 PM I can't seem to install Combofix at all. And it still wouldn't uninstall itself. If so, does that change persist, or does your home page keep reverting to about:blank? 2. Click Yes to create a default host file.   Video Tutorial Rate this Solution Did this article help you?

Posted 02 February 2009 - 09:14 PM KASPERSKY ONLINE SCANNER 7 REPORT Monday, February 2, 2009 Operating System: Microsoft Windows XP Home Edition Service Pack 2 (build 2600) Kaspersky Online Scanner There are some particularly nasty variants/offshoots of the CoolWebSearch family that exhibit similar symptoms, and not even CWShredder can kill all of those. The service needs to be deleted from the Registry manually or with another tool. Start a new discussion instead.

Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quietO4 - HKCU\..\Run: [Performance Center] C:\Program Files\Ascentive\Performance Center\ApcMain.exe -mO4 - HKUS\S-1-5-18\..\Run: [Power2GoExpress] NA (User 'SYSTEM')O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [Power2GoExpress] NA (User 'Default user')O4 Please have a look at the Forum Rules regarding use of profanity in the forums. Find the item below on the list and click Remove.