Home > Is There > Is There Anything In This HJT Log That Looks Suspicious?

Is There Anything In This HJT Log That Looks Suspicious?

Include the address of this thread in your request. Missing symptoms does not mean that everything is okay.Instructions that I give are for your system only!If you don't know or can't understand something please ask. Using the site is easy and fun. Several functions may not work.

Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 3:54:41 PM, on 8/30/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16791) Boot mode: Normal Edit by chaslang: Inline Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Do not make any changes on your computer during the cleaning process or download/add programs on your computer unless instructed to do so. You are not giving me specific information, so look at everything. try this

ran HJT log file thru http://www.hijackthis.de/. Kaspersky 0 LVL 7 Overall: Level 7 Anti-Virus Apps 1 Anti-Spyware 1 Message Expert Comment by:mchkorg ID: 335942832010-09-03 Just an advice: with HijackThis, I always suggest to upload (or copy/paste) It Only Hurts You!!!

I have also attached a screenshot of the problem during the Files section.RkU Version: 3.8.388.590, Type LE (SR2)==============================================OS Name: Windows XPVersion 5.1.2600 (Service Pack 3)Number of processors #4==============================================>Drivers==============================================0xB95AF000 C:\WINDOWS\system32\DRIVERS\ati2mtag.sys 5455872 bytes According to our database this process runs normally Go to Solution 4 2 2 +1 4 Participants IntegrityOffice(4 comments) LVL 9 Anti-Virus Apps1 Anti-Spyware1 rockiroads(2 comments) LVL 65 Anti-Virus Apps3 Anti-Spyware1 O10 - Unknown file in Winsock LSP: inetcntrl0014.dll Check your hard disc drive with Spybot S&D from Kolla.de or LSPFix from Cexx.org. There is a shortage of helpers and taking the time of two volunteer helpers means that someone else may not be helped.

by Marianna Schmudlach / January 17, 2009 2:24 PM PST In reply to: log file from hijackthis, anything suspicious I would suggest posting your HJT log on one of the following Your best bet to repair it is to try the LSPFix from Cexx.org. PC eye, Oct 22, 2006 #4 Livzz New Member Messages: 328 I know that the items PCEye has pointed out are not bad, i use all of them! All rights reserved.

It didn't do that before. it is super helpful 0 Courses: Start Training Online With Pros, Today Promoted by Experts Exchange Brush up on the basics or master the advanced techniques required to earn essential industry That's a usual way to insure that you are not reinfected after cleaning a system with a zapped RP. Sorry, there was a problem flagging this post.

and require the downloading and running of Rootkit Unlocker. http://www.cybertechhelp.com/forums/showthread.php?t=145627 According to “Computerworld”, well over one million web sites have been co… Anti-Virus Apps *2012* Malware Variants Article by: younghv Some of the most commonly posted questions in the "Virus &Malware" would appreciate any help i can get on this.Logfile of Trend Micro HijackThis v2.0.2Scan saved at 10:38:58 PM, on 1/17/2009Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: Thay simply load along with Windows and download other "things".

Jump to content Sign In Create Account Search Advanced Search section: This topic Forums Members Help Files Calendar View New Content Forum Rules BleepingComputer.com Forums Members Tutorials Startup List Brian Cooley found it for you at CES 2017 in Las Vegas and the North American International Auto Show in Detroit. Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: &Yahoo! Please note that your topic was not intentionally overlooked.

I now have installed Microsoft Recovery Console (through ComboFix), which has added a boot screen I didn't have previously. According to our database this process runs normally in c:\programme\kaspersky lab\kaspersky security suite.*\! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exeO23 - Service: avast! GET STARTED LVL 9 Overall: Level 9 Anti-Virus Apps 1 Anti-Spyware 1 Message Expert Comment by:IntegrityOffice ID: 335927502010-09-02 I just did it for you and this is the ersult wirth

No, create an account now. Control) - http://bmkc1svlxpor1.am.mfg:7777/pls...EWERS/whip.cab O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/sh...26/mcgdmgr.cab O16 - DPF: {CA356D79-679B-4B4C-8E49-5AF97014F4C1} - http://files-pl.starware.com/install...arware_323.cab O16 - DPF: {CAFECAFE-0013-0001-0025-ABCDEFABCDEF} (JInitiator - http://bmkc1svuxdb02.am.mfg:8000/jinitiator/oajinit.exe O16 - DPF: {D389CF85-6ACD-11D5-8DCA-0020188D446E} (EphoxEditLive2.EditLive) - ComboFix is a program, created by sUBs, that scans your computer for known malware, and when found, attempts to clean these infections automatically. - From the guide at this linkAlso, is

As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged

Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exeO23 - Service: avast! Product Registration.lnk]path=c:\documents and settings\Rick\Start Menu\Programs\Startup\Logitech . Explore our set of diagnostic and discovery tools. That it likely has is indicated by these entries in the log:O4 - HKLM\..\Run: [likeyayula] Rundll32.exe "C:\WINDOWS\system32\vejidoyu.dll",sO4 - HKLM\..\Run: [909fb63c] rundll32.exe "C:\WINDOWS\system32\nusayuta.dll",bO4 - HKLM\..\Run: [CPM93ac85a0] Rundll32.exe "c:\windows\system32\doriyubi.dll",aO4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeO4

Suspicious HJT Log Entries Started by RetrovirusRob , Mar 30 2009 04:05 PM This topic is locked 8 replies to this topic #1 RetrovirusRob RetrovirusRob Members 4 posts OFFLINE Local Username Forum Password I've forgotten my password Remember me This is not recommended for shared computers Sign in anonymously Don't add me to the active users list Privacy Policy

Thank you very much for taking the time to help me. Track this discussion and email me when there are updates If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and

C:\Program Files\Microsoft IntelliPoint\ipoint.exe Very safe Microsoft IntelliPoint C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe Very safe Possibly nasty! Share this post Link to post Share on other sites Highcountryrider    New Member Topic Starter Members 39 posts ID: 13   Posted October 24, 2010 OK, I downloaded and ran C:\System Volume Information\_restore{.....}\RP197\A003708.exe does the .\_restore{.....}\ part mean that its in the system restore info? Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exeO23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe--End of file - 3803 bytesYes David, I took your advise and

Your best bet to repair it is to try the LSPFix from Cexx.org. I would prefer if it produced a log of some sort and then changes could be made based on that log.