Home > Need Help > Need Help - Aboutblank Hijack - Hijackthis Log

Need Help - Aboutblank Hijack - Hijackthis Log

About:blank Virus Hijack This Log - Please Help Started by Kilgour , Jun 02 2007 04:39 PM Please log in to reply 1 reply to this topic #1 Kilgour Kilgour Members We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it. When it is done, it will generate a log file called FxAgentB.log - save that information as you will need to paste it here later. First of all you need to update hijackthis to version 1.98.2.

We recommend Gmail.   The notifications won't even be in your Spam folder - they just go down a black hole. Press any Key and it will restart the PC. When the scan is complete save the log and close the program.     Next open adaware and perform a scan. If this service is stopped, shadow copies will be unavailable for backup and the backup may fail.

If this service is stopped, this computer will be unable to record CDs. Homepage hijacked by about blank (hijackthis log file included) If this is your first visit, be sure to check out the FAQ by clicking the link above. SpywareGuard - It offers realtime protection from spyware installation attempts. TYPE : 20 WIN32_SHARE_PROCESS START_TYPE : 2 AUTO_START ERROR_CONTROL : 1 NORMAL BINARY_PATH_NAME : C:\WINDOWS\System32\svchost.exe -k netsvcs LOAD_ORDER_GROUP : UIGroup TAG : 0 DISPLAY_NAME : Themes DEPENDENCIES : SERVICE_START_NAME: LocalSystem FAIL_RESET_PERIOD

There will no longer be separate Usernames and Display Names. CWShredder v2.2 found nothing, the Symantec link you sent me to did not find anything, and Adaware, which I ran initially has still not found anything.Any other suggestions based on this And please use elementary language as I am a computer idiot. TYPE : 20 WIN32_SHARE_PROCESS START_TYPE : 2 AUTO_START ERROR_CONTROL : 1 NORMAL BINARY_PATH_NAME : C:\WINDOWS\system32\svchost.exe -k netsvcs LOAD_ORDER_GROUP : TAG : 0 DISPLAY_NAME : Automatic Updates DEPENDENCIES : SERVICE_START_NAME: LocalSystem SERVICE_NAME:

TYPE : 20 WIN32_SHARE_PROCESS START_TYPE : 3 DEMAND_START ERROR_CONTROL : 1 NORMAL BINARY_PATH_NAME : C:\WINDOWS\system32\netdde.exe LOAD_ORDER_GROUP : NetDDEGroup TAG : 0 DISPLAY_NAME : Network DDE DEPENDENCIES : NetDDEDSDM SERVICE_START_NAME: LocalSystem SERVICE_NAME: Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site. TYPE : 20 WIN32_SHARE_PROCESS START_TYPE : 3 DEMAND_START ERROR_CONTROL : 1 NORMAL BINARY_PATH_NAME : C:\WINDOWS\system32\svchost.exe -k netsvcs LOAD_ORDER_GROUP : TAG : 0 DISPLAY_NAME : Application Management DEPENDENCIES : SERVICE_START_NAME: LocalSystem SERVICE_NAME: Click the Red X ...and for the confirmation message that will appear, you will need to click Yes A second message will ask to Reboot now?

TYPE : 120 WIN32_SHARE_PROCESS INTERACTIVE_PROCESS START_TYPE : 3 DEMAND_START ERROR_CONTROL : 1 NORMAL BINARY_PATH_NAME : C:\WINDOWS\System32\svchost.exe -k netsvcs LOAD_ORDER_GROUP : TAG : 0 DISPLAY_NAME : Network Connections DEPENDENCIES : RpcSs SERVICE_START_NAME: Please keep an eye on this message for a resolution. I've run SpyBot, Ad-Aware and Norton Antivirus all in safe mode with little success. It has: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\(default) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\DeviceNotSelectedTimeout HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\GDIProcessHandleQuota HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\Spooler HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\swapdisk HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\TransmissionRetryTimeout HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\USERProcessHandleQuota So I dont know what to do. 0 crunchie 990 12 Years Ago OK Just

Step 2: Press control-alt-delete to get into the task manager and end the follow processes if they exist: apilp.exe TASKMAN.EXE Step 3: I now need you to delete the following files: You may have to register before you can post: click the register link above to proceed. TYPE : 20 WIN32_SHARE_PROCESS START_TYPE : 3 DEMAND_START ERROR_CONTROL : 1 NORMAL BINARY_PATH_NAME : C:\WINDOWS\System32\lsass.exe LOAD_ORDER_GROUP : TAG : 0 DISPLAY_NAME : NT LM Security Support Provider DEPENDENCIES : SERVICE_START_NAME: LocalSystem If this service is stopped, Remote Assistance will be unavailable.

Also write down the name and path of the file listed in the Path to executable field. Because this malware allows others to access to your computer. http://service1.symantec.com/SUPPORT/tsgen...src=sec_doc_nam * Start | Run (type) "%temp%" (no quotes) Completely delete the entire contents of that "temp" folder.   Open Windows Explorer locate and delete the following Folders/Files in Bold if TYPE : 20 WIN32_SHARE_PROCESS START_TYPE : 2 AUTO_START ERROR_CONTROL : 0 IGNORE BINARY_PATH_NAME : C:\WINDOWS\System32\svchost.exe -k netsvcs LOAD_ORDER_GROUP : TAG : 0 DISPLAY_NAME : Error Reporting Service DEPENDENCIES : RpcSs SERVICE_START_NAME:

If the site is down, go here. TYPE : 10 WIN32_OWN_PROCESS START_TYPE : 3 DEMAND_START ERROR_CONTROL : 1 NORMAL BINARY_PATH_NAME : C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe LOAD_ORDER_GROUP : TAG : 0 DISPLAY_NAME : ASP.NET State Service DEPENDENCIES : SERVICE_START_NAME: NT AUTHORITY\NetworkService SERVICE_NAME: IE 11 copy/paste problem It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. TYPE : 20 WIN32_SHARE_PROCESS START_TYPE : 2 AUTO_START ERROR_CONTROL : 1 NORMAL BINARY_PATH_NAME : C:\WINDOWS\System32\svchost.exe -k NetworkService LOAD_ORDER_GROUP : TDI TAG : 0 DISPLAY_NAME : DNS Client DEPENDENCIES : Tcpip SERVICE_START_NAME:

Continue?".Reboot when done, rescan with HijackThis and post a new log here, together with the FxAgentB log. · actions · 2004-Dec-22 8:54 pm · wwdubbiajoin:2002-06-03Clinton, NY wwdubbia Member 2004-Dec-24 12:49 pm TYPE : 20 WIN32_SHARE_PROCESS START_TYPE : 2 AUTO_START ERROR_CONTROL : 1 NORMAL BINARY_PATH_NAME : C:\WINDOWS\system32\services.exe LOAD_ORDER_GROUP : PlugPlay TAG : 0 DISPLAY_NAME : Plug and Play DEPENDENCIES : SERVICE_START_NAME: LocalSystem SERVICE_NAME: If this service is disabled, any services that explicitly depend on it will fail to start.

TYPE : 20 WIN32_SHARE_PROCESS START_TYPE : 2 AUTO_START ERROR_CONTROL : 1 NORMAL BINARY_PATH_NAME : C:\WINDOWS\system32\svchost -k rpcss LOAD_ORDER_GROUP : COM Infrastructure TAG : 0 DISPLAY_NAME : Remote Procedure Call (RPC) DEPENDENCIES

TYPE : 20 WIN32_SHARE_PROCESS START_TYPE : 2 AUTO_START ERROR_CONTROL : 1 NORMAL BINARY_PATH_NAME : C:\WINDOWS\System32\svchost.exe -k netsvcs LOAD_ORDER_GROUP : TAG : 0 DISPLAY_NAME : Help and Support DEPENDENCIES : RPCSS SERVICE_START_NAME: Click "Start", select "Perform Full System scan" and "Next" to start the scan. If this service is disabled, any services that explicitly depend on it will fail to start. A notepad will open up.

Run CWShredder. Be sure to let me know of any problems you encountered.   Download About:Buster from the following link. TYPE : 20 WIN32_SHARE_PROCESS START_TYPE : 3 DEMAND_START ERROR_CONTROL : 0 IGNORE BINARY_PATH_NAME : C:\WINDOWS\System32\SCardSvr.exe LOAD_ORDER_GROUP : TAG : 0 DISPLAY_NAME : Smart Card Helper DEPENDENCIES : +Smart Card Reader SERVICE_START_NAME: How To: Deal with Unwanted Pop-ups http://www.mvps.org/winhelp2002/nopopups.htm   It's your call to remove or not.

Total of file sizes: 235,479,440 bytes 224.57 M Administrator Account = True --------------------End log--------------------- Hijack this log: Logfile of HijackThis v1.99.0 Scan saved at 10:33:30 PM, on 12/21/2004 Platform: Windows XP I'd say the path to go into the registry and repair the homepage, but a mistake could be fatal. TYPE : 20 WIN32_SHARE_PROCESS START_TYPE : 2 AUTO_START ERROR_CONTROL : 1 NORMAL BINARY_PATH_NAME : C:\WINDOWS\System32\svchost.exe -k LocalService LOAD_ORDER_GROUP : NetworkProvider TAG : 0 DISPLAY_NAME : WebClient DEPENDENCIES : MRxDAV SERVICE_START_NAME: NT TYPE : 20 WIN32_SHARE_PROCESS START_TYPE : 3 DEMAND_START ERROR_CONTROL : 1 NORMAL BINARY_PATH_NAME : C:\WINDOWS\System32\dmadmin.exe /com LOAD_ORDER_GROUP : TAG : 0 DISPLAY_NAME : Logical Disk Manager Administrative Service DEPENDENCIES : RpcSs

Mandatory 10 digit dialing in New York [VerizonFiOS] by Branch© DSLReports · Est.1999feedback · terms · Mobile mode

Jump to content Resolved or inactive Malware Removal Spywareinfo Forum - Home of