Home > Need Help > Need Help For HJT Log For Friend's Computer

Need Help For HJT Log For Friend's Computer

Save ComboFix.exe to your DesktopFamiliarize yourself with ComboFix before running it:http://www.bleepingcomputer.com/combofix/how-to-use-combofix- Disable your AntiVirus and any AntiSpyware programs you may be running (usually via a right click on the System Tray Should I be worried? Click the Statistics/Logs tab. I will get back when I get it done. http://magicnewspaper.com/need-help/need-help-got-another-computer.html

OTL log follows.ComboFix 10-01-02.01 - Owner 01/02/2010 22:54:21.1.2 - x86Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.503.221 [GMT -7:00]Running from: c:\documents and settings\Owner\Desktop\ComboFix.exeAV: McAfee VirusScan *On-access scanning disabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}FW: Sygate Personal Firewall I did not delete them, figuring that they have been here since the computer was new 6 years ago.I've been trying to get online for 3 hours, finally made it. It was not meant to be taken that way. :o Like I said I have seen many people do a HJT log just because somebody else did it. My husband was fixing a computer for a friend that was very messed up.

Re: Need Help, Can't Keep Friend's Parents' PC Clean « Reply #10 on: August 28, 2009, 04:20:27 PM » For sure Malwarebytes 1.40 Free,Windows Defender (If not gone lol), Avast! HijackThis Log [Friend's Computer]: Please help Diagnose Started by BMacNinja , Oct 21 2009 09:43 AM This topic is locked 2 replies to this topic #1 BMacNinja BMacNinja Members 2 posts I have worked on the computer a little, but I haven't had a lot of time, so I haven't any new results to share yet.

Under the Processes tab, click on KDIT.exe, then click on END PROCESS. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe O23 - Service: After we ran an updated Spybot S&D, Ad-Aware, and NAV, It was still in the crapper. Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Windows

Otherwise you could create issues that you never had in the first place. Start here. CommunityCategoryBoardUsers turn on suggestions Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type. My PC was behaving oddly after that. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal.

Do a search for the "missing" file; if found, correct the file's path in its registry entry...the "annoying" msg goes away, the correct way. Free Antivirus Free Mail PassView Free More from Security Tools... 5 stars 5 4 stars 3 3 stars 1 2 stars 0 1 star 0 Based on 9 reviews Avg. I can't completely remember their system info but it's an older Dell with a 2.? Poker - http://download.games.yahoo.com/games/clients/y/pt1_x.cab O16 - DPF: Yahoo!

As said previously, you have to know what your doing and able to recognize entries. Logged WindowsXP Home SP3,Avast Free 5.1.889,Windows Firewall, Autorun Eater,Firefox w/Noscript+ /Adblock+/Better Privacy, IE8 all zones except MS Update set to "untrusted" settings,MVPS Host file.SecuniaPSI. Please start a New Thread if you're having a similar issue.View our Welcome Guide to learn how to use this site. Fix these with HiJackThis – mark them, close IE, click fix checked O4 - HKLM\..\Run: [appgd32.exe] C:\WINDOWS\appgd32.exe O4 - HKLM\..\RunServices: [MSControl28] crsss.exe O4 - HKCU\..\Run: [Mooa] C:\Documents and Settings\Lucie\Application Data\oein.exe DownLoad

You might want to check the Event Logs to see if anything is showing there. 0 Kudos Posted by Brillig ‎01-01-2010 01:03 PM Regular Contributor View All Member Since: ‎07-08-2003 Posts: http://magicnewspaper.com/need-help/need-help-computer-is-going-crazy.html Duhhh ??? Internet Security Suite to turn off Windows Firewall or uninstall the current Firewall you did install to them.So all should be fine. When my machine got infected and was this slow, CPU was pegged at 100% almost continually.Message Edited by Brillig on 01-02-2010 03:55 PM 0 Kudos Posted by johnd ‎01-02-2010 11:38 PM

tahoemama01-28-2005, 07:49 PMSorry for the delay. user rating: Based on 9 user reviews Post your own review Very useful by gimpguy Sep 26, 2011 (Read all my 1159 reviews) I have used Hijack This (darn near) since WEBATTACK and SNAPFILES are registered trademarks of WebAttack Inc. Bill, you might want to become familar with this: http://hjt.wizardsofwebsites.com/ MrBill01-26-2005, 12:25 PMI am familiar with that site.

o Click Preferences. If you're not already familiar with forums, watch our Welcome Guide to get started. Let me know if you want to do that and I will give you the instructions. 0 Kudos Posted by Brillig ‎01-02-2010 06:05 PM Edited on ‎01-02-2010 06:55 PM Regular Contributor

Review details Interface Features Ease of use Value Recommend to a friend?

Thread Status: Not open for further replies. scan completed successfullyhidden files: 0**************************************************************************[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ThreatFire]"AlternateImagePath"=""[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\vsdatant]"ImagePath"="".--------------------- LOCKED REGISTRY KEYS ---------------------[HKEY_USERS\S-1-5-21-2091934355-1156582628-1364472580-1003\Software\Microsoft\SystemCertificates\AddressBook*]@Allowed: (Read) (RestrictedCode)@Allowed: (Read) (RestrictedCode).--------------------- DLLs Loaded Under Running Processes ---------------------- - - - - - - > 'winlogon.exe'(532)c:\program files\SUPERAntiSpyware\SASWINLO.DLLc:\windows\system32\WININET.dllc:\program files\Softex\OmniPass\opxpgina.dllc:\program files\ThreatFire\TFWAH.dllc:\program files\ThreatFire\TFNI.dllc:\program scanning hidden files ... Advertisements do not imply our endorsement of that product or service.

The reason for that is if one follows my instructions FIRST, in my Browser Hijacking tutorial, then you might not have a problem anymore or by the time you get to All rights reserved. Then I installed SUPERAntiSpyware and it found more stuff. Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0521.DLL O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O12 - Plugin for

Brandonn2010 Avast Evangelist Sr. That could be an issue. or read our Welcome Guide to learn how to use this site. I knew that could only the beginning and not trusting AVG since my computer was ruined early this year, I installed MBAM.

Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm O9 - Extra button: Real.com by LakeCityMan Sep 02, 2006 This is a great no nonsense approach to eliminating annoying, well-hidden crap! Brandonn2010 Avast Evangelist Sr. Click OK. · Make sure everything in the white box has a check next to it, then click Next. · It will quarantine what it found and if it asks if

button at the bottom of the screen. 5. I convinced them to let me mess around with it since I know more about PCs than they do. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Click here to Register a free account now!

Review details Interface Features Ease of use Value Recommend to a friend?