Home > Please Help > Please Help Shdoc.dll Problem (HJT And CWS Log Included)

Please Help Shdoc.dll Problem (HJT And CWS Log Included)

Check Turn off System Restore. Clean out temporary and TIF files. Make sure to take advantage of this. Unfortunately... http://magicnewspaper.com/please-help/please-help-me-log-included.html

Here's the new HJT log: Logfile of HijackThis v1.98.2 Scan saved at 10:14:52 PM, on 8/18/2004 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe He should take precaution in changing all accounts and passwords...my best recommendation on such a compromised computer would be to back up any important Data on to a CD and reformat Now that is done, Reboot 3 or 4 times, go online, surf for sometime. Click the "Advanced" button. https://forums.techguy.org/threads/please-help-shdoc-dll-problem-hjt-and-cws-log-included.298373/

Mouse over Accessories, then System Tools, and select System Restore. I've run Spybot Search & Destroy and Ad-Aware 6... I deleted those. Then post another log.

__________________ KangarooPoo View Public Profile Send a private message to KangarooPoo Find all posts by KangarooPoo Page 1 of 2 1 2 > Bookmarks

You can use HijackThis for that: http://www.merijn.org/files/hijackthis.zip http://www.spywareinfo.com/~merijn/files/hijackthis.zip Windows XP (5.01.2600 SP2) Windows dir: C:\WINDOWS Windows system dir: C:\WINDOWS\system32 AppData folder: C:\Documents and Settings\XXXXXXXX\Application Data Username: XXXXXXXX Infected Registry value: HKLM\Software\Microsoft\Internet Beside "Startup Type" in the dropdown menu select "Disabled". to eliminate what I could. You guys are performing an invaluable public service.

I downloaded a virus TheGreatCornholio, Nov 5, 2016, in forum: Virus & Other Malware Removal Replies: 34 Views: 1,203 kevinf80 Nov 9, 2016 Thread Status: Not open for further replies. And House Call did find three files infected with some sort of JAVA bug. Then run through the same steps as before except these are the ones to end in processes: iefj.exe and iepp32.exe These are the ones to fix with HijackThis: R1 - HKCU\Software\Microsoft\Internet http://www.pcguide.com/vb/showthread.php?31585-Another-hijacking-HJT-log-included Please send a report to [email protected], mentioning what you were doing, and what version of Windows you have.

No, create an account now. Thanks! Last edited by shanmuga; 08-18-2004 at 04:18 AM. ......_=_ ....q(-_-)p .....'_) (_` ../__/ \ __\ .._ (<_ / )_.. (__\_\_|_/__) "Our life is shaped by our mind; we become what we Buddha, Siddhartha Gautama Reply With Quote 08-18-2004,12:46 PM #8 glyphic View Profile View Forum Posts View Blog Entries View Articles Geek Adept Join Date May 2004 Posts 67 oops Knew I

Western Australia. http://maddoktor2.com/forums/index.php?topic=849.0;wap2 I select yes and then get this message "Cannot Delete Dc238 Access is denied". Now click "Apply to all folders" Click "Apply" then "OK" Now find and delete these files: C:\WINDOWS\system32\msza32.dll C:\WINDOWS\system32\apptg32.exe C:\WINDOWS\ipmu.exe Delete any files that have the same name as these files but Navigate to: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\__NS_Service_3 If __NS_Service_3 exists , right click on it and choose delete from the menu.

Go to Start>Run and type regedit. Poker - http://download.games.yahoo.com/game...ts/y/pt0_x.cab O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://www.support.dell.com/systemprofiler/SysPro.CAB O16 - DPF: {10000000-1000-0000-1000-000000000000} - file://C:\Program Files\Internet Explorer\ocneldht.exe O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/sh...6/mcinsctl.cab O16 - DPF: {59D04288-805E-4D43-BE09-83B1083E9E1E} (IUpdateAutoLaunch Control) Newer Than: Search this thread only Search this forum only Display results as threads Useful Searches Recent Posts More... Buddha, Siddhartha Gautama Reply With Quote Quick Navigation Internet Security and Malware Help Top Site Areas Settings Private Messages Subscriptions Who's Online Search Forums Forums Home Forums Forum Information and General

C:\WINDOWS\system32\pmkhe.dll C:\WINDOWS\system32\ehkmp.ini C:\WINDOWS\system32\ehkmp.bak1 C:\WINDOWS\system32\ehkmp.bak2 C:\WINDOWS\system32\ehkmp.ini2 C:\WINDOWS\system32\ehkmp.tmp C:\WINDOWS\system32\ehkmp.bak1 C:\WINDOWS\system32\ehkmp.bak2 C:\WINDOWS\system32\ehkmp.tmp C:\WINDOWS\system32\ehkmp.ini C:\WINDOWS\system32\ehkmp.ini2 C:\WINDOWS\system32\pmkhe.dll C:\WINDOWS\system32\ehkmp.ini2 C:\WINDOWS\system32\ehkmp.bak2 C:\WINDOWS\system32\ehkmp.tmp C:\WINDOWS\system32\ehkmp.ini C:\WINDOWS\system32\ehkmp.ini2 C:\WINDOWS\system32\pmkhe.dll Attempting to delete C:\WINDOWS\system32\pmkhe.dll C:\WINDOWS\system32\pmkhe.dll Has been deleted! Arrow gets politically insulting, rubs some people the wrong way. [Anime/SciFi/TV] by urbanriot455. 2 $ bill freaks out cashier [Rants,Raves,andPraise] by Anonymous_444. Click "Click here to select Drives + folders" and select your installed hard drives. VBS: malware-gen PLEASE HELP Started by Daanyal , Today, 12:55 AM Please log in to reply No replies to this topic #1 Daanyal Daanyal Members 1 posts OFFLINE Posted Today,

Please make sure that you activate IN-DEPTH scanning before you proceed. When you are sure you are clean turn System Restore back on and create a restore point. Unplug your modem or disconnect the cable or phone line.

I'm going to take care of the other stuff and then I'll probably post a new HJT log tonight or tomorrow.

  1. Find The PC Guide helpful?
  2. Euchre - http://download.games.yahoo.com/game...ts/y/et1_x.cab O16 - DPF: Yahoo!
  3. Then click on everyone and put a checkmark in "full control".
  4. You should do this before you see the Windows splash screen. 3.
  5. Scan with HijackThis and checkmark the following items, then press *fix checked*R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blankR0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =R3 - Default URLSearchHook is missingO4 - HKCU\..\RunServices: [Security Agent
  6. When you find it, double-click on it.

Make sure that it is updated regularly and have it scan your system often. If they have been changed, reset your active x security settings in IE as recommended here. Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: WCCO NOW.lnk = C:\Program Files\Common Files\WCCO NOW\TrueWeather.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present I have Ad Aware latest version running (Ad watch running also) tried it on safe mode along with SpyBot SD, Hijack this and CWShredder and I enclose the results from these

Euchre - http://download.games.yahoo.com/game...ts/y/et1_x.cab O16 - DPF: Yahoo! Contact Us Help Home Top RSS Terms and Rules Forum software by XenForo™ ©2010-2016 XenForo Ltd. I don't know if my friend would notice, but I wouldn't want to put something on his machine that would be a resource hog. Forum New Posts FAQ Calendar Community Groups Albums Member List Forum Actions Mark Forums Read Quick Links Today's Posts View Site Leaders What's New?

Fios down in Tampa [FrontierCommunications] by tarp0n352.