Home > Hijackthis Log > HijackThis Log - Smithfraud & Others?

HijackThis Log - Smithfraud & Others?

This extension is free and installs in Internet Explorer and Mozilla Firefox.a. »www.corestreet.com/spoofstick6. Couponbar with a medium rating. As soon as that is completed I will post a new HiJack This scan log. then i made the change with msconfig, but i restored the previous settings this is the Hijackthis log: Logfile of HijackThis v1.99.1 Scan saved at 21:57:57, on 23.5.2007 Platform: Windows XP Check This Out

Scanned system with Anti-Virus software (reported ZLob, Smitfraud, Various online virus virus scanners (Drantivirus) and PCprivacy junk, and a number of others like AskPbar), ran the Smitfraudfix and remsmit for both Just copy and paste your Hijackthis log file into the scanner and let it analyze it for you. Add Thread to del.icio.us Bookmark in Technorati Tweet this thread » Recent Threads Good Phone Under $200? I hope we can solve it now in a short. http://www.bleepingcomputer.com/forums/t/140931/infected-dell-smitfraud-hijackthis-and-other-logs/

Logfile of HijackThis v1.99.1 Scan saved at 5:28:17 PM, on 3/12/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE HKEY_CLASSES_ROOT\Directory\Background\shellex\ContextMenuHandlers\secure_del (Rogue.SecurePCCleaner) -> No action taken. C:\Documents and Settings\Sexy\Cookies\[email protected][1].txt -> TrackingCookie.Revsci : Cleaned. Thank you!

Please re-enable javascript to access full functionality. From time to time the system writes an error and closes. Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - You'll notice this infected system was running Trend Micro PC-Cillian Security Suite 2007 at the time of the infection, so these downloads and infections may even fool antivirus and antispyware tools.

Check the boxes next to all the entries listed below. Back to top #3 Lady Luck Lady Luck Newbie Members 2 posts Posted 28 April 2008 - 01:03 AM Username "First Last" - 04/27/2008 18:25:47 [Fixwareout edited 9/01/2007] ~~~~~ Prerun check Here's the new scan: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 7:42:20 AM, on 1/11/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16574) Boot mode: Normal Can't get to many sites on the internet in either Intenet Explorer or Firefox.

Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll O3 - Toolbar: Yahoo! The creator of each popup is an affiliate of the particular antispyware program they are promoting, so each time an unsuspecting user purchases the advertised program in hopes of removing the Now with an Immunize section that will help prevent future infections.

Check the boxes next to all the entries listed below. http://www.techist.com/forums/f51/hijackthis-log-smitfraud-c-toolbar-144440/ Error reading poptart in Drive A: Delete kids y/n? C:\Documents and Settings\Sexy\Cookies\[email protected][2].txt -> TrackingCookie.Real : Ignored. The MWAV report does show a few items of concern, unfortunately the file scan log is pretty big as noted and I have not purchased the full paid version yet to

Back to top #12 teacup61 teacup61 Bleepin' Texan! his comment is here I don't see anything out of the way in that log.......how is it running now? Please re-enable javascript to access full functionality. Pager]--a------ 2006-11-30 22:49 4662776 C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\{03-3B-B4-4A-DW}]--a------ 2008-04-22 06:04 49163 C:\windows\system32\rwwnw64d.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]"NVSvc"=2 (0x2)"ImapiService"=3 (0x3)"hui"=2 (0x2)R2 NATServices;NATServicesware;C:\WINDOWS\System32\svchost.exe [2001-08-18 07:00]S4 hui;hui;C:\WINDOWS\Hacker.com.cn.exe [][HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]NATServices REG_MULTI_SZ NATServices.**************************************************************************catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,

HKEY_CLASSES_ROOT\SystemFileAssociations\Directory.Video\shellex\ContextMenuHandlers\secure_del (Rogue.SecurePCCleaner) -> No action taken. HKEY_CLASSES_ROOT\lnkfile\shellex\ContextMenuHandlers\secure_del (Rogue.SecurePCCleaner) -> No action taken. Forums → The Site → Old Forums → Security Cleanup → [Smitfraud] Help with Hijackthis log uniqs238 Share « Hijacked continuosly after running all posted scans • [Spyware] HiJack This Log this contact form If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

What tool do I have to use now? Here is a solid procedure for removing these pests. Before attempting this removal procedure, download the following removal tools to your desktop and install them. I will do this in about 2 hours and let you know the results.

this Topic has been closed.

Install Spyware Detection and Removal Programs:You may also want to consider installing one (or more) of the following:a. Back to top #6 teacup61 teacup61 Bleepin' Texan! Printer Friendly Version of This Page Bookmark and Share this Article on PCHELL with these Social Networks: Removal Instructions for Other Programs Spyware Removal and Other Resources Essential Tools for Removing Back to top #4 teacup61 teacup61 Bleepin' Texan!

Advise if you would like it or some other scan (I can't get to a few of the online scans I usually try- Kaspersky, etc. )As I stated Spybot Search & Click here to Register a free account now! Here's the HJT and SmitFraud logs: Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 9:18:29 PM, on 1/9/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: http://ix2003.com/hijackthis-log/hijackthis-log-and-hello.html RSS Categories Android Avocent KVM Blackberry Playbook Citrix DotNetNuke eCommerce Everything Else Geeky General General Web Development GPS iPod/iPhone Joomla Linux magicJack Microsoft (General) Movie Making My Eyes Only Old Raspberry

domestics to European Saloons. » More about our Automotive Communities iRV2 RV Forum Airstream Trailer Forum Forest River Forums Fiberglass RV Forums Wander The West Jayco RV Forum Luxury Coach Forum Any other tools or reports that are needed please advise. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site. Back to top Page 1 of 2 1 2 Next Back to Virus, Trojan, Spyware, and Malware Removal Logs 2 user(s) are reading this topic 0 members, 2 guests, 0 anonymous

HKEY_CLASSES_ROOT\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\Secure Delete (Rogue.SecurePCCleaner) -> No action taken. Show Ignored Content As Seen On Welcome to Tech Support Guy! scanning hidden autostart entries ...scanning hidden files ... Install 'Spoofstick"Spoofstick is a simple browser extension that helps users detect spoofed (fake) websites.

SmitRem by NoahdFear - Tool to remove Spyaxe, SpySheriff, PSGuard, WinHound, and other issues SmitFraudFix - Tool to remove most SmitFraud infectionsMalwareBytes Anti-Malware - tool to remove Rogue applications and much Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)O23 - Service: avast! SpywareBlaster: »www.javacoolsoftware.com ··· ter.htmlb. If there is some abnormality detected on your computer HijackThis will save them into a logfile.

Microsoft MVP Consumer Security 2008 2009 2010 2011 2012 2013 UNITE member since 2006 I don't help with logs thru PM so don't bother to post me one. This site is completely free -- paid for by advertisers and donations.