Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

hijackthis log [RESOLVED]


  • This topic is locked This topic is locked

#1
shawn_dsm

shawn_dsm

    New Member

  • Member
  • Pip
  • 5 posts
> Editted per request

Edited by Tigger93, 14 October 2006 - 01:34 PM.

  • 0

Advertisements


#2
Tigger93

Tigger93

    Trusted Helper

  • Retired Staff
  • 1,870 posts
Hiya! :blink:

Open HiJackThis and fix these:
O16 - DPF: {19E28AFC-EAE3-4CE5-AC83-2407B42F57C9} (MSSecurityAdvisor Class) -

O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)


Go Run and type in msconfig and click Ok

Goto the startup tab and click Enable All

Restart your computer and post a new HJT log please. :whistling:
  • 0

#3
shawn_dsm

shawn_dsm

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
> Editted per request

Edited by Tigger93, 14 October 2006 - 01:35 PM.

  • 0

#4
Tigger93

Tigger93

    Trusted Helper

  • Retired Staff
  • 1,870 posts
While TeaTimer is an excellent tool for the prevention of spyware, it can sometimes prevent HijackThis from fixing certain things.
Please disable TeaTimer for now until you are clean. TeaTimer can be re-activated once your HijackThis log is clean.
  • Open Spybot Search & Destroy.
  • In the Mode menu click "Advanced mode" if not already selected.
  • Choose "Yes" at the Warning prompt.
  • Expand the "Tools" menu.
  • Click "Resident".
  • Uncheck the "Resident "TeaTimer" (Protection of overall system settings) active." box.
  • In the File menu click "Exit" to exit Spybot Search & Destroy.
Open HijackThis, click Config, click Misc Tools
Click "Open Uninstall Manager"
Click "Save List" (generates uninstall_list.txt)
Click Save, copy and paste the results in your next post.
  • 0

#5
shawn_dsm

shawn_dsm

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
> Editted per request

Edited by Tigger93, 14 October 2006 - 01:35 PM.

  • 0

#6
Tigger93

Tigger93

    Trusted Helper

  • Retired Staff
  • 1,870 posts
First download AVG Anti-Spyware from HERE and save that file to your desktop.
This is a 30 day trial of the program
  • Once you have downloaded AVG Anti-Spyware, locate the icon on the desktop and double-click it to launch the set up program.
  • Once the setup is complete you will need run AVG Anti-Spyware and update the definition files.
  • On the main screen select the icon "Update" then select the "Update now" link.
    • Next select the "Start Update" button, the update will start and a progress bar will show the updates being installed.
  • Once the update has completed select the "Scanner" icon at the top of the screen, then select the "Settings" tab.
  • Once in the Settings screen click on "Recommended actions" and then select "Quarantine".
  • Under "Reports"
    • Select "Automatically generate report after every scan"
    • Un-Select "Only if threats were found"
Close AVG Anti-Spyware, Do Not run a scan just yet, we will shortly.
  • Reboot your computer into SafeMode. You can do this by restarting your computer and continually tapping the F8 key until a menu appears. Use your up arrow key to highlight SafeMode then hit enter.
    IMPORTANT: Do not open any other windows or programs while AVG Anti-Spyware is scanning, it may interfere with the scanning proccess:
  • Lauch AVG Anti-Spyware by double-clicking the icon on your desktop.
  • Select the "Scanner" icon at the top and then the "Scan" tab then click on "Complete System Scan".
  • AVG Anti-Spyware will now begin the scanning process, be patient this may take a little time.
    Once the scan is complete do the following:
  • If you have any infections you will prompted, then select "Apply all actions"
  • Next select the "Reports" icon at the top.
  • Select the "Save report as" button in the lower left hand of the screen and save it to a text file on your system (make sure to remember where you saved that file, this is important).
  • Close AVG Anti-Spyware and reboot your system back into Normal Mode and post the results of the AVG Anti-Spyware report scan.

  • 0

#7
Tigger93

Tigger93

    Trusted Helper

  • Retired Staff
  • 1,870 posts
Download WindPFind

Extract WinPFind.zip to your c:\ folder.

Reboot your computer into Safe Mode

Then open c:\WinPFind and double-click on WinPFind.exe.
When the program is open, click on the Start Scan button to start scanning your computer. Be patient as this scan may take a while.
When it is done, it will show a log and tell you the scan is completed. Reboot your computer back to normal mode and and post the contents of c:\WinPFind\WinPFind.txt as a reply to this topic.
  • 0

#8
shawn_dsm

shawn_dsm

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
> Editted per request. :whistling: - Tigger

Edited by Tigger93, 14 October 2006 - 01:19 PM.

  • 0

#9
Tigger93

Tigger93

    Trusted Helper

  • Retired Staff
  • 1,870 posts
Ok, can you go here and upload and scan these files:
C:\WINDOWS\SYSTEM32\wbdbase.deu
C:\WINDOWS\bootstat.dat


Save the results from the scan and post them in your next reply please. :whistling:
  • 0

#10
Tigger93

Tigger93

    Trusted Helper

  • Retired Staff
  • 1,870 posts
Ok, since nothing was found, lets try this:

Download Combofix here

2. Double click combofix.exe & follow the prompts.
3. When finished, it shall produce a log for you. Post that log in your next reply

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall
  • 0

#11
shawn_dsm

shawn_dsm

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
> Editted per request

Edited by Tigger93, 14 October 2006 - 01:35 PM.

  • 0

#12
Tigger93

Tigger93

    Trusted Helper

  • Retired Staff
  • 1,870 posts
Nothing...

Go Start > Search and search for sw.exe If it finds anything, please post the location to that file. :whistling:
  • 0

#13
Tigger93

Tigger93

    Trusted Helper

  • Retired Staff
  • 1,870 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :whistling:

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP