Home > Please Help > PLEASE HELP: Infected Again. HJT Log Included

PLEASE HELP: Infected Again. HJT Log Included

May 4, 2010 #5 Bobbye Helper on the Fringe Posts: 16,335 +36 Try running GMER in Safe Mode. Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: AdminWorks Agent X6 (AWService) - OSA Technologies Inc., An Avocent Company - C:\Acer\LANScope Agent\awServ.exe O23 - Service: eDataSecurity Service self protection module/ALWIL Software) ZwSetValueKey [0xF61988AE] ---- User IAT/EAT - GMER 1.0.15 ---- IAT C:\WINDOWS.0\system32\services.exe[596] @ C:\WINDOWS.0\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 00370002 IAT C:\WINDOWS.0\system32\services.exe[596] @ C:\WINDOWS.0\system32\services.exe [KERNEL32.dll!CreateProcessW] 00370000 ---- Devices - GMER 1.0.15 ---- I haven't seen the ads234 on my address bar since!!

O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM) O9 - Extra button: AIM (HKLM) O9 - Extra button: Real.com (HKLM) O9 - Extra button: MoneySide (HKLM) O9 - Extra button: I still think Im infected though because I have 11 svchost.exe files running. Holly3278 replied Jan 16, 2017 at 8:49 PM Loading... self protection module/ALWIL Software) ZwDeleteValueKey [0xF6198A52] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! https://forums.techguy.org/threads/infected-once-again-hjt-log-included.623301/

F: is Fixed (NTFS) - 232.88 GiB total, 69.39 GiB free. Join the community here. when i stop that program from running then all ports are closed. We do not 'screen' for malware with HijackThis.

scanning hidden files ... o It will open in your default text editor (such as Notepad/Wordpad). How to start your computer in safe mode Flrman1, Aug 5, 2004 #5 Kathy T Thread Starter Joined: Aug 5, 2004 Messages: 3 You guys are awesome!!! This will take some time!!!!!!!!

I have to figure out a way to move those files to the correct directory. Choose your usual account. I have included my HJT log file. this I notice also that you removed the Sony program and that there is also no indication of an install of TMeter Service Monitor which runs an executalbe as TrafMonitor.exe.

the 1st hijack this log is from another pc in our office which i incorrectly pasted. ads 234 infection HJT log included Discussion in 'Virus & Other Malware Removal' started by Kathy T, Aug 5, 2004. Anyone else with a similar problem please start a "New Thread". Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Sign in to follow this Followers 0 Go To Topic Listing Resolved Malware Removal Logs Recently Browsing 0 members No registered users viewing this page. Please click on the red exclamation mark on the upper right hand sign and alert the mods to give it a final view and if its clean, close it and mark Join over 733,556 other people just like you! Press the "Check for Updates" button.If prompted for a Restart, do that.When done, click the Scanner tab.Do a FULL Scan.When the scan is complete, click OK, then Show Results to view

Thanks! IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_10-03-17.01) Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume1 Install Date: 2008/08/04 14:31:55 System Uptime: 2010/05/11 07:23:30 (2 hours ago) Motherboard: | | May 17, 2010 #13 Bobbye Helper on the Fringe Posts: 16,335 +36 Guess I came on a bit strong! the sony program that i uninstalled not so long ago is that cd software that comes with the cellphone.

The system returned: (22) Invalid argument The remote host or network may be down. This would indicate that you are capturing or limiting network traffic from a large network environment- and yet you say that "-computer sends and receives a few million packets in a And why are you checking netash? combofix log ...

May 14, 2010 #12 MelissaP TS Rookie Topic Starter i am so sorry about that. Other members who need assistance please start your own topic in a new thread. Apr 23, 2010 #3 Bobbye Helper on the Fringe Posts: 16,335 +36 Melissa, I do not have enough information to answer your question.

D: is Fixed (NTFS) - 233.34 GiB total, 111.37 GiB free.

c:\program files\Alwil Software\Avast4\aswUpdSv.exe c:\program files\Alwil Software\Avast4\ashServ.exe c:\windows.0\system32\VTTimer.exe c:\windows.0\SOUNDMAN.EXE c:\program files\Alwil Software\Avast4\ashMaiSv.exe c:\program files\Alwil Software\Avast4\ashWebSv.exe c:\windows.0\system32\wscntfy.exe . ************************************************************************** . Must have been late at night- I growl louder then! Then I formated and re-installed windows. have Hijackthis log please help Privacy Policy Contact Us Back to Top Malwarebytes Community Software by Invision Power Services, Inc. × Existing user?

self protection module/ALWIL Software) ZwOpenThread [0xF61980F0] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! Please download Deckard's System Scanner (DSS) and save to your Desktop.alternate download siteDSS will do the following:Create a new System Restore point in Windows XP and Vista.Clean your Temporary Files, Downloaded didn't require it anymore cos cellphone has been replaced. G: is CDROM (No Media)H: is CDROM (CDFS)\\.\PHYSICALDRIVE0 - ST3500320AS - 465.76 GiB - 2 partitions \PARTITION0 (bootable) - Installable File System - 232.42 GiB - C: \PARTITION1 - Installable File

Join our site today to ask your question. anyway please tell me if there's anything in the logs that i should be aware of... does gamer cause a computer to behave that way? Short URL to this thread: https://techguy.org/258403 Log in with Facebook Log in with Twitter Log in with Google Your name or email address: Do you already have an account?

Newer Than: Search this thread only Search this forum only Display results as threads Useful Searches Recent Posts More... If you need it reopened please PM me or one of the other mods. Click here to join today! TechSpot Account Sign up for free, it takes 30 seconds.

Are you looking for the solution to your computer problem? Infidel_Kastro, Aug 5, 2004 #2 Kathy T Thread Starter Joined: Aug 5, 2004 Messages: 3 Thanks infidel, I did as you said, except, I could not delete the C:/documents and settings\tripp\local Advertisement noLogic Thread Starter Joined: May 9, 2006 Messages: 58 I've been infected with some sort of spyware/malware again. Join the community here, it only takes a minute.

In the top right-block "On virus detection", click Report onlyIn the bottom block "Heuristic network check for suspicious files" select HighClick the Scan Now button.When done, use the File menu and If you are asked to reboot the machine choose Yes.


You are running an older version of Java. Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! May 19, 2010 #14 (You must log in or sign up to reply here.) Show Ignored Content Topic Status: Not open for further replies.

Let me know what I need to do. dino7 replied Jan 16, 2017 at 9:47 PM Video card not working Macboatmaster replied Jan 16, 2017 at 9:39 PM Intel RST service is not running pennilaymay replied Jan 16, 2017 Kathy T, Aug 5, 2004 #6 Flrman1 Joined: Jul 26, 2002 Messages: 46,329 Glad we could help!