Home > Hijackthis Log > Hijackthis Log - Virus Is Blocking Explorer.exe And Other Programs

Hijackthis Log - Virus Is Blocking Explorer.exe And Other Programs

This file was way too big. When finished, it will produce a report for you. Google Chrome 21.0.1180.83 Google Chrome 21.0.1180.89 Google Chrome 22.0.1229.79 Google Chrome 23.0.1271.97 ````````Process Check: objlist.exe by Laurent```````` Microsoft Security Essentials msseces.exe Windows Defender MSMpEng.exe Microsoft Security Client Antimalware MsMpEng.exe Malwarebytes' Anti-Malware These include searching for rootkits, keyloggers, and various backdoors based on typical TCP/UDP ports. http://wikisky.net/hijackthis-log/hijackthis-log-for-unkown-virus-problem.html

Its main goal is finding and removing adware and spyware modules, as well as Trojan horses. Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htmO8 - Extra context menu item: AccountLogon - C:\WINDOWS\al-popup-paul.htmlO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000O8 - Extra context menu item: Open Picture in Automatic quarantine of files that are not digitally signed by Microsoft and are not described in the AVZ trusted objects database for further investigation (manually or using powerful specialized antivirus software). Searching for rootkits and other API hooks supplied with the function of searching for hidden processes. http://www.techsupportforum.com/forums/f100/hijackthis-log-virus-is-blocking-explorer-exe-and-other-programs-425033.html

Register a free account to unlock additional features at BleepingComputer.com Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. http://www.bitdefender.com - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exeO23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program No one is ignored here.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a In addition to analysis of hooks, AVZ provides the function for neutralizing user-mode and kernel-mode rootkits. 5.

Nevertheless, this utility is constantly being improved, and I plan to implement such functions.2. If you click on this in the drop-down menu you can choose Track this topic. press scan, and afterwards "save log". dawgg 11.04.2007 20:59 Go here: C:\WINDOWS\system32\drivers\etc...

The third part is in the next post.O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllO2 - BHO: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe (file missing)O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra button: AccountLogon Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe (file missing)O9 - Extra 'Tools' menuitem: Yahoo! https://www.bleepingcomputer.com/forums/t/479803/malware-prevents-windows-and-other-security-updates/ Please re-enable javascript to access full functionality.

Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.3. Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, help!Logfile of HijackThis v1.99.1Scan saved at 12:04:44 PM, on 8/27/2006Platform: Windows XP (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 (6.00.2600.0000)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\Explorer.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\Real\Update_OB\realsched.exeF:\AVGANT~1\avgcc.exeF:\Nokia\NOKIAP~1\LAUNCH~1.EXEF:\Kaspersky AV\avp.exeF:\Counterspy\sunserver.exeC:\Program Files\Creative\MediaSource\Detector\CTDetect.exeF:\Nokia\Nokia PC Suite 6\PcSync2.exeC:\WINDOWS\System32\devldr32.exeF:\AVGANT~1\avgamsvr.exeF:\AVGANT~1\avgupsvc.exeC:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXEF:\Kaspersky AV\avp.exeC:\WINDOWS\System32\CTsvcCDA.EXEC:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exeC:\WINDOWS\System32\nvsvc32.exeC:\Program Files\Common Files\Symantec Shared\SNDSrvc.exeF:\Counterspy\sunThreatEngine.exeF:\Counterspy\SunProtectionServer.exeC:\Program Files\MSN Or Icrontic is shrinking the amount you can put in a post.

Back to top #14 nasdaq nasdaq Malware Response Team 34,748 posts OFFLINE Gender:Male Location:Montreal, QC. In the case of Reader, it will not progress beyond 189 KB of the 977 KB total and my download speed will slow down to zero. Nevertheless, the difference between Spyware and Trojan roses is very subtle, because of which accurate classification is hardly possible. P.S. : My PC is affected by virus called .ODIN which encrypts the documents & changes the extension to .ODIN.

Kaspersky Lab Forum > English User Forum > Virus-related issues Onca 27.08.2006 07:59 hey all i removed rbot virus with kaspersky av but it seems i still feel its after effects, weblink Download BootSafe and run it when you need to boot into Safe Mode.http://www.superadblocker.com/bootsafe.htmlHow to start Windows in Safe Modehttp://www.bleepingcomputer.com/tutorials/tutorial61.htmlHow to see hidden files in Windowshttp://www.bleepingcomputer.com/tutorials/tutorial62.htmlOnce the infections are removed then insure If Paul Wynant does not weigh in on this, I will do that. Back to top #8 nasdaq nasdaq Malware Response Team 34,748 posts OFFLINE Gender:Male Location:Montreal, QC.

Please re-enable javascript to access full functionality. I get on my comp today and cannot open the log file and cannot get the AV to run another scan. And any files that were "locked" and password protected I have manually deleted , even if I had to use unlocker to free them up for deletion. navigate here This will also limit the influence of malicious programs on the system.---------Thus, AVZ is positioned as an interactive tools intended for studying the PC to detect and remove malicious programs.

Don't worry, this topic will help you in removing all malicious software from your PC. OK!User = LL2 ... I then disabled Microsoft Security Essentials and turned on Windows Defender.

He had suggested Oleg's utility in another thread.Ron YoKenny 27.08.2006 21:40 Onca, welcome to the Kasperski HijackThis help forum.Use a pencil and check off each item when completed.Disable System Restore as

At first it would not even do an online AV scan but I did some things and finally got an online scan to run. This is a "lo-fi" version of our main content. Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: ??? ?-Bluetooth - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file) O9 - Extra Reinstall the application.

Uninstall MSE and reinstall. I get a "303 Forbidden" error. It picked up a virus. his comment is here P: is NetworkDisk (NTFS) - 4520 GiB total, 200.101 GiB free.

Username Forum Password I've forgotten my password Remember me This is not recommended for shared computers Sign in anonymously Don't add me to the active users list Privacy Policy N: is NetworkDisk (NTFS) - 2048 GiB total, 425.668 GiB free. The possibility of starting system scanning and quarantine by means of scripts allows for full automation of this operation. Built-in scripting language that allows for controlling AVZ operation.

Apply and ok, then exit services.Try a Download now.Keep me posted.Post any error message that may help identify the problem.=*= Back to top #7 Frustrated Updater Frustrated Updater Topic Starter Members R. Close any open browsers.2. However, when I attempted to visit websites to download certain files (IE 7.0, Yahoo msgr, Aim, even KAS downloads) I am blocked with a 303 error.Now, when running KAS, it shows

Please post them in a new topic, as this one shall be closed. then post the log here. For example, it is possible to choose the mode in which the program will destroy viruses and Trojans detected, but deletion of Adware programs will be blocked.Another specific feature of AVZ The AVZGuard system that allows for protecting AVZ and any other applications specified by it against active malicious programs.

Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. System recovery.