CBMatt: You’re welcome; come back anytime.And you’re right, I see Spybot in your logs. ash72: Thanks Chris I will do that now. Back to top #3 dpennmaas dpennmaas Authentic Member Authentic Member 100 posts Posted 18 June 2008 – 10:39 AM Hi Ken, here are the new logs… nasdaq Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ] [ Housecall online virus scan ] [ Bitdefender online virus scan ] [ AVG antivirus ]

Go to Start > Programs > Accessories > System Tools > System Restore2. Is all OK?Logfile of Trend Micro HijackThis v2.0.0 (BETA)Scan saved at 09:28:52, on 12/05/2007Platform: Windows XP SP2 (WinNT 5.01.2600)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\PROGRA~1\Grisoft\AVG7\avgamsvr.exeC:\WINDOWS\Explorer.EXEC:\PROGRA~1\Grisoft\AVG7\avgupsvc.exeC:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exeC:\PROGRA~1\MCAFEE.COM\PERSON~1\MPFSERVICE.exeC:\WINDOWS\system32\nvsvc32.exeC:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\RTHDCPL.EXEC:\PROGRA~1\MCAFEE.COM\PERSON~1\MPFTRAY.EXEC:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exeC:\PROGRA~1\Grisoft\AVG7\avgcc.exeC:\PROGRA~1\MCAFEE.COM\PERSON~1\MPFAGENT.EXEC:\WINDOWS\AGRSMMSG.exeC:\Program Files\MSI\3D!Turbo Experience\3D!Turbo.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Internet Explorer\iexplore.exeC:\WINDOWS\system32\wuauclt.exeD:\Ash\Zip Allow the scan to run. We invite you to ask questions, share experiences, and learn. https://forums.techguy.org/threads/outerinfo-problem-please-help-hjt-log-here.648590/

If you need this topic reopened, please contact a member of the HJT Team and we will reopen it for you. Allow the scan to run. Click the red Moveit! View Answer Related Questions You may search : Virus Combofix And Hjt Logs Virus Combofix Hjt 33 Issue Outerinfo Purityscan Resol Virus Combofix Combofix Hjt Search Result Index Os : Remove

Edited by Jack Of Nines, 23 December 2007 – 02:18 AM. 0 #13 sarahw Posted 23 December 2007 – 05:27 AM sarahw Malware Staff Member 2,781 posts If it matters I Logfile of HijackThis v1.99.1 Scan saved at 9:36:49 AM, on 11/6/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe I’m currently on my desktop instead. Once the scan is complete do the following:If you have any infections you will prompted, then select “Apply all actions”Next select the “Reports” icon at the top.Select the “Save report as”

You may be prompted to replace the infected file (if found); answer “Yes” by typing Y and press “Enter”.The tool may need to restart your computer to finish the cleaning process. Let me know what problem persist. A caution – do not touch your mouse/keyboard until the scan has completed. https://www.bleepingcomputer.com/forums/t/129521/outerinfo-and-find-stuff-hijackers-help-have-hjt-log/ Created on 12/23/2007 01:25:22And here is activescan logIncident Status Location Virus:Generic Malware Disinfected Operating system Adware:Adware/PurityScan Not disinfected c:\windows\system32\?ttrib.exe Potentially unwanted tool:Application/PRScheduler Not disinfected C:\Documents and Settings\Jacob\Start Menu\Programs\Startup\PowerReg Scheduler.exe Spyware:Cookie/Atlas DMT

File/Folder C:\WINDOWS\system32\wdaol.dll not found. Jump to content Sign In Create Account Search Advanced Search section: This topic Forums Members Help Files Calendar View New Content PC Pitstop Members Forums Calendar More PC Pitstop Please double-click OTMoveIt.exe to run it. I am using Windows server 2003 and wanna run Combofix on Server 2003 …

Staff Online Now etaf Moderator valis Moderator Keebellah Trusted Advisor Macboatmaster Trusted Advisor Advertisement Tech Support Guy Home Forums > Security & Malware Removal > Virus & Other Malware Removal > recommended you read Completion time: 2007-12-08 10:15:08 – machine was rebooted . — E O F — Back to top #4 Jintan Jintan Advanced Member Members 1,062 posts Gender:Male Posted 08 December 2007 – Open SUPERAntiSpyware and click the Scan your Computer button. It is important that it is saved directly to your desktop*** Go to add remove programs and uninstall the following if presentRabio180Search assistantYazzleQdrDriveQdrModule* Open HJT, run a system scan only, check

Inc. – C:\Program Files\ITECIR\RemoteControlService.exe O23 – Service: NVIDIA Display Driver Service (NVSvc) – NVIDIA Corporation – C:\WINDOWS\system32\nvsvc32.exe O23 – Service: PnkBstrA – Unknown owner – C:\WINDOWS\system32\PnkBstrA.exe O23 – Service: Private Encrypted Advertisement by Outerinfo pops up alot. Click on the downloaded file to run it, and select “Select All”, then click Empty Selected (and close ATF). Back to top Back to Solved Malware Logs 0 user(s) are reading this topic 0 members, 0 guests, 0 anonymous users Reply to quoted postsClear PC Pitstop Forums → Community

This is I hope what’s left! I’ll change the above instructions a bit for you. 0 #6 Jack Of Nines Posted 22 December 2007 – 09:02 PM Jack Of Nines Member Topic Starter Member 26 posts One Adam Smith Glasgow, 1760 Back to top Back to Resolved or inactive Malware Removal 0 user(s) are reading this topic 0 members, 0 guests, 0 anonymous users Reply to quoted postsClear When the command window opens, select 1 (and Enter).

Now copy/paste the entire content of the codebox below into the Notepad window:File::C:\WINDOWS\SYSTEM32\Passqlogon.dllC:\WINDOWS\system32\lnaoxx.dllC:\WINDOWS\system32\toojw.dllC:\WINDOWS\system32\bez.dllC:\WINDOWS\system32\mvblbhmh.dllC:\WINDOWS\system32\tandq.dllRegistry::[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4390409A-A222-83D8-01E3-F34A468EFB97}][-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4690409C-A254-F2A2-01E3-814A3CFEFB9C}][-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{722E67B8-D55E-A9F2-2885-D5F8FE90CFC1}][-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{772E67BE-D528-D888-2885-A7F884E0CFCA}][-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{985D4E9B-FD56-ADF1-5152-8F3AF8772693}][-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B28A8F49-3AD1-3B7A-8B5A-4AE678F20BC3}][-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E6D8DB42-69D4-3E2F-8B5A-4AE678F50F94}][-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\PassQLogon]3. Some of the instructions I give may need to be printed or saved for reference during the fix. I did everything as directed so far.

Go Here and download ATF cleaner.

scan completed successfully hidden files: 0 ************************************************************************** . EEK! Click Preferences, then under the Statistics/Logs tab, click to select the most recent Scan Log, then click View Log. Back to top #3 nasdaq nasdaq Forum Deity Global Moderator 49,120 posts Posted 17 November 2006 – 04:43 PM Hi,Print this topic it will make it easier for you to follow

Cluster headaches forced retirement of Tom in 2007, and the site was renamed “What the Tech”. Post the contents of the ActiveScan report3.Remeber to reply with the OTMoveIt log, Panda scan Report, and a fresh Hiajck This log. 0 #14 Jack Of Nines Posted 23 December 2007 If you’re new to Tech Support Guy, we highly recommend that you visit our Guide for New Members. Please re-enable javascript to access full functionality.

That may cause it to stall I need to see the Malwarebytes log, the Combofix log and a New HJT log please Want to help others, Join our Malware Removal Classroom There will only be a main log this time.Thanks Navigation [0] Message Index [#] Next page [*] Previous page Go to full version Software > Computer viruses and spyware Smitfraud-C.Toolbar888 & WE’RE SURE THAT YOU’LL LOVE US! Jump to content FacebookTwitter Geeks to Go Forum Security Virus, Spyware, Malware Removal Welcome to Geeks to Go – Register now for FREE Geeks To Go is a helpful hub, where

Thread Status: Not open for further replies. Some of the fix will be done in Safe Mode so you will be unable to access this thread at that time. What should I do after that?ETA: I tried running ComboFix again with the CFscript.txt and it still isn’t doing anything.

Outerinfo HJT Log