Hi, I think theres a possibility of having a keylogger on my notebook, I was infected with Unknown Trojan and thought I have removed it a while ago. I received an email from my bank telling me it has been locked due to multiple sign in attempts. I ran all the tests and the rootkit came up with nothing as did some of the other tests. SS&D found something as well. Oh and I can't start Windows Security Center after these instructions. Any help is appreciated. Thanks.
Combofix/AVG/HiJackThis log
- Thread starter spxnerd
- Start date
- Status
You didn't say what progs you have run to remove the nasties.
You, like many others, have added all kinds of (to me) useless crap on your comp and some of it has been bad for it.
I think you should run through the complete steps for prelim removals. Once done, repost with ALL the required logs.
https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
You, like many others, have added all kinds of (to me) useless crap on your comp and some of it has been bad for it.
I think you should run through the complete steps for prelim removals. Once done, repost with ALL the required logs.
https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
kritius
Posts: 2,077 +0
They have followed the instructions from the prelim removal sticky.
Go to Start > Run and copy/paste or type: taskmgr
Finally, delete the following folders if they still exist:
C:\Program Files\ViewManager\ <-- and delete this folder
C:\Program Files\Viewpoint\ <-- and delete this folder
Run HJT and have it do a sytem scan only.
Close all browsers and put a check next to the following items,
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
Ypu may also think about getting rid of the yahoo toolbar.
After that repost with a new HJT log and well see how it looks then.
Go to Start > Run and copy/paste or type: taskmgr
- Under the Processes tab find the following tasks or processes:
ViewpointService.exe
ViewMgr.exe - Highlight and click "End Process".
- Exit Task Manager.
- Press "OK".
- Click the "Extended tab".
- Scroll down the list and find the service called "Viewpoint Manager Service"
- When you find the service, double-click on it.
- In the Properties Window > General Tab that opens, click the "Stop" button.
- From the drop-down menu next to "Startup Type", click on "Disabled".
- Now click "Apply", then "OK" and close any open windows.
Finally, delete the following folders if they still exist:
C:\Program Files\ViewManager\ <-- and delete this folder
C:\Program Files\Viewpoint\ <-- and delete this folder
Run HJT and have it do a sytem scan only.
Close all browsers and put a check next to the following items,
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
Ypu may also think about getting rid of the yahoo toolbar.
After that repost with a new HJT log and well see how it looks then.
kritius
Posts: 2,077 +0
Have you uninstalled the Yahoo toolbar? Also have you recently removed bitcomet?
You may also want to remove gameconsoleservice, check to see if its in your add/remove programs and then do a search for it and clean up any remnants much like the viewpoint instruction.
Open HJT and select do a system scan only, close all windows except HJT(including this one) and put a check beside the following entries then select fix checked.
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: MS Video Control 1.0 - {708F8B95-4012-4A3A-9494-5EEE5F8CC89E} - C:\Windows\msvidc32.dll (file missing)
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll/206 (file missing)
Reboot and run HJT and post another log back.
Are you still unable to open the windows security centre?
Try running this, FixPolicies.exe
You may also want to remove gameconsoleservice, check to see if its in your add/remove programs and then do a search for it and clean up any remnants much like the viewpoint instruction.
Open HJT and select do a system scan only, close all windows except HJT(including this one) and put a check beside the following entries then select fix checked.
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: MS Video Control 1.0 - {708F8B95-4012-4A3A-9494-5EEE5F8CC89E} - C:\Windows\msvidc32.dll (file missing)
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll/206 (file missing)
Reboot and run HJT and post another log back.
Are you still unable to open the windows security centre?
Try running this, FixPolicies.exe
- Double-click FixPolicies.exe
- Click the Install button on the bottom toolbar of the box that will open.
- The program will create a new Folder called FixPolicies
- Double-click to Open the new Folder, and then double-click the file named Fix_Policies.cmd
- A black box will briefly appear and then close. This may work.
I uninstalled Yahoo toolbar already, but I don't know why it still shows up under the toolbar options. I have not recently uninstalled BitComet as well either. I cannot find the gamserviceconsole in the Programs control panel, or in the Program Files folder either. Also I have ran the FixPolicies.exe, but am still unable to start Security Center.
Here is the new Log.
Here is the new Log.
- Status
Latest posts
-
New Affordable AMD B650 Motherboard Roundup- Avro Arrow replied
-
10 Things We Hate About Nvidia- Endymio replied
-
PlayStation 5 Pro will be bigger, faster, and better using the same CPU- poshflamingos replied
