Comfix Log
- Thread starter jmolina
- Start date
- Status
xxdanielxx
Posts: 1,069 +0
if you have not had training on how to run this tool you can damage your computer.
Looks like you still have vundo. Run the tool below and attach the log
* Click here to download HJTsetup.exe
Looks like you still have vundo. Run the tool below and attach the log
* Click here to download HJTsetup.exe
- Save HJTsetup.exe to your desktop.
- Doubleclick on the HJTsetup.exe icon on your desktop.
- By default it will install to C:\Program Files\Hijack This.
- Continue to click Next in the setup dialogue boxes until you get to the Select Addition Tasks dialogue.
- Put a check by Create a desktop icon then click Next again.
- Continue to follow the rest of the prompts from there.
- At the final dialogue box click Finish and it will launch Hijack This.
- Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
- Come back here to this thread and Attach the log in txt format your next reply.
- DO NOT have Hijack This fix anything yet. Most of what it finds will be harmless or even required.
xxdanielxx
Posts: 1,069 +0
Please read this post completely, it may make it easier for you if you copy and paste this post to a new text document or print it for reference later.
Please re-open HiJackThis and scan.**Check the boxes next to all the entries listed below.
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://internetsearchservice.com
R1 - HKLM\Software\Microsoft\Internet Explorer,SearchURL = http://internetsearchservice.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://internetsearchservice.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://internetsearchservice.com/ie6.html
O2 - BHO: (no name) - {F7F6584C-864B-411D-A410-BB2DE0D33CA1} - C:\WINDOWS\system32\tuvULeBq.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{A376BB77-A7F1-4E05-8ABC-9D4324A7D3C9}: NameServer = 85.255.113.116,85.255.112.6
O17 - HKLM\System\CCS\Services\Tcpip\..\{FFC95A01-5B7F-415C-A628-6421D01DA005}: NameServer = 85.255.113.116,85.255.112.6
O20 - Winlogon Notify: tuvULeBq - C:\WINDOWS\SYSTEM32\tuvULeBq.dll
Now close all windows other than HiJackThis, then click Fix Checked.**Close HiJackThis and*reboot
===========================================================
Please download the OTMoveIt2 by OldTimer.
===========================================================
Please run an on-line virus scan at http://www.kaspersky.com/virusscannerKaspersky OnLine Scan or if that doesnt work, you can use TrendMicro or BitDefender. (Please post the results of the scan(s) in your next reply)
Please re-open HiJackThis and scan.**Check the boxes next to all the entries listed below.
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://internetsearchservice.com
R1 - HKLM\Software\Microsoft\Internet Explorer,SearchURL = http://internetsearchservice.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://internetsearchservice.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://internetsearchservice.com/ie6.html
O2 - BHO: (no name) - {F7F6584C-864B-411D-A410-BB2DE0D33CA1} - C:\WINDOWS\system32\tuvULeBq.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{A376BB77-A7F1-4E05-8ABC-9D4324A7D3C9}: NameServer = 85.255.113.116,85.255.112.6
O17 - HKLM\System\CCS\Services\Tcpip\..\{FFC95A01-5B7F-415C-A628-6421D01DA005}: NameServer = 85.255.113.116,85.255.112.6
O20 - Winlogon Notify: tuvULeBq - C:\WINDOWS\SYSTEM32\tuvULeBq.dll
Now close all windows other than HiJackThis, then click Fix Checked.**Close HiJackThis and*reboot
===========================================================
Please download the OTMoveIt2 by OldTimer.
- Save it to your desktop.
- Please double-click OTMoveIt2.exe to run it. (Vista users, please right click on OTMoveit2.exe and select "Run as an Administrator")
- Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
[x-code]C:\WINDOWS\system32\tuvULeBq.dll[/x-code]
- Return to OTMoveIt2, right click in the "Paste List of Files/Folders to Move" window (under the light Yellow bar) and choose Paste.
- Click the red Moveit! button.
- A log of files and folders moved will be created in the c:\_OTMoveIt\MovedFiles folder in the form of Date and Time (mmddyyyy_hhmmss.log). Please open this log in Notepad and post its contents in your next reply.
- Close OTMoveIt2
===========================================================
Please run an on-line virus scan at http://www.kaspersky.com/virusscannerKaspersky OnLine Scan or if that doesnt work, you can use TrendMicro or BitDefender. (Please post the results of the scan(s) in your next reply)
xxdanielxx
Posts: 1,069 +0
Run the online scan then post the information on the scan along with a hijackthis log
- Status
Similar threads
Latest posts
-
Cheyenne supercomputer sold to the highest bidder for $480,000- Steveb8189 replied
-
Corsair's latest pre-built gaming PC offers high-end hardware and a sleek design- GodisanAtheist replied
