Help with my HJT log please

Status
Not open for further replies.
A

AnFboy1892

I have several problems: Whenever I CTRL+ALT+DELETE there are no tabs on my window. Also, It says my computer is no longer registered to me. Also, because of something on my computer I cannot run ad-aware or other anti-spyware/adware programs, even online free virus scans. My last hope is HTJ will help out, maybe some /regedit help? /shrug.
 

Attachments

  • Hijack This SAFEMODE 03-09-2006.txt
    8.8 KB · Views: 6
Hi. You definitely have some bad things in the HJT log. You also have a few things that I always disable, even if they're not BAD (it's just that they don't server ENOUGH of a needed purpose, IMHO).

I've hit TAB and put an XX in front of what I know to be bad. I've hit TAB and put two asterisks (**) in front of the ones I'd disable because they're not necessary.

Lastly, I use Sysinternals "AutoRuns" app to disable stuff -- it does a really good job and is easy to use (a side note, when you first run AutoRuns, hit the ESCape button and go to Options and checkmark "Hide Microsoft Entries", then refresh the list). Once the list is up, you can selectively uncheckmark the entries you don't want to start up.
 
Hey

Thank you Beetle,

I removed the suggested items. I'm going to reboot in safemode and make a fresh HJT log then try the sysinternals.
 
AnFboy1892 said:
Here's the updated HJT log.
Click to expand...
I see that the following line is still present and shouldn't be:
O4 - HKLM\..\Run: [cfgmgr52] RunDLL32.EXE C:\WINDOWS\cfgmgr52.dll,DllRun

I also see:
O4 - HKLM\..\RunServices: [windrv] C:\WINDOWS\System32\windrv32.exe
...which I must have missed the first time around. It's bad too, see:
http://www.greatis.com/appdata/d/w/windrv32.exe_Removal.htm

I don't see a problem with the rest of the list BUT that's not a guarantee that one of those has been compromised. Also, these remaining bad listings may be powerful enough to combat your removal techniques and re-install themselves (which may explain why "cfgmgr52" is back).

If you haven't yet, go to http://housecall.trendmicro.com and run their online anti-virus/malware scanner in case YOUR anti-virus software has been compromised (which is the first thing viruses do nowadaze).
 
Hello and welcome to Techspot.

AnFboy1892 said:
Here's the updated HJT log.
Click to expand...

Your system is infected with quite a collection of nasties.

Go and have your computer scanned HERE.

Then go HERE and follow the instructions.

Then, go and read both these threads by RBS. Follow all the instructions exactly.

How to remove Trojans and its ilk! and How to remove Begin2search / coolwebsearch and other nasties.

Post a fresh HJT log, only after doing the above.

Regards Howard :wave: :wave:
 
Status
Not open for further replies.

Similar threads

midian182
Ubisoft will delete your account, along with your game library, if it's inactive for too...
2
Replies
26
Views
1K
jfreddy82
jfreddy82
midian182
Tom's back! Upcoming documentary to revisit MySpace's glory days
Replies
1
Views
287
Dunkerton
Dunkerton
midian182
Sketchy Google Play store reward apps accrue over 20 million downloads
Replies
1
Views
567
psycros
psycros

Latest posts

Back