Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: Hijack this log

30 Nov 2010   #11
James Colbert


Quote   Quote: Originally Posted by Jacee View Post
That is not a valid Windows file. You started a second topic on the same question you asked about here. Hijack this log

Please follow through with what I asked you to do. We can troubleshoot from that topic, so we don't get mixed up going all over the forums
...I didn't realize I was referring him back to his own thread...

Which now seem to be combined. Good luck!


My System SpecsSystem Spec
30 Nov 2010   #12

Windows 7 Ultimate X86(32 Bit)

Hi mbam removed the files you said to see if it got quaranteened
Reboot and run MBam again. Let's see if it quarantines this file:

C:\Users\Sam\AppData\Local\Temp\{DB4AB874-A2EB-44F7-B7FD-A1BE0CE92997}\1732.dll (Trojan.ObjectSec)
but the dll error still pops up i have tried removing it and renaming it but it restores its self after i reebooot

still a redirect when im on the search engines still persists
My System SpecsSystem Spec
30 Nov 2010   #13
Microsoft MVP

Windows 7 Ultimate 32bit SP1

Please do this .. Uninstall the HijackThis! you are using and download the latest from here: HijackThis - Trend Micro USA


Download Combofix from any of the links below, and save it to your desktop.<--Important
Link 1
Link 2
Link 3

Click on this link Here to see a list of programs that should be disabled.
The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
If your anti-virus or firewall complains, please allow this script to run as it is not malicious.
Next: Disconnect from the internet. If you are on Cable or DSL, unplug your computer from the modem.
Next: Please disable all onboard security programs (all running with back ground protection) as it may hinder the scanner from working.
This includes Antivirus, Firewall, and any Spyware scanners that run in the background.
  • Double click combofix.exe and follow the prompts.
  • When finished, it will produce a log for you. Post that log and a HiJackthis log in your next reply
Note: Do not mouseclick combofix's window while its running. That may cause it to stall
Please be patient while the scan runs, at times it may appear to stall.
When finished and after reboot (in case it asks to reboot), it should open a log, combofix.txt.
Post this log in your next reply together with a new hijackthislog.
After rebooting ensure your Security applications have been re-enabled.

In your next reply post:
New HJT log taken after the above scan has run

***A guide and tutorial on "How to use Combofix" can be found here:
A guide and tutorial on using ComboFix
My System SpecsSystem Spec

30 Nov 2010   #14

Windows 7 Ultimate X86(32 Bit)

all 3 combo fix links download did nothung it just said it is not connected to these sites and quit
My System SpecsSystem Spec
30 Nov 2010   #15
Microsoft MVP

Windows 7 Ultimate 32bit SP1

Okay, Let's flush your DNS cache and restore MS's Hosts file
Copy and paste these lines in Note pad.

@Echo on
attrib -h -s -r hosts
echo localhost>HOSTS
attrib +r +h +s hosts
ipconfig /release
ipconfig /renew
ipconfig /flushdns
netsh winsock reset all
netsh int ip reset all
shutdown -r -t 1
del %0

Save as flush.bat to your desktop. Right click and run as Administrator. You're computer will reboot itself.

Next, Please download RKill by Grinler from one of the 4 links below and save it to your desktop.
Link 1
Link 2
Link 3
Link 4
  • Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.
  • Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • If nothing happens or if the tool does not run, please let me know in your next reply

Now, see if you can download Combofix from one of the links and follow the above instructions to run it.
My System SpecsSystem Spec
02 Dec 2010   #16

Windows 7 Ultimate X86(32 Bit)

I made Combofix do something by ending the process in task manager apparently it was already open
here is my hijackthis log from after combofix

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:22:01, on 02/12/2010
Platform: Windows 7  (WinNT 6.00.3504)
MSIE: Unable to get Internet Explorer version!
Boot mode: Safe Mode

Running processes:
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Avast\AvastUI.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Avast\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Avast\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: CrossLoop Service (CrossLoopService) - CrossLoop Inc - C:\Users\Sam\AppData\Local\CrossLoop\CrossLoopService.exe
O23 - Service: DeviceVM Meta Data Export Service (DvmMDES) - DeviceVM, Inc. - C:\SPLASH.SYS\config\DVMExportService.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Media Center Support Service (Jasmio.MediaCenter.Service) - Unknown owner - C:\Program Files\Jasmio\Media Center Support Service\Jasmio.MediaCenter.Service.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: PEVSystemStart - Unknown owner - C:\ComboFix\PEV.cfxxe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_5576240ee6baaa25\STacSV.exe
O23 - Service: TightVNC Server (tvnserver) - GlavSoft LLC. - C:\Users\Sam\AppData\Local\CrossLoop\tvnserver.exe
O23 - Service: Vodafone Mobile Broadband Service (VmbService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe

End of file - 3830 bytes
My System SpecsSystem Spec
02 Dec 2010   #17
Microsoft MVP

Windows 7 Ultimate 32bit SP1

What did you stop with taskmanager?
Do you have the Combofix log? I'd like to see it, please.

Did you try to fix things on your own in HJT? It's missing important running items.
My System SpecsSystem Spec
02 Dec 2010   #18

Windows 7 Ultimate X86(32 Bit)

it said scan complete for combo fix and then said removing files then it shut me comp down and then i looked for the log and there wasnt one
My System SpecsSystem Spec
02 Dec 2010   #19
Microsoft MVP

Windows 7 Ultimate 32bit SP1

Click on Computer, Local C drive and see if there is a Combofix text log ... it will look like notepad
My System SpecsSystem Spec
02 Dec 2010   #20

Windows 7 Ultimate X86(32 Bit)

No There is no log file i have looked through all txt files on my C drive and non were a log file but Every Thing Has Gone back To Normal Now Thanks
My System SpecsSystem Spec

 Hijack this log

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Similar help and support threads
Thread Forum
browser hijack.
i have this issues:mad::mad:. every time i click on the Google search result URL it go to the other website:mad:. i already try to use the Malwarebytes Anti-Malware, Rkill , and tdsskiller to scan and remove but it still there. this is the website it direct me to--> (click dot...
System Security
Browser Hijack
Each time we use Google/Bing Engine search, and click on site, we are redirected to other sites, and at the moment it's "bidvertiser....". I have spent the past week and hours on the phone with our antivirus technical support (Trend), and microsoft technical support, and all to no avail. ...
System Security
Yaa! DLL Hijack Auditor: For Microsoft DLL hijack vulnerability
Not sure if anyone has posted on this tool (or similar tools) yet, but security Exploded makes incredible tools, especially Anti Rootkit tools and Root kit detection tools, so I was happy to learn about this: rmhsCBMIJnA
System Security
IE 8 hijack
OK boys and girls. It seems that I've been jacked. But not really a quality job in my book. I started noticing little quirks in IE 8 (x86) yesterday.Little flickers here and there. As well as the navigation bar having had switched the refresh/stop buttons to the opposite side, "IE" warnings(see...
System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 07:23.

Twitter Facebook Google+

Windows 7 Forums

Seven Forums Android App Seven Forums IOS App