Home > Hjt Log > HJT Log. Please Help!

HJT Log. Please Help!

Please re-enable javascript to access full functionality. To see product information, please login again. Click on the brand model to check the compatibility. Please refer to our CNET Forums policies for details.

Here is the Log file: Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 2:21:25 PM, on 6/29/2016 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.10586.0420) Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site. Jump to content Sign In Create Account Search Advanced Search section: This topic Forums Members Help Files Calendar View New Content Forum Rules BleepingComputer.com Forums Members Tutorials Startup List Required *This form is an automated system. https://www.bleepingcomputer.com/forums/t/618594/hijackthis-log-please-help-diagnose/

The service needs to be deleted from the Registry manually or with another tool. This entry was classified from our visitors as good. I'm not tech savy and i don't know if my thought is right. To download the current version of HijackThis, you can visit the official site at Trend Micro.Here is an overview of the HijackThis log entries which you can use to jump to

So you can always have HijackThis fix this.O12 - IE pluginsWhat it looks like: O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dllO12 - Plugin for .PDF: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dllWhat to do:Most In the most cases this is the result of trojans. Articles Blogs Advanced Search Forum PC Operating System and Software Troubleshooting and Assistance Internet Security and Malware Help Hjt Log Please Help And Advise Custom Search Join the PC homebuilding revolution! O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) Very safe This entry is not running from the System32 folder, so it is probably nasty.

and uninstall it.If there is no uninstall program listed then do the following:Go to www.newdotnet.com/removal.html Scroll down to Procedure 4 and follow the removal instructionsReboot.Open HJT, run a system scan only, Prefix: http:// O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = lhr-co.gb.dhl.com O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = lhr-co.gb.dhl.com O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 10.93.50.11 10.93.32.11 O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = lhr-co.gb.dhl.com O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer by R. https://www.cnet.com/forums/discussions/hjt-log-please-help-me-92899/ As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged

Companion BHO - {13F537F0-AF09-11d6-9029-0002B31F9E59} - C:\PROGRAM FILES\YAHOO!\COMPANION\YCOMP5_0_2_4.DLLO2 - BHO: (no name) - {1A214F62-47A7-4CA3-9D00-95A3965A8B4A} - C:\PROGRAM FILES\POPUP ELIMINATOR\AUTODISPLAY401.DLL (file missing)O2 - BHO: MediaLoads Enhanced - {85A702BA-EA8F-4B83-AA07-07A5186ACD7E} - C:\PROGRAM FILES\MEDIALOADS ENHANCED\ME1.DLLWhat to do:If The solution is hard to understand and follow. O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) Very safe This entry is not running from the System32 folder, so it is probably nasty. Site Changelog Community Forum Software by IP.Board Sign In Use Facebook Use Twitter Need an account?

Main Sections Technology News Reviews Features Product Finder Downloads Drivers Community TechSpot Forums Today's Posts Ask a Question News & Comments Useful Resources Best of the Best Must Reads Trending Now http://www.techspot.com/community/topics/hjt-log-please-help.131626/ Find The PC Guide helpful? Press any Key and it will restart the PC. The video did not play properly.

For the R3 items, always fix them unless it mentions a program you recognize, like Copernic.F0, F1, F2, F3 - Autoloading programs from INI filesWhat it looks like:F0 - system.ini: Shell=Explorer.exe Go Back Trend MicroAccountSign In  Remember meYou may have entered a wrong email or password. Do I delete them? Login now.

The posting of advertisements, profanity, or personal attacks is prohibited. However, since only Coolwebsearch does this, it's better to use CWShredder to fix it.O20 - AppInit_DLLs Registry value autorunWhat it looks like: O20 - AppInit_DLLs: msconfd.dll What to do:This Registry value Always fix this item, or have CWShredder repair it automatically.O2 - Browser Helper ObjectsWhat it looks like:O2 - BHO: Yahoo! O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) Safe This entry is not running from the System32 folder, so it is probably nasty.

Please include a link to your topic in the Private Message. Please return to the forum and ask for help.Reboot. What is HijackThis?

All Rights Reserved.

  1. The solution did not provide detailed procedure.
  2. Several functions may not work.
  3. So far only CWS.Smartfinder uses it.
  4. O15 - Unwanted sites in Trusted ZoneWhat it looks like: O15 - Trusted Zone: http://free.aol.comO15 - Trusted Zone: *.coolwebsearch.comO15 - Trusted Zone: *.msn.comWhat to do:Most of the time only AOL and
  5. Reboot and you should be able to get back on.Download SDFix and save it to your desktop.
  6. It was originally developed by Merijn Bellekom, a student in The Netherlands.

As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged HijackThis is a free tool that quickly scans your computer to find settings that may have been changed by spyware, malware or any other unwanted programs. This entry was classified from our visitors as good. Prefix: http://ehttp.cc/?What to do:These are always bad.

Using the site is easy and fun. TechSpot is a registered trademark. You may have to register before you can post: click the register link above to proceed. Treat with care.O23 - NT ServicesWhat it looks like: O23 - Service: Kerio Personal Firewall (PersFw) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall\persfw.exeWhat to do:This is the listing of non-Microsoft services.

About CNET Privacy Policy Ad Choice Terms of Use Mobile User Agreement Help Center Register Help Remember Me? Unlike typical anti-spyware software, HijackThis does not use signatures or target any specific programs or URL's to detect and block. O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) Safe This entry is not running from the System32 folder, so it is probably nasty. Article What Is A BHO (Browser Helper Object)?

Discussions cover Windows 2003 Server, Windows installation, adding and removing programs, driver problems, crashes, upgrading, and other OS-related questions.Real-Time ActivityMy Tracked DiscussionsFAQsPoliciesModerators General discussion HJT- LOG PLEASE HELP ME!! or read our Welcome Guide to learn how to use this site. You may also... Several functions may not work.

Should you see an URL you don't recognize as your homepage or search page, have HijackThis fix it.O1 - Hostsfile redirectionsWhat it looks like:O1 - Hosts: 216.177.73.139 auto.search.msn.comO1 - Hosts: 216.177.73.139 When the desktop loads the Fixtool will complete the removal and display Finished, then press any key to end the script and load your desktop icons.Finally open the SDFix folder on Back to top #4 Clcast Clcast Topic Starter Members 6 posts OFFLINE Local time:03:44 PM Posted 29 June 2016 - 04:14 PM Also, I'm not sure why the site hijackthis.de The F1 items are usually very old programs that are safe, so you should find some more info on the filename to see if it's good or bad.

All Rights Reserved. Photos Easy Upload Tool Class) - http://us.dl1.yimg.com/download.yahoo.com/...ropper1_3us.cabO16 - DPF: {B942A249-D1E7-4C11-98AE-FCB76B08747F} (RealArcadeRdxIE Class) - http://games-dl.real.com/gameconsole/Bundl...ArcadeRdxIE.cabO16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IncrediMail) - http://www5.incredimail.com/contents/setup...p1/imloader.cabO16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall-beta.trendmicro.com/housecall/xscan60.cabO16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Click here to Register a free account now! To be sure, you should check this file.

Download and install one or activate windows xp´s own one.