Contact Us

Home > Infected W > Infected W/ Core.cache.dsk - Hjtlog

Infected W/ Core.cache.dsk - Hjtlog

AkinaGod, Jan 13, 2008 #14 GameMaster New Member Messages: 3,929 Same answer, hope you read on General Software. Click the Remove or Change/Remove button. Looking for someone who can help. throughout the web for people to use.

Although I have some that are posted throughout the web for people to use. Check the box that says: "Accept License Agreement". Double click OTMoveIt2.exe to launch it. 2. You will receive a message saying vundofix will close and re-open in a minute or less.

I also noticed core.cache.dsk in some of the detection windows. Click here to download HJTInstall.exe Save HJTInstall.exe to your desktop. Click the Scanning Control tab.

Thanks in advance Also what registry cleaner do you guys advise to use ?Sam ps ive also trid spybot search and destroy . CONTRIBUTE TO OUR LEGAL DEFENSE All unused funds will be donated to the Electronic Frontier Foundation (EFF). AkinaGod, Jan 12, 2008 #7 evilfantasy New Member Messages: 138 Open HijackThis and select Do a system scan only then place a check mark next to: O2 - BHO: (no name) adware removers cant get rid of this one .

I downloaded VundoFix.exe to my desktop and ran it. I'm willing to learn! Please post the contents of C:\vundofix.txt in your next reply. It will scan and then ask you to save the log.

DeskRoll replied Jan 25, 2017 at 1:02 AM Guys help me!!! Turn your computer back on. To retrieve the removal information, please do the following: After reboot, double-click the SUPERAntispyware icon on your desktop. When finished, it will produce a log for you.

After the scan is complete a summary box will appear. failed to delete.((((((((((((((((((((((((( Files Created from 2007-12-20 to 2008-01-20 ))))))))))))))))))))))))))))))).2008-01-20 19:59 . 2008-01-20 19:59

d-------- C:\Temp\tn32008-01-20 18:21 . 2008-01-20 18:21 d-------- C:\VundoFix Backups2008-01-20 14:44 . 2008-01-20 14:44 2,608 --a------ scanning hidden autostart entries ...scanning hidden files ... I then ran HiJackthis and it produced the following log: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 8:34:36 PM, on 3/11/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet

HijackThis 2.0.2 Hotfix for Windows XP (KB914440) Hotfix for Windows XP (KB915865) HP Document Viewer 5.3 HP Driver Diagnostics HP Image Zone 5.3 HP Imaging Device Functions 5.3 HP Memories Disc Rootkit.agent (core.cache.dsk) infected pls help Started by Sam_ , Jan 18 2008 08:28 AM Please log in to reply #1 Sam_ Posted 18 January 2008 - 08:28 AM Sam_ New Member Apple Mobile Device Support Apple Software Update ArcSoft PhotoStudio 5.5 ATI Control Panel ATI Display Driver AVG Anti-Spyware 7.5 Bejeweled 2 Deluxe 1.0 Big Fish Games Client Broadcom Advanced Control Suite BleepingComputer is being sued by Enigma Software because of a negative post of SpyHunter.

I ahve downloaded numerous fixes but nothing is working!! Note: Do not mouseclick combofix's window while it's running. Here is a list of what I have tried so far: Installed & ran Ad-Aware Installed & ran SpyBot Search & Destroy Both detected and "removed" some things. weblink Download the latest version of Java Runtime Environment (JRE)2.

Yes, my password is: Forgot your password? This is a "lo-fi" version of our main content. Go to the C:\Program Files\HijackThis folder.

Click Next to start the scan.

Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quietO4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeO4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9O4 - HKCU\..\RunOnce: [FFTI] C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\090rc6lm.default\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\ffti.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART /DestPath="C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles/090rc6lm.default\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}"O4 - It says "file missing" but let's make sure it is removed. I guess my problem kept coming from a P2P file shairing program I had. I didn't mean to hijack your instructions, I just thought I could help progress the fix.

Why not try not to make the user confuse between your instructions and mine??!! Click the Statistics/Logs tab. here's the latest result fof Smitfraudfix: SmitFraudFix v2.274 Scan done at 10:26:46.14, Mon 01/14/2008 Run from C:\Documents and Settings\Eve\Desktop\SmitfraudFix\SmitfraudFix OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT The filesystem type is check over here We need to be sure you have the latest version.*** Please download VundoFix.exe to your desktop Double-click VundoFix.exe to run it.

I'm willing to learn! In this case, VundoFix will run on reboot, simply follow the above instructions starting from "Click the Scan for Vundo button" when VundoFix appears upon rebooting. Click Preferences. pcah9 22.04.2008 21:34 QUOTE(TueSkool @ 22.04.2008 20:28) Hello,I decided to pick up Kaspersky because it seemed to be a rather thorough product compared to the other AV and security bundles out

Post that log and in your next reply Note: Do not mouseclick combofix's window while its running. If we have ever helped you in the past, please consider helping us. Click on "Complete System Scan".AVG Anti-Spyware will now begin the scanning process, be patient this may take a little time.Once the scan is complete do the following:If you have any infections Like the smitfraud and vundofixClick to expand...

Then run HijackThis again and post a new log please. By default it will install to C:\Program Files\Trend Micro\HijackThis . Reboot your computer once all Java components are removed. Thank you!

Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix. -------------------------------------------------------------------- Double click on combofix.exe & follow the prompts. Pager]--a------ 2005-08-31 16:11 2478080 C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YBrowser]--a------ 2006-07-21 16:19 129536 C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\zzGBK]R1 aswmon22;aswmon22;C:\WINDOWS\system32\drivers\aswmon22.sys [2008-01-17 22:49]R1 sdpiosys;sdpiosys;C:\WINDOWS\system32\drivers\sdpiosys.sys [2004-11-30 11:10]R1 XPROTECTOR;XPROTECTOR;C:\WINDOWS\system32\drivers\Oreans.sys [2006-07-23 10:48]R2 GLOGODrv;GLOGODrv;C:\WINDOWS\system32\drivers\GLOGODrv.sys [2000-10-12 15:16]R2 PStrip;PStrip;C:\WINDOWS\system32\drivers\pstrip.sys [2006-09-30 09:35]R2 sbbotdi;sbbotdi;C:\PROGRA~1\SPEEDB~1\sbbotdi.sys [2007-08-05 20:17]R3 A Log O4 - Global Startup: Forget Me Not.lnk = C:\Program Files\Broderbund\AG Scrapbooks\AGremind.exe O4 - Global Startup: Harmony Monitor.lnk = C:\Program Files\Logitech\Harmony Remote\EasyZapperMonitor.exe O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk = C:\Program Files\Palm\Hotsync.exe O4 - It keeps picking up a Trojan i-n-t-e-r-n-e-t or something similar everytime I run it.

The biggest problem I'm having is with a smithfraud.c.core which AVG (free version) and Spybot S&D both recognize and "fix" but always keeps coming back. IEDFix.exe by S!Ri Sharedtaskscheduler !!!Attention, following keys are not inevitably infected!!! Back to top Back to Virus, Trojan, Spyware, and Malware Removal Logs 0 user(s) are reading this topic 0 members, 0 guests, 0 anonymous users Reply to quoted postsClear Using the site is easy and fun.

Didn't do anything. Please paste that information in your next reply along with a fresh HijackThis log. or read our Welcome Guide to learn how to use this site.