Home > Infected W > Infected W/ Core.cache.dsk - Hjtlog

Infected W/ Core.cache.dsk - Hjtlog

I also noticed core.cache.dsk in some of the detection windows. Go to Start > Control Panel, double-click on Add/Remove programs and remove all older versions of Java. Page 1 of 5 1 2 3 4 5 Next > Advertisement jospeh- Thread Starter Joined: Jul 10, 2007 Messages: 49 ive read some of the posts with the same infection scanning hidden autostart entries ...scanning hidden files ... weblink

On the right, under Complete Scan, choose Perform Complete Scan. everytime i delete it under safe mode it reappears when i reboot . Advertisements do not imply our endorsement of that product or service. Here's what I tried next: Downloaded ATF Cleaner and ran it Downloaded AVG anti-spyware and ran it Downloaded SUPERAntiSpyware HOme Edition and ran it Ran the online Panda Activescan All of

All rights reserved. O4 - Global Startup: Forget Me Not.lnk = C:\Program Files\Broderbund\AG Scrapbooks\AGremind.exe O4 - Global Startup: Harmony Monitor.lnk = C:\Program Files\Logitech\Harmony Remote\EasyZapperMonitor.exe O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk = C:\Program Files\Palm\Hotsync.exe O4 - The page will refresh.6. I then ran HiJackthis and it produced the following log: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 8:34:36 PM, on 3/11/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet

Click Next to start the scan. After the scan is complete a summary box will appear. Scroll down to where it says "The J2SE Runtime Environment (JRE) allows end-users to run Java applications". Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dllO2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dllO2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO2 - BHO:

Click on Install. Join our site today to ask your question. Come back here to this thread and Paste the log in your next reply. https://forums.techguy.org/threads/solved-core-cache-dsk-infection.594157/ pcah9 22.04.2008 21:34 QUOTE(TueSkool @ 22.04.2008 20:28) Hello,I decided to pick up Kaspersky because it seemed to be a rather thorough product compared to the other AV and security bundles out

Let's see that: Click here to download HJTsetup.exe Save HJTsetup.exe to your desktop. Using the site is easy and fun. Sam Ps Ive also tried smitfraudfix WinPFind3.zip 51.69KB 193 downloads Edited by Sam_, 18 January 2008 - 08:39 AM. 0 #3 Sam_ Posted 18 January 2008 - 08:57 AM Sam_ New It was completely blank.

You can even use your credit card! I downloaded VundoFix.exe to my desktop and ran it. I can try and google for such speeches, but did you mean some forums and sth? What now?

This will uninstall Combofix, delete its related folders and files, reset your clock settings, hide file extensions, hide the system/hidden files and resets System Restore again --------- Let's clear out the have a peek at these guys I am having big trouble browsing the web and my computer runs horribly slow. C:\Documents and Settings\All Users\documents\setup.exe C:\Program Files\RABCO C:\Program Files\RABCO\ExecutionDll.dll C:\Program Files\RABCO\RABCO.dll.intermediate.manifest C:\Program Files\RABCO\RABCOse.info C:\Program Files\RABCO\RABCOse.original C:\Program Files\RABCO\Setup.log C:\Program Files\RABCO\un_RABCOSetup_16230.exe C:\Program Files\RABCO\un_RABCOSetup_16230.txt C:\Program Files\RABCO\X_RABCOse.log C:\Temp\1cb C:\Temp\1cb\syscheck.log C:\Temp\sanR24 C:\Temp\sanR24\lDii.log C:\temp\tn3 C:\WINDOWS\pskt.ini C:\WINDOWS\system32\awvvt.dll C:\WINDOWS\SYSTEM32\bttwewej.ini C:\WINDOWS\system32\doyinxrg.dll Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [2008-01-13 12:09 4662776]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-01-13 12:09 68856]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2008-01-13 12:09 313472]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"FFTI"="C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\090rc6lm.default\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\ffti.exe" [ ][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"SiSPower"="SiSPower.dll" [2005-01-04 18:54 49152 C:\WINDOWS\system32\SiSPower.dll]"HPBootOp"="C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp

Reboot your computer once all Java components are removed. Please post back this log in your next reply. Click File, Save as..., and set the location to your Desktop, and enter (including quotation marks) as the filename: "CFscript.txt" . check over here Click Preferences.

Please download VundoFix.exe to your desktop. EF evilfantasy, Jan 13, 2008 #16 GameMaster New Member Messages: 3,929 Hey evil you still didn't tell me where did you get those canned speeches? Right click on the HijackThis.exe file and select "Rename".

Click Next to start the scan.

Although I have some that are posted throughout the web for people to use. The page will refresh. Two totally different programs. Welcome to TSG.

I ran ComboFix.exe and it produced the following log: ComboFix 08-03-10.1 - Jen 2008-03-11 20:38:31.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.535 [GMT -5:00] Running from: C:\Documents and Settings\Jen\Desktop\ComboFix.exe * Created Check the box that says: "Accept License Agreement". viruses and worms > viruses and worms Win32.tratBHO infection that I can't get rid of! << < (2/3) > >> walkingparadox: R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q305&bd=presario&pf=desktopR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page http://tagnabit.net/infected-w/infected-w-virusprotect-3-8.php It usually comes with Trojans as well.

Maybe I have too many anti virus/spyware thingson because it went NUTS after I ran it about all kinda of registry changes and such. To learn more and to read the lawsuit, click here. Most of what it finds will be harmless or even required. Error1316.A netowrk error occured while attempting to read from the file C:\WINDOWS\Installer\Java 2 Runtime Enviroment, SE v1.4.2.msi jospeh-, Jul 10, 2007 #7 JSntgRvr José Moderator Malware Specialist Joined: Jul 1,

Come back here to this thread and Paste the log in your next reply. That may cause it to stall I need to see a new HJT and your combofix AkinaGod Thanks Last edited: Jan 13, 2008 Punk, Jan 13, 2008 #9 AkinaGod New Thanks Sam 0 #6 Sam_ Posted 20 January 2008 - 10:40 AM Sam_ New Member Topic Starter Member 6 posts heres a log of smitfraudfix in safe mode , comon guys tea Please make a donation so I can keep helping people just like you.Every little bit helps!

Do NOT post the ComboFix-quarantined-files.txt unless I ask.NoteIn case your Antivirus or any other realtime scanner is displaying an alert after you downloaded Combofix or while you use Combofix,please disable your I don't have too much stuff on it. Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\Common\yiesrvc.dllO9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dllO9 - Extra button: iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exeO23 - Service: avast!

Once it's done scanning, click the Remove Vundo button. or read our Welcome Guide to learn how to use this site. If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members. When completed, it will prompt that it will shutdown your computer, click OK.

Click Preferences.