May I send a HJT log please?

Wallyzworld · #1 12-26-04, 12:15

hey there ... I have tried every suggestion in your list - I cannot see the problem. May I send a hijack this log for you to give advice to?
Please let me know.
Thanks

chaslang · #2 12-26-04, 14:12

If you have followed ALL the steps in this Sticky thread READ ME FIRST BEFORE ASKING FOR SUPPORT: Basic Spyware, Trojan And Virus Removal and you still have a problem, follow the guidelines below and post your HJT log as an attachment.

Make sure you have HijackThis 1.99 and follow the guidelines on where to install it and how to post a log as an attachment. This is all covered in the sticky thread NO HIJACK THIS LOG FILES BEFORE READING THIS: HJT Tutorial & LOG File Posting

Now post a HijackThis as a .txt file attachment to your message. All running programs should be closed, including your web browser, e-mail. Close before running Hijack This!

To repeat: Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the downloaded ZIP file. Place it in its own folder, for example C:\Program Files\HJT

Wallyzworld · #3 12-29-04, 15:21

here is my hjt log. Thanks

bjgarrick · #4 12-29-04, 15:53

First of all, whats problems are you experiencing?

Wallyzworld · #5 12-29-04, 22:34

When running IE, I can get to certain websites but when I access a particular site, even majorgeeks, IE freezes and the computer reboots.

bjgarrick · #6 12-29-04, 23:06

After running the online scans and tools. Have you found any particular infections? Other than IE freezing and rebooting are you experiencing any other problems?

bjgarrick · #7 12-29-04, 23:13

FIRST, make sure "System Restore" is disabled temporarily.

Run Hijack This and have it fix these entries. Before removing anything with HJT please close all browsers.

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.msn.ca/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

After fixing these entries, reboot and see if problem remains. Let me know. Thanks!

Wallyzworld · #8 12-29-04, 23:14

had a fun time huning down and eliminating the mad.dll one - also found istsvc.exe and that was eliminated as well. Had a dozen from ad-aware. Spybot and the others have all been run and is clean.

Wallyzworld · #9 12-29-04, 23:38

removed R1 as requested and he R0 as well. I removed the O4 line with the kernal fault check and it was gone. I rebooted out of safe mode and ran IE - I got to majorgeeks.com first page, but when I clicked on the forums link it crashed again. Went back to safe mode and looked at the O4 line (kernal fault check) had returned. I repeated the removal of this. Went in and out of normal and safe mode and ran HJT and it was gone every time. It comes back only after IE crashes. I think this is some type of Windows reporting error file. Any more suggestions before I "format c:"....?

bjgarrick · #10 12-29-04, 23:44

First lets make sure your system is clean from malware.

1) Download SpySweeper

2)Install SpySweeper, after you have SpySweeper installed go to "Options" and update definitions.

3)After update is complete click on "Sweep Now" and do a system scan. This will detect most malware on a system. After scan is complete remove all found traces and post me a log of that. Thanks!

Wallyzworld · #11 12-30-04, 00:22

it found a lot of crap - didnt work though. Log is attached; had to break down into "a" and "b" as the file is too large. "A" is attached - let me know if you need "b" too. IE crashes at majorgeeks.com front page now again.
Arrgh

bjgarrick · #12 12-30-04, 00:31

Make sure you have updated definitions, reboot and do this same SpySweeper scan in "Safe Mode". You have some nasty malware.

Wallyzworld · #13 12-30-04, 01:10

All updated, ran in normal and safe mode - still nothing. here is the new spysweeper log. Any further leads?
BTW ... Thanks for your help so far!

bjgarrick · #14 12-30-04, 01:24

Just a quick question, do you have "Content Advisor" enabled?

Wallyzworld · #15 12-30-04, 01:36

No its not .. that would be too easy right?

bjgarrick · #16 12-30-04, 01:38

I have ran into some situations to where the content advisor was causing IE to crash like that on certain sites. Ok if its not that then we need to go more in deph to find out whats causing this.

When did this start?

Do you recieve any specific error messages and/or numbers? If so please provide me with that information.

Wallyzworld · #17 12-30-04, 01:45

I've been fighting this for about three weeks I guess. I joined the geeks the week before xmas and started sing your information on everything. No error messages or anything pop up. Just a freeze and it restarts. My homepage is google, and I can get to there, and any other simple html site, but once the site gets "complex" (for lack of better terminology this late) it freezes and crashes.

bjgarrick · #18 12-30-04, 02:10

Try this,

1) Click Start, Run.

2) In the Open box, type:iexplore.exe /rereg

3) Click OK

4) Reboot, and see if problem is fixed

Wallyzworld · #19 12-30-04, 02:33

No - i wish it solved it but it did not. Tried in regular and in safe mode.

bjgarrick · #20 12-30-04, 02:57

Do this before we continue, Download CCleaner

Install and run this program, it will clean your temporary internet files, cookies, etc;

Close all browsers before running this program.

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode