HiJack Log - task manager disabled

Advertise at AfterDawn.com

Link to us!

Private messages

Compose a private message

List of all updated threads

Threads without replies

Search messages

Thursday 6.3.2025 / 08:56

Search AfterDawn Forums:

afterdawn.com > forums > software, operating systems and more > windows - virus and spyware problems > hijack log - task manager disabled

Browse by topic

Forums

Start a new thread

HiJack Log - task manager disabled

Jump to:

Posted

Message

baddassb

Member

13. March 2008 @ 19:42

Link to this message

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:28:21 PM, on 3/13/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5700.0006)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Conversions Plus\FormatM.exe
C:\PROGRA~1\Marimba\CASTAN~1\Tuner.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Notes\ntmulti.exe
C:\PROGRA~1\Marimba\CASTAN~1\lib\jre\bin\java.exe
C:\Program Files\Symantec AntiVirus\SavRoam.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Upromise_Remind_U\UpromiseRemindU.exe
C:\Program Files\Adobe\Distillr\Acrotray.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\pdfDocs\Resources\pdfDocsMon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\DNA\btdna.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\Upromise_Remind_U\u11050.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

O23 - Service: MacFormatService - DataViz Inc. - C:\Program Files\Conversions Plus\FormatM.exe
O23 - Service: MarimbaClient - Marimba, Inc. - C:\PROGRA~1\Marimba\CASTAN~1\Tuner.exe
O23 - Service: Multi-user Cleanup Service - IBM Corp - C:\Notes\ntmulti.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe

--
End of file - 2393 bytes

[ + quote]

HP Pavilion HPE, Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz, 8.00GB, Windows 7 Home Premium, 64Bit, SP1, AMD Radeon HD 6450, Adobe CS 5.5

Dell Dimension P4,2.80GHz,512MB,XPHomeEdition Versions 2002 SP2, NVIDIA GeForce Fx 5200, JLMS DVD-Rom, LITE-ON DVDRW, DVD Shrink, DVD Decryptor, Nero, Sonic, ShowBiz

Ltangel

Member

16. March 2008 @ 01:03

Link to this message

Hey baddassb,

Please read the entire instructions before commencing and ask any questions you may have before you proceed to follow the instructions. Please also print a copy so that you can read it without connecting to the net.

Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved and renamed following this process directly to your desktop**

[*]If you are using Firefox, make sure that your download settings are as follows:

[*]Tools->Options->Main tab
[*]Set to "Always ask me where to Save the files".

[*]During the download, rename Combofix to Combo-Fix as follows:

[*]It is important you rename Combofix during the download, but not after.
[*]Please do not rename Combofix to other names, but only to the one indicated.
[*]Close any open browsers.
[*]Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
-----------------------------------------------------------

[*]Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
[*]Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
-----------------------------------------------------------

[*]Close any open browsers.
[*]WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
[*]Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
[*]If there is no internet connection after running Combofix, then restart your computer to restore back your connection.

-----------------------------------------------------------
[*]Double click on combo-Fix.exe & follow the prompts.
[*]When finished, it will produce a report for you.
[*]Please post the "C:\Combo-Fix.txt" along with a new HijackThis log for further review.

**Note: Do not mouseclick combo-fix's window while it's running. That may cause it to stall**

Go!

~Ltangel~

[ + quote]

Windows and system security is my priority.

This message has been edited since posting. Last time this message was edited on 16. March 2008 @ 03:08

caudjs

Newbie

14. September 2008 @ 12:41

Link to this message

combofix will not download? any suggestions, I have PC cillin and Reg Cure on my PC, OH yeah, I have the MicroAv problem I am trying to remove

[ + quote]

varnull

Suspended permanently

14. September 2008 @ 12:56

Link to this message

Task manager disabled.. that's a sign of a win32-p@rite variant..

do a search for h*de.exe.. then boot to dos and navigate to the location.

Delete hide.exe (or it's variant h?de.exe) and all it's subfolders, then things should download and run in a more normal manner. Currently the hidden apache and ftp processes have control of your network connection.

[ + quote]

cdavfrew

Senior Member

15. September 2008 @ 09:50

Link to this message

Hi caudjs

Hope you can benefit from this page: http://forums.afterdawn.com/thread_view.cfm/700486

Best Regards :D

[ + quote]

Life is but a dream; you dont feel any pain unless you want to or you fall off the bed.
Success is relative; the more success the more relatives.
A computer once beat me at chess, but it was no match for me at kickboxing.
To be or not to be; thats a dumb question.

This message has been edited since posting. Last time this message was edited on 15. September 2008 @ 10:02

Start a new thread

afterdawn.com > forums > software, operating systems and more > windows - virus and spyware problems > hijack log - task manager disabled


		User name	Password

		Not registered yet? Register here. Lost your password? Click here.