• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 390
  • Last Modified:

Log File

Ive got a PC  - Can't update virus software, can go to any security sites ... I'm attaching the Hijackthis Log File.

  • 2
  • 2
1 Solution
These entries can be removed but are not threats.
C:\Program Files\Pure Digital Technologies\FlipShare\FlipShareService.exe
C:\Program Files\Memeo\AutoSync\MemeoAutoSync.exe

These entries need to be removed!
O1 - Hosts: auto.search.msn.com
O1 - Hosts: auto.search.msn.es

Neutral entries. Remove if you do not there source.
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O4 - HKLM\..\Run: [Memeo AutoSync] C:\Program Files\Memeo\AutoSync\MemeoLauncher2.exe --silent

Must be removed!
O4 - HKLM\..\RunOnce: [OOBEDDDemise] cmd /x /c erase C:\WINDOWS\System32\oobe\msoobe.exe
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/MyFunCardsFWBInitialS etup1.0.0.15-3.cab

Remove if you do not know the source of these entries.
O16 - DPF: {A9DD5FE2-5567-4983-971F-C792375025A6} (PhoenixBody Class) - http://software.musicnow.com/musicnow/phoenix/

O23 - Service: FlipShare Service - Unknown owner - C:\Program Files\Pure Digital Technologies\FlipShare\FlipShareService.exe

Your log file is clean other than what I have listed.  I suggest booting into Safe Mode (F8 at startup) and then removing these entries.
I recommend downloading and updating Malwarebytes.
You can get it free from www.Malwarebytes.org
Once updated, reboot into Safe Mode (F8 at startup) and run a scan.
If the above steps fail to remove the threat,
you may need to download and run Combofix.
The free download and directions can be located here.
As noted in the directions, prior to running Combofix or any other anti-malware/anti-virus application please stop your anti-virus and anti-malware programs. Combofix should be saved to and run from your desktop.
You should rename the anti-malware suites to a different name prior to downloading as some threats can prevent them from running with their default names.

One more thing. If you cannot download malwarebytes or combofix directly to your system, you can download them on to a thumbdrive or other type of media from another system and then install on your pc.
You might also try logging on to your system under a different profile/user ID as some malware only affects the profile for which it was loaded under. Meaning, if you can log on as a different user you  may be able to visit and download the applications that I mentioned.
mberman1012Author Commented:
Removed host and reg. entries. Running malwarebytes now. Will let you know how it goes.
This entry below is really bad, need fixing and delete the file, or just run combofix.
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\sdra64.exe,
@ David-Howard:
This is the only entry in your 'Must Removed!" line that is bad, the others are legit.
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/MyFunCardsFWBInitialS etup1.0.0.15-3.cab

Mind telling us what's your reason of removing this legit entry? He needs that to organize, edit, and share his videos." )
023 lines are very crucial entries, legit ones should be left alone unless there's a very good reason for removing it(as in a redundant service where the program is no longer installed).
O23 - Service: FlipShare Service - Unknown owner - C:\Program Files\Pure Digital Technologies\FlipShare\FlipShareService.exe

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now