firstadsolution
- Thread starter DVDsnak
- Start date
- Status
N3051M
Posts: 2,094 +3
First, move the HiJackThis program into its own folder in C:\Program Files\HiJackThis (so it can make backups if neccesary) then rename the HiJackThis.exe to HiJackThis1991.exe (some nasties hide from the original file name)
Then have a read of this "Follow these instructions BEFORE posting your HJT log." and post your new HJT log as a .txt or .log attatchment on your next post.
Then have a read of this "Follow these instructions BEFORE posting your HJT log." and post your new HJT log as a .txt or .log attatchment on your next post.
howard_hopkinso
Posts: 21,238 +17
Hello and welcome to Techspot.
You might want to copy and paste these instructions into a notepad file. Then you can have the file open in safe mode, so you can follow the instructions easier.
Turn off system restore.(XP/ME only) See how here.> http://www.bleepingcomputer.com/forums/tutorial56.html
Boot into safe mode, under your normal user name(NOT THE ADMINISTRATOR ACCOUNT). See how here.> http://www.bleepingcomputer.com/forums/tutorial61.html
In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how here.> http://www.bleepingcomputer.com/forums/tutorial62.html
Open your task manager, by holding down the ctrl and alt keys and pressing the delete key.
Click on the processes tab and end process for(if there).
Remind_XP.exe
Build Grey.exe
ford four first.exe
Close task manager.
Run HJT with no other programmes open(except notepad). Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O4 - HKLM\..\Run: [Reminder] C:\Windows\CREATOR\Remind_XP.exe
O4 - HKLM\..\Run: [Title vc time for] C:\Documents and Settings\All Users\Application Data\SoftwareJunkTitleVc\Build Grey.exe
O4 - HKCU\..\Run: [Amen store] C:\DOCUME~1\Mikkel\APPLIC~1\STYLEK~1\ford four first.exe
Click on the fix checked button.
Close HJT.
Locate and delete the following bold files and/or directories(if there).
C:\DOCUME~1\Mikkel\APPLIC~1\STYLEK~1\ford four first.exe
C:\Documents and Settings\All Users\Application Data\SoftwareJunkTitleVc\Build Grey.exe
C:\Windows\CREATOR\Remind_XP.exe
Reboot into normal mode, turn system restore back on and rehide your protected OS files.
Rename HijackThis.exe to HijackThis1991.exe and post a fresh HJT log as an attachment. See HERE.
Regards Howard :wave: :wave:
This thread is for the use of DVDsnak only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
You might want to copy and paste these instructions into a notepad file. Then you can have the file open in safe mode, so you can follow the instructions easier.
Turn off system restore.(XP/ME only) See how here.> http://www.bleepingcomputer.com/forums/tutorial56.html
Boot into safe mode, under your normal user name(NOT THE ADMINISTRATOR ACCOUNT). See how here.> http://www.bleepingcomputer.com/forums/tutorial61.html
In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how here.> http://www.bleepingcomputer.com/forums/tutorial62.html
Open your task manager, by holding down the ctrl and alt keys and pressing the delete key.
Click on the processes tab and end process for(if there).
Remind_XP.exe
Build Grey.exe
ford four first.exe
Close task manager.
Run HJT with no other programmes open(except notepad). Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O4 - HKLM\..\Run: [Reminder] C:\Windows\CREATOR\Remind_XP.exe
O4 - HKLM\..\Run: [Title vc time for] C:\Documents and Settings\All Users\Application Data\SoftwareJunkTitleVc\Build Grey.exe
O4 - HKCU\..\Run: [Amen store] C:\DOCUME~1\Mikkel\APPLIC~1\STYLEK~1\ford four first.exe
Click on the fix checked button.
Close HJT.
Locate and delete the following bold files and/or directories(if there).
C:\DOCUME~1\Mikkel\APPLIC~1\STYLEK~1\ford four first.exe
C:\Documents and Settings\All Users\Application Data\SoftwareJunkTitleVc\Build Grey.exe
C:\Windows\CREATOR\Remind_XP.exe
Reboot into normal mode, turn system restore back on and rehide your protected OS files.
Rename HijackThis.exe to HijackThis1991.exe and post a fresh HJT log as an attachment. See HERE.
Regards Howard :wave: :wave:
This thread is for the use of DVDsnak only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
- Status
Similar threads
Latest posts
-
Apple Vision Pro is facing declining interest and sales among consumers- Raytrace3D replied
-
Apple expected to unveil new iPads at upcoming May 7 event- Daniel Sims replied
-
TechSpot is hiring: We're looking for tech enthusiasts with sharp writing skills- Julio Franco replied
