TechSpot

HiJackThis! Log for examination

By awhite16
Nov 25, 2007
  1. Hello, I just ran a scan with HJT and am posting this log for review. I believe that my computer is infected.
     
  2. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Hello and welcome to Techspot.

    Your system has been hijacked and you`re running HJT from the wrong location. You also need to rename HijackThis.exe as per the instructions.

    Very Important: Before deciding whether you should clean or reformat your system, go and read this thread HERE and decide what it is you want to do.

    If after reading the above, you wish to clean your system, do the following.

    Please download FixWareout from one of these sites:
    http://downloads.subratam.org/Fixwareout.exe
    http://www.bleepingcomputer.com/files/lonny/Fixwareout.exe

    Save it to your desktop and run it. Click Next, then Install, make sure "Run fixit" is checked and click Finish.
    The fix will begin; follow the prompts. You will be asked to reboot your computer; please do so. Your system may take longer than usual to load; this is normal.

    Then, Go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.

    Post fresh HJT, AVG Antispyware and Combofix logs as Attachments into this thread, only after doing the above.

    Also, please post the C:\fixwareout\report.txt.

    Also, let me know the results of the Panda Antirootkit scan.

    Regards Howard :wave: :wave:

    This thread is for the use of awhite16 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  3. awhite16

    awhite16 TS Rookie Topic Starter

    Where am I supposed to run HJT from? and what am I supposed to rename HijackThis.exe to?
     
  4. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Don`t the instructions tell you that?

    Oh! yes they do, look at steps 4 and 5 lol.

    Regards Howard :)

    This thread is for the use of awhite16 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  5. awhite16

    awhite16 TS Rookie Topic Starter

    I must be blind, I don't see anything of the sort. Please tell me in your next post.
     
  6. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Taken from HERE.

    Regards Howard :)

    This thread is for the use of awhite16 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  7. awhite16

    awhite16 TS Rookie Topic Starter

    Alright thanks for that. Sorry I didn't see it before. I am going to have to wait until this weekend to perform these operations since the computer in question is my dad's laptop and he will be away all week until Friday night. The reason it was running from the desktop is I went to the HJT site and downloaded the exe file directly. I must take this opportunity to say that crusty.exe is a very interesting thing to rename the file to.
     
  8. awhite16

    awhite16 TS Rookie Topic Starter

    Fixed!!

    I ran all the tools and SS&D found three Trojans and a couple of adware programs. I got rid of them and now the computer works like it did when it was new! It even performs better (startup/shutdown times were greatly reduced). The Panda Antirootkit scan found nothing. THe question I have is: do you still want me to post the logs from AVG, HJT, and Combofix even though the problem is solved?
     
  9. momok

    momok TS Rookie Posts: 2,265

    Yes please post them. Some nasties may still be lurking in the depths of your system files.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...