HijackThis log. Please help
- Thread starter jbisset
- Start date
- Status
BillAllen55
Posts: 363 +0
I would strongly recommend (if this has not been done already) that you read this review guide from Techspot and carefully follow all recommendations.
https://www.techspot.com/vb/post645589-1.html
https://www.techspot.com/vb/post645589-1.html
Bobbye
Posts: 16,313 +36
I agree. I took a look at the log and you have quite a lot of entries needing removing. Follow the instructions on the site referenced, including Malwarebytes and SuperAntispyware. Run HijackThis again AFTER running the other programs and attack all three logs here.
Please follow the directions in the other steps.
Please follow the directions in the other steps.
tw0rld
Posts: 549 +6
Also reset IE to its default settings
To use RIES in Internet Explorer 7, follow these steps:1. Click the Tools menu, and then click Internet Options.
2. On the Advanced tab, click Reset.
3. In the Reset Internet Explorer Settings dialog box, click Reset.
4. When Internet Explorer 7 finishes restoring the default settings, click Close, and then click OK two times.
5. Close Internet Explorer 7. The changes take effect the next time that you open Internet Explorer 7.
Note If you cannot start Internet Explorer 7 for some reason, use RIES from Internet Options in Control Panel.
To use RIES in Internet Explorer 7, follow these steps:1. Click the Tools menu, and then click Internet Options.
2. On the Advanced tab, click Reset.
3. In the Reset Internet Explorer Settings dialog box, click Reset.
4. When Internet Explorer 7 finishes restoring the default settings, click Close, and then click OK two times.
5. Close Internet Explorer 7. The changes take effect the next time that you open Internet Explorer 7.
Note If you cannot start Internet Explorer 7 for some reason, use RIES from Internet Options in Control Panel.
Malwarebytes Anti-Malware log
Malwarebytes' Anti-Malware 1.28
Database version: 1229
Windows 5.1.2600 Service Pack 2
10/4/2008 6:02:52 PM
mbam-log-2008-10-04 (18-02-52).txt
Scan type: Quick Scan
Objects scanned: 45033
Time elapsed: 5 minute(s), 2 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 2
Files Infected: 2
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedit.exe (Security.Hijack) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Printer Driver (Backdoor.Bot) -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
D:\WA7P (Unknown.Vundo.Related) -> Quarantined and deleted successfully.
D:\WA7P\Quar (Unknown.Vundo.Related) -> Quarantined and deleted successfully.
Files Infected:
D:\WINDOWS\system32\PRINTDRV.EXE (Backdoor.Bot) -> Delete on reboot.
D:\Program Files\Setup.exe (Rogue.Installer) -> Quarantined and deleted successfully.
Malwarebytes' Anti-Malware 1.28
Database version: 1229
Windows 5.1.2600 Service Pack 2
10/4/2008 6:02:52 PM
mbam-log-2008-10-04 (18-02-52).txt
Scan type: Quick Scan
Objects scanned: 45033
Time elapsed: 5 minute(s), 2 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 2
Files Infected: 2
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedit.exe (Security.Hijack) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Printer Driver (Backdoor.Bot) -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
D:\WA7P (Unknown.Vundo.Related) -> Quarantined and deleted successfully.
D:\WA7P\Quar (Unknown.Vundo.Related) -> Quarantined and deleted successfully.
Files Infected:
D:\WINDOWS\system32\PRINTDRV.EXE (Backdoor.Bot) -> Delete on reboot.
D:\Program Files\Setup.exe (Rogue.Installer) -> Quarantined and deleted successfully.
Bobbye
Posts: 16,313 +36
Hondo2K7, was you former user name jbisset? If so please advise. I see the membership dates are the same, however we have no notice that you have chosen a different user name. If you are someone else with a problem, please start a new thread, tell us what the problems are.
This thread is for the use of jbisset, who was referred to the malware cleaning URL, which includes running Malwarebytes, SuperAntispyware and HijackThis, followed by attaching all three logs here.
This thread is for the use of jbisset, who was referred to the malware cleaning URL, which includes running Malwarebytes, SuperAntispyware and HijackThis, followed by attaching all three logs here.
- Status
