TechSpot

Hyjackthis log assistance required ):

By Neldy
Feb 14, 2007
  1. Ok to the guru's of the forum a huge thank you for all your time. i've spent about 3hours reading over all your advice to everyone regarding my "malware" and virus' but i just cant seem to get rid of this one without some professional intervention.

    attached is a the hyjackthis log. your help is most defenitly appriciated!!!
     
  2. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Hello and welcome to Techspot.

    Your system is infected with a variety of nasties.

    Very Important: Before deciding whether you should clean or reformat your system, go and read this thread HERE and decide what it is you want to do.

    If after reading the above, you wish to clean your system, do the following.

    Go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.

    Post fresh HJT, Combofix and AVG Antispyware logs as attachments into this thread, only after doing the above.

    Regards Howard :wave: :wave:

    This thread is for the use of Neldy only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
    1 person likes this.
  3. Neldy

    Neldy TS Rookie Topic Starter

    Done and done.... all the steps as advised...

    i'll post all the logs.
     
  4. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    You`ve done a really good job of cleaning your system.

    Please do the following.

    Run HJT with no other programmes open. Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).

    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

    Click on the fix checked button.

    Close HJT.

    Boot into safe mode, under your normal user name(NOT THE ADMINISTRATOR ACCOUNT). See how HERE.

    Click start/run and type regedit into the run box and press the enter key.

    Navigate to the following reg key and in the righthand pane, right click on it and select delete.

    HKEY_USERS\S-1-5-21-2052111302-1532298954-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F4D74AAA-A178-4463-846B-B4BC87A024E0}

    Close regedit and reboot your system.

    Post fresh HJT and AVG Antispyware logs. Let me know if you`re still having any problems.

    Regards Howard :)

    This thread is for the use of Neldy only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  5. bobby123

    bobby123 TS Rookie Posts: 336

    alright howard lad, hows it going. Not spoke to you in a bit, hows life.
     
  6. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    I`m ok bobby123 and thanks for asking mate.

    I hope you`re doing ok too. ;)

    Regards Howard :)

    This thread is for the use of Neldy only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  7. bobby123

    bobby123 TS Rookie Posts: 336

    yer cool thanks, not been on for a while, nice to see youre still helping dude.
     
  8. Neldy

    Neldy TS Rookie Topic Starter

    Ok this isnt going so well now... /:

    did as you instructed, right down to the letter. However, as i was about to restart after doing the Spyware scan i think the virus scanner picked up a virus. which was the mini.exe file.

    Asked to reboot and since then its not been able to reboot back into windows. (normal mode, safe mode / networking still working ((obviously)

    Not quiet sure how to restore windows back to a working platform.

    I disabled automatic reboot after system failure and the bsod said something like, "Fatal error during startup" or something. didnt give a file or anything that was causing it, just said fatal error.
     
  9. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Have you tried a system restore? If not, do the following.

    Click Start/All programmes/Accessories/System Tools/System Restore. When the window appears, click next and choose your most recent restore point.

    See if that helps and post fresh HJT and AVG Antispyware logs.

    Regards Howard :)

    This thread is for the use of Neldy only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  10. Neldy

    Neldy TS Rookie Topic Starter

    System restore is turned off...... and i cannot turn it back on in safe mode.
    I am unable to return to Normal mode to re-turn it back on again!!
     
  11. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Ok, post a fresh HJT and AVG Antispyware log from safe mode. If I can`t find anything in those that will fix your problem, then more drastic action may be needed.

    Regards Howard :)

    This thread is for the use of Neldy only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  12. Neldy

    Neldy TS Rookie Topic Starter

    Gunna just quickly post for you the HJT log as the full avg anti spyware takes like 45mins to do... so hopefully between here and then you spot an obvious problem which will save me 45mins of painfully watching the anti-spyware program for the 10th time in 3 days ;D
     
  13. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Your HJT log is clean, so no help there I`m afraid.

    Sorry, but I need to see the AVG Antispyware log. :(

    I know it`s frustrating, but don`t worry too much just yet. Can you tell me exactly what happens, when you try and boot into normal mode?

    Regards Howard :)

    This thread is for the use of Neldy only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  14. Neldy

    Neldy TS Rookie Topic Starter

    Heh all this from a misclick. my own fault for not paying more attention.
    Your help has been top notch so far and many thanks for your time.

    down to the problem at hand.

    Boot normal, boot screen pops up, loading line goes across the screen as normal (by this i mean it doesnt freeze or lockup at any time). from there when it would normally adjust resolution and display the login screen is when it blacks out my lcd says "Check signal connection" as the computer reboots itself as its failed to enter windows.
     
  15. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Ok, forget the AVG scan for now and do the following.

    Go to the following directory C:\windows\minidumps and see if any dmp files are in there. If there are, attach the latest 5 or 6 minidumps.

    Regards Howard :)

    This thread is for the use of Neldy only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  16. Neldy

    Neldy TS Rookie Topic Starter

    No dump files /:

    Dir empty!
     
  17. Neldy

    Neldy TS Rookie Topic Starter

    and before you ask, i have all the "Hide system files" ect ect turned off. so all files are being displayed.
     
  18. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Click start/run and type sfc /scannow into the runbox and press the enter key. Windows will now look for any damaged or missing OS files and replace them as necessary. You will need to have your Windows disk handy.

    Regards Howard :)
     
  19. Neldy

    Neldy TS Rookie Topic Starter

    Windows File Protection could not initiate a scan of protected system files.

    The specific error code is 0x000006ba [The RPC Server is unavailable].

    ^^^^
    is its reply to that command ... sounds grim /:
     
  20. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Ok, let`s try a Windows repair instead. Instructions can be found HERE.

    Regards Howard :)
     
  21. Neldy

    Neldy TS Rookie Topic Starter

    heres the avg log.... i gota run to work /: running late as is

    i'll try the repair when i get home

    thanks for your time once again! <3
     
  22. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Nope, nothing there to worry about. A windows repair it is then.

    Regards Howard :)

    This thread is for the use of Neldy only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  23. Neldy

    Neldy TS Rookie Topic Starter

    Howard, well... what to say. Thank you is a good start. however let me tell you what happend.

    When i returned to work that evening and tried to use the windows cd to repair something pop'ed up that made sense that i hadnt been able to fit into the equation earlier.

    In the AVG Virus scan it said that the boot sector and i think something to do with the partition table was unable to be scaned. It seems the boot sector and partition table were corrupted. so windows setup was unable to detect where windows was.

    Also i was unable to re-enter windows to backup everything. System was compleatly lost. i've just finished reinstalling and the hole system is back to normal.... minus all my data. (Also i may note that the windows XP cd i own was damaged and not working the way that it should...)

    Thank you once again for all your help.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...