TechSpot

Rookie in need of help - hjt report attached

By Jewell
Oct 25, 2007
  1. Please could someone have a look at this log and try to help.

    explorer has been hi-jacked whenever i click on a google link it takes me to other websites?

    Thanks in advance for your help


    David
     
  2. AlbertLionheart

    AlbertLionheart TechSpot Chancellor Posts: 2,026

    first rename hijackthis.exe to analysis.exe.
    Run it again and fix the following entriies
    O2 - BHO: (no name) - {DE40C2D8-2FB2-B67A-1CE6-F53BC02F79E3} - (no file)
    O2 - BHO: (no name) - {FFFFDA2C-A0D5-4D60-8EE1-1B7F8929E24D} - (no file)
    O3 - Toolbar: (no name) - {DB9AAB9A-4883-A4AF-BC35-046D6DD1C931} - (no file)
    anything in 016
    anything in 017
    otherwise looks OK.
     
  3. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Hello and welcome to Techspot.

    Do not fix anything yet.

    Your system has been hijacked. Those 017 entries are part of the hijacker.

    Very Important: Before deciding whether you should clean or reformat your system, go and read this thread HERE and decide what it is you want to do.

    If after reading the above, you wish to clean your system, do the following.

    Please download FixWareout from one of these sites:
    http://downloads.subratam.org/Fixwareout.exe
    http://www.bleepingcomputer.com/files/lonny/Fixwareout.exe

    Save it to your desktop and run it. Click Next, then Install, make sure "Run fixit" is checked and click Finish.
    The fix will begin; follow the prompts. You will be asked to reboot your computer; please do so. Your system may take longer than usual to load; this is normal.

    Then, go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.

    Post fresh HJT, AVG Antispyware and Combofix logs as Attachments into this thread, only after doing the above.

    Also, let me know the results of the Panda Antirootkit scan and the C:\fixwareout\report.txt

    Regards Howard :wave: :wave:

    This thread is for the use of Jewell only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...