Rookie in need of help - hjt report attached
- Thread starter Jewell
- Start date
- Status
AlbertLionheart
Posts: 1,997 +3
first rename hijackthis.exe to analysis.exe.
Run it again and fix the following entriies
O2 - BHO: (no name) - {DE40C2D8-2FB2-B67A-1CE6-F53BC02F79E3} - (no file)
O2 - BHO: (no name) - {FFFFDA2C-A0D5-4D60-8EE1-1B7F8929E24D} - (no file)
O3 - Toolbar: (no name) - {DB9AAB9A-4883-A4AF-BC35-046D6DD1C931} - (no file)
anything in 016
anything in 017
otherwise looks OK.
Run it again and fix the following entriies
O2 - BHO: (no name) - {DE40C2D8-2FB2-B67A-1CE6-F53BC02F79E3} - (no file)
O2 - BHO: (no name) - {FFFFDA2C-A0D5-4D60-8EE1-1B7F8929E24D} - (no file)
O3 - Toolbar: (no name) - {DB9AAB9A-4883-A4AF-BC35-046D6DD1C931} - (no file)
anything in 016
anything in 017
otherwise looks OK.
howard_hopkinso
Posts: 21,238 +17
Hello and welcome to Techspot.
Do not fix anything yet.
Your system has been hijacked. Those 017 entries are part of the hijacker.
Very Important: Before deciding whether you should clean or reformat your system, go and read this thread HERE and decide what it is you want to do.
If after reading the above, you wish to clean your system, do the following.
Please download FixWareout from one of these sites:
http://downloads.subratam.org/Fixwareout.exe
http://www.bleepingcomputer.com/files/lonny/Fixwareout.exe
Save it to your desktop and run it. Click Next, then Install, make sure "Run fixit" is checked and click Finish.
The fix will begin; follow the prompts. You will be asked to reboot your computer; please do so. Your system may take longer than usual to load; this is normal.
Then, go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.
Post fresh HJT, AVG Antispyware and Combofix logs as Attachments into this thread, only after doing the above.
Also, let me know the results of the Panda Antirootkit scan and the C:\fixwareout\report.txt
Regards Howard :wave: :wave:
This thread is for the use of Jewell only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Do not fix anything yet.
Your system has been hijacked. Those 017 entries are part of the hijacker.
Very Important: Before deciding whether you should clean or reformat your system, go and read this thread HERE and decide what it is you want to do.
If after reading the above, you wish to clean your system, do the following.
Please download FixWareout from one of these sites:
http://downloads.subratam.org/Fixwareout.exe
http://www.bleepingcomputer.com/files/lonny/Fixwareout.exe
Save it to your desktop and run it. Click Next, then Install, make sure "Run fixit" is checked and click Finish.
The fix will begin; follow the prompts. You will be asked to reboot your computer; please do so. Your system may take longer than usual to load; this is normal.
Then, go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.
Post fresh HJT, AVG Antispyware and Combofix logs as Attachments into this thread, only after doing the above.
Also, let me know the results of the Panda Antirootkit scan and the C:\fixwareout\report.txt
Regards Howard :wave: :wave:
This thread is for the use of Jewell only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
- Status
Similar threads
Latest posts
-
Gigabyte confirms "Ryzen 9000" branding for AMD's upcoming Zen 5 CPUs- antiproduct replied
