TechSpot

Some real creepy stuff.. [HJT log + pics]

By PenguinX
Dec 25, 2006
  1. Alright so earlier I was playing Dawn of War DC, then I quit the game and noticed my computer was kinda sluggish. So I restarted but the problem persists. I ran AVG and Spybot S&D and nothing came up. I tried running AdAware, but it gets stuck on a reg key at around the ~71k mark, and won't proceed further.

    Also, I cannot access the control panel without it giving me an explorer.exe error and restarting explorer.
    [​IMG]
    This is what happens if I click the little Windows security center icon in the taskbar.
    [​IMG]

    When I look at task manager, under username all that appears are boxes.

    [​IMG]

    And while uploading the log I got a dialog box asking if I wanted to "Format C" so I'm kinda freaked out now. Thanks for looking.
     
  2. kitty500cat

    kitty500cat TS Evangelist Posts: 2,154   +6

    Before doing any fixing with HijackThis, read this thread. This will help you determine what you want to do with you computer.
    Cheers
     
  3. PenguinX

    PenguinX TS Rookie Topic Starter

    Well I would love to leave formating as a last effort, I had to do it this summer and it's always a real pain. So, I guess "Clean".
     
  4. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Hello and welcome to Techspot.

    Go and read this thread HERE, then post a fresh renamed HJT log. Make sure you place HJT in the proper location.

    Regards Howard :wave: :wave:

    This thread is for the use of PenguinX only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  5. PenguinX

    PenguinX TS Rookie Topic Starter

    Ok, this log is after the whole .exe renaming and location switching.
     
  6. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Run HJT with no other programmes open. Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).

    O4 - Global Startup: restore.bat

    Click on the fix checked button.

    Close HJT and reboot your system.

    Post a fresh HJT log and let me know if you`re still having problems.

    Regards Howard :)

    This thread is for the use of PenguinX only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  7. PenguinX

    PenguinX TS Rookie Topic Starter

    Aye, unfortunately the symptoms I listed still persist, and I can see no obvious change regarding the deleted file. New log attached.
     
  8. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Your HJT log is clean.

    Go HERE and follow the instructions for downloading, installing and running AVG Antispyware. Post an AVG Antispyware log.

    If that turns out to be clean, then I suggest you do a Windows repair as per this thread HERE.

    Regards Howard :)

    This thread is for the use of PenguinX only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  9. PenguinX

    PenguinX TS Rookie Topic Starter

    Thanks for the continued help Howard!

    I ran the AVG anti spyware, and it picked up a bunch of cookies, and a trojan (!), and some dropper thing. Not sure if I was supposed to, but I deleted all of these as instructed by the program. Log attached is below the deletion. This, however, still does not solve the problem, and another run of AdAware again stops it at that registry entry, so it seems the problem lies in my registry somewhere. Should I do the repair or is there another course of action?
     
  10. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Do the following.

    Turn off system restore.(XP/ME only) See how HERE.

    Now turn system restore back on. This will have deleted all your restore points and the trojans that are in them. It will also have created a new restore point.

    Now run a Windows repair as per the instructions in the link I gave you.

    let us know the results please.

    Regards Howard :)

    This thread is for the use of PenguinX only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  11. PenguinX

    PenguinX TS Rookie Topic Starter

    Can't believe this, it's still going on... even after all that. *Sigh* so much for toiling away to keep my system in tip-top shape.:dead:
     
  12. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    If that`s after doing a Windows repair, you probably need to think about backing up your important data and doing a complete reformat and reinstall.

    Regards Howard :(

    This thread is for the use of PenguinX only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  13. PenguinX

    PenguinX TS Rookie Topic Starter

    Yep that's after the repair. At least I got some time to back up stuff and whatnot... :(

    Thanks for all the help.
     
  14. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Either your system still has someting nasty on it that isn`t showing up in scans, or the infections you did have, have damaged the OS.

    Once you`re finished, please let us know how things turn out.

    I`m sorry I wasn`t able to help you effectively.

    Good luck.

    Regards Howard :(

    This thread is for the use of PenguinX only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  15. PenguinX

    PenguinX TS Rookie Topic Starter

    Well in it's last death throes the virus/whatever has blocked access to my USB and shared docs...
     
  16. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    I`m sorry to hear that mate.

    It definitely sounds like a reformat time.

    Regards Howard :(

    This thread is for the use of PenguinX only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  17. PenguinX

    PenguinX TS Rookie Topic Starter

    I'm back from the hospital and on the front line. ;)

    Um, not really much more to say, obviously everything running smoothly now, luckily I still had most of my data saved so I didn't really lose much or anything important.
     
  18. kitty500cat

    kitty500cat TS Evangelist Posts: 2,154   +6

    That's cool. If you have any more problems you know where to ask :D
    Cheers
     
  19. PenguinX

    PenguinX TS Rookie Topic Starter

    Yeah thanks again. :D
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...