TechSpot

Total newby-need help with HJT log

By huntwell
Dec 7, 2007
  1. I found a trojan yesterday and have performed all of the suggested operations (HJT, SmitfraudFix, etc.) I was wondering if someone would not mind taking a look at my HJT log and letting me know if there is anything else that I need to get rid of.

    When I tried to include the log in this post, I was told that I had to post at least three posts before I could include any links. I am not sure what I was doing wrong? Am I not able to cut and past the log info from HJT Notepad log list into this message?

    If someone could help me with this I would appreciate it. I am totally new to all this stuff so I am thankful for your understanding.
     
  2. Rik

    Rik Banned Posts: 4,985

    Hi huntwell and welcome to TechSpot.:wave:

    We ask everyone with malware to post their logs as ATTACHMENTS to make life a little easier for us.

    Have a thorough read of the instructions.

    You need to have a read of this - If your system is infected. Read this before deciding whether to CLEAN or REFORMAT.

    Then if you should wish to proceed with cleaning your system you need to go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.

    Post fresh HJT, Combofix, and AVG Antispyware logs as ATTACHMENTS into this thread, only after doing the above.
    We also need to know the result of Panda Antirootkit.


    Do not post your results here, instead, start a new thread in the Security and the Web forum.
     
  3. Daveskater

    Daveskater Banned Posts: 2,031

    Hello, huntwell, and welcome to Techspot :wave:

    Please take a moment to read the following threads to make your experience here as enjoyable as possible :)

    Message for all newcomers

    SNGX1275's Guide to making a good post/thread

    The Techspot FAQ

    If you could take a minute to fill in some of your profile information that would be helpful to all members of the forum :)
    Knowing someone's location in the world can be extremely helpful, even if you just put a country.

    Also remember to post any problems or questions that you have in the appropriate forums

    With regards to your problem, like Rik said, start a new thread in the Security and the Web forum, but you will need to post a reply to this thread so that it will let you attach your log.
     
  4. Rik

    Rik Banned Posts: 4,985

    Sorry Daveskater, thats not correct. Anyone can attach files no matter how few post they have made, its putting links into a post that cant be done. This is i believe a spammer countermeasure.
     
  5. Daveskater

    Daveskater Banned Posts: 2,031

    Ahhh, ok, he said that he couldn't post a link until 3 posts and there's no log attached so i kind of put 2 and 2 together ;)

    Although I was confused as to how all the other new members had managed to post logs :D
     
  6. Rik

    Rik Banned Posts: 4,985

    No probs mate. It's one of those things that isn't obvious really.:) I think you put 3 and 3 together. :D
     
  7. Daveskater

    Daveskater Banned Posts: 2,031

    Haha, that I did ;)

    Why didn't i think of that one :blush: nice one, mate
     
  8. huntwell

    huntwell TS Rookie Topic Starter

    checking back in after implementing suggestions to clean my computer

    Hello all,

    First, I wanted to thank all of you for taking the time to help me out, your assistance has been tremendous!

    OK, so I went through and followed the directions and went through all of the steps as best I could for cleaning the computer as Julio suggests.

    Step 1-I think I disabled all of the running operations, but I can't be 100% since I am not the most tech savy.

    Step 2-I already had AVG installed, and I installed Comodo firewall.

    Step 3-I ran the online scanner and it only found a problem in the backup files in a folder found with HijackThis. I promptly deleted the folder. I am not sure this was an actual problem however. Maybe someone can tell me.

    Step 4-already downloaded HJT software before going on to this tech site since I found out about it from another site.

    Step 5-Renamed HJT.

    Step 6-Changed AVG to inactive.

    Step 7-already have SS&D installed. Disabled TeaTimer. Question: where would I look to see if I accidentally accepted the trojan and now SS&D has let it be part of the registry?

    Step 8-Already had Ad-Aware. Question: when I ran Ad-Aware, it crashed and Windows had to shut it down. This happened several times when it reached about 3 min 45 sec. into the scanning when it got to the scanning for cookies segment. I have SuperAntispyware and have used it and I am wondering if there could be a software conflict or maybe I have some other program that interferes with Ad-Aware.

    Step 9-Downloaded and ran Ccleaner.

    Step 10-I downloaded and ran all three tools recommended. I will provide a log.

    Step 11-For some reason, I could not get Panda Antirootkit to download and install. I did already have AVG Antirootkit and ran it. It found nothing.

    Step 12-I never downloaded Combofix since I have come across the warnings before.

    Step 13-I booted up in Safe Mode and enabled the viewing of hidden files.

    Step 14-Ran SS&D and I will provide a log of what it found. I don't think it really found a problem however. Couldn't get Ad-Aware to run properly. AVG Antispyware found nothing.

    Step 15-ran HJT and will provide log.

    Before I came to this tech board I did go through and locate the specific files that are associated with this Trojan so maybe I was able to get rid of it. The file name was:stream32a.dll

    I also found info indicating that 02 BHO (no name)-{7E853D72-626A-48EC-A868-BA8D5E23E045}-(no file) is also a problem so I had HJT remove it. I do not see it any longer.

    Thank you all so much for your help with this. I am a poor college student and do not have the money to pay someone to fix this kind of stuff so your time is very valuable to me.
     
  9. Rik

    Rik Banned Posts: 4,985

    You have only posted 1 of the logs I asked for and 2 that I didn't.


    I also asked you to make a new thread in the Security and the Web forum and Not to post your results here.
     
  10. huntwell

    huntwell TS Rookie Topic Starter

    My apologies Rik,

    I will post a new thread in the Security forum with the appropriate attachments.

    Thanks
     
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.