TechSpot

Virus & Hijacked?? HJT log attached

By tesser88
Feb 12, 2005
  1. My friend clicked on a link in an away message on AIM. It then became her away message and I believe hijacked her computer. I ran Spybot and Adaware. I also removed WildTangent. Regedit.exe and taskmgr.exe will not remain open. They close within two seconds of opening. By renaming the files I was able to get them opened. I think she may have a virus. I ran Symantec and none were found. I then downloaded and ran AVG and again found nothing. However, this thing still pops up on her AIM program and the original regedit, msconfig, and taskmgr files will not open. Help please!
     
  2. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 25,948   +19

    Hello and welcome to Techspot.

    Go to This Post By RBS and follow the instructions very carefully.

    Might be a good idea to print them out.

    Regards Howard :wave:
     
  3. tbrunt3

    tbrunt3 TS Rookie Posts: 495

    Few things I see

    One Hijackthis needs to be in ITS OWN folder C/HJT this is very important for back up ..

    Do you have all required patches ? I see have SP2 So are your updates current ? as well is your antivirus and spyware program upto date?

    Download and install this program it is called A-squared it is very good if it finds anything have it deleate it..

    http://www.emsisoft.com/en/software/free/

    run this program with all windows closed

    Then install HJT to the right folder and rerun it and post your log here someone will help you out ..
     
  4. tesser88

    tesser88 TS Rookie Topic Starter

    I think I fixed it...but please check the log for me!

    I believe I fixed it. I followed the original post, but I do not believe it was a CWS problem. I installed and ran A-squared afterwards, and it found nothing. I also installed Nod32 as recommended at another site. It found two possible viruses and I had them fixed. I believe it had something to do with Winamp Player. Winamp was not installed on this computer. But when I found it in HJT I didn't think to remove it because I thought it was okay. I did however remove it and I believe my problems are fixed. Will someone please read over my log to make sure I am okay. Thanks!
     
  5. RealBlackStuff

    RealBlackStuff TS Rookie Posts: 8,165

    Your PC is almost clean.
    Boot in Safe Mode
    Switch off System Restore
    UNinstall anything to do with: C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
    then delete the C:\Program Files\Viewpoint directory with everything in it.

    You now have THREE Antivirus programs running, AVG, Symantec and Nod32.
    This is overkill and will get your PC into trouble sooner rather than later.
    If you paid for Nod32, uninstall the others.
    If you paid for Norton/Symantec, let the subscription run out, then replace it with the (free) AVG.
     
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.