TechSpot

Virus Infection

By Spyder_1386
Sep 28, 2007
  1. hey...just contracted the virus Hacktool.rootkit. I've read through all the previous posted stuff but cant seem to figure out which files are infected... can someone please help? i've attached my hijackthis file onto the server....
     

    Attached Files:

  2. Jase123

    Jase123 Banned Posts: 1,012

    Download Free AVG AntiVirus and save it to a desired location. It is your choice if you want to retain this software or remove it after the cleaning process.
    After downloading, browse where the file was saved and double click to install it.
    After installation, connect to internet and download all necessary updates.

    Also Download SmitfraudFix and save it to a desired location.

    Reboot your computer in SafeMode

    Run AVG and do a thorough scan. Delete all infected files.

    Run and follow the SmitfraudFix procedure, that you downloaded earlier.

    Regards Jase
     
  3. Spyder_1386

    Spyder_1386 TS Rookie Topic Starter Posts: 498

    hey jase.... just a quick question... in the previous s****etions for hacktool.rootkit, people were told to turn off system restore before they booted in safe mode. Do u suggest i do this as well?
     
  4. Rik

    Rik Banned Posts: 3,814

    Your best bet would be to go through the instructions below.

    You need to have a read of this - If your system is infected. Read this before deciding whether to CLEAN or REFORMAT.

    Then if you should wish to proceed with cleaning your system you need to go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.

    Post fresh HJT, Combofix, and AVG Antispyware logs as ATTACHMENTS into this thread, only after doing the above.


    This thread is for the use of Spyder_1386 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  5. Jase123

    Jase123 Banned Posts: 1,012

    yes Spyder_1386.

    This thread is for the use of Spyder_1386 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.


    Regards Jase
     
  6. Spyder_1386

    Spyder_1386 TS Rookie Topic Starter Posts: 498

    thanks a lot rik... will get back to u as soon as i have more info

    Spyder_1386 :)
     
  7. Spyder_1386

    Spyder_1386 TS Rookie Topic Starter Posts: 498

    Thank You! Thank You :)

    I followed the steps one by one and i'm happy to say the virus that plagued me has been taken care of....COMPLETELY :) Not only that, a few other creepy crawlies were also found and destroyed....my pc feels as good as new :)

    Howard, you're a genius.... rik, jase123, thanks for the help as well...it is appreciated greatly :)

    Spyder_1386 :)
     
  8. Jase123

    Jase123 Banned Posts: 1,012

    I am glad to hear this Spyder_1386.

    Regards Jase :wave: :wave:
     
  9. Rik

    Rik Banned Posts: 3,814

    It would still be a good idea to post the requested logs so that we can make certain that your pc is truly clean.



    This thread is for the use of Spyder_1386 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  10. Jase123

    Jase123 Banned Posts: 1,012

    Yes Post fresh HJT, AVG, and smitfraud logs, as rik says.

    Regards Jase

    This thread is for the use of Spyder_1386 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  11. Spyder_1386

    Spyder_1386 TS Rookie Topic Starter Posts: 498

    Files Attached :)

    Hey guys...there's the files that you requested for.... i've got no idea what they say lol so i'll leave it up to u to decide if i'm still infected...

    thanks once again

    Spyder_1386 :)
     
  12. Jase123

    Jase123 Banned Posts: 1,012

    Delete the following, but let rik or Howard check it over first as i am still in training at the MRU. (Malware Remover University)

    * O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

    * O23 - Service: VW - Unknown owner - C:\DOCUME~1\Spyder\LOCALS~1\Temp\VW.exe (file missing)

    Regards Jase

    This thread is for the use of Spyder_1386 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...