Hijack This review request
- Thread starter chipperh
- Start date
- Status
D
dayslayer8
Hi chipperh
mabye you would like to look at this first, the 8 steps you should do when you believe you've encounted a virus/malware
https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
mabye you would like to look at this first, the 8 steps you should do when you believe you've encounted a virus/malware
https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Bobbye
Posts: 16,313 +36
Some NOTES for your consideration:
1. Posting the HijackThis log only is not sufficient for a review. While one problem might have been resolved, it is almost certain that some malware is still on the system. While you have 'assumed' that simply running the cleaning programs has resolver all the malware problems, that is not the case.
2. You are running out-dated versions of Java and Adobe Reader. These are security risks
(Acrobat 7.0> s/b v9.01, jre1.6.0_07> s/b v6u13.
3. None of the scans can be relied on to be accurate because you are running 2 Real Time Protection programs: TeaTimer and Spysweeper. Per Step 3, these are suppose to be temporarily disabled while cleaning as they can interfere with the scans.
4. You have 4 Domains in the Trusted Zone which do not need to be there.
5. You are running the AskBar and Smiley Central, both known adware contributors:
6. You have an entry in the log which is only displayed if it is malware:
7. You have entries set for Global Startup which are incomplete. And Global means that they will start up no matter which user account is being used:
IF you would like to complete the cleaning properly, please follow the Steps HERE and attach all three logs for review when finished.
And one final comment: you are starting up with an excessive number of running processes, processes loading from programs on the Startup Menu and the Registry. you have an excessive number of Services set to Automatic.
My guess is that your startup and shutdown are slow and your surfing speed is slow because of the excessive processes.
1. Posting the HijackThis log only is not sufficient for a review. While one problem might have been resolved, it is almost certain that some malware is still on the system. While you have 'assumed' that simply running the cleaning programs has resolver all the malware problems, that is not the case.
2. You are running out-dated versions of Java and Adobe Reader. These are security risks
(Acrobat 7.0> s/b v9.01, jre1.6.0_07> s/b v6u13.
3. None of the scans can be relied on to be accurate because you are running 2 Real Time Protection programs: TeaTimer and Spysweeper. Per Step 3, these are suppose to be temporarily disabled while cleaning as they can interfere with the scans.
4. You have 4 Domains in the Trusted Zone which do not need to be there.
5. You are running the AskBar and Smiley Central, both known adware contributors:
6. You have an entry in the log which is only displayed if it is malware:
7. You have entries set for Global Startup which are incomplete. And Global means that they will start up no matter which user account is being used:
IF you would like to complete the cleaning properly, please follow the Steps HERE and attach all three logs for review when finished.
And one final comment: you are starting up with an excessive number of running processes, processes loading from programs on the Startup Menu and the Registry. you have an excessive number of Services set to Automatic.
My guess is that your startup and shutdown are slow and your surfing speed is slow because of the excessive processes.
Thank you Bobbye,
I've since run the 8 step cleaning process twice, but will run once more ensuring that I shut down Spysweeper and Spybot s&d Teatimer.
Thank you for the time you've spent anayzing the log file I've sent. I will get busy with what you've instructed me with and re-upload the three files when complete.
Again,
Thank you.
Chip
I've since run the 8 step cleaning process twice, but will run once more ensuring that I shut down Spysweeper and Spybot s&d Teatimer.
Thank you for the time you've spent anayzing the log file I've sent. I will get busy with what you've instructed me with and re-upload the three files when complete.
Again,
Thank you.
Chip
OK! I have some log files to post. I sincerely hope that one of you guys can provide some enlightenment to me. I've done the scans. When clicking on a google search item, the browser still takes me someplace else.
I disabled Teatimer and spysweeper for the scans. I was going to disable NAV autoprotect, but the autoprotect selection says "ERROR" and I cannot toggle it. I may have to re-install Norton System works.
I really appreciate you taking the time to help me.
THank you in advance.
Chip
I disabled Teatimer and spysweeper for the scans. I was going to disable NAV autoprotect, but the autoprotect selection says "ERROR" and I cannot toggle it. I may have to re-install Norton System works.
I really appreciate you taking the time to help me.
THank you in advance.
Chip
touch
Posts: 976 +0
I know it is Webroot Spy Sweeper.
But is it this version you have ->
http://www.webroot.com/En_US/consumer-products-spysweeper.html
Or, this one
http://www.webroot.com/En_US/consumer-products-internetessentials.html
But is it this version you have ->
http://www.webroot.com/En_US/consumer-products-spysweeper.html
Or, this one
http://www.webroot.com/En_US/consumer-products-internetessentials.html
touch
Posts: 976 +0
Ok. Deactivate All programs from msconfig (except your security programs)
Look here how to:
http://netsquirrel.com/msconfig/
It will stop many processes.
If you afterwards get any errors/messages on Bootup, activate the program/s there give you the message.
Look here how to:
http://netsquirrel.com/msconfig/
It will stop many processes.
If you afterwards get any errors/messages on Bootup, activate the program/s there give you the message.
Bobbye
Posts: 16,313 +36
FYI: Real Time Protection is still running:[/B]
Remove bad HijackThis entries
• Run HijackThis
• Click on the System Scan Only button
• Put a check beside all of the items listed below (if present):
• Close all open windows and browsers/email, etc...
• Click on the "Fix Checked" button
• When completed, close the application.
Chip, you have a lot of processes running from National Instruments. Are you actively using that program? All parts of it? there are many processes starting up that don't need to be. I can help you with that.
Are you still getting redirected while using Firefox? If you are, I have a program specifically for this- let me know and 'll give you the info. We never dealt with the logs.
Remove bad HijackThis entries
• Run HijackThis
• Click on the System Scan Only button
• Put a check beside all of the items listed below (if present):
• Close all open windows and browsers/email, etc...
• Click on the "Fix Checked" button
• When completed, close the application.
Chip, you have a lot of processes running from National Instruments. Are you actively using that program? All parts of it? there are many processes starting up that don't need to be. I can help you with that.
Are you still getting redirected while using Firefox? If you are, I have a program specifically for this- let me know and 'll give you the info. We never dealt with the logs.
Thank you.
I have removed the recommended items after scanning with HJT.
I am using LabView fairly regularly, but only stand alone (No GPIB, DAQ, or external interface in use). In about two weeks, I will be done using it for a while (at least on this machine). If there are processes I can eliminate, I am all ears (eyes).
I just played around with FireFox, google searched. I did get redirected when selecting some of the search results. Some of them connected correctly.
Suggestions?
And thank you, seems your recommendations are making some difference.
Chip
I have removed the recommended items after scanning with HJT.
I am using LabView fairly regularly, but only stand alone (No GPIB, DAQ, or external interface in use). In about two weeks, I will be done using it for a while (at least on this machine). If there are processes I can eliminate, I am all ears (eyes).
I just played around with FireFox, google searched. I did get redirected when selecting some of the search results. Some of them connected correctly.
Suggestions?
And thank you, seems your recommendations are making some difference.
Chip
touch
Posts: 976 +0
Sounds good our recommendations are making some difference 
Please download http://www.geekstogo.com/forum/redirect.php?url=http://jpshortstuff.247fixes.com/GooredFix.exe
and save it to your Desktop.
Double-click Goored.exe to run it. Select 1. Find Goored (no fix) by typing 1 and pressing Enter. A log will open, please post the contents of that log in your next reply (it can also be found on your desktop, called Goored.txt).
Note: Do not run Option #2 yet.
Please download http://www.geekstogo.com/forum/redirect.php?url=http://jpshortstuff.247fixes.com/GooredFix.exe
and save it to your Desktop.
Double-click Goored.exe to run it. Select 1. Find Goored (no fix) by typing 1 and pressing Enter. A log will open, please post the contents of that log in your next reply (it can also be found on your desktop, called Goored.txt).
Note: Do not run Option #2 yet.
- Status
Similar threads
