Somebody read my hijackthis log please?

By topps999 ยท 8 replies
Apr 2, 2008
  1. i recently reinstalled windows xp, as i was getting a blue screen crash error due to a driver stop error (or something) so i reinstalled windows xp, and have now got everything working properly, but i noticed that wen i installed it i was getting pop ups strait away, and i hadnt even been on the internet (but i was connected), and my zonealarm and avast security are going mental and everytime i get on windows i have loads of viruses like BN5, BN4, ibqvkxox.exe and many more... so i have sorted them out now (i think) but i still keep getting different virus messages, so i did a hijack this log, could somebody please read it for me and tell me my best solution (ps. remember i only just installed it, so a system recovery will not be any good as i was getting pop up message (most probably viruses) when i first got on)

    THANKS !!! -topps-
  2. kritius

    kritius TS Guru Posts: 2,084

    Next please follow these instructions. Your version of Hijackthis is out of date/installed in wrong folder

    First please go to Start -> Control Panel -> Add/remove programs and uninstall Hijackthis.

    Highjackthis Instructions
    • Make sure you have the LATEST version of HJT (currently v2.0.2) it can be downloaded from HERE
    • Run the HijackThis Installer and it will automatically place HJT in C:\Program Files\TrendMicro\HijackThis\HijackThis.exe. Please don't change the directory.
    • After installing, the program launches automatically, close it

    Download SDFix and save it to your Desktop.

    Double click SDFix.exe and it will extract the files to %systemdrive%
    (Drive that contains the Windows Directory, typically C:\SDFix)

    Please then reboot your computer in Safe Mode by doing the following :
    • Restart your computer
    • After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
    • Instead of Windows loading as normal, the Advanced Options Menu should appear;
    • Select the first option, to run Windows in Safe Mode, then press Enter.
    • Choose your usual account.
    • Open the extracted SDFix folder and double click RunThis.bat to start the script.
    • Type Y to begin the cleanup process.
    • It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot.
    • Press any Key and it will restart the PC.
    • When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
    • Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt
      (Report.txt will also be copied to Clipboard ready for posting back on the forum).
    • Finally attach the Report.txt back on the forum with a new HijackThis log
  3. raybay

    raybay TS Evangelist Posts: 7,241   +10

    I would reinstall Windows XP once more from a cold boot, and immediately get all the downloads, and setup your security and ZoneAlarm before adding anything else.
    I would not use a System Recovery if you have any other way.
  4. topps999

    topps999 TS Rookie Topic Starter Posts: 139

    ok, did everything u said, here is my new hijackthis log and report
  5. kritius

    kritius TS Guru Posts: 2,084

    Looking slightly better ill have to post instructions later though, its gotten busy in work an I would like to keep my job. If Blind Dragon is about maybe he could go ahead?

    If not ill be back in a few hours.
  6. topps999

    topps999 TS Rookie Topic Starter Posts: 139

    okay, thanks, btw i keep getin a bad_pool_caller screen error, and another blue screen error (didnt get the name of the second one as it scrolled itself down before i could check it out) thanks a lot kritius :)
  7. raybay

    raybay TS Evangelist Posts: 7,241   +10

    Bad_pool_Caller is often a software or hardware conflict, or a Windows corruption, or a device failure.
    If you can locate a copy of Service Pack 2 disk (the official Microsoft Copy for ($3.40 at microsoft) (Not the Download version) that will repair most Windows errors. Service Pack 2 will repair some Windows errors with little pain.
    You may have a hardware error that could be memory, hard drive, or other device.
    But the usual problems are a device driver conflict with two devices fighting for the same access. Do you have two optical drives installed? Or two software installs for the same drive... such as Record Now, Sonic, Nero, CD Creator? Too many Antivirus or Antispyware packages... Audio programs combating for the same output? Think about any recent software installs... it could have happened then.

    Post here the detains or numbers from the BSOD... that may enable us to help you, as some of that code can be useful.
  8. kritius

    kritius TS Guru Posts: 2,084

    Fix entries using HiJackThis
    • Launch HiJackThis
    • Click the Do a system scan only button
    • Put a check next to the entries listed below
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: (no name) - {96669760-C213-4524-B61D-1D3A10190F18} - C:\WINDOWS\system32\compob.dll
    O2 - BHO: (no name) - {A036E01F-39CF-4BF3-9B79-41FF8C950E4E} - C:\WINDOWS\system32\compob.dll
    O4 - HKCU\..\Run: [vrsyxhtn] C:\WINDOWS\system32\ibqvkxox.exe
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O21 - SSODL: SysSetup - {8769e50f-9bf0-4ce1-9b78-01d28c9d637e} - C:\WINDOWS\Installer\{8769e50f-9bf0-4ce1-9b78-01d28c9d637e}\SysSetup.dll (file missing)
    O23 - Service: Creative Service for CDROM Access - Unknown owner - C:\WINDOWS\system32\CTsvcCDA.exe (file missing)
    O23 - Service: ERSvc - Unknown owner - C:\DOCUME~1\Luke\LOCALS~1\Temp\1\svchost.exe (file missing)

    • IMPORTANT: Do NOT click fix until you exit all browser sessions including the one you are reading in right now
    • Click the Fix checked button and close HiJackThis

    Delete Files on Reboot
    • Start Hijackthis
    • Click on the Config button
    • Click on the Misc Tools button
    • Click on the button labeled Delete a file on reboot...
      A new window will open asking you to select the file that you would like to delete on reboot.
    • Navigate to each file and click on it once, and then click on the Open button.
    • You will now be asked if you would like to reboot your computer to delete the file.
    • Click on the Yes button if you would like to reboot now, otherwise click on the No button to reboot later.

    after the reboot,

    Download and Run Malwarebytes' Anti-Malware
    Please download Malwarebytes' Anti-Malware to your desktop.
    • Double-click mbam-setup.exe and follow the prompts to install the program.
    • At the end, be sure a checkmark is placed next to:
      • Update Malwarebytes' Anti-Malware
      • Launch Malwarebytes' Anti-Malware
    • Then click Finish.
    • If an update is found, it will download and install the latest version.
    • Once the program has loaded, select Perform full scan, then click Scan.
    • When the scan is complete, click OK, then Show Results to view the results.
    • Be sure that everything is checked, and click Remove Selected.
    • When completed, a log will open in Notepad. please attach the log into your next reply.
    • If you accidently close it, the log file is saved here and will be named like this: C:\Documents and Settings\<your username>\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt

    after MBAM is finshed run HijackThis again and post a fresh log.
  9. topps999

    topps999 TS Rookie Topic Starter Posts: 139

    ok did everything u said... here new hijackthis log and scan report... thanks :)
Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...