1. TechSpot is dedicated to computer enthusiasts and power users. Ask a question and give support. Join the community here.
    TechSpot is dedicated to computer enthusiasts and power users.
    Ask a question and give support.
    Join the community here, it only takes a minute.
    Dismiss Notice

Trojan & Hijacker, Cant Remove

By verz09
Dec 18, 2008
  1. Hi guys, I really need some help here as I tried a lot of things and I can't remove the problem.

    I got a trojan a while back and then some more but then I later deleted them using various softwares, but now I don't know why sometimes the computer will still get hijacked such as Windows restarting or shutting down or Norton being closed automatically, I think a port is still open and something is running there so even though the scan doesn't show anything, malware is still getting me.

    Anyway, I've attached the HijackThis log, I didn't post the Malwarebyte or SAS logs because nothing was detected. Let me know what else you need.

    Please take a look at it and tell me what to do, thanks in advance.
  2. rf6647

    rf6647 TS Maniac Posts: 829

    I will follow a plan developed by mflynn that is geared toward wide coverage. Successive application of the tools removes parts of the infection that mask the 'real bad guy'. Every step improves the chances that the next step will succeed. When a tool does not work, make note and move to the next tool. We are trying to get info and cleaning where we can. I want the tools to do the heavy work for us. MBAB is expected to do its share to remove parts of the infestation, ComboFix will take it to the next level.
    D/L install and run ATF-Cleaner clear all except passwords in all browsers you have. Run repeatedly until no more found.


    D/L Xclean_Micro http://www.xblock.com/download/xclean_micro.exe
    No install, just run it delete all it finds decline to reboot on each item found, until the program finishes then reboot.

    Xclean will run minimized and will pop up a window if it finds anything. If it finds nothing it will exit.

    Please make a note of what it found if any as it has no log.
    If it finds several things reboot to Safe Mode and run again before continuing below.

    Get and run Malware Removal Tool by Joe Pestro http://majorgeeks.com/Malware_Removal_Tool_d4632.html

    When above is completed reboot back to Safe Mode Networking and do the following..


    When Fixit.cmd finishes it will reboot to normal.



    NOTE: If you have had ComboFix more than a few days old delete and re-download.

    Get it here: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
    Or here: http://subs.geekstogo.com/ComboFix.exe

    Double click combofix.exe follow the prompts.

    When finished, it will open a log.
    Attach the log and a new HJT log in your next reply.

    Note: Do not click combofix's window while its running. That may cause it to stall.

    Other reference
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...