Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Cant Open Virus Protection Nor Search Those Words?


  • Please log in to reply
13 replies to this topic

#1 Lorix10

Lorix10

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:30 PM

Posted 31 January 2008 - 11:14 PM

I have a dell laptop (Microsoft Windows XP)

Granted, I was doing something earlier today I shouldn't of been doing and that was looking for torrents for a software.
I spent a couple hours looking and even downloaded lime wire. I got tired and found a website that had the actual program for cheap.
I just exited out of all the websites I was looking at. I did a lot more looking and reading then downloading but I did downloaded 2 or 3 things in that time period that didn't work so i just deleted them.
About 10 or 15 minutes later I try to run my Spybot - Search and Destroy and it wouldn't open so I tried opening my Symantec AntiVirus and that wouldnt open either. Or It would open for a second and exit out.

I was downloading something in limewire but canceled it at 83%.

So I thought maybe re-install them. I go to google and if i type anything virus protection, scanner, spybot, Symantec AntiVirus related words my Firefox or IE just exists out.
I cant download, search or click any link containing these various words. So i cant even do a scan to see what I have.
For instance I went to download.com and couldnt download any of the free virus scanners.

I havent run my virus scanners lately but Im pretty sure it was from what I did today. My computer was acting weird yesterday but I was just watching movies online.

So i really dont know what to do from here. If anyone has anything in mind that would be great,
thank you in advance.

ps. I did search for this topic but I didnt find it.

Edited by Lorix10, 31 January 2008 - 11:16 PM.


BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 52,068 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:30 PM

Posted 01 February 2008 - 11:00 AM

Download HostsXpert - Hosts File Manager
  • Extract (unzip) HostsXpert.zip to a a permanent folder on your hard drive such as C:\HostsXpert
  • Double-click HostsXpert.exe to start the program.
  • When the program opens, click the "Restore MS Hosts File" button in the left pane.
  • Click "Make Hosts Writable?" (if available).
  • Click "Restore Microsoft's Hosts file" when prompted and then click "OK".
  • Exit Hoster when done.
Note: If you were using a custom Hosts file you will need to replace any of those entries yourself.

Please follow the the instructions for using Vundofix in BC's self-help tutorial: "How To Remove Vundo/Winfixer Infection".

After running VundoFix, a text file named vundofix.txt will have automatically been saved to the root of the system drive, usually at C:\vundofix.txt. Please copy & paste the contents of that text file into your next reply.

Then perform an Online Virus Scan like BitDefender.
(These require Internet Explorer to work. Watch the Address bar in IE. You may receive alerts that "This site might require the following ActiveX control...Click here to install...". Click on that alert and then Click Install ActiveX component. If given the option, choose "Quarantine" instead of delete.)
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 Lorix10

Lorix10
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:30 PM

Posted 01 February 2008 - 08:30 PM

Hello,
thank you for the response,
Unfortunately, I don't know what this means exactly Note: If you were using a custom Hosts file you will need to replace any of those entries yourself. I am guessing it had something to do with why HostsXpert did not work.

I ran Vundofix but it didn't find anything. This was in the file.

VundoFix V6.7.7
Checking Java version...
Java version is 1.5.0.6
Old versions of java are exploitable and should be removed.
Scan started at 5:42:03 PM 2/1/2008
Listing files found while scanning....
No infected files were found.
Beginning removal...

VirtumundoBeGone wouldn't work for me. So I couldn't do there second option.

I then did BitDefender, which deleted some files but I still cant open any of my scanners.

#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 52,068 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:30 PM

Posted 01 February 2008 - 10:49 PM

There are no shortcuts or guarantees when it comes to malware removal. Sometimes it takes several efforts with different tools to do the job. Even then, with some types of malware infections, the task can be arduous. In some instances an infection may have caused so much damage to your system that it cannot be successfully cleaned or repaired. In those cases, recovery is not possible and the only option is to reformat/reinstall the OS.

Some types of malware will disable your anti-virus and contaminate A HOSTS file to prevent access to valid security web sites. HostsXpert can remove these hosts file mappings and restore them to defaults so you can access those sites again. It will not remove the infection but doing that may allow you access again.

Your Java version is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system but you can update later.

Please download SDFix by AndyManchesta and save it to your desktop.
alternate zipped version
When using this tool, you must use the Administrator's account or an account with "Administrative rights"
  • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with SDFix or remove some of its embedded files which may cause "unpredictable results".
  • Click on this link to see a list of programs that should be disabled. The list is not all inclusive.
  • Disconnect from the Internet before running SDFix.
  • Double click SDFix.exe and it will extract the files to %systemdrive%
  • (this is the drive that contains the Windows Directory, typically C:\SDFix).
  • DO NOT use it just yet.
Reboot your computer in "Safe Mode" using the F8 method. To do this, restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly. A menu will appear with several options. Use the arrow keys to navigate and select the option to run Windows in "Safe Mode".

Open the SDFix folder and double click RunThis.bat to start the script.
  • Type Y to begin the cleanup process.
  • It will remove any Trojan Services or Registry Entries found then prompt you to press any key to Reboot.
  • Press any Key and it will restart the PC.
  • When the PC restarts, the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
  • Once the desktop icons load, the SDFix report will open on screen and also save a copy into the SDFix folder as Report.txt.
  • Copy and paste the contents of Report.txt in your next reply.
  • Be sure to re-enable your anti-virus and other security programs before connecting to the Internet.
-- If this error message is displayed when running SDFix: "The command prompt has been disabled by your administrator. Press any key to continue..."
Please go to Start Menu > Run > and copy/paste the following line:
%systemdrive%\SDFix\apps\swreg IMPORT %systemdrive%\SDFix\apps\Enable_Command_Prompt.reg
Press Ok and then run SDFix again.

-- If the Command Prompt window flashes on then off again on XP or Win 2000, please go to Start Menu > Run > and copy/paste the following line:
%systemdrive%\SDFix\apps\FixPath.exe /Q
Reboot and then run SDFix again.

-- If SDFix still does not run, check the %comspec% variable. Right-click My Computer > click Properties > Advanced > Environment Variables and check that the ComSpec variable points to cmd.exe.
%SystemRoot%\system32\cmd.exe

.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 Lorix10

Lorix10
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:30 PM

Posted 02 February 2008 - 12:00 AM

Hello,
thank you, I hope I did that right, this is the report


SDFix: Version 1.135

Run by lori pinizzotto on Fri 02/01/2008 at 11:45 PM

Microsoft Windows XP [Version 5.1.2600]

Running From: C:\SDFix

Safe Mode:
Checking Services:


Restoring Windows Registry Values
Restoring Windows Default Hosts File

Rebooting...


Normal Mode:
Checking Files:

No Trojan Files Found






Removing Temp Files...

ADS Check:



Final Check:

catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-01 23:50:24
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


Remaining Services:
------------------



Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL"
"C:\\Program Files\\America Online 9.0\\waol.exe"="C:\\Program Files\\America Online 9.0\\waol.exe:*:Enabled:AOL"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Application Loader"
"C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltsmon.exe"="C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltsmon.exe:*:Enabled:AOLTsMon"
"C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltpspd.exe"="C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltpspd.exe:*:Enabled:AOLTopSpeed"
"C:\\Program Files\\Common Files\\AOL\\1159744808\\EE\\AOLServiceHost.exe"="C:\\Program Files\\Common Files\\AOL\\1159744808\\EE\\AOLServiceHost.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"="C:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\AOLSP Scheduler.exe"="C:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\AOLSP Scheduler.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\asp.exe"="C:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\asp.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AolCoach\\en_en\\player\\AOLNySEV.exe"="C:\\Program Files\\Common Files\\AolCoach\\en_en\\player\\AOLNySEV.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\1159910851\\ee\\aolsoftware.exe"="C:\\Program Files\\Common Files\\AOL\\1159910851\\ee\\aolsoftware.exe:*:Enabled:AOL Services"
"C:\\Program Files\\Common Files\\AOL\\1159910851\\ee\\aim6.exe"="C:\\Program Files\\Common Files\\AOL\\1159910851\\ee\\aim6.exe:*:Enabled:AIM"
"C:\\WINDOWS\\ehome\\ehshell.exe"="C:\\WINDOWS\\ehome\\ehshell.exe:LocalSubNet:Enabled:Media Center"
"C:\\Program Files\\AIM\\aim.exe"="C:\\Program Files\\AIM\\aim.exe:*:Enabled:AOL Instant Messenger"
"C:\\StubInstaller.exe"="C:\\StubInstaller.exe:*:Enabled:LimeWire swarmed installer"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\Last.fm\\LastFM.exe"="C:\\Program Files\\Last.fm\\LastFM.exe:*:Enabled:LastFM"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\WINDOWS\\system32\\lxddcoms.exe"="C:\\WINDOWS\\system32\\lxddcoms.exe:*:Enabled:Lexmark Communications System"
"C:\\Program Files\\Lexmark 2500 Series\\lxddamon.exe"="C:\\Program Files\\Lexmark 2500 Series\\lxddamon.exe:*:Enabled:Lexmark Device Monitor"
"C:\\Program Files\\Lexmark 2500 Series\\App4R.exe"="C:\\Program Files\\Lexmark 2500 Series\\App4R.exe:*:Enabled:Lexmark Imaging Studio"
"C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"="C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe:*:Enabled:Veoh Client"
"C:\\Program Files\\AIM6\\aim6.exe"="C:\\Program Files\\AIM6\\aim6.exe:*:Disabled:AIM"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\Lexmark 2500 Series\\lxddmon.exe"="C:\\Program Files\\Lexmark 2500 Series\\lxddmon.exe:*:Enabled: "
"C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxddwbgw.exe"="C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxddwbgw.exe:*:Enabled: "
"C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxddpswx.exe"="C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxddpswx.exe:*:Enabled: "
"C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxddjswx.exe"="C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxddjswx.exe:*:Enabled: "
"C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxddtime.exe"="C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxddtime.exe:*:Enabled: "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL"
"C:\\Program Files\\America Online 9.0\\waol.exe"="C:\\Program Files\\America Online 9.0\\waol.exe:*:Enabled:AOL"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Lexmark 2500 Series\\app4r.exe"="C:\\Program Files\\Lexmark 2500 Series\\App4R.exe:*:Enabled:Lexmark Imaging Studio"

Remaining Files:
---------------


Files with Hidden Attributes:

Fri 29 Sep 2006 88 A.SHR --- "C:\i386\5171D0EAC9.sys"
Fri 29 Sep 2006 2,828 A.SH. --- "C:\i386\KGyGaAvL.sys"
Sat 30 Sep 2006 88 ..SHR --- "C:\WINDOWS\system32\5171D0EAC9.sys"
Sat 30 Sep 2006 2,828 A.SH. --- "C:\WINDOWS\system32\KGyGaAvL.sys"
Tue 30 Oct 2007 24,576 ...H. --- "C:\Documents and Settings\lori pinizzotto\My Documents\~WRL0001.tmp"
Wed 31 Oct 2007 24,576 ...H. --- "C:\Documents and Settings\lori pinizzotto\My Documents\~WRL0003.tmp"
Thu 6 Dec 2007 20,992 ...H. --- "C:\Documents and Settings\lori pinizzotto\My Documents\~WRL0004.tmp"
Thu 7 Dec 2006 3,096,576 A..H. --- "C:\Documents and Settings\lori pinizzotto\Application Data\U3\temp\Launchpad Removal.exe"
Tue 14 Nov 2006 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\5a0d771158cfd69be5ddd26d8f58c73b\BIT707.tmp"
Sat 23 Sep 2006 8 A..H. --- "C:\Documents and Settings\All Users\Application Data\GTek\GTUpdate\AUpdate\Channels\ch1\lock.tmp"
Sat 23 Sep 2006 8 A..H. --- "C:\Documents and Settings\All Users\Application Data\GTek\GTUpdate\AUpdate\Channels\ch2\lock.tmp"
Sat 23 Sep 2006 8 A..H. --- "C:\Documents and Settings\All Users\Application Data\GTek\GTUpdate\AUpdate\Channels\ch3\lock.tmp"
Sat 23 Sep 2006 8 A..H. --- "C:\Documents and Settings\All Users\Application Data\GTek\GTUpdate\AUpdate\Channels\ch4\lock.tmp"
Sat 23 Sep 2006 8 A..H. --- "C:\Documents and Settings\All Users\Application Data\GTek\GTUpdate\AUpdate\Channels\ch5\lock.tmp"

Finished!

#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 52,068 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:30 PM

Posted 02 February 2008 - 09:30 AM

This issue will require further investigation and probably the use of more powerful tools than we recommend in this forum. Before that can be done you will need you to create and post a hijackthis log.

Please read the pinned topic titled "Preparation Guide For Use Before Posting A Hijackthis Log". You may have performed some of these steps already. If you can't perform a step, then skip and continue with the next. In step #9 there are instructions for downloading HijackThis and creating a log. (This is a self-extracting version which will automatically install the current version of HJT in the proper location.) If using Windows Vista, be sure to Run As Administrator.

When you have done that, post your log in the HijackThis Logs and Malware Removal forum, NOT here, for assistance by the HJT Team Experts. A member of the Team will walk you through, step by step, on how to clean your computer. If you post your log back in this thread, the response from the HJT Team will be delayed because your post will have to be moved. This means it will fall in line behind any others posted that same day.

Start a new topic, give it a relevant title and post your log along with a brief description of your problem, a summary of any anti-malware tools you have used and a summary of any steps that you have performed on your own. Please include the top portion of the HijackThis log that lists version information. An expert will analyze your log and reply with instructions advising you what to fix. After doing this, we would appreciate if you post a link to your log back here so we know that your getting help from the HJT Team.

Please be patient. It may take a while to get a response because the HJT Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT "bump" your post or make another reply until it has been responded to by a member of the HJT Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another HJT Team member is already assisting you and not open the thread to respond.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#7 Lorix10

Lorix10
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:30 PM

Posted 02 February 2008 - 11:22 AM

Thank you for all the help. Unfortunately whatever I have wont let me on that page. I cant click it or type in the url.

#8 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 52,068 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:30 PM

Posted 02 February 2008 - 01:58 PM

Can you access How To Install HijackThis and Post a Log?
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#9 Lorix10

Lorix10
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:30 PM

Posted 02 February 2008 - 04:03 PM

No, when I click the link any browser I have open disappears.

#10 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 52,068 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:30 PM

Posted 02 February 2008 - 04:16 PM

Please download HijackThis Installer. This is HijackThis 2.0.2 but it is an automatic setup version which will install HJT in the proper location.
  • Save HJTInstall.exe to your desktop and double-click on it to start the installation.
  • Click "Install" and HijackThis will be installed in the C:\Program Files\Trend Micro\HijackThis folder by default and create a desktop shortcut.
  • HJT will automatically open after installation. If it does not, then double-click on the HiJackThis.exe shortcut on your desktop or in the program's folder.
  • Important! If using Windows Vista, be sure to Run As Administrator.
  • Choose "Scan" and HijackThis will analyze your system.
  • When the scan is finished, the "Scan" button will change into a "Save Log" button. Press that and when the Save logfile window opens, use the drop down box to save the log in the same folder as Hijackthis. At the bottom make sure the File name is hijackthis.log and Save as type: Log files (*.log).
  • In the Hijackthis log, go to the top menu, click on "Format" and UNcheck "Word Wrap" if checked.
  • Then click "Edit" > Select All > "Edit" again and "Copy" to copy the entire contents of the log and paste it into a new topic in the HijackThis Logs and Malware Removal forum, NOT here.
  • Post the log along with a brief description of your problem, a summary of any anti-malware tools you have used and a summary of any steps that you have performed on your own. Please include the top portion of the HijackThis log that lists version information.
Note: The "Analyze This" (Upload to TrendSecure) button is for use by TrendMicro to collect data and does NOT mean "Analyze My Log". You will need to post your log in the HijackThis forum.

If HijackThis will not run, try renaming it. Open the HijackThis Folder, right-click on the HijackThis.exe file and rename it Scanner.exe. Double-click on Scanner.exe (which is still HijackThis) and then run your scan. If needed, change the .exe to something else such as .bat, .com, .pif, or .scr. Example: Scanner.bat or Scanner.com
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#11 Lorix10

Lorix10
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:30 PM

Posted 02 February 2008 - 07:24 PM

Hello,
I am really sorry. I wish I was better at this but all i got was a .php file that I had to rename in order to open and I can't get to HijackThis Logs and Malware Removal forum either in the directions.
I have a feeling I can add the words Hijack this to the other list of words I can't use.


I completely understand if getting this removed take a while but If i can't do this Hijack This, would i even be able to hire someone?


thank you for the continuous help.

#12 TMacK

TMacK

  • Members
  • 4,672 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:B.C. Canada
  • Local time:03:30 PM

Posted 02 February 2008 - 08:59 PM

Hi Lorix10,

You don't have to apologize, we've all been there and can understand your frustration.

Carefully follow quietman7's instructions to rename HijackThis.

If HijackThis will not run, try renaming it. Open the HijackThis Folder, right-click on the HijackThis.exe file and rename it Scanner.exe. Double-click on Scanner.exe (which is still HijackThis) and then run your scan. If needed, change the .exe to something else such as .bat, .com, .pif, or .scr. Example: Scanner.bat or Scanner.com

Then click "Edit" > Select All > "Edit" again and "Copy" to copy the entire contents of the log and paste it into a new topic in the HijackThis Logs and Malware Removal forum.

Hope this helps.
Chaos reigns within.
Reflect, repent, and reboot.
Order shall return.

aaaaaaaa a~Suzie Wagner

#13 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 52,068 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:30 PM

Posted 02 February 2008 - 10:07 PM

If you are successful at creating a log you may have to rename the log itself as something other than hijackthis.log. If you can't get to the HJT forum you can post it here and we will move it for you. However, if you can't access that forum, then that may not be an option. As an alternative you could save the log to a usb stick and post it while using another computer.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#14 Lorix10

Lorix10
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:30 PM

Posted 02 February 2008 - 10:10 PM

Hello,
Thank you TMack but I cant find the folder? On the first line is says to download HijackThis Installer, I cant click it. All i can do it left click save link which gives me a hijackthis-installer.php file. And then in order for me to open that I had to rename it. So i dont know of a folder nor the HjTInstall.exe


I forgot I could use a USB drive to get to the forum. Thank you. But as far as this downloading goes do I have to do that on this computer? No transferring?

Edited by Lorix10, 02 February 2008 - 10:14 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users