Can someone look at my HiJackThis report and tell me what to do to fix it?
HijackThis logs are not permitted
in this forum. Further, HijackThis only scans certain areas of a computer's system/registry
to help diagnose the presence of undetected malware in known hiding places. Therefore, it is limited in its ability to detect infection and generate a report outside these known hiding places and its log may not always reveal all the malware on a computer. As such, HijackThis has been replaced by other preferred tools
that provide comprehensive logs with specific details about more areas of a computer's system, files, folders and registry keys which may have been modified by malware infection.
The Malware Response Team members are all volunteers who contribute to helping members as time permits but currently there is a backup and you may have to wait for assistance. Referrals are made to the Virus, Trojan, Spyware, and Malware Removal Logs forum
if we cannot assist you here and we need to use more powerful tools or you don't mind waiting.
If you do not mind waiting and want someone to check your system thoroughly, then please follow the directions in the the "Preparation Guide
". If you cannot complete a step, then skip it and continue with the next. In Step 7
there are instructions for downloading and running DDS
which will create a Pseudo HJT Report
as part of its log. Start a new topic, give it a relevant title and post your log in the Virus, Trojan, Spyware, and Malware Removal Logs forum
, NOT here
, for assistance by the Malware Response Team Experts.
If you want to try disinfection in this forum first, continue as follows:
Please post the results of your last MBAM scan for review (even if nothing was found).
To retrieve the Malwarebytes Anti-Malware scan log information, launch MBAM.
Logs are saved to the following locations:
- Click the Logs Tab at the top.
- The log will be named by the date of scan in the following format: mbam-log-date(time).txt
-- If you have previously used MBAM, there may be several logs showing in the list.
- Click on the log name to highlight it.
- Go to the bottom and click on Open.
- The log should automatically open in notepad as a text file.
- Go to Edit and choose Select all.
- Go back to Edit and choose Copy or right-click on the highlighted text and choose Copy from there.
- Come back to this thread, click Add Reply, then right-click and choose Paste.
- Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
-- XP: C:\Documents and Settings\<Username>\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-yyyy-mm-dd
-- Vista, Windows 7, 2008: C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-yyyy-mm-dd
Please download the TDSS Rootkit Removing Tool
) and save it to your Desktop. <-Important!!!Be sure to print out and follow all instructions for performing a scan or refer to these instructions with screenshots.
- Extract (unzip) the file to your desktop and make sure TDSSKiller.exe (the contents of the zipped file) is on the Desktop itself, not within a folder on the Desktop. Vista/Windows 7 users refer to these instructions if you're unsure how to unzip a file.
- If you don't have an extracting program, you can download TDSSKiller.exe and use that instead.
- Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
Vista/Windows 7 users right-click and select Run As Administrator.
-- If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to these instructions. In some cases it may be necessary to redownload TDSSKiller and randomly rename it before downloading and saving to the computer.-- For any files detected as 'Suspicious' (except those identified as Forged to be cured after reboot) get a second opinion by submitting to Jotti's virusscan or VirusTotal. In the "File to upload & scan" box, browse to the location of the suspicious file and submit (upload) it for scanning/analysis.
- When the program opens, click the Start Scan button.
- Do not use the computer during the scan
- If the scan completes with nothing found, click Close to exit.
- Any objects found, will show in the Scan results - Select action for found objects and offer three options.
- If an infected file is detected, the default action will be Cure...do not change it.
- Click Continue > Reboot now to finish the cleaning process.<- Important!!
- If 'Suspicious' objects are detected, you will be given the option to Skip or Quarantine. Skip will be the default selection. Leave it as such for now.
- A log file named TDSSKiller_version_date_time_log.txt will be created and saved to the root directory (usually Local Disk C:).
- Copy and paste the contents of that file in your next reply.