Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Hijack This won't run


  • Please log in to reply
46 replies to this topic

#1 dark messenger

dark messenger

  • Members
  • 1,741 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Auckland NZ
  • Local time:11:38 PM

Posted 20 January 2006 - 06:02 AM

I have a few nasty things on my laptop --> surfsidekick and backdoor.dsnx.

Ive tried to run hijack this but nothing happens and then if I click the icon on my desktop, it says missing shortcut..

Any ideas!?

Mod Edit - Moved to appropriate forum - Leurgy



DM Edit: thanks Leugry

Forgot to mention,
OS is XP Home, SP2..
Browser, IE 5.0 and Firefox (latest one)
Antivirus - norton/avg
spyware removers - spybot S&D, and spyware doctor (but only trial, so no fixing can occur :thumbsup: )
Think thats everything

..Oh, I attend a boarding school, and security is tighter than a prison (lol) so most downloads which are a .exe or .zip will be disallowed.

Edited by dark messenger, 20 January 2006 - 06:32 AM.


BC AdBot (Login to Remove)

 


#2 Leurgy

Leurgy

    Voted most likely


  • Members
  • 3,831 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Collingwood, Ontario, Canada
  • Local time:06:38 AM

Posted 20 January 2006 - 06:34 AM

Have you tried running Hijack This in Safe Mode?

How to start Windows in Safe Mode

When the only tool you own is a hammer, every problem begins to resemble a nail. Abraham Maslo

**** We use our powers for good, not evil ****

 Trying to remove your data from the web is like trying to remove pee from a swimming pool


#3 dark messenger

dark messenger
  • Topic Starter

  • Members
  • 1,741 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Auckland NZ
  • Local time:11:38 PM

Posted 20 January 2006 - 06:48 AM

Nope, will try that now.

Edit: Nope.. now my laptop is messed totally...

-- The brower screen is slowly bouncing
-- The sys32 folder opened at boot up
-- error about some VClient.exe and some VCmain.exe

WAAAA

Edited by dark messenger, 20 January 2006 - 07:06 AM.


#4 Leurgy

Leurgy

    Voted most likely


  • Members
  • 3,831 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Collingwood, Ontario, Canada
  • Local time:06:38 AM

Posted 20 January 2006 - 06:33 PM

Ok, it seems you have an infection called SurfSidekick, as those two files indicate that. We have a self help resource to assist in removing that. See How To Remove Surf Sidekick 2 Or 3 And Vcclient, Self-Help Guide Options.

Let us know if that works for you.

When the only tool you own is a hammer, every problem begins to resemble a nail. Abraham Maslo

**** We use our powers for good, not evil ****

 Trying to remove your data from the web is like trying to remove pee from a swimming pool


#5 dark messenger

dark messenger
  • Topic Starter

  • Members
  • 1,741 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Auckland NZ
  • Local time:11:38 PM

Posted 21 January 2006 - 02:46 AM

I cant download the Hijack This due to the schools network, it blocks .zip and .exe.... I think .rar can be downloaded, know where to get a rar version of hijack this?

#6 Leurgy

Leurgy

    Voted most likely


  • Members
  • 3,831 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Collingwood, Ontario, Canada
  • Local time:06:38 AM

Posted 21 January 2006 - 07:36 AM

Your first post indicates you tried to run HiJack This so I thought you already had it. If you can't download .exe files its going to be difficult for our HJT Team to help as most of their fixes are just that.

If you want to send me an email address in a PM, I'll send you HJT in .rar format.

Have you tried any online scans? Try the online scanner at Ewido.net. Here are some others:

Trendmicro's Housecall
Panda's ActiveScan
F-Secure Virus Scan
SyGate's Trojan scan

When the only tool you own is a hammer, every problem begins to resemble a nail. Abraham Maslo

**** We use our powers for good, not evil ****

 Trying to remove your data from the web is like trying to remove pee from a swimming pool


#7 dark messenger

dark messenger
  • Topic Starter

  • Members
  • 1,741 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Auckland NZ
  • Local time:11:38 PM

Posted 21 January 2006 - 06:23 PM

Yes, I downloaded Hijack This somehow, but it wouldnt automatically open, and then when I clicked on the icon, it did nothing.

Email - Mod Edit - email address removed to defeat spambots ~ L

THanks....

Tried the Housecall by Trend Micro a while ago, but it never fully loaded... Panda I tried, but I dont think I ever finished the scan..

DM

Edited by Leurgy, 21 January 2006 - 09:23 PM.


#8 Leurgy

Leurgy

    Voted most likely


  • Members
  • 3,831 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Collingwood, Ontario, Canada
  • Local time:06:38 AM

Posted 21 January 2006 - 09:24 PM

Do the scans. They may remove whatever is blocking HJT.

When the only tool you own is a hammer, every problem begins to resemble a nail. Abraham Maslo

**** We use our powers for good, not evil ****

 Trying to remove your data from the web is like trying to remove pee from a swimming pool


#9 dark messenger

dark messenger
  • Topic Starter

  • Members
  • 1,741 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Auckland NZ
  • Local time:11:38 PM

Posted 22 January 2006 - 10:42 AM

None of them work... Im either going to have to reformat my laptop or wait a month or so any try using my home connection instead of my schools.

#10 Leurgy

Leurgy

    Voted most likely


  • Members
  • 3,831 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Collingwood, Ontario, Canada
  • Local time:06:38 AM

Posted 22 January 2006 - 10:58 AM

Go to www.ewido.net. They have a good online scanner you can try.

If this is a wireless laptop can you not go to a place with wireless access like a library or coffee shop?

When the only tool you own is a hammer, every problem begins to resemble a nail. Abraham Maslo

**** We use our powers for good, not evil ****

 Trying to remove your data from the web is like trying to remove pee from a swimming pool


#11 dark messenger

dark messenger
  • Topic Starter

  • Members
  • 1,741 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Auckland NZ
  • Local time:11:38 PM

Posted 22 January 2006 - 01:39 PM

What a surprise, blocked by schools network also. There is no internet cafe around where I live.

#12 Leurgy

Leurgy

    Voted most likely


  • Members
  • 3,831 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Collingwood, Ontario, Canada
  • Local time:06:38 AM

Posted 22 January 2006 - 02:58 PM

I asked D-Trojanator one of our HJT Senior Classmen to have a look at this problem and he suggests the following:

Hi dark messenger and Leurgy

I was scouting around looking for an answer to this, when i uncovered a situation where an infection didn't allow HJT to be run. I found this on the HJT owners site:

Q: Why is HijackThis closing suddenly when I run it?

A - The latest variant of CoolWebSearch, CWS.Smartsearch.2, is attempting to close CWShredder, HijackThis, Spybot S&D, Ad-aware and a handful of online help forums when you try to open them. Download PepiMK's CoolWWWSearch.Smartsearch killer and run that first, then you can use Hijackthis. It is recommended you use CWShredder as well to clean up the CWS.Smartsearch trojan.

You can try the above and see if you can open HJT afterwards.


Since you can't download that I'll email that to you as miniremoval_coolwebsearch_smartkiller.txt. When you recieve the file right click and rename it to miniremoval_coolwebsearch_smartkiller.exe, so all you are changing is the file extension (last three letters). Run that and let us know what happens.

When the only tool you own is a hammer, every problem begins to resemble a nail. Abraham Maslo

**** We use our powers for good, not evil ****

 Trying to remove your data from the web is like trying to remove pee from a swimming pool


#13 dark messenger

dark messenger
  • Topic Starter

  • Members
  • 1,741 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Auckland NZ
  • Local time:11:38 PM

Posted 22 January 2006 - 06:04 PM

Ok, thanks for all the help.

Hope it works

-crosses fingers-

#14 dark messenger

dark messenger
  • Topic Starter

  • Members
  • 1,741 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Auckland NZ
  • Local time:11:38 PM

Posted 24 January 2006 - 08:28 AM

Couldnt download it properly, I think I replied to your email about it.

#15 dark messenger

dark messenger
  • Topic Starter

  • Members
  • 1,741 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Auckland NZ
  • Local time:11:38 PM

Posted 26 January 2006 - 05:39 PM

Right, the school firewall thing was down, so I managed to run CWshredder, and I downloaded HJT and when I clicked run, nothing happened. Help?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users