Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HiJack This Log Help


  • This topic is locked This topic is locked
21 replies to this topic

#1 brobradh77

brobradh77

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:07:12 PM

Posted 03 March 2012 - 11:32 PM

Hey....I have attached a log(attached) and have run multiple spyware removal programs(also attached)..I am a complete computer novice but know enough to realize there is something wrong....Any help or recomendations on what to fix in this log would be greatly appreciated...Thanks in advance

Attached Files


Edited by brobradh77, 03 March 2012 - 11:34 PM.


BC AdBot (Login to Remove)

 


#2 brobradh77

brobradh77
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:07:12 PM

Posted 03 March 2012 - 11:34 PM

attached is my spyware program list..I don't know if running multiple ones is a great idea or a stupid one.

Attached Files



#3 ratman

ratman

    Bleepin' gnawing at it!


  • Malware Response Team
  • 1,799 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Scotland
  • Local time:01:12 AM

Posted 08 March 2012 - 11:43 AM

Hello brobradh77,

My name is ratman and and I will be helping you with your computer problems.

Before we begin, I would like to make a few things clear so that we can fix your problem as efficiently as possible:

  • Be sure to follow all my instructions carefully! If there is anything you don't understand, don't hesitate to ask.
  • Please do not do anything or perform other steps unless I have asked you to do so.
  • Please make sure you post all logs I ask you to, and make sure that the entire log gets posted.

====================================================================================

Please take note:
  • If you have since resolved the original problem you were having, I would appreciate you letting me know.
  • If you are unable to create a log because your computer cannot start up successfully please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and I will guide you.

  • Please tell me if you have your original Windows CD/DVD available.
  • If you are unable to perform the steps I have recommended please try one more time and if unsuccessful alert us of such and I will design an alternate means of obtaining the necessary information.
  • If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • Upon completing the steps below I will review your topic an do my best to resolve your issues.
  • If you have already posted a DDS log, please do so again, as your situation may have changed.
  • Use the 'Add Reply' and add the new log to this thread.


I need to see some up to date information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.

Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE


I also need a new log from the GMER anti-rootkit Scanner.

Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice


Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log




In your next reply, please copy/paste the contents of the following:
  • DDS.txt
  • Attach.txt
  • GMER.Log

regards, ratman

a proud member of:
Posted Image

If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM

If I have helped and you would like to show your appreciation you may Posted Image to the cause.



#4 brobradh77

brobradh77
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:07:12 PM

Posted 08 March 2012 - 07:38 PM

First off Thank You so much for your help..It is greatly appreciated....I purchased my lap top from best buy with Windows 7 already installed so I do not have an original Windows 7 OS Disk.

Issue is my computer has gotten extremely slow and unresponsive at times...I never had this problem until recently and every scan I do turns up infections that require reboots to remove and I scan 2 to 3 times a week...It finds 100's.

I ran the los you requested but had issues with gmer log..it would only allow me to have check marks next to (Registry, Files, Services, ADS)..everything else is grayed out and un selectable.Attached File  ark.txt   1.06KB   2 downloadsAttached File  3_8_12DDS.zip   5.67KB   4 downloadsAttached File  ark.txt   1.06KB   2 downloads

Attached Files



#5 ratman

ratman

    Bleepin' gnawing at it!


  • Malware Response Team
  • 1,799 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Scotland
  • Local time:01:12 AM

Posted 09 March 2012 - 10:04 AM

Hello brobradh77,

From your logs I see you have Multiple AntiVirus Programs running:
I do not recommend that you have more than one anti virus product installed and running on your computer at a time. The reason for this is that if both products have their automatic (Real-Time) protection switched on, then those products which do not encrypt the virus strings within them can cause other anti virus products to cause "false alarms". It can also lead to a clash as both products fight for access to files which are opened again this is the resident/automatic protection. In general terms, the two programs may conflict and cause:
1) False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.
2) System Performance Problems: Your system may lock up due to both products attempting to access the same file at the same time.
Therefore please go to add/remove in the control panel and remove them, leaving either Webroot or Anvi Smart Defende or adaware

====================================================================================


I want you to run TDSSKiller:

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
Be sure to download TDSSKiller.exe (v2.5.9.0) from Kaspersky's website and not TDSSKiller.zip which appears to be an older version 2.3.2.2 of the tool.
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.

===================================================================================



Please download ComboFix from here:

Link


* IMPORTANT !!! Save ComboFix.exe to your Desktop.

  • Disable your AntiVirus and AntiSpyware applications including Firewalls, usually via a right click on the System Tray icon. They may otherwise interfere with our tools.
  • Right click on ComboFix icon Posted Image and run as admin then follow the prompts.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

====================================================================================

In your next reply, please copy/paste the contents of the following:
  • TDSSKiller Log
  • C:\Combofix.txt


How is your machine behaving now?
regards, ratman

a proud member of:
Posted Image

If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM

If I have helped and you would like to show your appreciation you may Posted Image to the cause.



#6 brobradh77

brobradh77
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:07:12 PM

Posted 09 March 2012 - 01:56 PM

I uninstalled ANvi Smart...I also uninstalled adaware last weekend but i got a "unable to uninstall completely" error message..When I got to control panel its not listed..how do I ensure it is uninstalled completely?...Thanks..I will post up results when scans are done..Thanks again

#7 brobradh77

brobradh77
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:07:12 PM

Posted 09 March 2012 - 02:47 PM

Ok The TDSSKiller did not find anything...When I was trying to run Combofix it kept telling me WEbroot Secure Anywhere was still active but I turned off every feature i could find so I don't know whats wrong...I will post Combofix log Attached File  ComboFix.txt   20.01KB   3 downloads Attached File  TDSSKiller.2.7.19.0_09.03.2012_12.53.42_log.txt   78.72KB   1 downloads

#8 ratman

ratman

    Bleepin' gnawing at it!


  • Malware Response Team
  • 1,799 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Scotland
  • Local time:01:12 AM

Posted 09 March 2012 - 05:28 PM

Hi,

...i got a "unable to uninstall completely" error message..When I got to control panel its not listed..how do I ensure it is uninstalled completely?

We clean out any remnants as part of your pc cleaning process.

I'd like you to run a scan with aswMBR
Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

====================================================================================

I'd like you to run a scan with MBAM:

Please download Malwarebytes' Anti-Malware and save it to your desktop.

Download Link 1

Download Link 2Malwarebytes' may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on mbam-setup.exe to install the application.
    For instructions with screenshots, please refer to this Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes' when done.
Note: If Malwarebytes' encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes' from removing all the malware.

===================================================================================




In your next reply, please copy/paste the contents (rather than attach) of the following:
  • aswMBR Log
  • MBAM Log


How is your machine running now?
regards, ratman

a proud member of:
Posted Image

If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM

If I have helped and you would like to show your appreciation you may Posted Image to the cause.



#9 brobradh77

brobradh77
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:07:12 PM

Posted 09 March 2012 - 05:50 PM

I ran both of those scans...the aswMBR scan appears to have found something it didn't like but Malware bytes did not...I ran the version of malware bytes I have down loaded already. The computer still acts like something has to happen before I can do anything is the best way I can explain it ....Well now I have recieved the blue screen of death and the computer is acting wierd Attached File  aswMBR.txt   1.48KB   1 downloadsAttached File  mbam-log-2012-03-09 (16-43-10).txt   1.81KB   1 downloads

Edited by brobradh77, 09 March 2012 - 06:16 PM.


#10 ratman

ratman

    Bleepin' gnawing at it!


  • Malware Response Team
  • 1,799 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Scotland
  • Local time:01:12 AM

Posted 09 March 2012 - 07:12 PM

Hi,

the aswMBR scan appears to have found something it didn't like

asmMBR only found your Webroot service - nothing bad.

Can you remove all of your Anti Virus programs except for Webroot and MBAM for the moment please.

How is your machine running now?
regards, ratman

a proud member of:
Posted Image

If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM

If I have helped and you would like to show your appreciation you may Posted Image to the cause.



#11 brobradh77

brobradh77
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:07:12 PM

Posted 09 March 2012 - 07:31 PM

I have uninstalled all the spyware and adaware things minus the programs you had me install and run today

#12 ratman

ratman

    Bleepin' gnawing at it!


  • Malware Response Team
  • 1,799 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Scotland
  • Local time:01:12 AM

Posted 09 March 2012 - 07:32 PM

How is your machine running?
regards, ratman

a proud member of:
Posted Image

If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM

If I have helped and you would like to show your appreciation you may Posted Image to the cause.



#13 brobradh77

brobradh77
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:07:12 PM

Posted 09 March 2012 - 07:35 PM

I just did the uninstall...let me use it for an hour or so and I will report back

#14 ratman

ratman

    Bleepin' gnawing at it!


  • Malware Response Team
  • 1,799 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Scotland
  • Local time:01:12 AM

Posted 09 March 2012 - 07:45 PM

Ok, sorry.

Late now here. Will get your reply in morning.
regards, ratman

a proud member of:
Posted Image

If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM

If I have helped and you would like to show your appreciation you may Posted Image to the cause.



#15 brobradh77

brobradh77
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:07:12 PM

Posted 10 March 2012 - 11:39 AM

Well it seems better but still feels a little laggy but that could be a performance issue...I need to search the site to see if there are any tweaks I can do...I appreciate all the help and I'll give this a try for a while and will only run MAlware Bytes with my A/V program and see if the problems stay away.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users