Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Hello


  • Please log in to reply
1 reply to this topic

#1 quKK

quKK

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:07:23 PM

Posted 12 July 2006 - 12:14 PM

Hello im new to this forum as a member, but i have gone on the site before to get good anti virus stuff.

Now i have a slight problem, Anti Vir PE Gaurd detects a hijacker: 32exssd32c.exe, TR/Dldr.medbot.b.2.

But when i run Hijack This nothing shows up that is unusual, also when i search google for it NOTHING and i mean NOTHING comes up. Its just mind boggling how it seems as if i was the first person to ever get this hijacker. Also i have tried deleting this with Anti Vir and it just comes back, so im going to go use Smit Fraud Fix and see if that works.

So basically i was wondering if anybody as any idea of what this is, how it is affecting my pc, and if it is seriously dangerous.

BC AdBot (Login to Remove)

 


#2 tg1911

tg1911

    Lord Spam Magnet


  • Members
  • 19,274 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SW Louisiana
  • Local time:05:23 PM

Posted 12 July 2006 - 01:18 PM

Have you been trained in the use of HijackThis?
You should never attempt to fix anything using HijackThis, until someone who is experienced at reading the log outputs, has a chance to review it.
Fixing the wrong items can make a computer unbootable.

Spaces, extra characters, spelling, file location, plus numerous other subtle changes, all make the difference between a good, or bad, file entry.

HijackThis is an ennumerator.
It lists what is found in certain areas of the registry, or system files, in an easily accessible manner, so that those familiar with the use and reading of HijackThis logs, and windows programs, can determine what is infecting the machine, and how to remove it.

It is not a removal tool.
It will indeed remove the entries listed, but that does not cure the underlying problem.
The problem must be properly identified first, and cured, prior to removing the entries with HJT.
Otherwise you leave the infection, and remove the keys which are needed to identify and remove it.

Removing entries in HJT before the problem is properly identified, and correct removal instructions posted, can make the problem undetectable to other detection and removal tools.
Hijack this should only be used to clean up the entries left behind, after you have properly removed the offending program, file, trojan, worm, hijacker etc.
And this usually requires help.

I suggest you post a HJT log for our Team to examine.
They'll take you through the fix, step by step.
You shouldn't make any changes to your system, until your log has been verified as clean.
Any changes you make, could skew the results of the HJT log.

Read Preparation Guide for use before posting a HijackThis Log.
Please read, and follow, all directions carefully!!!]

Then, run a log, and post it in the HJT forum, at this link. Do not, fix anything, yet.
A member, of the HJT Team, will help you out.
It may take a while to get a response, because the HJT Team are very busy. Please, be patient, these people are volunteers. They will help you out, as soon as possible.

NOTE:
Once you have made the post, please, DO NOT make another post in the HJT forum, until it has been responded to by a member of the HJT Team. The first thing they look for, when looking for logs to reply to, is 0 replies. If you make another post, there will be 1 reply. The team member, glancing over the replies, might assume someone is already helping you out, and will not respond. So, just make your post, and let it sit there, until a team member responds. This way you will be taken care of, in the most timely manner.
MOBO: GIGABYTE GA-MA790X-UD4P, CPU: Phenom II X4 955 Deneb BE, HS/F: CoolerMaster V8, RAM: 2 x 1G Kingston HyperX DDR2 800, VGA: ECS GeForce Black GTX 560, PSU: Antec TruePower Modular 750W, Soundcard: Asus Xonar D1, Case: CoolerMaster COSMOS 1000, Storage: Internal - 2 x Seagate 250GB SATA, 2 x WD 1TB SATA; External - Seagate 500GB USB, WD 640GB eSATA, 3 x WD 1TB eSATA

Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users