Jump to content

Please help with HijackThis.log


Recommended Posts

Download Farbar Recovery Scan Tool and save it to your desktop.

 

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

Kevin...

Link to post
Share on other sites

Download attached fixlist.txt file and save it to the Desktop, or the folder you saved FRST into.

NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

 

Run FRST and press the Fix button just once and wait.

The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

Next,

 

Download AdwCleaner by Xplode from here: http://www.bleepingcomputer.com/download/adwcleaner/ and save to your Desktop.

 

 


  •  

     


  • Double click on AdwCleaner.exe to run the tool.

     

     


  • Vista/Windows 7/8 users right-click and select Run As Administrator

     

     


  • Click on the Scan button.

     

     


  • AdwCleaner will begin...be patient as the scan may take some time to complete.

     

     


  • When it's done you'll see: Pending: Uncheck any elements you don't want removed.

     

     


  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.

     

     


  • Look over the log especially under Files/Folders for any program you want to save.

     

     


  • If there's a program you want to save, just uncheck it from AdwCleaner.

     

     


  • If you're not sure, post the log for review.

     

     


  • If you're ready to clean it all up.....click the Clean button.

     

     


  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.

     

     


  • Copy and paste the contents of that logfile in your next reply.

     

     


  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

     

     


  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine

     

     


  • To restore an item that has been deleted (if necessary):

     

     


  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.

     

     



 

 

Next,

 

Please download RogueKiller from here:

 

http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe  <- 32 bit version

 

http://www.sur-la-toile.com/RogueKiller/RogueKillerX64.exe  <- 64 bit version

                                     

 


  •  

     


  • Make sure to get the correct version for your system.

     

     


  • Quit all running programs

     

     


  • Please disconnect any USB or external drives from the computer before you run this scan!

     

     


  • For Vista/Seven, right click -> run as administrator, for XP simply run RogueKiller.exe

     

     


  • Wait until Prescan has finished...

     

     


  • The following EULA will appear, please select accept

     

     

    RKLicence.png

     

     


  • Ensure MBR scan, Check faked and AntiRootkit are checked

     

     


  • Select Scan

     

     

    RK1A.png

     

     


  • When the scan completes select Report, copy and paste that to your reply.

     

     

    RK2A.png

     

     


  • The log should be found in RKreport[?].txt on your Desktop

     

     


  • Exit/Close RogueKiller

     

     



 

 

Post those logs...

fixlist.txt

Link to post
Share on other sites

RogueKiller logs are clean, close out program and delete it, also its folder RK_Quarantine and any logs....

 

We need to run an online AV scan to ensure there are no remnants of any infection left on your system, this scan can take several hours to complete, it is very thorough and well worth running, please be patient and let it complete:

 

Run Eset Online Scanner

 

**Note** You will need to use Internet explorer for this scan - Vista and win 7 right click on IE shortcut and run as admin

 

Go to Eset web page http://www.eset.com/home/products/online-scanner/ to run an online scan from ESET.

 

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • click on the Run ESET Online Scanner button
  • Tick the box next to YES, I accept the Terms of Use.
    Click Start
  • When asked, allow the add/on to be installed
    Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings, ensure the options
  • Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
    Click Scan
  • wait for the virus definitions to be downloaded
  • Wait for the scan to finish

 

When the scan is complete

 

  • If no threats were found
  • put a checkmark in "Uninstall application on close"
  • close program
  • report to me that nothing was found

 

If threats were found

 

  • click on "list of threats found"
  • click on "export to text file" and save it as ESET SCAN and save to the desktop
  • Click on back
  • put a checkmark in "Uninstall application on close"
  • click on finish

 

close program

 

copy and paste the report here

 

Next,

 

Finally to check Security, adobe, java etc run this...

 

Download Security Check by screen317 from either of the following:

http://screen317.spywareinfoforum.org/SecurityCheck.exe or http://screen317.changelog.fr/SecurityCheck.exe

Save it to your Desktop.

Double click SecurityCheck.exe (Vista or Windows 7 users right click and select "Run as Administrator") and follow the onscreen instructions inside of the black box. Press any key when asked.

A Notepad document should open automatically called checkup.txt; please post the contents of that document.

 

Kevin..

Link to post
Share on other sites

I cannot see the full navigational address of the entries, did you follow these instructions ;

 

If threats were found

 

  • click on "list of threats found"
  • click on "export to text file" and save it as ESET SCAN and save to the desktop
  • Click on back
  • put a checkmark in "Uninstall application on close"
  • click on finish

 

close program

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.