Edited by megalick, 13 February 2008 - 04:57 PM.
help identify hijacker [CLOSED]
#1
Posted 13 February 2008 - 02:07 AM
#2
Posted 13 February 2008 - 02:08 AM
Edited by megalick, 13 February 2008 - 04:58 PM.
#3
Posted 13 February 2008 - 09:57 AM
Please don't attach the reports
Hello
Please download Deckard's System Scanner (DSS) and save it to your Desktop.
- Close all other windows before proceeding.
- Double-click on dss.exe and follow the prompts.
- If your anti-virus or firewall complains, please allow this script to run as it is not malicious.
- When it has finished, dss will open two Notepads main.txt and extra.txt -- please copy (CTRL+A and then CTRL+C) and paste (CTRL+V) the contents of main.txt and extra.txt in your next reply.
#4
Posted 13 February 2008 - 05:54 PM
Run by Gene on 2008-02-13 04:10:52
Computer is in Normal Mode.
Edited by megalick, 14 February 2008 - 07:42 PM.
#5
Posted 13 February 2008 - 05:58 PM
Download ComboFix from one of the locations below, and save it to your Desktop.
Double click combofix.exe and follow the prompts.
When finished, it shall produce a log for you. Post that log and a HiJackthis log in your next reply
Note: Do not mouseclick combofix's window while its running. That may cause it to stall
#6
Posted 13 February 2008 - 07:29 PM
Edited by megalick, 14 February 2008 - 07:42 PM.
#7
Posted 13 February 2008 - 07:53 PM
1. Close any open browsers.
2. Open notepad and copy/paste the text in the quotebox below into it:
File::
C:\WINDOWS\pbar.dll
C:\WINDOWS\flt.dll
C:\WINDOWS\764.exe
C:\WINDOWS\system32\rxjddnvj.exe
C:\WINDOWS\7search.dll
C:\WINDOWS\absolute key logger.lnk
C:\WINDOWS\vxddsk.exe
C:\WINDOWS\default.htm
C:\WINDOWS\system32\ESHOPEE.exe
C:\WINDOWS\system32\msole32.exe
C:\WINDOWS\system32\rxjddnvj.exe
Folder::
C:\Program Files\e-zshopper
C:\Program Files\amsys
C:\Program Files\p2pnetworks
C:\Program Files\Accoona
C:\Program Files\akl
C:\Program Files\3721
Registry::
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"=-
Save this as CFScript.txt, in the same location as ComboFix.exe
Refering to the picture above, drag CFScript into ComboFix.exe
When finished, it shall produce a log for you at "C:\ComboFix.txt"
Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall
#8
Posted 13 February 2008 - 08:16 PM
Edited by megalick, 14 February 2008 - 07:43 PM.
#9
Posted 14 February 2008 - 01:20 AM
#10
Posted 14 February 2008 - 07:15 AM
If you can't find it then do this
Please download Deckard's System Scanner (DSS) and save it to your Desktop.
- Close all other windows before proceeding.
- Double-click on dss.exe and follow the prompts.
- If your anti-virus or firewall complains, please allow this script to run as it is not malicious.
- When it has finished, dss will open two Notepads main.txt and extra.txt -- please copy (CTRL+A and then CTRL+C) and paste (CTRL+V) the contents of main.txt and extra.txt in your next reply.
#11
Posted 19 February 2008 - 05:43 AM
If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users