I’ve been having problems with my computer and I ran hijackthis but obviously I don’t understand anything and I don’t know which are the malware, trojan or virus to delete or how to procede to remove them. Thank you!!!
Hello Scarletred,
while go through your HJT log. you can do a scan using malwarebytes antimalware. get it here : http://malwarebytes.org/mbam-download.php
download, install, udpate and run a quick scan. remove found items, reboot if required. post back the log.
nmb
The log is huge. I did search a few processes on net.
you have (remove these if you dont use)
Toolbars:google tool bar, ask bar, msn toolbar
outdated adobe reader, burn4free toolbar is bad. remove it. imgag.com activex is bad too.
There are some entries which might need to be fixed.
btw did you scan using mbam?
nmb
I’m in the process of scanning and I’ll post it when done… Thank you for your help on this; I will be starting school online and I don’t want any type of problems which I already do have… Thanks again!
hello nmb,
Thanks for your help… This is the log from mbam…
Malwarebytes’ Anti-Malware 1.41
Database version: 3140
Windows 5.1.2600 Service Pack 3
11/10/2009 6:55:37 PM
mbam-log-2009-11-10 (18-55-37).txt
Scan type: Full Scan (C:|D:|)
Objects scanned: 264280
Time elapsed: 1 hour(s), 7 minute(s), 40 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 1
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) → Bad: (1) Good: (0) → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) → Bad: (1) Good: (0) → Quarantined and deleted successfully.
Folders Infected:
(No malicious items detected)
Files Infected:
C:\Program Files\MioNet\cmdow.exe (Malware.Tool) → Quarantined and deleted successfully.
ok now go to add/remove programs and remove the tool bars you dont need. please remove ask bar atleast. msn is also not required. if you really want a toolbar, keep google toolbar. post back after you do that.
edit : exit the browsers opened when you are removing them.
scan with HJT again and post back.
nmb
Hello nmb,
I’ve deleted all the toolbars except googles but I can’t find imgag.com activex, where do I find it? Thanks sory for the late reply but I was putting my baby to sleep…
Hello again,
I’ve scanned using the computer with HJT and here is the log. I haven’t been able to find imgag.com activex. Thank your
Romina
Hello nmb
I deleted imgag.com; I searched by cabBuilder and then I deleted it… This is the new log
thanks
Romina
Sorry Romina,
It was already late yesterday(1 PM), had to get some sleep.
did you remove burn4free thing? (I couldn’t find in the HJT log)
good that you have removed the tool bars and also the imag thing. next removal via hjt application is :
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://express.foto.com/ImageUploader5.cab
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
remove the above using HJT and rescan, post back log.
nmb
Good morning nmb,
That’s okay, there is a huge hour different where we live… I just did the HJT and I don’t see a remove button should I click on FIX CHECKED? thanks
Hello Scarletred,
yes select the entries I posted previously and click fix checked. and do a reboot if asked to do so.
post back.
nmb
nmb,
I deleted the items you requested and here is the new log…
Thanks
Romina
Do you really need google desktop?.. if you dont want, you can remove it via add/remove.
adobe reader is out dated. uninstall it and get fast and more efficient foxit pdf reader here : http://www.filehippo.com/download_foxit/download/8f7cd0ab73e486d8e4963af351deb6d6/
while installing foxit reader, make sure you dont install ask tool bar. and also ebay shortcut which it asks at the end. in summary… you need to read everything you are presented while installing. don’t blindly install anything.
post back.
nmb
My husband uses google tolbar bacause of the option of using the translation button so he can translate from english to franch and I use it for vice versa… But if you have a better way where I can just download a translator button or something…
Do you want me to delete all 5 adobe software I have in add/remove and tha acrobat as well??
thanks
what adobe softwares do you have in add/remove list?..
nmb
get secunia psi from here : http://secunia.com/vulnerability_scanning/personal/
download, install and scan your system for vulnerable apps and hence update the outdated applications.
that should do.
nmb
I have:
Acrobat.com
Adobe AIR
Adobe Extend Script Toolkit 2
Adobe Flash Player 10 ActiveX
Adobe Photoshop CS3
Adobe Reader 9.2
you have updated your adobe softwares I think. dont uninstall anything. final thing - just do this :
Hello nmb,
Sorry I never replied to you yesterday but I had a little emergency and I had to leave to my in-laws and won’t be back till Sunday but I did what you requested me to do with secunia but I needed to run it again. I will take care of that when I get back and I will post my results; I want to thank you for helping me resolve my little issue with my computer.
Romina