hijack this help :(

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by magickeye, Jun 7, 2012.

  1. magickeye

    magickeye Private E-2

    hey guys- can someone who does this - go thru and help me find what i need to do??

    i just recently found out i was hijacked ( had stange music- keyboard typing come thru my speakers- and my connection has become sluggish) i have been a victim of it before - and had tons of virus's/worms/trojans to be installed- destroy my harddrive.

    ive pissed some of these people off before - and have again and again thruout my 'online' life, so im not suprised (facebook just got hacked from china - fb security caught it since i had those settings and locked the account before any damage was done ;)

    not to mention yahoo -mail.

    any help would be appreciated - just keep in mind im poor ( disabledincome- and 3 kids/wife) so all i have is SE for antivirus - ive gotten good at catching things before it happens, but it seems win7 has its new things i havent learned yet ;(
    heres the hijackthis report.




    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 4:52:24 AM, on 6/7/2012
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)


    (removed Hijackthis log as steps in http://forums.majorgeeks.com/showthread.php?t=35407 are to be followed as hjackthis is not a prefect tool for all malware)
     
    Last edited by a moderator: Jun 7, 2012
  2. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    I want you to run TDSSKiller so refer to the below for how to do so.

    TDSSkiller - How to run


    Please also download MBRCheck to your desktop
    • Double click MBRCheck.exe to run (vista and Win 7 right click and select Run as Administrator)
    • It will show a Black screen with some information that will contain either the below line if no problem is found:
      • Done! Press ENTER to exit...
    • Or you will see more information like below if a problem is found:
      • Found non-standard or infected MBR.
      • Enter 'Y' and hit ENTER for more options, or 'N' to exit:
    • Either way, just choose to exit the program at this point since we want to see only the scan results to begin with.
    • MBRCheck will create a log named similar to MBRCheck_07.16.10_00.32.33.txt which is random based on date and time.

    Now do not stop!! :) Continue on with these below instructions please. Attach the logs once ready.

    READ & RUN ME FIRST. Malware Removal Guide
     
  3. magickeye

    magickeye Private E-2

    every other program was'clear' - that was the only thing found - so i attached it.

    i CLEARLY heard the music (i dont dl music @ all - nor do i let my wife on her computer)

    and once i turned the volume up to hear more - i hear the sounds of movement like @ a computer desk; along with keyboard typing - just like i used to hear when i used 'chat' programs like vent/teamspeak before i learned more about backdoors.
     

    Attached Files:

  4. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Attach the rest of the logs that I requested please. Without those, I can't help you.
     
  5. magickeye

    magickeye Private E-2

    heres the mbrcheck

    i cant spend another day or 2 on this. i would have just restored to factory if i knew it would take this much effort.
     

    Attached Files:

  6. magickeye

    magickeye Private E-2

    now i cannot access my music-videos-picture ( i had nothing there except a screen shot)

    nor can i access documents -settings ( fully locked access denied - and i was/am the only user (havent checked it in safemode to make sure no 'hidden' user yet - but ran security essentials in safe mode this morning before the hijackthis log)
     

    Attached Files:

  7. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    I still need to see more logs. From SUPERantispyware, root repeal (Unless on 64 bit) and the MGlogs.zip from running MGTools.exe. Thanks.
     
  8. magickeye

    magickeye Private E-2

    heres the mgtools log again....

    and theres the SA log.

    and its 64bit. or i would have done the other log.
     

    Attached Files:

  9. magickeye

    magickeye Private E-2

    sigh SA was invalid

    SUPERAntiSpyware Scan Log
    http://www.superantispyware.com

    Generated 06/08/2012 at 07:20 AM

    Application Version : 5.0.1150

    Core Rules Database Version : 8704
    Trace Rules Database Version: 6516

    Scan type : Quick Scan
    Total Scan Time : 00:06:58

    Operating System Information
    Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
    UAC Off - Administrator

    Memory items scanned : 169
    Memory threats detected : 0
    Registry items scanned : 54247
    Registry threats detected : 0
    File items scanned : 13110
    File threats detected : 0
     
  10. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Not it isn't actually. I specifically asked for:
     
  11. magickeye

    magickeye Private E-2

    yay for having to fix the place where it will go
     

    Attached Files:

  12. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Not too sure what you mean.

    I'm sorry, I missed this comment previously. If you had followed the instructions properly in the first place and attached everything in one dump, we could have gotten to work more quickly. It's always an easier option to just "nuke and pave", but let's try and persevere if you still desire to?
    Are you still experiencing this at the moment or not?
     
  13. magickeye

    magickeye Private E-2

    i posted what the program itself said was the 'log'

    this morning i just did the factory restore - i dont know yet if its gone or if it will be a sleeper 1, but none of the prgrams found anything

    neither did malwarebytes tech last night/early this morning when he went thru the programs to try to find anything.

    thank you for your time.
     
  14. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    You're welcome. Safe surfing. :)
     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds