MajorGeeks Support Forums

Go Back   MajorGeeks Support Forums > ----------= PC, Desktop and Laptop Support =---------- > Malware Removal
Register FAQ Members List Calendar Casino Mark Forums Read

Malware Removal Malware removal forum. Please see the READ ME FIRST thread before you post. Forum is staffed by a small number of volunteers, please be patient.


Closed Thread
 
Thread Tools Display Modes
  #1  
Old 06-07-12, 07:58
magickeye magickeye is offline
Private E-2
 
Join Date: Jun 2012
Posts: 8
Thanks: 0
Thanked 0 Times in 0 Posts
Default hijack this help :(

hey guys- can someone who does this - go thru and help me find what i need to do??

i just recently found out i was hijacked ( had stange music- keyboard typing come thru my speakers- and my connection has become sluggish) i have been a victim of it before - and had tons of virus's/worms/trojans to be installed- destroy my harddrive.

ive pissed some of these people off before - and have again and again thruout my 'online' life, so im not suprised (facebook just got hacked from china - fb security caught it since i had those settings and locked the account before any damage was done

not to mention yahoo -mail.

any help would be appreciated - just keep in mind im poor ( disabledincome- and 3 kids/wife) so all i have is SE for antivirus - ive gotten good at catching things before it happens, but it seems win7 has its new things i havent learned yet ;(
heres the hijackthis report.




Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:52:24 AM, on 6/7/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)


(removed Hijackthis log as steps in http://forums.majorgeeks.com/showthread.php?t=35407 are to be followed as hjackthis is not a prefect tool for all malware)

Last edited by DavidGP; 06-07-12 at 08:47.. Reason: snipped hijackthis log and approved thread.
Sponsored links
  #2  
Old 06-07-12, 12:44
Kestrel13!'s Avatar
Kestrel13! Kestrel13! is offline
Super Malware Fighter - Major Dilemma
 
Join Date: Apr 2007
Location: cloud cuckoo land
Posts: 29,316
Thanks: 1,044
Thanked 3,821 Times in 3,718 Posts
Default Re: hijack this help :(

I want you to run TDSSKiller so refer to the below for how to do so.

TDSSkiller - How to run


Please also download MBRCheck to your desktop
  • Double click MBRCheck.exe to run (vista and Win 7 right click and select Run as Administrator)
  • It will show a Black screen with some information that will contain either the below line if no problem is found:
    • Done! Press ENTER to exit...
  • Or you will see more information like below if a problem is found:
    • Found non-standard or infected MBR.
    • Enter 'Y' and hit ENTER for more options, or 'N' to exit:
  • Either way, just choose to exit the program at this point since we want to see only the scan results to begin with.
  • MBRCheck will create a log named similar to MBRCheck_07.16.10_00.32.33.txt which is random based on date and time.

Now do not stop!! Continue on with these below instructions please. Attach the logs once ready.

READ & RUN ME FIRST. Malware Removal Guide
__________________
Have we been helpful? Did our services here at MajorGeeks save you a whole lot of cash? If you would like to bequest a small amount as a token of your appreciation, please look out for the yellow 'Donate' button on the top right of any page. Thanks!
  #3  
Old 06-07-12, 16:44
magickeye magickeye is offline
Private E-2
 
Join Date: Jun 2012
Posts: 8
Thanks: 0
Thanked 0 Times in 0 Posts
Default Re: hijack this help :(

every other program was'clear' - that was the only thing found - so i attached it.

i CLEARLY heard the music (i dont dl music @ all - nor do i let my wife on her computer)

and once i turned the volume up to hear more - i hear the sounds of movement like @ a computer desk; along with keyboard typing - just like i used to hear when i used 'chat' programs like vent/teamspeak before i learned more about backdoors.
Attached Files
File Type: txt TDSSKiller.2.7.36.0_07.06.2012_13.35.39_log.txt (124.4 KB, 4 views)
  #4  
Old 06-07-12, 17:38
Kestrel13!'s Avatar
Kestrel13! Kestrel13! is offline
Super Malware Fighter - Major Dilemma
 
Join Date: Apr 2007
Location: cloud cuckoo land
Posts: 29,316
Thanks: 1,044
Thanked 3,821 Times in 3,718 Posts
Default Re: hijack this help :(

Attach the rest of the logs that I requested please. Without those, I can't help you.
__________________
Have we been helpful? Did our services here at MajorGeeks save you a whole lot of cash? If you would like to bequest a small amount as a token of your appreciation, please look out for the yellow 'Donate' button on the top right of any page. Thanks!
  #5  
Old 06-07-12, 21:00
magickeye magickeye is offline
Private E-2
 
Join Date: Jun 2012
Posts: 8
Thanks: 0
Thanked 0 Times in 0 Posts
Default Re: hijack this help :(

heres the mbrcheck

i cant spend another day or 2 on this. i would have just restored to factory if i knew it would take this much effort.
Attached Files
File Type: txt MBRCheck_06.07.12_13.40.09.txt (13.7 KB, 1 views)
Sponsored links
  #6  
Old 06-07-12, 22:21
magickeye magickeye is offline
Private E-2
 
Join Date: Jun 2012
Posts: 8
Thanks: 0
Thanked 0 Times in 0 Posts
Default Re: hijack this help :(

now i cannot access my music-videos-picture ( i had nothing there except a screen shot)

nor can i access documents -settings ( fully locked access denied - and i was/am the only user (havent checked it in safemode to make sure no 'hidden' user yet - but ran security essentials in safe mode this morning before the hijackthis log)
Attached Files
File Type: txt mbam-log-2012-06-07 (18-26-41).txt (1.9 KB, 2 views)
File Type: txt cfix.txt (19.7 KB, 4 views)
File Type: txt miscinfo.txt (68.4 KB, 1 views)
File Type: txt miscinfo2.txt (63.4 KB, 1 views)
  #7  
Old 06-08-12, 07:40
Kestrel13!'s Avatar
Kestrel13! Kestrel13! is offline
Super Malware Fighter - Major Dilemma
 
Join Date: Apr 2007
Location: cloud cuckoo land
Posts: 29,316
Thanks: 1,044
Thanked 3,821 Times in 3,718 Posts
Default Re: hijack this help :(

I still need to see more logs. From SUPERantispyware, root repeal (Unless on 64 bit) and the MGlogs.zip from running MGTools.exe. Thanks.
__________________
Have we been helpful? Did our services here at MajorGeeks save you a whole lot of cash? If you would like to bequest a small amount as a token of your appreciation, please look out for the yellow 'Donate' button on the top right of any page. Thanks!
  #8  
Old 06-08-12, 10:18
magickeye magickeye is offline
Private E-2
 
Join Date: Jun 2012
Posts: 8
Thanks: 0
Thanked 0 Times in 0 Posts
Default Re: hijack this help :(

heres the mgtools log again....

and theres the SA log.

and its 64bit. or i would have done the other log.
Attached Files
File Type: txt miscinfo2.txt (63.5 KB, 0 views)
  #9  
Old 06-08-12, 10:21
magickeye magickeye is offline
Private E-2
 
Join Date: Jun 2012
Posts: 8
Thanks: 0
Thanked 0 Times in 0 Posts
Default Re: hijack this help :(

sigh SA was invalid

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 06/08/2012 at 07:20 AM

Application Version : 5.0.1150

Core Rules Database Version : 8704
Trace Rules Database Version: 6516

Scan type : Quick Scan
Total Scan Time : 00:06:58

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC Off - Administrator

Memory items scanned : 169
Memory threats detected : 0
Registry items scanned : 54247
Registry threats detected : 0
File items scanned : 13110
File threats detected : 0
  #10  
Old 06-08-12, 17:14
Kestrel13!'s Avatar
Kestrel13! Kestrel13! is offline
Super Malware Fighter - Major Dilemma
 
Join Date: Apr 2007
Location: cloud cuckoo land
Posts: 29,316
Thanks: 1,044
Thanked 3,821 Times in 3,718 Posts
Default Re: hijack this help :(

Quote:
heres the mgtools log again....
Not it isn't actually. I specifically asked for:
Quote:
...the MGlogs.zip from running MGTools.exe. Thanks.
__________________
Have we been helpful? Did our services here at MajorGeeks save you a whole lot of cash? If you would like to bequest a small amount as a token of your appreciation, please look out for the yellow 'Donate' button on the top right of any page. Thanks!
Sponsored links
  #11  
Old 06-08-12, 18:05
magickeye magickeye is offline
Private E-2
 
Join Date: Jun 2012
Posts: 8
Thanks: 0
Thanked 0 Times in 0 Posts
Default Re: hijack this help :(

yay for having to fix the place where it will go
Attached Files
File Type: zip MGlogs.zip (226.1 KB, 2 views)
  #12  
Old 06-09-12, 19:02
Kestrel13!'s Avatar
Kestrel13! Kestrel13! is offline
Super Malware Fighter - Major Dilemma
 
Join Date: Apr 2007
Location: cloud cuckoo land
Posts: 29,316
Thanks: 1,044
Thanked 3,821 Times in 3,718 Posts
Default Re: hijack this help :(

Quote:
...ive pissed some of these people off before - and have again and again thruout my 'online' life
Not too sure what you mean.

Quote:
...i cant spend another day or 2 on this. i would have just restored to factory if i knew it would take this much effort...
I'm sorry, I missed this comment previously. If you had followed the instructions properly in the first place and attached everything in one dump, we could have gotten to work more quickly. It's always an easier option to just "nuke and pave", but let's try and persevere if you still desire to?
Quote:
...had stange music- keyboard typing come thru my speakers- and my connection has become sluggish...
Are you still experiencing this at the moment or not?
__________________
Have we been helpful? Did our services here at MajorGeeks save you a whole lot of cash? If you would like to bequest a small amount as a token of your appreciation, please look out for the yellow 'Donate' button on the top right of any page. Thanks!
  #13  
Old 06-09-12, 23:18
magickeye magickeye is offline
Private E-2
 
Join Date: Jun 2012
Posts: 8
Thanks: 0
Thanked 0 Times in 0 Posts
Default Re: hijack this help :(

i posted what the program itself said was the 'log'

this morning i just did the factory restore - i dont know yet if its gone or if it will be a sleeper 1, but none of the prgrams found anything

neither did malwarebytes tech last night/early this morning when he went thru the programs to try to find anything.

thank you for your time.
  #14  
Old 06-10-12, 17:48
Kestrel13!'s Avatar
Kestrel13! Kestrel13! is offline
Super Malware Fighter - Major Dilemma
 
Join Date: Apr 2007
Location: cloud cuckoo land
Posts: 29,316
Thanks: 1,044
Thanked 3,821 Times in 3,718 Posts
Default Re: hijack this help :(

You're welcome. Safe surfing.
__________________
Have we been helpful? Did our services here at MajorGeeks save you a whole lot of cash? If you would like to bequest a small amount as a token of your appreciation, please look out for the yellow 'Donate' button on the top right of any page. Thanks!
Closed Thread

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
IE Hijack, F Drive Hijack, No Firefox SEGA Malware Removal 24 04-17-11 22:50
Hijack regedit, Hijack system hidden, Hijack task mang, Caskie25 Malware Removal 21 03-24-10 18:53
Hijack.regedit Hijack.Taskmanager pls help dmsp Malware Removal 2 02-18-10 15:08
Hijack.RegEdit Hijack.TaskManager and more? Xplayer Malware Removal 1 09-05-09 17:35
Please Help Remove Hijack.Regedit Hijack.Taskmanager and Hijack.Desktop sullyyy Malware Removal 1 04-02-09 13:02


All times are GMT -5. The time now is 09:22.

MajorGeeks.Com Menu

MajorGeeks.Com \ All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ NEW! PC Games \ System Tools \ Macintosh \ Demonews.Com \ Top Downloads

MajorGeeks.Com \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds


All content Copyright MajorGeeks.com source code Powered by vBulletin® Version 3.8.4
Copyright © 2009 vBulletin Solutions, Inc. All rights reserved.
Ad Management by RedTyger