Help..cannot install HJT!

Discussion in 'Malware Help (A Specialist Will Reply)' started by Chappydean, Feb 13, 2007.

  1. Chappydean

    Chappydean Private E-2

    Obviously I have malware on my corporate computer. I have Symantec anti0-virus and recently purchased Spy Doctor. No detection of infections. Ran several online scanners to know avail. Read most forums and have tried several times to install HijackThis but it will not. Zip file just shows files in extraxt window briefly, then goes away. Running .exe it starts then goes away.....

    I have tried all the forum recommendations and can not get there from here.

    Any suggestions? Please. Browser is virtually unusable and I cannot get any HJT logs to begin.

    Is this a new malware that is undetectable?

    Thanks, this is the best forum that I have found.
     
    Chappydean, Feb 13, 2007
    #1
  2. DavidGP

    DavidGP MajorGeeks Forum Administrator - Grand Pooh-Bah Staff Member

    HI


    Well its not obvious that you may have or may not have malware as you describe no symptoms that you are seeing, scans seem to be negative ( browser hijacks, popups, real slowness etc ), apart from none opening zip files, which could be an OS or permissions issue. It could also as you mention a corporate PC, that you do not have sufficent permissions to use zip, do you have admin priviledges, which would allow you to install applications?

    What happens if you try Safe Mode and then try to unzip the compressed downloads of Hijackthis?


    If you can do the majority of this guide below and especially the first few sections then these may clean your PC up enought to be able to unzip and continue with malware removal, if you cannot do them in normal mode then try safe mode as getting the log files to attach is the only way our malware experts can assist you if indeed you have malware.



    Please follow our standard cleaning procedures which are necessary for us to provide you support. Also there are steps included for installing, running, and posting HijackThis logs as attachments.
    • Run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support
    • Make sure you check version numbers and get all updates.
    • Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.
    • After doing ALL of the above you still have a problem make sure you have booted to normal mode and run the steps in the below link to properly use HijackThis and attach a log:
    Downloading, Installing, and Running HijackThis

    Make sure you also rename HijackThis.exe as suggested in the procedures. Use analyse.exe for the new name. This is very important due to some new infections going around.




    • When you return to make your next post, make sure you attach the following logs and that you have run these scans in the following order too:
      • CounterSpy
      • AVG Antispyware log - ONLY IF NEEDED you were not able to run CounterSpy
      • Bitdefender - from step 6
      • Panda Scan - from step 6
      • runkeys.txt - the log from GetRunKey.bat
      • newfiles.txt - the log from ShowNew.bat
      • HijackThis
    NOTE: You can only attach 3 files in a single message so it will require that you use two messages to attach all of these logs!
     
    DavidGP, Feb 14, 2007
    #2
  3. Chappydean

    Chappydean Private E-2

    Thanks for the reply Halo.

    Sorry, the symptoms are browser redirection. Specifically, itt takes me to 'Credit Land', Monster Market, and ebay mostly. Common symptoms listed in most forums. It is very annoying.

    I had run across your guide. Tried most of it, but will repeat it again when time allows. I am in the field working 7-10s.

    I am a control systems engineer. I have local admin privilages. As I stated, the zip file is opening briefly, I can see the exe file in the extract window and then it goes away to bit land. The exe tries to start, then disappears.

    I am close to re-imaging drive but I have a lot of oem software for several systems and databases installed. No they are not the malware or virus. They have been installed for some time.

    Thanks again, I do appreciate the helpful notes.
     
    Chappydean, Feb 15, 2007
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You must follow ALL steps from beginning to end. Do not skip anything and do the steps in the order written (this is important). When you finish, you must attach the requested logs here. Without the logs, we cannot help you. They are our only visibilty into what is going on with your PC. Since we do not have physical access, they are the next best thing.

    If you have problems completing any steps, note them and continue. Explain what you could and could not do when you come back. If you get error messages for anything, give us the exact word for word error message.
     
    chaslang, Feb 15, 2007
    #4
  5. Chappydean

    Chappydean Private E-2

    Thanks, guys. Once you convinced me to follow the procedures, tehy solved my problems.

    CounterSpy actually found the Registry entries that was redirecting the browser.

    I am impressed.
     
    Chappydean, Feb 16, 2007
    #5
  6. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    chaslang, Feb 17, 2007
    #6

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds