Hijacker

Discussion in 'Malware Help (A Specialist Will Reply)' started by Using48, Jan 2, 2008.

  1. Using48

    Using48 Private E-2

    I did the scans, AVG i think found a hijacker.
    here are the logs
     

    Attached Files:

    Using48, Jan 2, 2008
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!

    Please attach the requested logs from ComboFix and AVG Antispyware.
     
    chaslang, Jan 3, 2008
    #2
  3. Using48

    Using48 Private E-2

    i could not find the logs, do you know where they save?
     
    Using48, Jan 3, 2008
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    The log from ComboFix is saved exactly where the READ ME specifies. C:\ComboFix.txt and that's where yours is too. The AVG Antispyware log will be where ever you decide to save it or in the AVG Antispyware folde. Did you save one? Don't worry about the AVG AS log right now. But I do have to get the ComboFix.txt attachment.
     
    chaslang, Jan 3, 2008
    #4
  5. Using48

    Using48 Private E-2

    1234
     

    Attached Files:

    Using48, Jan 3, 2008
    #5
  6. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Other than what may have been already fixed, you do not have any malware issues. Are you actually having any?

    But I do have some important things you should do. They are updates and performance improvement related.

    Run this Disable/Remove Windows Messenger to remove Windows Messenger. Do not confuse Windows Messenger with MSN Messenger because they are not the same. Windows Messenger is a frequent cause of popups.

    Uninstall the below old versions of software:
    J2SE Runtime Environment 5.0 Update 6
    Viewpoint Media Player <-- should have been uninstalled in step 0 of the READ ME

    Make sure you reboot after uninstalling the above!

    After reboot, now install the current version of Sun Java from: Sun Java Runtime Environment


    Run C:\MGtools\analyse.exe by double clicking on it. This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto

    After clicking Fix, exit HJT.
     
    chaslang, Jan 4, 2008
    #6
  7. Using48

    Using48 Private E-2

    I cannot remove the old java update
    I keep getting an error.
     
    Using48, Jan 4, 2008
    #7
  8. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    What error? Give the exact word for word error message.
     
    chaslang, Jan 5, 2008
    #8
  9. Using48

    Using48 Private E-2

    Chaslang, the windows installer comes up for about 30 seconds saying removing files, then a box comes up. the box header says Add or Remove Progams.
    then the message reads:
    "The Windows Installer Service could not be accessed. This can occur if you are running in safe mode, or if the windows Installer is not correctly installed. Contact your support personnel for assistance."


    I am not in safe mode, I did try it in safe mode also though... Also, I just bought a new printer; when I tried to install the drivers I get the same error about windows installer can not be accessed.


    I never had a problem installing anything before..
    please help!
     
    Using48, Jan 8, 2008
    #9
  10. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    I suggest you post in the Software Forum about this as it is not a malware problem. You could also give the below a run to see if it helps:

    Windows Installer CleanUp Utility
     
    chaslang, Jan 10, 2008
    #10
  11. Using48

    Using48 Private E-2

    OK I will do that, but this was not a problem before the malware was removed.
     
    Using48, Jan 12, 2008
    #11
  12. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    I'm not sure why it occured but going back thru all of your logs and what we did in this thread, no real malware was detected or removed. This is problem that happens all the time and it has also been documented by Microsoft. See: http://support.microsoft.com/kb/315346
     
    chaslang, Jan 12, 2008
    #12

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds