HiJackThis Log file

Discussion in 'Malware Help (A Specialist Will Reply)' started by Mtnman, Jan 1, 2006.

  1. Mtnman

    Mtnman Private E-2

    I have some files that I can not seem to remove. mssearchnet.exe & Trojan.Zlob.D.
    I found your link while doing a Google Search. I follow the instruction on the thread. I'am now to a point where I need some help. Attached is a copy of the HiJackthis.log and I was hoping that you could help me out. I keep getting a info balloon from the task bar telling me that I have "Dangerous Malware infection....... I'm sure you know the rest. If you need additional information, please let me know.
    MtnMan
     

    Attached Files:

    Mtnman, Jan 1, 2006
    #1
  2. bjgarrick

    bjgarrick MajorGeeks Admin - Malware Expert

    Welcome to MajorGeeks.com!

    The first thing I notice is that your running more than one antivirus. This is not recommend as running more than one AV will cause conflicts on your computer. Please pick one and uninstall the other. Also, I need the logs from the online scans listed in the READ ME.

    Now, please see the below thread on how to install and run Ewido Security Suite.

    Running Ewido Security Suite ...
     
    bjgarrick, Jan 1, 2006
    #2
  3. Mtnman

    Mtnman Private E-2

    Thanks for the quick reply. You said that I'm running more that one antivirus. This is news to me. Please advise what antivirus I should keep. I thought that Norton was the only one present.
     
    Mtnman, Jan 1, 2006
    #3
  4. bjgarrick

    bjgarrick MajorGeeks Admin - Malware Expert

    I glanced at your log and noticed TrendMicro & Norton. If that belongs to Trend Micro AntiSpyware it will be ok to leave, but if its Trend Micro Internet Security Suite then I would stick with that and ditch Norton.
     
    bjgarrick, Jan 1, 2006
    #4
  5. Mtnman

    Mtnman Private E-2

    Thank you for your help. Because I was new to this site I was not aware that the answers were right in front of me. I can't tell you how many hours I spent on the internet looking for information to help me out, and when I found anything it was written so I didn't know what they were talking about, so I did nothing. I will use this site again (but I will look to see if the solution has already been posted, before I ask).

    Thanks again,

    MtnMan:)
     
    Mtnman, Jan 3, 2006
    #5
  6. PhilliePhan

    PhilliePhan Guest

    Hi MtnMan,

    Hope this isn't too late, but your HJT Log showed a couple real nasties (among others)!
    O4 - HKLM\..\Run: [ms ownage] winPE.exe
    O4 - HKLM\..\Run: [MSN Checker] msnchecker.exe
    O4 - HKLM\..\RunServices: [ms ownage] winPE.exe
    O4 - HKLM\..\RunServices: [MSN Checker] msnchecker.exe
    O4 - HKCU\..\Run: [MSN Checker] msnchecker.exe
    O4 - HKCU\..\RunServices: [MSN Checker] msnchecker.exe

    http://www.sophos.com/virusinfo/analyses/w32rbotajl.html

    Any sensitive data on your computer (banking, passwords, etc) may very well have been compromised. You should consider changing that sensitive info from a non-infected machine and notifying banks, etc . . . to monitor any accounts for suspicious activity.

    I don't mean to alarm you - just thought you should know what was on your compy!

    Best Luck :)
    PP
     
    PhilliePhan, Jan 3, 2006
    #6
  7. bjgarrick

    bjgarrick MajorGeeks Admin - Malware Expert

    I was actually waiting on post #2 to be completed and new logs posted before I started the fix.

    After you run Ewido, attach the log and then post a fresh HJT log.
     
    bjgarrick, Jan 3, 2006
    #7

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds