Ms4Hd; HJT crashes

Hey ^^ The computer I'm working on is currently doing pretty well. I've done everything that is usually prescribed here, so you don't need to tell me to do it ^^;; However, after study, it seems that it's infected with the 'Ms4Hd' rootkit parasite (...what is that?!) I put in some registry editing advice that was on some forums, but it doesn't seem to have worked, based on the fact that HJT is still crashing at O23. I ran the old version, but it doesn't go to the point where the new version crashes. It also doesn't seem to display anything unseemly. Anyway, I've even looked at the registry, and it looks all right, but HJT is still not working! It's really frustrating, and it's taken me all day to get nowhere! Anyway, I've done the best I can...I really need help with this. ~_~Remember that I can't post a new, updated HJT log file because the program crashes before I can get one...

Running; Windows XP, AntiVir XP, ZoneAlarm Free, SpywareGuard (and SpywareBlaster), BHODemon

Scanned with; AntiVir XP, Spybot (with patch and updated definitions), AdAware (updated exerything and VX2 cleaner), and the usual McAfee, etc.

 

XD I found that thread today...I've read loads of threads on this subject...but I kind of killed System Restore, so the resources to go back and look at old things are defunct. Also, the current registry looks okay, having none of those .DLL or .EXE files...and if I try to run DOS I fear that I will kill myself. o_o

I don't get hijacks or popups (probably because this is Firefox). I don't even see any outward signs, except that HJT keeps crashing obstinately, at the same place that this is reputed to crash it...I thought perhaps I killed most of it and left a little pocket which does this. Really, there's a chance that I was wrong and that this isn't even the problem. It just seemed like the only likely reason. Is there anything else which could be causing this?

1.82 is the version I ran...it didn't seem to come up with anything odd. Actually, now that you say that, I feel sort of like an idiot ~_~ Maybe this isn't at all the problem...

 

Hi Marian,

Can you attach a log of the older version HJT run in normal Windows?

PP

 

Here...I'm pretty sure this will work ^^;;

 

Hi Marian,

I do not see the baddie in your log. If it had been there, I would have pointed you to a Generic Removal tool I have used in the past to remove this - The old HJT had problems removing this too.
Your log looks OK other than for a few personal preferenct types of things like WeatherBug.

Perhaps you should doublecheck the Trusted Zone - All I see is MusicMatch. I recommend keeping the TZ empty!

You might try a few more Online Scans, but I do not see the telltale signs of that particular baddie. You could also try turning Spybot's Tea Timer off and then scanning. TT has been known to occasionally interfere with these types of scans. Other than that, I don't know what is crashing HJT.

PP

 

Yes...^^;; I worked all day on this thing, and it isn't even mine! So that's why WeatherBug and game sites and such are here...*sigh* Anyway...I'll empty out the Trusted site and do what you said, but it really doesn't seem that there's anything wrong, does it? I even tried reinstalling HJT. o_o Still crashes.

Thank you for helping, though. ^^

 

If you like, I can give you a link to the Generic Removal Tool and you can run that. If it doesn't work, it will still flush some remnants into the open. Let me know and I'll look for it and post it for you.

PP