Please Register first.

DO NOT use any TOOLS such as Combofix, Vundofix, or HijackThis fixes without supervision.

Doing so could make your pc inoperatible and could require a full reinstall of your OS, losing all your programs and data.

Here are a few suggestions for new members. Going back through some of the Solved Hijacks will help you to understand how What the tech forums work. You will see solutions that may appear to be identical to your problem, but each infection causes unique problems on each computer. Everyone has different software on their computer and that makes each log different.

If you would like to know who is helping you here at WhatTheTech Forums please read The Different Groups Here At WhattheTech and Who Will Help You With Your HijackThis log



To prepare your computer for the help we offer, we ask you to do the following before obtaining help:

1. ERUNT - Download - Homepage
   This ensures we have a valid registry backup. ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore if needed. Removing modern malware infections often requires making changes to the registry, and a corrupt registry can prevent a system from booting. Compatible with Windows NT, 2000, 2003, XP, Vista, 32 & 64-bit versions.
   
   1. Download ERUNT
   2. Double-click erunt_setup.exe to run.
   3. Follow the prompts and install using the default configuration (setup language, install location, shortcuts...).
   4. Say No to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later.
      
   5. Start ERUNT
   6. Choose a location for the backup
      The default location C:\WINDOWS\ERDNT\[today's date] is preferred
      
   7. The first two check boxes are ticked by default (System registry and Current user registry).
   8. Press OK
   9. When prompted, click YES to create a new folder.
   10. Progress bars will show backup status.
   11. A confirmation window will popup when complete. Click OK to close.
   
   
2. Download DDS and save it to your desktop from
   Here
   here or
   here.
   
   • Disable any script blocking protection (How to Disable your Security Programs)
   • Double click DDS icon to run the tool (may take up to 3 minutes to run)
   • When done, DDS.txt will open.
   • After a few moments, attach.txt will open in a second window.
   • Save both reports to your desktop.
   
   
3. We Need to check for Rootkits with RootRepeal
   
   1. Download RootRepeal from one of the following locations and save it to your desktop.
      
      • Here
      • Here
        
      • or Here
   2. Open on your desktop.
   3. Click the tab.
   4. Click the button.
   5. In the Select Scan dialog, check
      
   6. Push Ok
   7. Check the box for your main system drive (Usually C:), and press Ok.
   8. Allow RootRepeal to run a scan of your system. This may take some time.
   9. Once the scan completes, push the button. Save the log to your desktop, using a distinctive name, such as RootRepeal.txt.
   
   
4. Go to the Infections Removal
   
5. Click the
   
   
6. Give the thread a title that describes your problem and in the post please explain what is happening to your PC and what you have tried to do so far to fix it.
   
   
7. Copy/paste the log (that you've previously saved to your desktop) from RootRepeal onto your post.
   
   
8. Copy/paste the DDS.txt log (that you've previously saved to your desktop) onto your post.
   
   
9. Attach the Attach.txt report to your post by scroling down to the Attachments area and then clicking Browse. Browse to where you saved the file, and click Open and then click UPLOAD.
   
   
10. Complete your post by pressing the button below.

Posting Guidelines:

1. Please copy and paste your DDS and RootRepeal logs, DO NOT add these as attachments
2. Post in one thread only. Use Add Reply (another button at the top of the list of posts in the forum, with the New Topic button) to answer or post new logs when they are requested, instead of starting another New Topic.
3. If you have run and fixed anything with any programs please reboot before scanning
4. Please DO NOT bump your log. Posting in multiple threads may also slow a reply to your post.
5. You can also go to the #whatthetech chatroom to ask for help with your problem, but you will still need to post your HJT log in the forum. You will require an IRC chat program or you can use the Java applet?
6. We will get to you as soon as we can, often within a few hours. At times the forums are very busy and there are not many trained volunteers available, so please be patient.

NOTE:

Please DO NOT bump your log.

We look for logs with 0 replies first.

If you are being helped and you haven't replied within 3 days your topic will be closed as inactive.
If that is the case, please start a new topic when you have the time needed to finish all the instructions.

This post has been edited by jpshortstuff: Aug 25 2009, 06:47 AM