1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

HJT where to get it?

Discussion in 'Virus & Other Malware Removal' started by ellelle, Nov 5, 2007.

Thread Status:
Not open for further replies.
Advertisement
  1. ellelle

    ellelle Thread Starter

    Joined:
    Nov 4, 2007
    Messages:
    12
    HI there,
    I am as you can see computer illiterate. Where do I get the Hijack this log? Is there a website where I can download this for free?
     
  2. Cheeseball81

    Cheeseball81 Retired Moderator

    Joined:
    Mar 3, 2004
    Messages:
    84,315
    * Click here to download HJTsetup.exe.
    Save HJTsetup.exe to your desktop.

    Double click on the HJTsetup.exe icon on your desktop.
    By default it will install to C:\Program Files\Hijack This.
    Continue to click Next in the setup dialogue boxes until you get to the Select Addition Tasks dialogue.
    Put a check by Create a desktop icon then click Next again.
    Continue to follow the rest of the prompts from there.
    At the final dialogue box click Finish and it will launch Hijack This.
    Click on the Do a system scan and save a log file button. It will scan and then ask you to save the log.
    Click Save to save the log file and then the log will open in notepad.
    Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
    Come back here to this thread and Paste the log in your next reply.
    DO NOT have Hijack This fix anything yet. Most of what it finds will be harmless or even required.
     
  3. ellelle

    ellelle Thread Starter

    Joined:
    Nov 4, 2007
    Messages:
    12
    Ok I managed to download it. The link you gave me was broken. I found it through searching that website from the main page.
    When I downloaded it, it only brough me to an "install" then told me to read its terms and agreements then press "agree". It then took me to a page where "do a system log and save a log file was" There was no "select additions task" anywhere.
    When I did a system log and saved it. It would pop up with the notepad but it was blank and I got a message that said. " Cannot find C:\Programfiles\Hijackthis"
    I looked in the program files and it was there?
    The program worked fine. It did a scan with a log but it won't open with notepad so I can copy and paste it?
    Any ideas?
     
  4. Cheeseball81

    Cheeseball81 Retired Moderator

    Joined:
    Mar 3, 2004
    Messages:
    84,315
    What program did it open in
     
  5. ellelle

    ellelle Thread Starter

    Joined:
    Nov 4, 2007
    Messages:
    12
    I just double clicked the file that was downloaded to my desktop and it poped up as its own program. The log tried to open with notepad but when it did I got that message and the notepad was blank.
     
  6. ellelle

    ellelle Thread Starter

    Joined:
    Nov 4, 2007
    Messages:
    12
    Thanks for your help, I figured it out. I had the wrong version.
     
  7. Cheeseball81

    Cheeseball81 Retired Moderator

    Joined:
    Mar 3, 2004
    Messages:
    84,315
    No problem
     
  8. ellelle

    ellelle Thread Starter

    Joined:
    Nov 4, 2007
    Messages:
    12
    Hi there,
    I tried to post this in a new post and one of the moderators closed it and told me to post this here.....
    My computer is driving me nuts! I have security toolbar 7.1 on my explorer window, random pop-up ads almost all the time, a small yellow sign with an exclamation point in my systems tray that says that I have viruses, adware,etc. I also have random icons "Online Security Guide" and "Live Saftey Center" that pop up on my desktop. I keep getting a grey windows box that pops up that says: iexplore.exe Application Error - The application failed to initialize properly (0xc0000142). Click on OK to terminate application." I also have something like that that pops up when I start windows that says "Cannot load resource library."
    I finally figured out how to do a log:

    Logfile of HijackThis v1.99.1
    Scan saved at 9:11:25 AM, on 11/7/2007
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\WINDOWS\System32\CTsvcCDA.exe
    C:\Program Files\Symantec AntiVirus\DefWatch.exe
    C:\WINDOWS\System32\xhpabhtd.exe
    C:\WINDOWS\system32\drivers\KodakCCS.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Symantec AntiVirus\Rtvscan.exe
    C:\Program Files\Viewpoint\Common\ViewpointService.exe
    C:\WINDOWS\System32\MsPMSPSv.exe
    C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
    C:\Program Files\Java\j2re1.4.2_03\bin\bak\jusched.exe
    C:\Program Files\Dell\Media Experience\PCMService.exe
    C:\Program Files\NetMeeting\medexa77798.exe
    C:\Program Files\AIM6\aim6.exe
    C:\Program Files\ISP.COM Internet Services\dialer.exe
    C:\Program Files\AIM6\aolsoftware.exe
    C:\WINDOWS\System32\wuauclt.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mail.yahoo.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.isp.com/members/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.isp.com/members/
    O3 - Toolbar: Security Toolbar - {11A69AE4-FBED-4832-A2BF-45AF82825583} - C:\WINDOWS\system32\eszzxgzf.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
    O4 - HKLM\..\Run: [diagent] "C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup
    O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
    O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
    O4 - HKLM\..\Run: [BuildBU] c:\dell\bldbubg.exe
    O4 - HKLM\..\Run: [WordPerfect Office 1215] C:\Program Files\WordPerfect Office 12\Programs\Registration.exe /title="WordPerfect Office 12" /date=031305 serial=WA12WRX-0000002-HMD lang=EN
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\bak\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
    O4 - HKLM\..\Run: [clamav] utsgmon.exe
    O4 - HKLM\..\Run: [Brong32] driver64.exe
    O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mmtask.exe"
    O4 - HKLM\..\Run: [dmiov.exe] C:\WINDOWS\System32\dmiov.exe
    O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
    O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
    O4 - HKLM\..\Run: [medexa] C:\Program Files\NetMeeting\medexa77798.exe
    O4 - HKLM\..\Run: [plite731] C:\WINDOWS\plite731.exe
    O4 - HKLM\..\Run: [64c1921c] rundll32.exe "C:\WINDOWS\System32\etwjphhi.dll",b
    O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
    O4 - HKCU\..\Run: [NSYSCPLSTR] StatusCheck.exe
    O4 - HKCU\..\Run: [SysEntry] srbho.exe
    O4 - HKCU\..\Run: [sysconf16] Serviceprocess.exe
    O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp /HIDEBL
    O4 - Startup: PowerReg Scheduler.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
    O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
    O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
    O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
    O16 - DPF: {33331111-1111-1111-1111-611111193457} - file://c:\ex.cab
    O16 - DPF: {33331111-1111-1111-1111-611111193458} - file://c:\ex.cab
    O16 - DPF: {33331111-1111-1111-1111-622221193458} - file://c:\ex.cab
    O16 - DPF: {43331111-1111-1111-1111-611111195622} - file://c:\ex.cab
    O16 - DPF: {50BD5CDA-4BA8-4048-8FAA-763F222E41D8} - ms-its:mhtml:file://c:\\nores.mht!http://adxrnet.net/code/chm/xpre.chm::/xpreload.ocx
    O16 - DPF: {564EC66E-5A1B-51D3-1DB0-5080C83DA4EB} - ms-its:mhtml:file://C:ie.mht!http://69.50.164.12/exp/mht/sext01.c...aInstaller.exe
    O16 - DPF: {64311111-1111-1121-1111-111191113457} - file://c:\eied_s7.cab
    O16 - DPF: {B12213CD-4189-415D-A054-7999528459F7} (pixelStormLauncher Class) - http://aolsvc.aol.com/onlinegames/tr...rmlauncher.cab
    O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://www.arcadetown.com/swf/delici...ylomplayer.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{3990D42A-241C-44AB-B523-E47658AB2B49}: NameServer = 85.255.113.108,85.255.112.131
    O17 - HKLM\System\CCS\Services\Tcpip\..\{4BEAB350-A435-4BFF-818C-C021E757679A}: NameServer = 209.163.107.155 69.72.0.2
    O17 - HKLM\System\CCS\Services\Tcpip\..\{C289D141-1FF5-4F19-8415-C67814E9D5DD}: NameServer = 85.255.113.108,85.255.112.131
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.113.108 85.255.112.131
    O17 - HKLM\System\CS1\Services\Tcpip\..\{3990D42A-241C-44AB-B523-E47658AB2B49}: NameServer = 85.255.113.108,85.255.112.131
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.113.108 85.255.112.131
    O21 - SSODL: SystemCheck2 - {54645654-2225-4455-44A1-9F4543D34546} - C:\WINDOWS\System32\vbsys2.dll (file missing)
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
    O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
    O23 - Service: DomainService - - C:\WINDOWS\System32\xhpabhtd.exe
    O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: Intel NCS NetService (NetSvc) - Unknown owner - C:\Program Files\Intel\NCS\Sync\NetSvc.exe (file missing)
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
    O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
    O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe


    I am currently a poor college student so any free programs to download to my computer would be great.
    PLEASE help..I'm at my wits end!
    Thank you so much for helping!
     
  9. Cheeseball81

    Cheeseball81 Retired Moderator

    Joined:
    Mar 3, 2004
    Messages:
    84,315
    Holy moly....you are severely infected.
    This is going to take many steps. A lot of work lies ahead. Are you really up for it? Because you might actually consider a full reformat and reinstall.
     
  10. ellelle

    ellelle Thread Starter

    Joined:
    Nov 4, 2007
    Messages:
    12
    omg I knew my computer was bad.
    I'm up for it.
    Please help!
    Just tell me what to do.
     
  11. Cheeseball81

    Cheeseball81 Retired Moderator

    Joined:
    Mar 3, 2004
    Messages:
    84,315
    Do you have your Windows CD?
     
  12. ellelle

    ellelle Thread Starter

    Joined:
    Nov 4, 2007
    Messages:
    12
    yes.. will the cd tell me what to do to reformat/reinstall?
    so a reinstall is probably the best way to go?
     
  13. Cheeseball81

    Cheeseball81 Retired Moderator

    Joined:
    Mar 3, 2004
    Messages:
    84,315
    Yes I feel it's your best option

    1. Insert the Windows XP CD-ROM into your CD-ROM drive or DVD-ROM drive, or insert the first Windows XP Setup disk into the floppy disk drive, and then restart the computer.

    Note To start your computer from the Windows XP CD-ROM (or from the startup disk), your computer must be configured to start from the CD-ROM drive, the DVD-ROM drive, or the floppy disk drive. In some cases, you may have to modify your computer's BIOS settings to set this configuration. For information about how to configure your computer to start from the CD-ROM drive, the DVD-ROM drive, or the floppy disk drive, see the documentation that is included with your computer, or contact the computer manufacturer.

    2. If you are starting the computer from the Windows XP CD-ROM, select any options that are required to start the computer from the CD-ROM drive if you are prompted to do this.

    3. At the Welcome to Setup page, press ENTER.

    4. Note If you are using the Setup disks (6 bootable disks), the setup will prompt you to instert the Windows XP CD.

    5. Press F8 to accept the Windows XP Licensing Agreement.

    6. If an existing Windows XP installation is detected, you are prompted to repair it. To bypass the repair, press ESC.

    7. All the existing partitions and the unpartitioned spaces are listed for each physical hard disk. Use the ARROW keys to select the partition or the unpartitioned space where you want to create a new partition. Press D to delete an existing partition, or press C to create a new partition by using unpartitioned space. If you press D to delete an existing partition, you must then press L (or press ENTER, and then press L if it is the System partition) to confirm that you want to delete the partition. Repeat this step for each of the existing partitions that you want to use for the new partition. When all the partitions are deleted, select the remaining unpartitioned space, and then press C to create the new partition.

    Note If you want to create a partition where one or more partitions already exist, you must first delete the existing partition or partitions, and then create the new partition.

    8. Type the size in megabytes (MB) that you want to use for the new partition, and then press ENTER, or just press ENTER to create the partition with the maximum size.

    9. Repeat Steps 4 and 5 to create additional partitions if you want them.

    10. If you want to install Windows XP, use the ARROW keys to select the partition where you want to install Windows XP, and then press ENTER. If you do not want to format the partition and install Windows XP, press F3 two times to quit the Windows Setup program, and then do not follow the remaining steps. In this case, you must use a different utility to format the partition.

    11. Select the format option that you want to use for the partition, and then press ENTER. You have the following options: • Format the partition by using the NTFS file system (Quick)
    • Format the partition by using the FAT file system (Quick)
    • Format the partition by using the NTFS file system
    • Format the partition by using the FAT file system
    • Leave the current file system intact (no changes)
    The option to leave the current file system intact is not available if the selected partition is a new partition.

    Note If you deleted and created a new System partition, but you are installing Windows XP on a different partition, you will be prompted to select a file system for both the System and startup partitions.

    12. After the Windows Setup program formats the partition, follow the instructions that appear on the screen to continue. After the Windows Setup program is completed, you can use the Disk Management tools in Windows XP to create or format more partitions.
     
  14. ellelle

    ellelle Thread Starter

    Joined:
    Nov 4, 2007
    Messages:
    12
    Thanks for all your help!
    One more question: I am assuming that I need to back up any files that I want to keep when I reinstall windows XP?
     
  15. Cheeseball81

    Cheeseball81 Retired Moderator

    Joined:
    Mar 3, 2004
    Messages:
    84,315
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/648173

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice