Results 1 to 15 of 15

Thread: AM I INFECTED

  1. #1
    New Lounger
    Join Date
    Dec 2009
    Location
    chicago,illinois,usa
    Posts
    7
    Thanks
    0
    Thanked 0 Times in 0 Posts
    My computer is acting flaky and i dont know what to do.

    I have windows xp sp3 home edition...
    I have bitdefender total security 2010 and
    spybot search and destroy running and they say
    i am clean.
    I ran avira and it supposedly deleted a trojan
    I ran the onecare live online scan and it reported 2 or 3 problems
    that it said it could not fix but i have no idea where or what they are

    i ran hijack this and here is the log...tell me if their is anything wrong here please

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 1:08:14 PM, on 12/21/2009
    The rest of this log was moved to the attachment
    [attachment=87319ost813834-hjtlog.txt]
    Attached Files Attached Files

  2. #2
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts
    Quote Originally Posted by lady storm View Post
    i ran hijack this and here is the log...tell me if their is anything wrong here please
    This is not the best site for interpretation of HijackThis logs. If you search here, you will find recommendations for other sites. For example, see: Post #724266 (castlecops) and Post #809178 (majorgeeks) and Post #686207 (three more).

  3. #3
    New Lounger
    Join Date
    Dec 2009
    Location
    chicago,illinois,usa
    Posts
    7
    Thanks
    0
    Thanked 0 Times in 0 Posts
    thank you js cher but those links proved useless as the castle cops reports NOT FOUND

  4. #4
    Uranium Lounger viking33's Avatar
    Join Date
    Jun 2002
    Location
    Cape Cod, Massachusetts, USA
    Posts
    6,308
    Thanks
    0
    Thanked 1 Time in 1 Post
    Quote Originally Posted by lady storm View Post
    thank you js cher but those links proved useless as the castle cops reports NOT FOUND
    Try this one.


    http://www.bleepingcomputer.com/tuto...utorial42.html
    BOB
    http://lounge.windowssecrets.com/S/flags/USA.gif http://lounge.windowssecrets.com/S/f...sachusetts.gif


    Long ago, there was a time when men cursed and beat on the ground with sticks. It was called witchcraft.
    Today it is called golf!

  5. #5
    New Lounger
    Join Date
    Dec 2009
    Location
    chicago,illinois,usa
    Posts
    7
    Thanks
    0
    Thanked 0 Times in 0 Posts
    http://www.bleepingc...tutorial42.html (im checking this site now)
    i just registered there

    THANKS JSCHER

  6. #6
    New Lounger
    Join Date
    Dec 2009
    Location
    Lexington, South Carolina, USA
    Posts
    13
    Thanks
    0
    Thanked 0 Times in 0 Posts
    You can also copy and paste your Hijackthis log file here:

    http://hjt.networktechs.com/

    for immediate feedback/analysis of the log.
    You can't get something for nothing
    You can't have freedom for free
    You won't get wise with the sleep still in your eyes
    no matter what your dreams might be

  7. #7
    New Lounger
    Join Date
    Dec 2009
    Location
    chicago,illinois,usa
    Posts
    7
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Thanks carl

  8. #8
    Lounger
    Join Date
    Dec 2009
    Posts
    29
    Thanks
    0
    Thanked 0 Times in 0 Posts
    To be honest Spybot is pretty worthless. Its detection rates arent very good. The only thing its good for is its Immunize function. Spyware Blaster is a stand alone app and basically is Spybots Immunize feature.

    The toolbars are a bit worry some. Alot of them open holes into your system.

    Heres the list of what Id get rid of:

    O8 - Extra context menu item: &GetGo Toolbar Search - res://C:\Documents and Settings\lynn\Desktop\my Downloads\internet pgms\GetGo Download Manager 4.2.1.309\GetGo Download Manager\GGToolBand.dll/MENUSEARCH.HTM
    O8 - Extra context menu item: Search Image on TinEye - file://C:\Documents and Settings\lynn\My Documents\TinEye 1.0\TinEye.js
    Both of them have been flagged as nasty by HiJackThis own analysis engine.Basically I see atleast 3 tool bars that arent needed and most of the flagged possible infections come from the GetGo toolbar or what ever it is.
    My Laptop Specs
    Asus M50SV-A1, Win7 x64 Pro, 1440x900 WXGA screen, 250Gb Seagate Momentus 5400.4RPM HD with 8Mb Cache, Intel Core 2 Duo T9300 2.5Ghz Processor with 6Mb L2 cache, 3Gbs of RAM, NVIDIA GeForce 9500GS 512Mb GPU, Logitech G5, Saitek X52/ST290 Logitech Precision Gaming Headset

    Looking for firewall, antivirus, or antispyware suggestions. Do some research: Antivirus, Antispyware, and Firewall Research Thread

  9. #9
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts
    Quote Originally Posted by whitedragon551 View Post
    Both of them have been flagged as nasty by HiJackThis own analysis engine.
    As I understand it, "O8" entries are non-whitelisted items on the IE right-click menu. I just don't think it's fair to say that all of these items have been "flagged as nasty" without further confirmation. Some downloaders are legitimate, and I didn't find GetGo in these databases:

    Computer Associates: http://www.ca.com/us/technology-security-news.aspx (threat search box in right sidebar)
    Symantec: http://www.symantec.com/norton/secur...rer/search.jsp
    Trend Micro: http://threatinfo.trendmicro.com/vinfo/default.asp
    Webroot: http://research.spysweeper.com/

    Also, I don't see anything obviously wrong with TinEye.

    As a diagnostic, it may well be a good idea to disable or uninstall these programs, but I think it's wise to be more cautious in calling them the source of possible infections.

  10. #10
    New Lounger
    Join Date
    Dec 2009
    Location
    chicago,illinois,usa
    Posts
    7
    Thanks
    0
    Thanked 0 Times in 0 Posts
    I want to t trying thank all of you for your input
    in trying to help me with my issues.

  11. #11
    Lounger
    Join Date
    Dec 2009
    Posts
    29
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by jscher2000 View Post
    As I understand it, "O8" entries are non-whitelisted items on the IE right-click menu. I just don't think it's fair to say that all of these items have been "flagged as nasty" without further confirmation. Some downloaders are legitimate, and I didn't find GetGo in these databases:

    Computer Associates: http://www.ca.com/us/technology-security-news.aspx (threat search box in right sidebar)
    Symantec: http://www.symantec.com/norton/secur...rer/search.jsp
    Trend Micro: http://threatinfo.trendmicro.com/vinfo/default.asp
    Webroot: http://research.spysweeper.com/

    Also, I don't see anything obviously wrong with TinEye.

    As a diagnostic, it may well be a good idea to disable or uninstall these programs, but I think it's wise to be more cautious in calling them the source of possible infections.
    You didnt use a single database that is rated at the top of detection.

    If you would like this is the tool I used. Run the log through this and it will give some more insight so you can see what I was seeing.

    http://www.hijackthis.de/
    My Laptop Specs
    Asus M50SV-A1, Win7 x64 Pro, 1440x900 WXGA screen, 250Gb Seagate Momentus 5400.4RPM HD with 8Mb Cache, Intel Core 2 Duo T9300 2.5Ghz Processor with 6Mb L2 cache, 3Gbs of RAM, NVIDIA GeForce 9500GS 512Mb GPU, Logitech G5, Saitek X52/ST290 Logitech Precision Gaming Headset

    Looking for firewall, antivirus, or antispyware suggestions. Do some research: Antivirus, Antispyware, and Firewall Research Thread

  12. #12
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts
    Quote Originally Posted by whitedragon551 View Post
    You didnt use a single database that is rated at the top of detection.
    Hmmm, if you don't like the major vendors, then show me an online database of malware or spyware that does list either GetGo or TinEye.

    Quote Originally Posted by whitedragon551 View Post
    If you would like this is the tool I used. Run the log through this and it will give some more insight so you can see what I was seeing.
    Mattner's site is an independent tool. It is not affiliated with the developers or maintainers of HijackThis. The methodology behind its declarations is unclear. What is a "keywordcheck" ?

    [attachment=87333:HijackThis_de_report.png]

    Does that mean anything with the word toolbar or search is considered "nasty"? That would be a good way to generate false positives. (Googling "hijackthis.de" ("false positive" OR "false positives") does yield some illuminating comments, although many are quite old and may have been resolved by now. Or maybe not.)

    For reference, here is the analysis the site served to me:
    [attachment=87334:HijackThis_de_Analysis_lores.pdf]
    Attached Images Attached Images
    Attached Files Attached Files

  13. #13
    New Lounger
    Join Date
    Dec 2009
    Location
    chicago,illinois,usa
    Posts
    7
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Here is what i used and it seemed to be useful for me
    http://hjt.networktechs.com/

  14. #14
    New Lounger
    Join Date
    Jan 2010
    Location
    Centennial, Colorado, USA
    Posts
    5
    Thanks
    0
    Thanked 0 Times in 0 Posts
    From my experience, there are some items in that log to be worried about, but not necessarily infections. Basically, the toolbars are not things I would keep as a general rule, and you have far too many AV/AS programs running that may be conflicting with each other.

    Keep in mind that HJT is a great tool but might not flag all possible places a potential virus could be hiding, so you might be infected, you might not.

  15. #15
    3 Star Lounger
    Join Date
    Dec 2009
    Location
    Ohio, USA
    Posts
    227
    Thanks
    0
    Thanked 0 Times in 0 Posts
    I've heard of hijack this and many people have suggested it but, an easier solution may be to just install Malwarebytes (be wary of google's search as it's sponsered links aren't always the safest-If you read the newsletter there was mention of this issue). Malwarebytes in my experience has detected more viruses than any other antivirus I've tried (paid or not), including the viruses other programs found. It's also updated daily and completely free. The only problem with it is that the free version lacks active protection but, since I use Comodo Firewall when I'm online and set up an automatic scan with Windows Task Scheduler it's quite nice (It doesn't take that as much processing as having both a protection module and a firewall would).

    If you wish to set up a scheduled scan look for a tutorial on setting up a scheduled task with windows and use the command line parameter "/quickscanterminate" for a quick scan, "/fullscanterminate" for a Full Scan and "/runupdate" for an update. I'm afraid I can't offer more specific help at this time as I'm running Windows 7 and don't remember offhand how to set up XP's scheduled task (although I think I found it easier for some reason).
    Current Machine:HP Compaq 6910p with 4GB RAM, Core2Duo @ 2.20 GHz, Mobile Intel 965 Express Chipset Family, Avast free, Malwarebyte's free, TP-Link wireless card (as the built in card has nothing but problems with empty solutions): The card identifies as "Atheros AR922X Wireless Network Adapter". [Not the best machine but it does internet, docs, and vids, and some games (PvZ, Spore)]

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •