Need help with Hijack This Log

Discussion in 'adware, spyware & hijack cleaning' started by tommy2tray, Apr 27, 2004.

Thread Status:
Not open for further replies.
  1. tommy2tray

    tommy2tray Registered Member

    Apr 27, 2004
    I think I have been hijacked. When I try to update spybot s&d I get an error message saying error retreiving update into file. There was an I SEARCH task bar where my address bar was .When I tried to go to your web site or some others about spyware my browser went to I Search and said it could not find server or dns error.I removed I SEARCH and I downloaded Adaware from CNet and ran that. It found 132 items which I removed or Quarintined I'm not sure. Then Iran Hijack this. I am including the log. I still think there are some problems on my computer I still can't update spybot.Thank you for any help.

    Attached Files:

  2. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Apr 27, 2002
    Hi tommy2tray,

    First find the file C:\WINDOWS\system32\drivers\ect\hosts and rename it to hosts.bak
    That should enable you to update again.

    Check the items listed below in HijackThis, close all windows except HijackThis and click Fix checked:

    O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)

    O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE

    O4 - HKLM\..\Run: [kdx] C:\WINDOWS\kdx\KHost.exe

    O4 - Startup: PowerReg Scheduler.exe

    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

    O16 - DPF: {1C78AB3F-A857-482E-80C0-3A1E5238A565} - ms-its:mhtml:file://C:\ss.MHT!

    O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) -

    O16 - DPF: {F54C1137-5E34-4B95-95A5-BA56D4D8D743} (Secure Delivery) -

    Then reboot and keep us posted,

Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.