Hi aaiibn,
You posted another hijack this log which is now much more infected than your original. You still have a variant of the "hacker defender" rootkit infection.
Any attempt to clean anything else on your system while that rootkit is present will be met with failure. Since the rootkit is designed to hide both itself and whatever the attacker see's fit to put on your computer without your knowledge. If you clean the other infections without getting rid of the rootkit, the infections will regenerate every time, you will NEVER get rid of them. .
Please
Print these instructions as you will be offline for the fix. You might find it useful to check off each step with a pen/pencil as you go so as not to miss a step.
Step 1 I need you to follow the instructions for showing
Hidden files and folders:
Click on
Start then
My Computer. On the tool bar at the top of the window choose:
- Tools
- Now choose Folder Options from the pull down menu
- Click on View.
- Click on Show Hidden Files and Folders
- Click on Apply
- Click on OK
Step 2 Download and run SDFix:
Download
SDFix and save it to your desktop. (Please click on the red link)
Please then reboot your computer in
Safe Mode by doing the following :
- Restart your computer
- After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
- Instead of Windows loading as normal, a menu with options should appear;
- Select the first option, to run Windows in Safe Mode, then press "Enter".
- Choose your usual account.
- In Safe Mode, right click the SDFix.zip folder and choose Extract All,
- Open the extracted folder and double click RunThis.bat to start the script.
- Type Y to begin the script.
- It will remove the Trojan Services then make some repairs to the registry and prompt you to press any key to Reboot.
- Press any Key and it will restart the PC.
- Your system will take longer that normal to restart as the fixtool will be running and removing files.
- When the desktop loads the Fixtool will complete the removal and display Finished, then press any key to end the script and load your desktop icons.
- Run HiJack This and save a new log file.
- Finally open the SDFix folder on your desktop and copy and paste the contents of the results file Report.txt back onto the forum with a new HijackThis log
To recap:
Please post the SDFix report and a new HiJack This log to this thread.
Thanks
Hillbillycj