Copying HJT log from infected PC? Help please

  bof:) 22:29 13 May 2005

hi all,

My friend (Ruthy) has a laptop (XPhome) owned by her daughter that we have been removing virii and hijackers from. (over the phone because she's at her daughters).

All appears to have gone except for 1 hijacker that wants to alter the settings to IE everytime she opens it. The only option she is given by the Microsoft virus scanner is accept or block, so we block it.

We have updated and ran AVG, Microsoft antivirus scanner, AdawareSE, A-squared, CWS shredder, Stinger ,Spybot s&d, Spywareblaster and run 3 online scanners, eSoft, Housecall, and Panda scan.

The laptop cannot be connected to the net tomorrow but another nearby PC will have dialup capabilities.

The option we seem to have is copy HJT program to the laptop via a cd.

Run the program and copy the log to floppy disc or cd disc but, how do I make sure the virus does not infect the pc I can use to post HJT log on this site? (will just making sure both holes on floppy disk are visible be enough?)

I'd really appreciate any help given with this cos I'm stuck for ideas and I'm supposed to go and visit this friend tomorrow with ideas.

Many thianks for your help and ideas,


  p;3 22:46 13 May 2005

is there a reason why the infected lappy cannot connect to the net tomorow? and am bookmarking this thread as am interested in the answer too::))

  bof:) 12:46 14 May 2005

hi p;3, The laptop in question uses NTL broadband at Uni for the daughter and runs on XP home. The PC at home uses NTL dialup and uses Win ME.

I've been requested by the parents not to alter any internet connection settings so that when daughter goes back to uni she can connect laptop straight away to NTL BB.

I've also found out today that the laptop only has a cd disc drive and not an A:drive. I suppose I can borrow an external one if needed.

using the search option on tis site I found a thread that gave 3 online scanners to use, I emailed the web address' to the mother who has the laptop last night thinking if she runs them on BB it would be quicker.

She rang this morning and said...'what emails this then?'...(sigh).

I've also suggested she install Firefox and see if that connects to the net without any popups/highjack attempts intererence etc. So I can run Hijackthis from there.

There is also a hardware wizard trying to run itself from fuji camera's but according to the daughter she doesnt have 1. But she is doing a photography course so I just wonder if she has borrowed 1.


  Alan H E 14:14 14 May 2005

July's cover disc of PCA has Hijackthis on & on page 182 small bit about online analysis

  bof:) 16:41 14 May 2005

Hi Alan H E, thanks for the advice.

If I run HJT then copy the log to a cd disc,put the disk onto another PC to post to this website will I then transfer the virus from the laptop (that has the virus) to the pc that does not?


  bof:) 16:42 14 May 2005


  Alan H E 18:33 14 May 2005

Sorry bof:) been out. I wouldn't have thought so - has your AV got a facility to scan the disc before you open it - AVG has. This would get over any worries.

  VoG II 18:37 14 May 2005

Also, start the infected machine in Safe Mode, then copy the log to floppy. (This may not work if you are going to write to a CD as I don't think CD burning is enabled in Safe Mode.)

  bof:) 19:07 14 May 2005

Hi Alan H E, AVG is loaded on to the pc that the cd disk from the infected laptop will be loaded onto. The problem is that AVG is also on the infected laptop and has been unable to detect the virus/hijacker. (see 1st part of thread for everything thats been used to scan laptop).

This is why I would like to run HJT and post it on here using the daughters, mothers PC but only if I can do it with out infecting the pc itself.

Hi VoG™ been informed that the laptop that I want to run HJT on does not have a floppy drive. So unless I can borrow 1 that option is out. It seems its cd disk or nothing.


  Alan H E 20:21 14 May 2005

Perhaps the answer is to tell the daughter to register on this forum so when she is back in uni she can download the log to the site. I realise you may have to give a load of instructions but it would get over the possibility of passing on the infection.

  Alan H E 20:27 14 May 2005

ps The site for on line analysis is click here .I think you need to be cautious on what you delete as it ain't a human giving the answers.

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

Dell XPS 13 9370 (2018) review

No need to scan sketches into your computer with Moleskine's new smart pen

HomePod review

Streaming : Netflix ou Amazon Prime Video ?