 I May Be Infected |
Welcome Guest ( Log In | Click here to Register a free account now! )
Register a free account to unlock additional features at BleepingComputer.com
Welcome to Bleeping Computer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
BleepingComputer.com > Security > HijackThis Logs and Virus/Trojan/Spyware/Malware Removal > Misplaced HJT Logs  |
  Feb 4 2008, 11:01 PM
Post
#1
|
|
|
Member  Group: Members Posts: 24 Joined: 13-August 07 Member No.: 149,931  |
|
 |
 
|
|
Feb 4 2008, 11:25 PM
Post
#2
|
|
 To INSANITY and BEYOND !! Group: Moderator Posts: 10,943 Joined: 10-September 04 From: NJ USA Member No.: 2,608 |
Hello and welcome. What is the virus name? Also what is your Operating system? How did you delete it and what antivirus do you have installed?
-------------------- Can you spare some PC cycles to help FIND A CURE .. BC FOLDING TEAM Click me /info..
ThoughtVent a goodplace to discuss.<<>>>Staying Updated Calendar of Updates. For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear.... |
|
|
|
|
Feb 5 2008, 02:42 PM
Post
#3
|
|
|
Member Group: Members Posts: 24 Joined: 13-August 07 Member No.: 149,931 |
i have windows xp home edition dimension 3000. i used avira antivir personal edition classic and the virus name is TR/Dldr.Zlob.gfl [TR/Dldr.Zlob.gfl]
|
|
|
|
|
Feb 5 2008, 03:23 PM
Post
#4
|
|
|
To INSANITY and BEYOND !! Group: Moderator Posts: 10,943 Joined: 10-September 04 From: NJ USA Member No.: 2,608 |
If you haven't done so please scan with Avira from Safe Mode (instructions to get there below).
Following these should remove it. NOTE: all blue wording are links to instructions or tools First you will need to follow the instructions in our Tutorial How to remove the Smitfraud / Generic Zlob Now Download Attribune's ATF Cleaner and then SUPERAntiSpyware , Free Home Version. Save both to desktop .. DO NOT run yet. Open SUPER from icon and install and Update it Under Scanner Options make sure the following are checked (leave all others unchecked): Close browsers before scanning. Scan for tracking cookies. Terminate memory threats before quarantining. Click the "Close" button to leave the control center screen and exit the program. DO NOT run yet. Now reboot into Safe Mode: Safe Mode Using the F8 Method Restart your computer. When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a Windows XP Advanced Options menu. Select the option for Safe Mode using the arrow keys. Then press enter on your keyboard to boot into Safe Mode. Double-click ATF-Cleaner.exe to run the program. Under Main "Select Files to Delete" choose: Select All. Click the Empty Selected button. If you use Firefox or the Opera browser click on that browser at the top and choose: Select All Click the Empty Selected button. If you would like to keep your saved passwords, please click No at the prompt. Click Exit on the Main menu to close the program. NOW Scan with SUPER Open from the desktop icon or the program Files list On the left, make sure you check C:\Fixed Drive. Perform a Complete scan. After scan,Verify they are all checked. Click OK on the summary screen to quarantine all found items. If asked if you want to reboot, click "Yes" and reboot normally. To retrieve the removal information after reboot, launch SUPERAntispyware again. Click Preferences, then click the Statistics/Logs tab. Under Scanner Logs, double-click SUPERAntiSpyware Scan Log. If there are several logs, click the current dated log and press View log. A text file will open in your default text editor. Please copy and paste the Scan Log results in your next reply. Click Close to exit the program. Please ask any needed questions,post logs and Let us know how your PC in running now. -------------------- Can you spare some PC cycles to help FIND A CURE .. BC FOLDING TEAM Click me /info..
ThoughtVent a goodplace to discuss.<<>>>Staying Updated Calendar of Updates. For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear.... |
|
|
|
|
Feb 6 2008, 10:14 PM
Post
#5
|
|
|
Member Group: Members Posts: 24 Joined: 13-August 07 Member No.: 149,931 |
SUPERAntiSpyware Scan Log
http://www.superantispyware.com Generated 02/06/2008 at 11:02 PM Application Version : 3.9.1008 Core Rules Database Version : 3395 Trace Rules Database Version: 1387 Scan type : Complete Scan Total Scan Time : 01:55:57 Memory items scanned : 171 Memory threats detected : 0 Registry items scanned : 5667 Registry threats detected : 0 File items scanned : 95266 File threats detected : 60 Adware.Tracking Cookie C:\Documents and Settings\kimberly\Cookies\kimberly@server2.mediatakeout[1].txt C:\Documents and Settings\kimberly\Cookies\kimberly@mediaplex[1].txt C:\Documents and Settings\kimberly\Cookies\kimberly@ads.veoh[1].txt C:\Documents and Settings\kimberly\Cookies\kimberly@server.iad.liveperson[2].txt C:\Documents and Settings\kimberly\Cookies\kimberly@ehg-veohnetworksinc.hitbox[1].txt C:\Documents and Settings\kimberly\Cookies\kimberly@partner2profit[1].txt C:\Documents and Settings\kimberly\Cookies\kimberly@clicks.smartbizsearch[1].txt C:\Documents and Settings\kimberly\Cookies\kimberly@burstnet[2].txt C:\Documents and Settings\kimberly\Cookies\kimberly@media.mtvnservices[1].txt C:\Documents and Settings\kimberly\Cookies\kimberly@server.iad.liveperson[3].txt C:\Documents and Settings\kimberly\Cookies\kimberly@2o7[2].txt C:\Documents and Settings\kimberly\Cookies\kimberly@advertising[2].txt C:\Documents and Settings\kimberly\Cookies\kimberly@ehg-speakeasy.hitbox[1].txt C:\Documents and Settings\kimberly\Cookies\kimberly@ads.usercash[2].txt C:\Documents and Settings\kimberly\Cookies\kimberly@trafficmp[1].txt C:\Documents and Settings\kimberly\Cookies\kimberly@www.burstnet[2].txt C:\Documents and Settings\kimberly\Cookies\kimberly@overture[1].txt C:\Documents and Settings\kimberly\Cookies\kimberly@ehg-safeharbor.hitbox[2].txt C:\Documents and Settings\kimberly\Cookies\kimberly@tracker.icerocket[1].txt C:\Documents and Settings\kimberly\Cookies\kimberly@ads.gmodules[1].txt C:\Documents and Settings\kimberly\Cookies\kimberly@hitbox[2].txt C:\Documents and Settings\jennifer\Cookies\jennifer@2o7[2].txt C:\Documents and Settings\jennifer\Cookies\jennifer@adinterax[2].txt C:\Documents and Settings\jennifer\Cookies\jennifer@adopt.euroclick[1].txt C:\Documents and Settings\jennifer\Cookies\jennifer@advertising[1].txt C:\Documents and Settings\jennifer\Cookies\jennifer@anad.tacoda[1].txt C:\Documents and Settings\jennifer\Cookies\jennifer@ar.atwola[1].txt C:\Documents and Settings\jennifer\Cookies\jennifer@atdmt[2].txt C:\Documents and Settings\jennifer\Cookies\jennifer@atwola[1].txt C:\Documents and Settings\jennifer\Cookies\jennifer@bluestreak[2].txt C:\Documents and Settings\jennifer\Cookies\jennifer@collective-media[1].txt C:\Documents and Settings\jennifer\Cookies\jennifer@doubleclick[1].txt C:\Documents and Settings\jennifer\Cookies\jennifer@edge.ru4[2].txt C:\Documents and Settings\jennifer\Cookies\jennifer@mediaplex[1].txt C:\Documents and Settings\jennifer\Cookies\jennifer@microsoftwlmessengermkt.112.2o7[1].txt C:\Documents and Settings\jennifer\Cookies\jennifer@questionmarket[2].txt C:\Documents and Settings\jennifer\Cookies\jennifer@revsci[1].txt C:\Documents and Settings\jennifer\Cookies\jennifer@richmedia.yahoo[1].txt C:\Documents and Settings\jennifer\Cookies\jennifer@stat.onestat[2].txt C:\Documents and Settings\jennifer\Cookies\jennifer@statse.webtrendslive[2].txt C:\Documents and Settings\jennifer\Cookies\jennifer@tacoda[2].txt C:\Documents and Settings\jennifer\Cookies\jennifer@www.googleadservices[1].txt C:\Documents and Settings\jennifer\Cookies\jennifer@zedo[2].txt C:\Documents and Settings\nicole pierre\Cookies\nicole_pierre@2o7[1].txt C:\Documents and Settings\Rebecca\Cookies\rebecca@2o7[1].txt C:\Documents and Settings\Rebecca\Cookies\rebecca@ads.pointroll[1].txt C:\Documents and Settings\Rebecca\Cookies\rebecca@ads4.blastro[1].txt C:\Documents and Settings\Rebecca\Cookies\rebecca@adserver.adreactor[1].txt C:\Documents and Settings\Rebecca\Cookies\rebecca@advertising[2].txt C:\Documents and Settings\Rebecca\Cookies\rebecca@ar.atwola[1].txt C:\Documents and Settings\Rebecca\Cookies\rebecca@atdmt[2].txt C:\Documents and Settings\Rebecca\Cookies\rebecca@atwola[1].txt C:\Documents and Settings\Rebecca\Cookies\rebecca@doubleclick[2].txt C:\Documents and Settings\Rebecca\Cookies\rebecca@interclick[1].txt C:\Documents and Settings\Rebecca\Cookies\rebecca@mediaplex[2].txt C:\Documents and Settings\Rebecca\Cookies\rebecca@questionmarket[2].txt C:\Documents and Settings\Rebecca\Cookies\rebecca@revsci[1].txt Malware.LocusSoftware Inc/BestSellerAntivirus C:\DOCUMENTS AND SETTINGS\REBECCA\DESKTOP\SETUP_EN.EXE C:\DOCUMENTS AND SETTINGS\REBECCA\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\CX53SRU0\INSTALLER_EN[1].EXE Malware.DriveCleaner C:\DOCUMENTS AND SETTINGS\REBECCA\LOCAL SETTINGS\TEMP\UDC6_0001_D21M0303\INSTALLER.EXE |
|
|
|
|
Feb 6 2008, 10:28 PM
Post
#6
|
|
|
To INSANITY and BEYOND !! Group: Moderator Posts: 10,943 Joined: 10-September 04 From: NJ USA Member No.: 2,608 |
Hi looks like you've cleared alot of malware. How's the PC running now. Also I meant to ask for a report from the Smitfraud scan.
The report can be found at the root of the system drive, usually at C:\rapport.txt . Please post that with your comments. -------------------- Can you spare some PC cycles to help FIND A CURE .. BC FOLDING TEAM Click me /info..
ThoughtVent a goodplace to discuss.<<>>>Staying Updated Calendar of Updates. For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear.... |
|
|
|
|
Feb 10 2008, 02:31 PM
Post
#7
|
|
|
Member Group: Members Posts: 24 Joined: 13-August 07 Member No.: 149,931 |
yeah i found the report but its a really longggggggggggggggggg list of things, and when i try to post, it says my post is too long so what should i do?
|
|
|
|
|
Feb 11 2008, 11:07 AM
Post
#8
|
|
|
To INSANITY and BEYOND !! Group: Moderator Posts: 10,943 Joined: 10-September 04 From: NJ USA Member No.: 2,608 |
Hello The only way we can get to post that log will be from the HiJack/malware forum. It'll be a bit for a response as they are really busy right now.
The instructions for posting a log are here,scroll to step 9. http://www.bleepingcomputer.com/forums/topic34773.html then post that info here http://www.bleepingcomputer.com/forums/forum22.html -------------------- Can you spare some PC cycles to help FIND A CURE .. BC FOLDING TEAM Click me /info..
ThoughtVent a goodplace to discuss.<<>>>Staying Updated Calendar of Updates. For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear.... |
|
|
|
|
Feb 18 2008, 11:25 PM
Post
#9
|
|
|
Member Group: Members Posts: 24 Joined: 13-August 07 Member No.: 149,931 |
here is what it said to do.
Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:22:52 AM, on 2/16/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16608) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Yahoo!\Antivirus\ISafe.exe C:\Program Files\iolo\common\lib\ioloServiceManager.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\PnkBstrB.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\Yahoo!\Antivirus\VetMsg.exe C:\Program Files\Viewpoint\Common\ViewpointService.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Verizon\VSP\VerizonServicepoint.exe C:\Program Files\iolo\System Mechanic 7\SMSystemAnalyzer.exe C:\Program Files\DellSupport\DSAgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\Xfire\xfire.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {21ECA600-72B5-4E66-BB2E-573C92CBD8D6} - (no file) O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: (no name) - {C4DFA6F3-1245-41E5-8E60-7D31427F01B3} - (no file) O4 - HKLM\..\Run: [DLCCCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCCtime.dll,_RunDLLEntry@16 O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [VerizonServicepoint.exe] "C:\Program Files\Verizon\VSP\VerizonServicepoint.exe" /AUTORUN O4 - HKLM\..\Run: [SMSystemAnalyzer] "C:\Program Files\iolo\System Mechanic 7\SMSystemAnalyzer.exe" O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 5.0\resources\en-us\local\search.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: vzTCPConfig - http://www2.verizon.net/help/dsl_settings/...vzTCPConfig.CAB O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222 O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\ISafe.exe O23 - Service: dlcc_device - Unknown owner - C:\WINDOWS\system32\dlcccoms.exe O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\Yahoo!\Antivirus\VetMsg.exe O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE |
|
|
|
|
Feb 19 2008, 09:43 AM
Post
#10
|
|
 BC 1st Responder Group: Moderator Posts: 5,879 Joined: 21-October 04 From: South Carolina - USA Member No.: 3,905 |
haser,
I have moved your Topic that includes a HijackThis log here to the Misplaced HJT Logs forum. You posted your log in a forum not intended for HijackThis logs analysis and probably missed the directions we provide to those who require assistance. We can only allow topics with such logs in the HijackThis Logs and Malware Removal forum. This restriction is to ensure you get the best help available, from those who specialize in malware anlaysis and removal. It also should prevent you from receiving ineffective or even potentially dangerous advice, whether well meaning or not. Prior to posting a HJT log, we ask that you please read and follow all instructions in the pinned topic titled Preparation Guide For Use Before Posting A Hijackthis Log. Following the steps in this Guide will allow the HJT Team to quickly help you with specific fixes for what may remain on your system. Please complete all the steps in the Guide. If you have performed some of them already, then just continue with the next. If you can't perform a step, then skip it and continue with the next. The last step will include downloading and using the most current version of HijackThis if the first line of your log does not appear as follows: Logfile of Trend Micro HijackThis v2.0.2 Please note that it is important that HijackThis be run and a log created while in normal mode. If you run it and create your log while in safe mode, you will be asked to redo it again properly. When you have completed those steps, start a new topic in the HijackThis Logs and Malware Removal forum as directed in the Guide to post a new log. Please DO NOT post any more logs to this topic, or post a log again in the wrong forum. The Misplaced HJT Logs forum is strictly a holding area where the BC Staff can assist you with preparations for and to properly post your log. If you have a question or encounter a problem in the Prep Guide, please do post back to this topic; that is what it is here for. When your new HJT log is posted in the proper forum, please reply to this topic with a link to your new topic. Once that is done, a Member of the HJT Team will analyze your log and assist you with step by step instructions to clean your computer or otherwise advise what needs to be done. When you post your log to the HJT forum, you may wish to link to this topic to let the HJT team member who works the log know what has been done. Good luck! Thanks for your cooperation and good luck. The BC Staff -------------------- "In a world where you can be anything, be yourself." ~ unknown
|
|
|
|
|
Feb 19 2008, 01:29 PM
Post
#11
|
|
|
BC 1st Responder Group: Moderator Posts: 5,879 Joined: 21-October 04 From: South Carolina - USA Member No.: 3,905 |
February 16 log
Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a HJT Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer. From this point on the HJT Team should be the only members that you take advice from, until they have verified your log as clean. Please be patient. It may take a while to get a response because the HJT Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the HJT Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another HJT Team member is already assisting you and not open the thread to respond. If after 5 days you still have received no response, then post a link to your HJT log in the thread titled "Haven't Had A Reply In Five Days?". To avoid confusion, I am closing this topic. -------------------- "In a world where you can be anything, be yourself." ~ unknown
|
|
|
|
|
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:
| Lo-Fi Version | Time is now: 9th January 2009 - 07:09 AM |
© 2003-2008 All Rights Reserved Bleeping Computer LLC.