Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

May need to post a log not sure


  • This topic is locked This topic is locked
30 replies to this topic

#1 sham1313

sham1313

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:06:41 AM

Posted 27 May 2009 - 11:02 AM

I am not sure how I did it I have 2 of the same post here and do not know how to delete one of them

I downloaded it because I thought it would fix my my windows media player that came with my less then a year old HP windows vista. Avast forum alerted me to that fact. they also gave me this site to start with some time ago and I had did some reading here, but computer come hard for me because when I was young I did not finish school and reading does not come easy to me. when they said I had downloaded another rogue I did what I have learn about not just using a virus scanner witch mine is avast now and I am very Happy with it. I also have on my computer Malwarebytes' Anti-Malware, SuperAntiSpyware and SpywareBlaster. these I know are good tools to use when you have the kind of trouble I do. these tools Cnet forum and avast forum have told me about at different times. between last night I have did a virus scan and a Malwarebytes' Anti-Malware, SuperAntiSpyware. I am not sure how to use SpywareBlaster. I have use the 1st 2 tools I have mention a lot. when I downloaded SpywareBlaster a few month ago it did the updating and scanning on little own. then I was told that I should not have it sent like that. I should just do it manually when I do a scan. I did set it that way for me to start the scan when I want it. I do not see a place to click to start it my self. I guess I need to at least ask that question where to click to start the scan.. so could you tell me please? also I need to know if I should post a hj log here. if I should I also need to know where to post it at? where I am at now like I have said I have used Malwarebytes witch did say the reg tool was a rogue and removed it. also the SuperAntiSpyware after I used that it did no not fine any thing. that was before I deleted in the Malwarebytes. I did the scan again with Malwarebytes and it found 457 reg tool as it did before and told me I need to delete them and restart so I did when I do it was only removing the rogue. i am not sure if you need any more information.
it did not fine any thing last scan. Should I post a hj for you to look at and if so where exactly do I put it??? Sham1313
<hxxp://windows.mediaplayer.pro/?gclid=COXZ3MXe3JoCFR0SagodHm7P3A>
it seem to me I am forgetting some thing if I think of it I will write it next time I reply. I will keep coming back to check here. I am not sure if I have it set to send me an e-mail to let me know when you reply to be or not.

Edited by Orange Blossom, 11 February 2013 - 05:04 AM.
Deactivate link. ~ OB


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,430 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:41 AM

Posted 27 May 2009 - 03:00 PM

Hello and welcome!!
First we don not recommend any registry cleaners they seem to do more harm than good. So I am recommending you uninstall them.
Spywareblaster WILL automatically run in the background,but needs to updated manually,weekly.

Please post your last MBAM ( Malwarebytes ) log.
The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.

We will go from here.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 sham1313

sham1313
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:06:41 AM

Posted 29 May 2009 - 08:23 AM

Malwarebytes' Anti-Malware 1.37
Database version: 2188
Windows 6.0.6002 Service Pack 2

5/28/2009 8:07:19 PM
mbam-log-2009-05-28 (20-07-19).txt

Scan type: Full Scan (C:\|D:\|F:\|G:\|)
Objects scanned: 259674
Time elapsed: 2 hour(s), 8 minute(s), 30 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


The one I posted is the last one. I thought you would also like to see the one that found that found out that post was a rogue. I will wait to get your next reply to see what you need next. I do think I need to tell you I am Dyslexia so if my writing you don't quite understand just let me know and will re do. some times my spelling is wrong and I will spell like it sound and will { } those around a note letting you know. I am not sure how to fine out if the computer has a lot of problems or not been told it does and told it don't I downloaded the reg tool because it would fix my media player. I am not sure if I have any other big trouble or not.

this is one line a few days ago that shows the last rogue that was found.

c:\Users\hamm\AppData\Roaming\RegTool\quarantinew\2009-05-25 19-58-320\regb-10.db (Rogue.RegTool) -> Quarantined and deleted successfully.

thanks Sharon sham1313

#4 sham1313

sham1313
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:06:41 AM

Posted 29 May 2009 - 08:27 AM

I thought I did that in 2 replys putting the log in one nand the note in the other did i goof big
thanks Sharon sham1313

#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,430 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:41 AM

Posted 29 May 2009 - 11:15 AM

Hi let's do these next and be sure...

Run ATF and SAS:
From your regular user account..
Download Attribune's ATF Cleaner and then SUPERAntiSpyware , Free Home Version. Save both to desktop ..
DO NOT run yet.
Open SUPER from icon and install and Update it
Under Scanner Options make sure the following are checked (leave all others unchecked):
Close browsers before scanning.
Scan for tracking cookies.
Terminate memory threats before quarantining
.
Click the "Close" button to leave the control center screen and exit the program. DO NOT run yet.

Now reboot into Safe Mode: How to enter safe mode(XP)
Using the F8 Method
Restart your computer.
When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a Windows XP Advanced Options menu.
Select the option for Safe Mode using the arrow keys.
Then press enter on your keyboard to boot into Safe Mode
.

Double-click ATF-Cleaner.exe to run the program.
Under Main "Select Files to Delete" choose: Select All.
Click the Empty Selected button.

If you use Firefox or Opera browser click that browser at the top and choose: Select All
Click the Empty Selected button.
If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program
.

NOW Scan with SUPER
Open from the desktop icon or the program Files list
On the left, make sure you check C:\Fixed Drive.
Perform a Complete scan. After scan,Verify they are all checked.
Click OK on the summary screen to quarantine all found items.
If asked if you want to reboot, click "Yes" and reboot normally.

To retrieve the removal information after reboot, launch SUPERAntispyware again.
Click Preferences, then click the Statistics/Logs tab.
Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
If there are several logs, click the current dated log and press View log.
A text file will open in your default text editor.
Please copy and paste the Scan Log results in your next reply.
Click Close to exit the program.


Please ask any needed questions,post logs and Let us know how the PC is running now.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 sham1313

sham1313
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:06:41 AM

Posted 29 May 2009 - 03:58 PM

I am not good at this kind of thing and will try to do just as you say. I should know what this is. but it has been a while and my memory not to great. I was going to ask at the avast forum what ATF and SAS means? I am pretty sure the last S stand for system. I should and will just ask you . because you are helping me helping me now. {some times it is hard for people to understand me when I write.] I use windows vista not XP .is it F8 or F7? you say { Terminate memory threats before quarantining.} does this mean delete the memory threats.

does it make a difference?
I must say again I use windows vista the part below is a copy paste because I need to know if it makes a differences because I use windows vista not XP

{When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a Windows XP Advanced Options menu.
Select the option for Safe Mode using the arrow keys.
Then press enter on your keyboard to boot into Safe Mode.}

below is a little more copy paste doing it this way makes more sense to me when I do it this way. I guess this will be visible to me there and I don't have to look for it right?
copy paste
{Double-click ATF-Cleaner.exe to run the program.
Under Main "Select Files to Delete" choose: Select All.
Click the Empty Selected button.}

I do use opera but my husband and I share the computer and he uses IE 7 and it is the default browser. does that make a difference?

after I get your next reply it will take me awhile to make sure I do this right and I have to time it right to make sure I have enough time's in between the time I can use the computer and my husband need to use the computer.

I do thank you very much for helping me with this. thank s Sharon sham1313

#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,430 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:41 AM

Posted 29 May 2009 - 04:24 PM

Hello.. ATF and SAS are acronyms for the 2 tools below.. Superantispyware and ATF (All Temp files) These tools work on both Vista and XP.

I use windows vista not XP .is it F8 or F7? you say { Terminate memory threats before quarantining.} does this mean delete the memory threats.
Should be F8 on XP and Vista...

Terminate memory threats before quarantining
This is what the program will do.. Stop then Quarantine.. At the end you will delete all.

To save Passwords in opera you do this.

If you use Firefox or Opera browser click that browser at the top and choose: Select All
Click the Empty Selected button.
If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program

Sharon the ATF will take 5 mins... Ths SAS may need an hour.

Ask all the questions you need.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 sham1313

sham1313
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:06:41 AM

Posted 29 May 2009 - 06:07 PM

ok sounds good if I don't get to it this evening I will do ot bright in early in the morning. thank you for doing the reply like you did that makes it easyer for me to understand. thanks Sharon sham1313

#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,430 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:41 AM

Posted 29 May 2009 - 08:44 PM

You're welcome and I will look in tomorrow.

Edited by boopme, 29 May 2009 - 08:45 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 sham1313

sham1313
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:06:41 AM

Posted 30 May 2009 - 12:48 AM

I want to make sure of this point before I start in the morning. the sentece below you want be to run A superAntiSpyware right or wrong?

{Hello.. ATF and SAS are acronyms for the 2 tools below.. Superantispyware and ATF (All Temp files) These tools work on both Vista and XP.}

thanks Sharon sham1313

#11 sham1313

sham1313
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:06:41 AM

Posted 30 May 2009 - 07:21 AM

I have downloaded ATF to the desktop and I already have SuperAntiSpyware and it is up dated. I have to do this very slowly to make sure I do this right. I am handing writing re-reading over what I need to do 1 step at a time as I am doing it . I hope you understand why I need to do it like this. at least I am startting it right. Thanks Sharon sham1313

#12 sham1313

sham1313
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:06:41 AM

Posted 30 May 2009 - 09:22 AM

I had to pause for a while every thing was needing my attention at the same time. wanted to make sure I have every peaceful around here so I won't get interrupted doing the rest of this. this is where I am at now.


you say under scanning options make sure the following are check. {and leave all others unchecked} close browsers before scanning}
you say under scanning options make sure the following I don't see scanning options or what you want me to scan, but I have a check by do a complete scan. also under scan location there is a check by C:/fixed-Drive {NTES}. also D:/ fixed-drive {NTES}is check. in the boxbyE:/-CDROM and F:/ removable {FAT32} there is no check. I think that is what you want me to do. I will close every thing and hand write every thing down, so every can be closed or open when need to be. having hand written it and it being in front of me I should not make any mistakes. I have a mark in preform complete scan in a Grey area. in the Grey area there are marks in memory,registry,startup location, cookies and select folders.
yes I think that is what you want me to do. is This right? in a few minutes I will start that.
thanks Sharon sham1313

#13 sham1313

sham1313
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:06:41 AM

Posted 30 May 2009 - 10:44 AM

Don't worry I re red and ist I well reboot in safemode before scan
Thanks Sharon sham1313

#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,430 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:41 AM

Posted 30 May 2009 - 11:02 AM

That 's the way you got it..It's looks harder than it is.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#15 sham1313

sham1313
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:06:41 AM

Posted 30 May 2009 - 05:06 PM

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 05/30/2009 at 10:17 AM

Application Version : 4.26.1004

Core Rules Database Version : 3917
Trace Rules Database Version: 1861

Scan type : Complete Scan
Total Scan Time : 00:36:11

Memory items scanned : 276
Memory threats detected : 0
Registry items scanned : 7862
Registry threats detected : 0
File items scanned : 28201
File threats detected : 26

Adware.Tracking Cookie
C:\Users\hamm\AppData\Roaming\Microsoft\Windows\Cookies\Low\hamm@dealtime[1].txt
C:\Users\hamm\AppData\Roaming\Microsoft\Windows\Cookies\Low\hamm@slingmedia.112.2o7[1].txt
C:\Users\hamm\AppData\Roaming\Microsoft\Windows\Cookies\Low\hamm@casalemedia[2].txt
C:\Users\hamm\AppData\Roaming\Microsoft\Windows\Cookies\Low\hamm@ads.bridgetrack[1].txt
C:\Users\hamm\AppData\Roaming\Microsoft\Windows\Cookies\Low\hamm@ad.yieldmanager[1].txt
C:\Users\hamm\AppData\Roaming\Microsoft\Windows\Cookies\Low\hamm@e-2dj6wjkocncpoep.stats.esomniture[2].txt
C:\Users\hamm\AppData\Roaming\Microsoft\Windows\Cookies\Low\hamm@adserver.adtechus[1].txt
C:\Users\hamm\AppData\Roaming\Microsoft\Windows\Cookies\Low\hamm@ads.addynamix[2].txt
C:\Users\hamm\AppData\Roaming\Microsoft\Windows\Cookies\Low\hamm@ads.pointroll[2].txt
C:\Users\hamm\AppData\Roaming\Microsoft\Windows\Cookies\Low\hamm@slingmedia[2].txt
C:\Users\hamm\AppData\Roaming\Microsoft\Windows\Cookies\Low\hamm@adlegend[2].txt
C:\Users\hamm\AppData\Roaming\Microsoft\Windows\Cookies\Low\hamm@server.iad.liveperson[3].txt
C:\Users\hamm\AppData\Roaming\Microsoft\Windows\Cookies\Low\hamm@server.iad.liveperson[1].txt
C:\Users\hamm\AppData\Roaming\Microsoft\Windows\Cookies\Low\hamm@revsci[1].txt
C:\Users\hamm\AppData\Roaming\Microsoft\Windows\Cookies\Low\hamm@e-2dj6wgliomdjegp.stats.esomniture[2].txt
C:\Users\hamm\AppData\Roaming\Microsoft\Windows\Cookies\Low\hamm@advertising[1].txt
C:\Users\hamm\AppData\Roaming\Microsoft\Windows\Cookies\Low\hamm@stat.dealtime[1].txt
C:\Users\hamm\AppData\Roaming\Microsoft\Windows\Cookies\Low\hamm@media6degrees[2].txt
C:\Users\hamm\AppData\Roaming\Microsoft\Windows\Cookies\Low\hamm@realmedia[2].txt
C:\Users\hamm\AppData\Roaming\Microsoft\Windows\Cookies\Low\hamm@247realmedia[1].txt
C:\Users\hamm\AppData\Roaming\Microsoft\Windows\Cookies\Low\hamm@collective-media[1].txt
C:\Users\hamm\AppData\Roaming\Microsoft\Windows\Cookies\Low\hamm@ebay.112.2o7[1].txt
C:\Users\hamm\AppData\Roaming\Microsoft\Windows\Cookies\Low\hamm@mediaplex[1].txt
C:\Users\hamm\AppData\Roaming\Microsoft\Windows\Cookies\Low\hamm@oasn04.247realmedia[1].txt
C:\Users\hamm\AppData\Roaming\Microsoft\Windows\Cookies\Low\hamm@overture[1].txt
C:\Users\hamm\AppData\Roaming\Microsoft\Windows\Cookies\Low\hamm@trafficmp[1].txt


I did the log before the post, but I wanted to be able to send then one

right after the other. I am sorry it took so long. writing it down is the

hardest part for me.


1st I downloaded ATF and put it on my desktop and updated the

SuperAntiSyware. they are both on my desktop now. when I open it. it

took double clicking it twice in order to open it.

then I wrote every thing down by hand so the words can be in front of

me when I did it. now that it is open SuperAntiSpyware. I made sure it

was like it was suppose to be. there are checks were they should an no

marks in the other. I belive I have every thing right. then I closed

browsers. {have not run it yet}

1st I re- started the computer by tapding F8 a few times at the right time

to put it in safe mode. then I double click ATF to run the program.
under main "select Files". click the empty selected button I did that.

then click opera from the top. select all then the empty selected button

again. then the prompt came up and I click no so it would save my

passwords. I click the X because I could not fine the closed
when I open it took 2 times of double clicking to open it.
.
then I click the scan and it was all set up like it should be doing a

complete scan and that is what I did.

then I re- booted normally.
I had to click it 2 times again like I had to do before. when I open

it. then I click the statiscs/log tab under scanner logs double click

Super. then I click the last log so I could copy paste it to you.

I may have left out a part or to in writing it down but I did do each step

right. I am sorry it took so long. there are little difference's in the words

of what I was suppose to be looking for and that slow me down a bit. I

just wanted to make sure I did it right. thanks A lot Sharon

I am not sure why I had it all copy on a notepad so I could copy it and paste here, all the words are there I wrote but I did not have the spaces's like I had it on the notepad. I had it into a few sentence's in a rows and then a couple of spaces I did not put a space in between in line.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users