If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
|
Thread Tools | Display Modes |
#1
|
|||
|
|||
Remnants of attack
Got hit bad: viruses, trojans, malware, hijack, you name it...after my
grandson "used" the machine... I had no choice but try to "fix" it!!! Disconnected from the SP and did a System Restore to the day before and ran the following first in safe mode, Why? dont know. Ad=Aware SE: had 1 running process, 1 process in reg., and several lesser "things": all removed. Ran Spyboot S&D: all ok Ran Stinger: an hour and 161,476 files later: nothing. Ran HiJackThis: g got a big log (well not that big) and kept it. Did a complete thorough Virus Scan. Anything else I could do to improve the speed a little bit, a little bit; it is slower than "before". also are these files now quarantined genuine WIN Me= lmgliz.txt, vqzcla.dat. Also (hate to ask because of the previous question about the Clipboard Viewer), but the Recycle Bin icon shows full and theres nothing in it, even if I try to dump something, cant find anything ressembling it in a search. As always tks in advance. -- cogito ergo sum |
#2
|
|||
|
|||
Update:
Re Recycle Bin, came back on its own like a good dog. Tks -- cogito ergo sum "PAT (Paul)" wrote: Got hit bad: viruses, trojans, malware, hijack, you name it...after my grandson "used" the machine... I had no choice but try to "fix" it!!! Disconnected from the SP and did a System Restore to the day before and ran the following first in safe mode, Why? dont know. Ad=Aware SE: had 1 running process, 1 process in reg., and several lesser "things": all removed. Ran Spyboot S&D: all ok Ran Stinger: an hour and 161,476 files later: nothing. Ran HiJackThis: g got a big log (well not that big) and kept it. Did a complete thorough Virus Scan. Anything else I could do to improve the speed a little bit, a little bit; it is slower than "before". also are these files now quarantined genuine WIN Me= lmgliz.txt, vqzcla.dat. Also (hate to ask because of the previous question about the Clipboard Viewer), but the Recycle Bin icon shows full and theres nothing in it, even if I try to dump something, cant find anything ressembling it in a search. As always tks in advance. -- cogito ergo sum |
#3
|
|||
|
|||
Paul, regarding the recycle bin ONLY. I seem to remember an issue with the
'wrong icon' being set (can't remember why) which always showed the bin as full. I'm using XP here so can't test it. Check the icon 'Properties' (in both states - empty and full) and see if you need to change one of the icons - both icons *should* be available in the Change Icon option. To check, drop something into the recycle bin and see if the icon changes (toggles) with the 'replaced' icons If this is not the cause in your case, then sorry if I've posted a red herring. Might also be worth looking at the MS Knowledge Base for Recycle Bin issues, there are several and one might just be yours g Good luck Mart "PAT (Paul)" wrote in message ... Got hit bad: viruses, trojans, malware, hijack, you name it...after my grandson "used" the machine... I had no choice but try to "fix" it!!! Disconnected from the SP and did a System Restore to the day before and ran the following first in safe mode, Why? dont know. Ad=Aware SE: had 1 running process, 1 process in reg., and several lesser "things": all removed. Ran Spyboot S&D: all ok Ran Stinger: an hour and 161,476 files later: nothing. Ran HiJackThis: g got a big log (well not that big) and kept it. Did a complete thorough Virus Scan. Anything else I could do to improve the speed a little bit, a little bit; it is slower than "before". also are these files now quarantined genuine WIN Me= lmgliz.txt, vqzcla.dat. Also (hate to ask because of the previous question about the Clipboard Viewer), but the Recycle Bin icon shows full and theres nothing in it, even if I try to dump something, cant find anything ressembling it in a search. As always tks in advance. -- cogito ergo sum |
#4
|
|||
|
|||
Hi Mart
Tks for response, like I said in my follow-up post, it came back. However I would be more interested in the slowish aspect left after the attack. Can anyone take a look at my HJT log?? There might be something that an expert can readily recognised....Tks for your coop. -- cogito ergo sum "Mart" wrote: Paul, regarding the recycle bin ONLY. I seem to remember an issue with the 'wrong icon' being set (can't remember why) which always showed the bin as full. I'm using XP here so can't test it. Check the icon 'Properties' (in both states - empty and full) and see if you need to change one of the icons - both icons *should* be available in the Change Icon option. To check, drop something into the recycle bin and see if the icon changes (toggles) with the 'replaced' icons If this is not the cause in your case, then sorry if I've posted a red herring. Might also be worth looking at the MS Knowledge Base for Recycle Bin issues, there are several and one might just be yours g Good luck Mart "PAT (Paul)" wrote in message ... Got hit bad: viruses, trojans, malware, hijack, you name it...after my grandson "used" the machine... I had no choice but try to "fix" it!!! Disconnected from the SP and did a System Restore to the day before and ran the following first in safe mode, Why? dont know. Ad=Aware SE: had 1 running process, 1 process in reg., and several lesser "things": all removed. Ran Spyboot S&D: all ok Ran Stinger: an hour and 161,476 files later: nothing. Ran HiJackThis: g got a big log (well not that big) and kept it. Did a complete thorough Virus Scan. Anything else I could do to improve the speed a little bit, a little bit; it is slower than "before". also are these files now quarantined genuine WIN Me= lmgliz.txt, vqzcla.dat. Also (hate to ask because of the previous question about the Clipboard Viewer), but the Recycle Bin icon shows full and theres nothing in it, even if I try to dump something, cant find anything ressembling it in a search. As always tks in advance. -- cogito ergo sum |
#5
|
|||
|
|||
Hi PAT (Paul) :-)
Please DO NOT post your log to this newsgroup. It is important that you go to one of the HiJackThis Support Forums below and allow the experts there to analyze it for you. AumHa HiJackThis Forum http://forum.aumha.org/viewforum.php?f=30 or Bleeping Computer Forum http://www.bleepingcomputer.com/forums/forum22.html to allow the experts there to evaluate your log and advise you of any necessary steps to clean your system. (Note: You will have to Register before posting on these Forums. Please follow all posting instructions carefully to avoid having your log deleted or ignored.) Hope this helps :-) Jan MS MVP - IE/OE Smiles are meant to be shared, that's why they're so contagious. Replies are posted only to the newsgroup for the benefit or other readers. How to make a good newsgroup post: http://www.dts-l.org/goodpost.htm Hi Mart Tks for response, like I said in my follow-up post, it came back. However I would be more interested in the slowish aspect left after the attack. Can anyone take a look at my HJT log?? There might be something that an expert can readily recognised....Tks for your coop. Paul, regarding the recycle bin ONLY. I seem to remember an issue with the 'wrong icon' being set (can't remember why) which always showed the bin as full. I'm using XP here so can't test it. Check the icon 'Properties' (in both states - empty and full) and see if you need to change one of the icons - both icons *should* be available in the Change Icon option. To check, drop something into the recycle bin and see if the icon changes (toggles) with the 'replaced' icons If this is not the cause in your case, then sorry if I've posted a red herring. Might also be worth looking at the MS Knowledge Base for Recycle Bin issues, there are several and one might just be yours g Good luck Mart "PAT (Paul)" wrote in message ... Got hit bad: viruses, trojans, malware, hijack, you name it...after my grandson "used" the machine... I had no choice but try to "fix" it!!! Disconnected from the SP and did a System Restore to the day before and ran the following first in safe mode, Why? dont know. Ad=Aware SE: had 1 running process, 1 process in reg., and several lesser "things": all removed. Ran Spyboot S&D: all ok Ran Stinger: an hour and 161,476 files later: nothing. Ran HiJackThis: g got a big log (well not that big) and kept it. Did a complete thorough Virus Scan. Anything else I could do to improve the speed a little bit, a little bit; it is slower than "before". also are these files now quarantined genuine WIN Me= lmgliz.txt, vqzcla.dat. Also (hate to ask because of the previous question about the Clipboard Viewer), but the Recycle Bin icon shows full and theres nothing in it, even if I try to dump something, cant find anything ressembling it in a search. As always tks in advance. -- cogito ergo sum |
#6
|
|||
|
|||
Hi Jan
Tks for your response. Will try your links....I also heard of : www.the spykiller.co.uk is it known to you, references? Paul -- cogito ergo sum "Jan Il" wrote: Hi PAT (Paul) :-) Please DO NOT post your log to this newsgroup. It is important that you go to one of the HiJackThis Support Forums below and allow the experts there to analyze it for you. AumHa HiJackThis Forum http://forum.aumha.org/viewforum.php?f=30 or Bleeping Computer Forum http://www.bleepingcomputer.com/forums/forum22.html to allow the experts there to evaluate your log and advise you of any necessary steps to clean your system. (Note: You will have to Register before posting on these Forums. Please follow all posting instructions carefully to avoid having your log deleted or ignored.) Hope this helps :-) Jan MS MVP - IE/OE Smiles are meant to be shared, that's why they're so contagious. Replies are posted only to the newsgroup for the benefit or other readers. How to make a good newsgroup post: http://www.dts-l.org/goodpost.htm Hi Mart Tks for response, like I said in my follow-up post, it came back. However I would be more interested in the slowish aspect left after the attack. Can anyone take a look at my HJT log?? There might be something that an expert can readily recognised....Tks for your coop. Paul, regarding the recycle bin ONLY. I seem to remember an issue with the 'wrong icon' being set (can't remember why) which always showed the bin as full. I'm using XP here so can't test it. Check the icon 'Properties' (in both states - empty and full) and see if you need to change one of the icons - both icons *should* be available in the Change Icon option. To check, drop something into the recycle bin and see if the icon changes (toggles) with the 'replaced' icons If this is not the cause in your case, then sorry if I've posted a red herring. Might also be worth looking at the MS Knowledge Base for Recycle Bin issues, there are several and one might just be yours g Good luck Mart "PAT (Paul)" wrote in message ... Got hit bad: viruses, trojans, malware, hijack, you name it...after my grandson "used" the machine... I had no choice but try to "fix" it!!! Disconnected from the SP and did a System Restore to the day before and ran the following first in safe mode, Why? dont know. Ad=Aware SE: had 1 running process, 1 process in reg., and several lesser "things": all removed. Ran Spyboot S&D: all ok Ran Stinger: an hour and 161,476 files later: nothing. Ran HiJackThis: g got a big log (well not that big) and kept it. Did a complete thorough Virus Scan. Anything else I could do to improve the speed a little bit, a little bit; it is slower than "before". also are these files now quarantined genuine WIN Me= lmgliz.txt, vqzcla.dat. Also (hate to ask because of the previous question about the Clipboard Viewer), but the Recycle Bin icon shows full and theres nothing in it, even if I try to dump something, cant find anything ressembling it in a search. As always tks in advance. -- cogito ergo sum |
#7
|
|||
|
|||
Hi Paul :-)
" Hi Jan Tks for your response. Will try your links....I also heard of : www.the spykiller.co.uk is it known to you, references? Paul Take a look at the information here. Scroll down to SpyKiller. If you have it installed, you really should uninstall it. http://www.spywarewarrior.com/rogue_anti-spyware.htm This is a list of all the rouge and suspect spyware programs. and he http://www.adwarereport.com/mt/archives/000024.html you may need this to completely uninstall it http://mycusthelp.com/SPYKILLER/supp...-1&FB=-1&FC=-1 Hope this helps :-) Jan MS MVP - IE/OE Smiles are meant to be shared, that's why they're so contagious. Replies are posted only to the newsgroup for the benefit or other readers. How to make a good newsgroup post: http://www.dts-l.org/goodpost.htm |
#8
|
|||
|
|||
Jan 11
Tks for your response. The KillBox from www.thespykiller.co.uk was recommanded by the Tech Guys Forum and used apparently quite often after analysing the logs of Spybot S&D. Dont see this particular program in the list??? I'm I missing something? Regards Jan 11 -- cogito ergo sum "Jan Il" wrote: Hi Paul :-) " Hi Jan Tks for your response. Will try your links....I also heard of : www.the spykiller.co.uk is it known to you, references? Paul Take a look at the information here. Scroll down to SpyKiller. If you have it installed, you really should uninstall it. http://www.spywarewarrior.com/rogue_anti-spyware.htm This is a list of all the rouge and suspect spyware programs. and he http://www.adwarereport.com/mt/archives/000024.html you may need this to completely uninstall it http://mycusthelp.com/SPYKILLER/supp...-1&FB=-1&FC=-1 Hope this helps :-) Jan MS MVP - IE/OE Smiles are meant to be shared, that's why they're so contagious. Replies are posted only to the newsgroup for the benefit or other readers. How to make a good newsgroup post: http://www.dts-l.org/goodpost.htm |
#9
|
|||
|
|||
I *think* this is a case of mistaken identity on Jan's part.
AFAIK, thespykiller.co.uk is not related to spykiller.com (the source of the 'iffy' spyware program) - see also the bottom of their home page.... quote Important Notice: We are not associated with or involved in any way with a company called Swanksoft.com who agressively market a spyware removal program called Spykiller. We do not agree with the way they market their products, by allowing a "free" download and then charging you when you want to use the program to remove any spyware that is found on the computer and they always find something, whether genuine or not. /quote -- Noel Paton (MS-MVP 2002-2005, Windows) Nil Carborundum Illegitemi http://www.btinternet.com/~winnoel/millsrpch.htm http://tinyurl.com/6oztj Please read http://dts-l.org/goodpost.htm on how to post messages to NG's "PAT (Paul)" wrote in message ... Jan 11 Tks for your response. The KillBox from www.thespykiller.co.uk was recommanded by the Tech Guys Forum and used apparently quite often after analysing the logs of Spybot S&D. Dont see this particular program in the list??? I'm I missing something? Regards Jan 11 -- cogito ergo sum "Jan Il" wrote: Hi Paul :-) " Hi Jan Tks for your response. Will try your links....I also heard of : www.the spykiller.co.uk is it known to you, references? Paul Take a look at the information here. Scroll down to SpyKiller. If you have it installed, you really should uninstall it. http://www.spywarewarrior.com/rogue_anti-spyware.htm This is a list of all the rouge and suspect spyware programs. and he http://www.adwarereport.com/mt/archives/000024.html you may need this to completely uninstall it http://mycusthelp.com/SPYKILLER/supp...-1&FB=-1&FC=-1 Hope this helps :-) Jan MS MVP - IE/OE Smiles are meant to be shared, that's why they're so contagious. Replies are posted only to the newsgroup for the benefit or other readers. How to make a good newsgroup post: http://www.dts-l.org/goodpost.htm |
#10
|
|||
|
|||
Hi Noel
Tks for putting things straight, was afraid for a while...guess Jan 11 read your post. I was surprised since several of your collegues post there as well. Do you know of another org that analyses these logs? Regards -- cogito ergo sum "Noel Paton" wrote: I *think* this is a case of mistaken identity on Jan's part. AFAIK, thespykiller.co.uk is not related to spykiller.com (the source of the 'iffy' spyware program) - see also the bottom of their home page.... quote Important Notice: We are not associated with or involved in any way with a company called Swanksoft.com who agressively market a spyware removal program called Spykiller. We do not agree with the way they market their products, by allowing a "free" download and then charging you when you want to use the program to remove any spyware that is found on the computer and they always find something, whether genuine or not. /quote -- Noel Paton (MS-MVP 2002-2005, Windows) Nil Carborundum Illegitemi http://www.btinternet.com/~winnoel/millsrpch.htm http://tinyurl.com/6oztj Please read http://dts-l.org/goodpost.htm on how to post messages to NG's "PAT (Paul)" wrote in message ... Jan 11 Tks for your response. The KillBox from www.thespykiller.co.uk was recommanded by the Tech Guys Forum and used apparently quite often after analysing the logs of Spybot S&D. Dont see this particular program in the list??? I'm I missing something? Regards Jan 11 -- cogito ergo sum "Jan Il" wrote: Hi Paul :-) " Hi Jan Tks for your response. Will try your links....I also heard of : www.the spykiller.co.uk is it known to you, references? Paul Take a look at the information here. Scroll down to SpyKiller. If you have it installed, you really should uninstall it. http://www.spywarewarrior.com/rogue_anti-spyware.htm This is a list of all the rouge and suspect spyware programs. and he http://www.adwarereport.com/mt/archives/000024.html you may need this to completely uninstall it http://mycusthelp.com/SPYKILLER/supp...-1&FB=-1&FC=-1 Hope this helps :-) Jan MS MVP - IE/OE Smiles are meant to be shared, that's why they're so contagious. Replies are posted only to the newsgroup for the benefit or other readers. How to make a good newsgroup post: http://www.dts-l.org/goodpost.htm |
|
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Help : Hotsearchbar/ Isearch Attack | George | General | 15 | February 23rd 05 05:18 AM |
VIRUS ATTACK RESULTS | Haggis | General | 3 | November 18th 04 11:53 PM |
Deleted files on Floppy & Hard disk -remnants ? | ============ ABC ============ | Disk Drives | 3 | August 15th 04 11:06 PM |