1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

HJT log file need suggestion

Discussion in 'Malware and Virus Removal Archive' started by panchal, 2007/03/02.

Page 2 of 2
  1. 2007/03/10
    panchal

    panchal Inactive Thread Starter

    Joined:
    2002/05/21
    Messages:
    122
    Likes Received:
    0
    feedback HJT

    Dear Sir,

    Noted yr reply but just 'am eager to know which are these problems before I run fix3 as at moment all is well and have no problem .I need to learn more on these viruses hence inquisitive on it , yr reply shall help me to understand it in better way.
     
    panchal,
    #21
  2. 2007/03/10
    Blender

    Blender Inactive

    Joined:
    2007/01/24
    Messages:
    355
    Likes Received:
    0
    Hi

    Completely understandable asking questions. I don't mind explaining at all.
    One should ask questions before just doing.

    I had you run fix3 because the logs you posted still had entries in your registry that were put there by the worm you had.

    The first fix I wrote was based on information I got off the link I gave you for info about that worm. This fixed the immediate problem to remove the active infection.
    They too had missed some entries. (we knew this because you still had errors/troubles)
    When I had you send me log from inspect.bat, I found more & created fix2 to repair that.
    Suspecting there were a few leftovers yet and the fact you have trouble to run an online scan on dial-up I had you run comboscan to look for not only files I may have missed but a few other registry items as well.

    One of the accounts affected was the windows "default" account.
    This account rarely would you ever use but if your own account was corrupted in some way, windows will load a "default" account.
    This would allow you to at least log in and try to fix the problem.

    The other account that was affected was most likely the "guest" account.
    This account is used sometimes if you might have someone over that wants to use the PC but you don't know them well and want to keep your stuff private.
    They use the guest account but cannot access your files and stuff.

    Again this account is not often used but if it is it too would have errors.

    If I left those registry entries there and these other accounts was ever used; regedit would not work.
    Also in the "default" and "guest's" account's registry was still some commands to load that worm you had.
    Worm files are gone but you would get an error about missing files if the computer logged you into that account.
    So I made the fix to remove those "commands" that could later give you problems.

    Thing is with some of these worms it will affect as many areas as possible to make removal more difficult. Sometimes it takes a few different logs to find them all because each log tells a different "story" about your PC.

    You also have an entry in your msconfig that is pointing to an old WhenUSave (adware) program you had. Part of the fix3 will remove this entry also. I only removed the WhenUSave item in msconfig because the rest are legit and you may want to enable those programs again.

    Hope that helps.

    Regards,

    Tammy
     
    Blender,
    #22


  3. to hide this advert.

Page 2 of 2

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...