| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 59639 | 2005-07-08 08:47:00 | W32.Desktophijack virus | bk T (215) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 370518 | 2005-07-09 16:52:00 | bk_t: I just took one of your lines from the HJT log you sent and found a problem that you might have missed. First, what I do when I run HJT and suspect something is wrong (and isn't that why we use it in the first place?), I copy/paste the suspicious code into the Google browser, and look for a result from sites like IAmNotAGeek, or CastleCops or such. I have found a few to trust a lot with their opinions. Anyway, I C/P'd one of the lines between the {xxx} thing-ys and I got results from one of them here. (castlecops.com) The result in the box from that site gives this particular line an "X" rating..it is absolutely..certainly spyware called the "IncrediFind". The line I got out of your HJT result was this one: {00D6A7E7-4A97-456f-848A-3B75BF7554D7}. All you have to do for future help, is use this technique and see these things for yourself. I find that I get a lot of satisfaction from doing it myself sometimes. Just don't try to Google the whole line for each instance..the coded number set you get between the brackets is usually enough for a good description of the problem. There aren't any mysteries here, and surely you know that there are also many...MANY people here that want to help you learn the ins and outs of running with Windows and the problems involved with Mr. Gates baby. We are all really in a learning curve here, and we like to share our new found (and old found too) stuff with people. I cannot speak for everyone here, but I have to go to others a lot too as I am old (and learning how to use that now too). What I really like is a person like you who reaches out for help instead of (an Americanism coming here, be seated: ) screwing things up all by themselves. Sometimes it more fun to sink or swim with the rest of us lemmings...hahahah. Hope you get rid of the gremlin in your system... |
SurferJoe46 (51) | ||
| 370519 | 2005-07-09 23:04:00 | First, what I do when I run HJT and suspect something is wrong (and isn't that why we use it in the first place?), I copy/paste the suspicious code into the Google browser, and look for a result from sites like IAmNotAGeek, or CastleCops or such . All you have to do for future help, is use this technique and see these things for yourself . I find that I get a lot of satisfaction from doing it myself sometimes . Just don't try to Google the whole line for each instance . . the coded number set you get between the brackets is usually enough for a good description of the problem . You do realise Joe that there is a much more faster way of analysing the log using an online analyser? You just copy and paste (or attach) your entire HJT log and it will flag and comment on each line with advice for you . Somethings that are flagged as suspicious, will require you to make a decision on whether that is an legitimate entry or not . If the problem then still exists, then posting on a forum for a manual look over is a good idea . Examples of such online analysers can be found here: HijackThis log file analysis ( . hijackthis . de/en" target="_blank">www . hijackthis . de) Help2Go Detective ( . help2go . com/modules . php?name=HJTDetective" target="_blank">www . help2go . com) . Major Geeks has an official tutorial on HJT as well - here ( . majorgeeks . com/showthread . php?t=38752" target="_blank">forums . majorgeeks . com) |
Jen (38) | ||
| 370520 | 2005-07-10 00:17:00 | Whoa! I see . . a new thing for me to learn here . TY for the input, and I will try it next time I am suspicious of a gremmie in the works . (was that NZ enough . . the "gremmie part" . . . just trying out the local colour here I am) . ( is there an "e" on the word colour?) . . . and I thought I was doing so good at individually Google-ing these things . . . . hmmmmmmmmmmmmm . But as I am saying now that I am older, I, like the proverbial old dog, can learn too! |
SurferJoe46 (51) | ||
| 370521 | 2005-07-10 01:03:00 | ( is there an "e" on the word colour?)No, also I never use the "u" either, altho most people here do. | Rob99 (151) | ||
| 370522 | 2005-07-10 05:56:00 | Somethings that are flagged as suspicious, will require you to make a decision on whether that is an legitimate entry or not . Those online analysers are good but you really do need to take a good look at those "suspicious" entries and not just take their word for it that they are bad . I have come across several logs with entries that would have caused a bit of a headache should I have got HJT to fix them so it was a good thing I checked them out first . There have also been logs that have had entries ignored that should have been fixed . The moral of the story is that whilst the online analysers are a good tool you still need to be careful what you do when using HJT . You are able to restore the changes made but sometimes it is not immediately obvious that things have been broken and how they broke . |
FoxyMX (5) | ||
| 370523 | 2005-07-10 06:55:00 | Thank you all for the contributions to my problem . I really leaned a lot from your valuable experiences . :thumbs: Cheers |
bk T (215) | ||
| 1 2 | |||||