Tom's Guide | Tom's Hardware | Tom's Games
 |
 |
 |
The comnputer question column in mylocal paper suggested that I send the HijackThis log to this forum, but I have it as an attachment and can't figure out how to send it here. Help?
Firstly your local paper is wrong in principle. This is a security & virus forum but it does not advocate just posting logs as a normal first step.
You first take the normal steps of updating and running your virus checker and malware fixers/finders (good freebies are "Ad-Aware" and "SpyBot Search & Destroy").
So, if having tried to fix your problem you you are still in difficulties you spell out the details of your remaining problems as a topic on here. The team will help you but you post only post your HijackThis log if requested by an expert.
Without the above restrictions this website would become dedicated to reading HijackThis logs. This is very time consuming indeed and not the principle behind this forum. I am not the webmaster so I hope I have explained this well enough and it does not conflict with his views.
As regards the process. You do not normally "email your log to forums". You simply copy/paste the text of the log onto that forums pages (assuming their policy allows this).
There is an automated analysis available on this website (copy/paste into it):
AUTO HIJACKTHIS ANALYSIS
This will help but you still have to work through it. A Google search might help identify some queries.Finally I emphasise again that you try to rid yourself of malware/spyware/viruses "using recommended programs" before getting down to HijackThis logs. If nothing else this will cut down the length of the log, which will be easier to deal with either by yourself or others.
Derek.W
0 
Sorry, typo. Last line 3rd para should read:
"The team will help you but you only post your HijackThis log if requested by an expert."
In parallel with downloading, updating and running the programs I suggested, keep an eye on this post because I note that "about:blank" has been mentioned, for which there is a known fix. I think I've cluttered up the place enough so I will leave that to others.
Derek.W
0
Derek, First of all, you just assumed that I went right to the log without having tried anything. I have tried every suggested method, and looked it up on many forums, and finally looked it up first on this one, since I just found out this existed because of the column in the local paper. This may be my first home computer after using public ones for years, but you insult my intelligence.
Secondly, if you are not the webmaster, then why are you giving me all of these policy details?
0
Hi grannygear,
Derek was just trying to warn you that your posted log might be deleted, that's all.
I know how frustrating spyware can be on your computer!
You can post your HT log at any of these three sites; they specialize in helping folks and encourage HT log posts:
>www.suggestafix.com
>www.spywarewarrior.com
>www.tomcoyote.comHere's the best way to do it:
>Move HiJack This to its own folder; do not run it from the Temp or C drive file;
>Close down all open applications;
>Click "Do System Scan and Save Logfile";
>Open the saved log; Hilight the entire log by stroking your mouse curser down holding the button.
>Right click anywhere in the seleted log, then click "Copy";
>Enter one of the websites mentioned above, sign in etc., and start a new thread (like in this forum), explain a little about what your problem is, and Paste your log in the thread. Someone will be along to help you.Wish you the best!
Give a man a fish and you feed him for a day;
Teach a man to fish and you feed him for a lifetime;
Then industry pollutes the water and kills all the fish.
0
Yes, Granny - as a long time participant here, Derek was merely giving you a 'heads up' on Computing.Net policy.
I'd respectfully suggest you dial down the attitude if you hope to make the best use of this forum. We have no idea what you have and haven't tried (until you tell us) but your confusion regarding how to handle the 'attachment' seems to indicate you are something of an inexperienced computer user.
That's fine - not usually a permanent condition, and this forum (among others) can help you broaden your understanding.
I'm not insensitive, I just don't care.
0
grannygear
When I first saw this post I moved on because it came across generally as off beam. It seemed rather daunting to try and put you properly in the picture, so that you could take the best steps towards solving your problem. I was not the only helper who found it difficult to know where to start for the same reasons.
I felt therefore that I should come back and have a bash at it after all, which I did. This, I thought, was better than just sitting back and letting you fathom out how to post a log to then have it rejected. I am not knocking you at all, nor did I necessarilly expect you to have had prior knowledge of the points I made.
It was a very skimpy post with only a hint at about the actual problem. The only way anyone can tell what you have already tried is if you say. Exactly what assumptions do you think I should have made?
About:blank was mentioned in the title so I kinda concluded that this was either the problem or one of your problems. It was 4.30am here in the UK so for that reason I did not progress that any further. I did however advise you to keep an eye on this post in case someone else picked it up. In the circumstances I felt I left you with the best possible help towards getting your problem(s) sorted. I'll leave you to it.
Derek.W
0
and remember to try about:buster from;
http://www.iamnotageek.com/a/428-p1.php1st run in safemode then in normal mode.
tap f8 during startup to get the startup menu and choose safemode from list. run about buster,restart, run it again.
0
I'm sorry, I didn't mean to offend anyone - I was just doing what the tech guy in the San Francisco Chronicle told me to do. I thought my post was clear - I just wanted to know how to send the log. I had intended to explain the problem when I sent the log, all as one message.
If any of you, as I am going to, wish to chastise the columnist for telling me to do something he shouldn't have, his email address is: david.einstein@comcast.net
Here is an exact quote: "You can then upload the log to the Security and Virus forum at computing.net. Hopefully, a forum reader who knows much more than I do will help you banish About:Blank."
I've tried so many things, I'm frustrated at programs that say they get rid of it, and then don't. It's so time consuming, it seems to take up most of my computer time. Any help is appreciated
0
I found his artical.
http://www.sfgate.com/cgi-bin/article.cgi?file=/chronicle/archive/2005/01/31/BUG44B2A2M1.DTL
How to copy a paste a log
http://tomcoyote.org/hjt/http://www.bleepingcomputer.com/forums/tutorial95.html
Sites where log readers hang, someone may want to email this site to the author.
ASAP
stands for the Alliance of Security Analysis Professionals.Good luck
0
Fine.
I would follow post #7 because this looks like your best chance of getting shot of this pig of a nasty.
There are some instances where trying to get rid of about:blank results in you losing your internet connection. Against this possiblity search Google and find LSPFIX. You don't need to run it, just download it and put it away in some dedicated spare folder. If you end up losing internet this will restore it again.
There are various other ideas on this problem and posting the HijackThis somewhere is one of them. Lets see how we got on with #7 first.
One word of warning. Beware of various about:blank fixers advertised on the net. Many of these just add more spyware. The one given in the post #7 link is fine.
Derek.W
0
Here's the article in question.
Heh - he deserves an earful for that ; )
Before You Post A HiJackThis Log
As well, a warning and a link to an analysis site is presented prior to posting
I'm not insensitive, I just don't care.
0
... oh yes. I nearly forgot something that jboy researched to do with LSPFIX.
Unless you have the file MSCOMCTL.OCX on your system (unlikely) you will need to download this. I would "temporarily" park it in the folder you made to put LSPFIX in.
IF you need to run LSPFIX then just follow the bit under "alternatively" on the link below (copy file to c:\windows\system and then "register" the file).
The "alternatively" choice saves downloading 5.66M of program.
I appreciate this is a lot of fiddle faddle but it is better to have this to hand (with file instructions) in order to be safe rather than sorry.
Derek.W
0
....darn it. I goofed post #12 nicely.
The file MSCOMCTL.OCX was to make "About:Buster" work (link in post #7) and NOT for making LSPFIX work.
Does this make sense? If not I'll re-type post #12 for you. Apologies - brain failure.
Derek.W
0
Yes - the 'aboutbuster' tool suggested by www is relatively new, but its creator has worked closely with the foremost adversary of CoolWebSearch, Merijn, so its credentials are pretty good indeed.
The program requires the OCX file if you don't already have it (about 1Mb), and the file must be registered in Windows, as per the linked instructions
I'm not insensitive, I just don't care.
0
See this solution (post #1):
S&V FORUM 15019This is the link I gave in my #1. You might find it easier than using About:Buster and you still have that option if you are unlucky.
Derek.W
0
PS. Better add that his cure seemed to have taken only half an hour. Nice, but I wonder if it might come back (from what I've read this is quite possible). About:Buster is still probably more likely to wrinkle it out permanently - that is what the writer has been working on.
Derek.W
0
hi,about blank may fix the problem but with new variants it is doubtful.
the problem with about blank is a hidden dll which needs to be renamed and deleted,this needs expert advice,which can be given in the above mentioned links(tomcoyte etc)
standard spyware scans,namely adaware etc are used prior to a hjt log post to clear any unnecessary rubbish on the pc so there is less work for the hjt analyst
lsp fix will only be needed if there 010 entries in your hjt and should not be attempted by the casual user.
Gary
0
Ni ,
I had this problem with my computer if you goto http://www.adwareaway.com/ and download adwareaway and just follow the instructions its real easy .I was having alot of problems with that as well but this program gets rid of it easily.And you dont need to be a computer wiz
STEVE
0
Thanks everyone for all your help. This computer now seems like it is heading for a crash. I'm thinking of wiping it clean and reinstalling Windows 98, but I've got to find someone here who will help me. It took about half an hour just to get to this page, the thing's gotten so darned slow. Thanks again.
0
Before reformat make sure you have your Windows CD to hand and you know the product key (four or five blocks of letters (maybe figures too) with hyphens separating them. There are ways to get it from your computer but only "before" formatting.
Next you make sure you have the driver CD's available for modem, sound card, display card and so forth. What you haven't got you will need to search for later. If you are able to download it there is a good program called Everest which tells you all about your machine and will help if you have to search for drivers (take notes). You will also need your server disk.
Without doubt the easy bit is reformatting and getting Windows working again. It is what follows (as above) that takes all the time, together with re-installing all of your add-on software.
The principle goes like this. First go to Control Panel/Add-Remove programs and produce a startup disk (floppy - often called a boot disk). You can use one made on someone else's W98SE machine if you wish or download one from www.bootdisc.com on any other machine. Get one for W98SE with CD-ROM support. You make the floppy from the download on the other machine then use it on yours.
Purists would say run FDISK first and remove and re-instate your partition(s). Well, sure, this is squeeky clean but reformat is usually sufficient.
You boot with the floppy (put it in then power on). Watch the screen because it will install what is known as a RAM drive. This will usually grab your CD letter temporarily and push your CD drive letter up by one (D to E or whatever). Some boot disks change your CD driver to letter R so that's why it is worth watching the screen - saves you having to figure it out.
Eventually you will get a boring black DOS screen and the A prompt will show (floppy drive). You then type format c: hit Return key, and stand back until it has finished. Your machine is now empty.
You now put in your Windows CD and switch to your CD drive. Assuming your CD drive has temporarily become E then you type E: (hit Return). If it is R then type R: and so on. Now type setup and hit Return.
Windows should then start loading. You have to answer a few silly and obvious questions at first but eventually it runs along unattended (making you think it's nearly finished yet carrying on for at least 30 mins).
Windows should start but of-course you have no internet and equally important no protection and no security updates. As soon as you've got your modem working and are on-line get your protection organised. Virus checker, firewall, Adaware and SpywareBlaster are to my mind the basic minimum. Get your Windows & IE updates.
You then have to install any drivers you need. You might find your sound system is very basic and you might be limited to low sreen resolution.
Next you put back whatever programs you need. This is your chance to NOT install any stuff that you never used or liked LOL.
Remember that if you mess up things (hopefully not, but it can happen), then reformat and load Windows again. You have little to lose, and to risk a "grubby" Windows install and an unstable system at this early stage would be unfortunate.
I could say more but I hope this is enough to give you the general idea. There are plenty of "How To's" around on this topic (even on this website). If you should decide to run FDISK before REFORMAT then make sure you say Yes to large disk support (FAT32).
Good luck
Derek.W
0  |
 |
 |
This post is quite old and has been locked from receiving new replies. Please create a new posting instead.
| Ads by Google |
