The link wouldn't copy, but the one at the start of my hijack this log works
Printable View
The link wouldn't copy, but the one at the start of my hijack this log works
If you think it's a Trojan then go to McAfee and download and run Stinger it will find the trojan and delete it.Quote:
Originally posted here by JonnyFrond
Flumps, what does all that stuff on the a-squared log mean then?
http://www.hijackfree.com/analyze/?...49-fbd004c1494a
I am up to date with everything as far as I am aware. I have to admit, I would rather learn about stuff to clear it all out than do a fresh install, as I have this running nicely at the moment, and I have had bad experiences with fresh installs in the past.
can anyone tell me how to deal with even just one of these, are the regestry entries that can be edited or deleted, or are they files that I can get rid of?
:cry:
I'm starting to feel like part of a fern
Or...
CAUTION: We strongly recommend that you back up the registry before you make any changes to it. Incorrect changes to the registry can result in permanent data loss or corrupted files. Modify only the keys that are specified. Read the document How to back up the Windows Backup Registry guide for instructions.
1. Click Start, and click Run. The Run dialog box appears.
2. Type regedit and then click OK. The Registry Editor opens.
3. Navigate to the key
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
In the right pane, delete the value
Tweak UI "RunDLL32 tweakUI.DLL, TWEAKUI /tweakmeup"
4. Navigate to the key
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices
5. In the right pane, delete the value
Scheduling Agent "Scheduler.exe"
6. Click Registry, and click Exit.
this is from the link I provided in an earlier post (trojan removal)
Thanks, I have a starting point again.
Jon..J..J...J.Jo...Jonny Fron...Fro.....Frond
Hi Jonny,
Get the A-Squared application, update it and run it should do a better job, and it will let you save an HTML report.
I think the issue is that a-squared looks for "traces" and that could be what it is reporting.
The tool you are using comes up with a lot of "unknowns" so I wouldn't put too much faith in it unless you can actually find the malware.
;)
Is it just me that wonders if Jonny is always stoned?Quote:
Jon..J..J...J.Jo...Jonny Fron...Fro.....Frond
Jonny... Rule one when troubleshooting an issue in computer software is "confirm". Running a single app that tells you one thing is useless. Running a second that does nothing to confirm or deny does notjing and, in this case, seems to be causing you more stress... Google Ad-Aware, Spybot and any other anti spyware program you can think of that is trustable. Run them all and compare the results. If you find similarities then there may be an issue... If there aren't it's called a "False Positive" and can usually be ignored.
Right, I get it now nihil, that makes a lot more sense to me now.
Tiger this is what I need to know too, I have heard of the "False Positive" here before, and never know what it was, I take it to mean like ghosts in the machine. In that case, my computer is sparkling, and a little Mr Sheen on the screen should top it off.
Ok, I think I have all the info I need now, this thread can close thankyou.
And Tiger, the drugs don't work.....anymore.
Slpondgy Frondles :drink:
LOL.... They sure seem to be.... ;)Quote:
And Tiger, the drugs don't work.....anymore.
OK Folks, I think that I have cracked it. :D
The application scans for stuff and produces a report. Where it reports something it will say something like Good = 1, Bad = 2 and will then name the malware that might have dropped it.
This DOES NOT mean that you actually have malware.
I just checked a couple and I only found the legitimate file in the correct access path. What it is saying is that you might have a problem and should check it out, either by seeing what the malware does or by confirming the access path and single instance of the file.
It is designed as an aid to manual analysis by advanced users, so it works a bit like HJT but with a built in interpreter. These are not true "false positives" just recommendations to look at certain items.
I guess if it reports all "Bad" it thinks it has found a definite malware.
:)