Tech Support Forum - View Single Post - Looking for the knight to kill the specific911 dragon again!!!

MicroBell · 08-28-2005, 08:07 PM

Hi and Welcome to TSF

Before attacking an adware/spyware problem with hijackthis make sure you have already run the following tools. Download and update the databases on each program before running.

Ad-Aware® SE Personal Edition
*Note* For Ad-AwareSE also install the VX2 Addon Cleaner To run this tool once Adaware is updated click on Add-ons in the lefthand column. Select VX2 Cleaner V2.0 and click Run Tool. Click "OK" , then, if something is found, click "Clean" as in the directions given. Click "Close", and exit Ad-Aware.
Spybot Search & Destroy
CWShredder

Also make sure you are using the the latest version (1.99.1) of HijackThis and it's installed in it's own folder on the root drive. (C:\HJT)

stretched:

This thing is a nightmare to remove. I'm going to throw some tools at it and will need you post the logs. Some of these tools you may have already but set them up..as I posted them.

Download Silent runners.Vbs http://www.silentrunners.org/
1. Make sure you have any script blocking software disabled
2. Run the program. It will take a few minutes to complete.
3. Once complete it will produce a log named “StartupPrograms” with Your user and date in the filename. Open that txt file and posts it contents in your next post.

Download: StartDreck

Unzip to its own folder and start the program:
Press 'Config'
Press 'Mark All'

UN-Check the 'NT-Services & NT-Kernel...' boxes only:
Press 'Ok'

Press 'Save' and select the location to save the log file (default is the same folder as the application)

Post the log in this thread..

Right click on this RegSearch.VBS and choose Save As. Leave the filename alone and save it somewhere. Now run that program and do a search using this word...... specific911

Post the wordpad contents here.

*Note* If you have more then one user account I need you to run the Regsearch under each and post them. IF Regsearch doesn't run...you will need to enter the registry editor manually and do a search. Post EVERY key you find that listed under. You can also run these in safe mode if need be.

Did you run SFC as Greyknight17 instructed?? This will look for missing and corrupt windows files.

08-28-2005, 08:07 PM	#23 (permalink)
MicroBell Manager Emeritus - Security Center, Expert Analyst, Moderator - Security Team; Rangemaster, TSF Academy & Supporter Join Date: Sep 2004 Location: Carmichaels, PA-USA Posts: 6,963 OS: Windows 7	Hi and Welcome to TSF Before attacking an adware/spyware problem with hijackthis make sure you have already run the following tools. Download and update the databases on each program before running. Ad-Aware® SE Personal Edition *Note* For Ad-AwareSE also install the VX2 Addon Cleaner To run this tool once Adaware is updated click on Add-ons in the lefthand column. Select VX2 Cleaner V2.0 and click Run Tool. Click "OK" , then, if something is found, click "Clean" as in the directions given. Click "Close", and exit Ad-Aware. Spybot Search & Destroy CWShredder Also make sure you are using the the latest version (1.99.1) of HijackThis and it's installed in it's own folder on the root drive. (C:\HJT) stretched: This thing is a nightmare to remove. I'm going to throw some tools at it and will need you post the logs. Some of these tools you may have already but set them up..as I posted them. Download Silent runners.Vbs http://www.silentrunners.org/ 1. Make sure you have any script blocking software disabled 2. Run the program. It will take a few minutes to complete. 3. Once complete it will produce a log named “StartupPrograms” with Your user and date in the filename. Open that txt file and posts it contents in your next post. Download: StartDreck Unzip to its own folder and start the program: Press 'Config' Press 'Mark All' UN-Check the 'NT-Services & NT-Kernel...' boxes only: Press 'Ok' Press 'Save' and select the location to save the log file (default is the same folder as the application) Post the log in this thread.. Right click on this RegSearch.VBS and choose Save As. Leave the filename alone and save it somewhere. Now run that program and do a search using this word...... specific911 Post the wordpad contents here. Note If you have more then one user account I need you to run the Regsearch under each and post them. IF Regsearch doesn't run...you will need to enter the registry editor manually and do a search. Post EVERY key you find that listed under. You can also run these in safe mode if need be. Did you run SFC as Greyknight17 instructed?? This will look for missing and corrupt windows files. __________________ We Are The BORG Spyware KILLER and Adware Destroyer! Spyware/Adware Removal Tools Hijackthis Ad-aware SE Spybot Search&Destroy SpywareBlaster CWShredder