NEW PROCEDURES POSTED 29 JANUARY 2009 ========================================================================================================================
Our experts kindly volunteer their time and expertise to assist you with your hijackware problems. That's what these forums are all about. However, we do need your cooperation so we can help you to help yourself.
Please read and complete ALL of the following steps before posting your logs in the MALWARE REMOVAL forum: If (a) you do NOT have an anti-virus application installed, or (b) your subscription expired, however briefly, or (c) you didn't have a valid, fully-functional anti-virus application installed when the machine got infected, and/or (d) you've neglected to keep the machine fully patched at Windows Update, don't bother posting in this forum. See this thread instead: http://aumha.net/viewtopic.php?t=28580
PS: You do NOT want more than one anti-virus application installed and loading at start-up 
Special Note if Spybot is installed: Before proceeding, disable Spybot Tea Timer and leave it disabled until we're done here. See http://aumha.net/viewtopic.php?t=32409
Special Note if Ad-Aware is installed and Ad-Watch is enabled: Before proceeding, disable Ad-Watch and leave it disabled until we're done here. See http://aumha.net/viewtopic.php?f=43&t=38668
NB: If you don't fully understand what Tea Timer and/or Ad-Watch does and how it does it, best to leave it permanently disabled.
Special Note for Vista: In all that follows, and subsequent sessions, you need to run these utilties "As Administrator" in most cases. Right click the program executable and choose "Run as Administrator". If you do not do this, some of these utilities will fail to work, or fail to work properly. If you have any problems with any of the utilities you are asked to run, check that you ran the application as an Administrator. Some of these utilties will not give you a UAC prompt, they will simply exit without doing anything at all or showing an error message.
[You may want to print the rest of these instructions for offline reference.]1. Please download
ATF Cleaner by Atribune, saving it to your desktop:
http://www.atribune.org/ccount/click.php?id=1
- Double-click ATF-Cleaner.exe to run the program.
- Under Main choose: Select All
- Click the Empty Selected button.
- If you use Firefox browser (and some Mozilla-based browsers):
- Click Firefox at the top and choose: Select All
- Click the Empty Selected button.
- NOTE: If you would like to keep your saved passwords, please click No at the prompt.
- If you use Opera browser:
- Click Opera at the top and choose: Select All
- Click the Empty Selected button.
- NOTE: If you would like to keep your saved passwords, please click No at the prompt.
- Click Exit on the Main menu to close the program.
Important! Please don't skip Step #1 above 2. Enable
Show Hidden Files and FoldersIf using Windows XP:- Close all programs so that you are at your desktop.
- Double-click on the My Computer icon.
- Select the Tools menu and click Folder Options.
- After the new window appears select the View tab.
- Put a checkmark in the checkbox labeled Display the contents of system folders.
- Under the Hidden files and folders section select the radio button labeled Show hidden files and folders.
- Remove the checkmark from the checkbox labeled Hide file extensions for known file types.
- Remove the checkmark from the checkbox labeled Hide protected operating system files.
- Press the Apply button and then the OK button and exit My Computer.
- Now your computer is configured to show all hidden files.
If using Windows Vista or Windows 7:- Close all programs so that you are at your desktop.
- Open the Control Panel menu and click Folder Options.
- After the new window appears select the View tab.
- Put a checkmark in the checkbox labeled Display the contents of system folders.
- Under the Hidden files and folders section select the radio button labeled Show hidden files and folders.
- Remove the checkmark from the checkbox labeled Hide file extensions for known file types.
- Remove the checkmark from the checkbox labeled Hide protected operating system files.
- Press the Apply button and then the OK button and exit My Computer.
- Now your computer is configured to show all hidden files.
[Online tutorial covering both of the above:
http://www.bleepingcomputer.com/tutorials/tutorial62.html]
Important! Please don't skip Step #2 above 3. Download the
Malicious Software Removal Tool, saving it to your desktop, then run it.
4.
Important! => Open Notepad > Click on Format > Uncheck Word wrap, if checked.5. Download
OTL by OldTimer,
saving it to your desktop:
http://oldtimer.geekstogo.com/OTL.exe- Close all open windows on the Task Bar. Click the OTL icon (for Vista, right click the icon and Run as Administrator) to start the program.
- In the lower right corner of the Top Panel, checkmark "LOP Check" and checkmark "Purity Check".
- Now click Run Scan at Top left and let the program run uninterrupted. The scan may take 5-10 minutes.
- Do not TOUCH your keyboard until the scan completes!
- It will produce two (2) logs on your desktop, one will pop up called OTL.txt; the other will be named Extras.txt.
- Exit Notepad. Remember where you've saved these 2 files as we will need both of them shortly!
- Exit OTL by clicking the X at top right.
6. Download
Security Check by screen317 from one of the following links and SAVE it to your Desktop:
http://screen317.spywareinfoforum.org/SecurityCheck.exe or
http://screen317.changelog.fr/SecurityCheck.exe
- Double-click on SecurityCheck.exe and follow the on-screen instructions inside the black box.
- A Notepad document named checkup.txt should then open automatically; close Notepad & saving the file to your desktop. We will need this log, too.
If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.7. After Registering, begin your own new thread in the
Malware Removal forum. Briefly state your problem(s) and tell us what you've done so far to resolve them. Then copy/paste the following into your post (in order):
- the contents of OTL.txt <=this file;
- the contents of Extras.txt <=this file; and
- the contents of checkup.txt <=this file
Please do NOT use the Attachment feature, despite what you might see in any of the above TXT files!========================================================================================================================
If you follow the above steps, it will accomplish three things:
- Your computer will be cleaner and in better shape before we even get to your log!
- It will save the volunteers on this site many hours of work and add to the accuracy of the information they are able to give you - it's easier to see individual trees in a thinned forrest.
- You won't delay the process of getting up & running again by having to answer a lot of questions.
Without this information:
- Your post may be ignored;
- A Moderator may lock your thread; or
- An Administrator may delete your post out-of-hand.
Please provide us the information we need in order to help you efficiently and effectively.
I'm asking and recommending that you follow the procedures above to create the best environment for you to get the best answers fastest. If you don't provide us what we need, your post will be DELETED without notice.One more thing:
Please don't post your logs in somebody else's thread.
Start your own new thread. Otherwise,
your post will be deleted, no questions asked, no comment given.
Thank you!
===============================================================================================
AumHa Forums Posting Tips:
- Please do not post a Reply to your own thread until someone else has done so. If you do, others will see that your post has had a reply and may assume someone else is helping you.
- Keep in mind that we're all volunteers here and post as our personal time permits. Please do NOT ask for a specific person to handle your threads.
- Do NOT use the Attachment feature unless specifically asked to do so.
- Please do NOT edit a post after someone has replied to it or later posts in the thread.
- Use the PREVIEW button to see how your post will look before using the SUBMIT button.
- For some tips on using BBCode (e.g., quoting; bold face; italics, etc.), see faq.php?mode=bbcode
JAE/~PAB
Login
Register
FAQ
Search
