|
Donation/Premium |
|
 |
|
|
|
|
|
|
|
Survey |
|
|
|
|
|
|
|
|
|
|
|
[DONE]Urgent help needed please
Goto page Previous 1, 2, 3, 4, 5, 6, 7, 8, 10, 11, 12 Next
|
| View previous topic :: View next topic |
| Author |
Message |
greyfeathers
Sergeant
Joined: Feb 07, 2008
Posts: 87
|
 Posted: Thu May 22, 2008 8:34 pm Post subject: |
|
|
| Mister2 wrote: | My girlfriend, oops, fiancée (got engaged last month!) maintains I'm unique. Mind you, she also wants to put me in a room with a psychologist and see who runs out screaming first!  |
Aww bless, congratulations to you both. Your fiancée sounds as though she has a great sense of humour too. Hmmm, I wonder who would run out screaming first too ROFL
| Quote: |
Post the Appcompat.txt file if you like - it might not tell me anything useful, but then again it might.
To save trying to find it, copy this line:
c:\documents and settings\TheOwner\local settings\temp\WER5de2.dir00\appcompat.txt
then paste it into the 'Add an Attachment' filename box when you post.
Now, where's the dustpan and brush? |
Not sure if you want this one or the next one, if I get another error message. Soooooo, just in case, have attached for you.
You must have read my mind as my first thought was "Now where do I find that"
If you can't find your dustpan and brush, I will send you one that one of our little darlings have finished chewing and mating on You should see him, he tries balancing on the bristles (luckily it is a soft one) and then gets upset when he falls off.
Take care,
Lorraine 
| Description: |
|
Download |
| Filename: |
appcompat.txt |
| Filesize: |
0 Bytes |
| Downloaded: |
24 Time(s) |
|
|
| Back to top |
|
 |
greyfeathers
Sergeant
Joined: Feb 07, 2008
Posts: 87
|
| Posted: Thu May 22, 2008 8:58 pm Post subject: |
|
|
| Quote: |
then paste it into the 'Add an Attachment' filename box when you post. |
Ha ha ha,
You are testing me now  I happened to notice that there was no kb in the attachment I sent so have looked for it manually. I think this is the one:
c:\documents and settings\TheOwner\local settings\temp\WER5de2.dir00\appcompat.txt
Fingers crossed, here we go. lol
| Description: |
|
Download |
| Filename: |
appcompat.txt |
| Filesize: |
339.98 KB |
| Downloaded: |
65 Time(s) |
|
|
| Back to top |
|
|
Mister2
SRT Team Lead
Premium Member
Joined: Oct 28, 2004
Posts: 7273
|
| Posted: Fri May 23, 2008 4:42 am Post subject: |
|
|
Thanks - not sure why my method didn't work, but it looks like your way has done the trick. I will try to download it later as the forum isn't playing nicely for me at the moment. (I see 3 others have taken a look at that file, though).
I've decided I don't want to be a parrot after all. Mating on the bristles of a brush is not one of my chief desires in life, no matter how soft they are!
_________________
Never stop learning
|
|
| Back to top |
|
|
greyfeathers
Sergeant
Joined: Feb 07, 2008
Posts: 87
|
|
| Back to top |
|
|
Mister2
SRT Team Lead
Premium Member
Joined: Oct 28, 2004
Posts: 7273
|
| Posted: Fri May 23, 2008 8:45 pm Post subject: |
|
|
What an unusual file that is! 
Finally managed to reformat so I could read it. That raised another question which I will get to later.
There's not so much cleaning up to do as I thought there was. Henry will be pleased! Just to make sure, it would help if you could do your thing with the following 3 commands:
dir c:\*norton* /s > c:\N.txt
dir c:\*symantec* /s > c:\S.txt
dir c:\*liveupdate* /s > c:\L.txt
As before, click Start, Run, type cmd in the text box and click OK to open the Command Window. Copy the first command above, go back to the Command Window, right click next to the flashing cursor and select Paste, then press Enter.
When you see the 'C:\Documents and Settings\username>' line pop back, do the same with the second command, then the same with the third.
Type exit and press Enter to close the Command Window.
Attach the 3 files created to your post. They will be found in C: and named N.txt, S.txt and L.txt
If you can't attach all 3 to the same post then just make 3 separate posts.
I can then be sure there's nothing left that needs removing.
Bet you never got this much homework at school!
_________________
Never stop learning
|
|
| Back to top |
|
|
greyfeathers
Sergeant
Joined: Feb 07, 2008
Posts: 87
|
|
| Back to top |
|
|
Mister2
SRT Team Lead
Premium Member
Joined: Oct 28, 2004
Posts: 7273
|
| Posted: Sun May 25, 2008 6:29 am Post subject: |
|
|
Thanks for those logs, they are fine. I will add them to the other logs we got to check through. I understood most of the Symantec log but there is a reference to an unusual file that I need to get checked out after cleaning up.
| greyfeathers wrote: | | Do you like Parrots yourself ? |
Yes, but I couldn't eat a whole one.
Seriously (now there's a first for me!) we both like all animals and birds. We go to farm parks and safari parks quite often. If that's not an option then we go to a lake or the local canal and feed the birds there. We once went without bread but had a packet of crisps to use up. We almost got away with that until one goose started running up and down, honking at the top of his voice, with large pieces of crisp stuck to his beak. We left quietly ...
| greyfeathers wrote: | | Oh, by the way, how do you get the little thingy above fiancee. |
Well, that's a rather personal question and I certainly won't be posting any photos
I use the Windows Character Map (Start, All Programs, Accessories, System Tools). Double click on the character required, click Copy then paste in to my reply. You can also get it if you hold the Alt key down, type 0233 on the keypad (not the numbers along the top) and release the Alt key. Or press the right Alt key and 'e'. I can never remember the last 2 though, so I stick with Character Map. There's a list of the codes here - handy if you need it.
I'll get back on the cleaning up and then have a Bank Holiday.
Happy Holiday to you and your friends!
_________________
Never stop learning
|
|
| Back to top |
|
|
Mister2
SRT Team Lead
Premium Member
Joined: Oct 28, 2004
Posts: 7273
|
| Posted: Sun May 25, 2008 11:04 am Post subject: |
|
|
Update:
I removed the attachments from your previous post after I downloaded them. They contained personal details (email headers and so on) that, whilst not harmful, don't need to be posted in public. (These entries related to the Anti-Spam module in Norton, something I didn't consider).
When we have finished I will erase them from my machine also.
_________________
Never stop learning
|
|
| Back to top |
|
|
Mister2
SRT Team Lead
Premium Member
Joined: Oct 28, 2004
Posts: 7273
|
| Posted: Sun May 25, 2008 11:24 am Post subject: |
|
|
Well this ought to be quick!
Open My Computer and navigate to C:\Documents and Settings\All Users\Application Data\Symantec. Right click on the folder named ZZLiveUpdate (this is the temporary backup we made), keep the left Shift key pressed down and select Delete in the right click menu. Answer Yes to confirm deletion. This should bypass the Recycle Bin - there are over 5MB of files in there and there is no point filling the trash can up.
One other thing you could do when you have a minute would be to do a search - either from the Command Window as we did before or else using the normal Windows Search (Start, Find Files, All Files) - for thcqbsjq*
That is the file I was concerned about earlier as it looks like a filename produced by malware. It may be nothing serious but if you find it, let me know the location. Then navigate to the file in My Computer, copy it (right click, Copy, right click on a blank bit of the window, Paste). Change the file extension from exe to txt (right click the copy and select Rename) and attach it to your post.
_________________
Never stop learning
|
|
| Back to top |
|
|
greyfeathers
Sergeant
Joined: Feb 07, 2008
Posts: 87
|
|
| Back to top |
|
|
Mister2
SRT Team Lead
Premium Member
Joined: Oct 28, 2004
Posts: 7273
|
| Posted: Mon May 26, 2008 7:50 pm Post subject: |
|
|
Nothing private in the other attachments - I checked.
Glad you like missing the Recycle bin out! It's handy for deleting any large files that would otherwise sit there for ever and a day.
I should have explained the cmd thingy a bit better, it's just one of those things I often use without thinking. You were right to get to the 'c:\Documents and Settings\The Owner>' bit, then type this command:
dir c:\thcqbsjq* /s /p
(or copy it and paste into the Command window) and press Enter.
The '/p' bit at the end is to stop the page scrolling up before you have time to read it - if you get the mesage 'Press any key to continue ...' at the bottom of the window then, well, press a key for the next screenful. I don't think that will happen - I would expect the next thing you see will be the 'c:\Documents and Settings\The Owner>' line again. It's just in case it finds a lot of results.
(In case you were wondering, the '/s' tells the search to dig right down into the folders and subfolders to see what's buried deep inside. That's the bit that matters).
As for entering your computer, I couldn't possibly comment. But I like the parrot in the middle of your screensaver - the one with the blue hat.
(Just kidding - I found a screenshot on the web!)
_________________
Never stop learning
|
|
| Back to top |
|
|
greyfeathers
Sergeant
Joined: Feb 07, 2008
Posts: 87
|
|
| Back to top |
|
|
Mister2
SRT Team Lead
Premium Member
Joined: Oct 28, 2004
Posts: 7273
|
| Posted: Sat May 31, 2008 8:20 am Post subject: |
|
|
| greyfeathers wrote: | | You are a little devil |
Strangely enough, you aren't the first to say that ...
I didn't think that file would be there. It may be a remnant from something else but I rather suspect that it may have been generated by another program. Perhaps you could post another HiJackThis log here?
I'm not trained to read those (I can't understand half of it anyway!) but if there's anything in there that looks suspicious then we can get the opinion of a friendly expert. Better safe than sorry!
_________________
Never stop learning
|
|
| Back to top |
|
|
greyfeathers
Sergeant
Joined: Feb 07, 2008
Posts: 87
|
| Posted: Sat May 31, 2008 12:14 pm Post subject: |
|
|
| Mister2 wrote: | | greyfeathers wrote: | | You are a little devil |
Strangely enough, you aren't the first to say that ... |
Now why doesn't that surprise me
| Mister2 wrote: |
I didn't think that file would be there. It may be a remnant from something else but I rather suspect that it may have been generated by another program. Perhaps you could post another HiJackThis log here? |
Consider it done.
| Mister2 wrote: |
I'm not trained to read those (I can't understand half of it anyway!) |
Me neither lol
Have a great day
Lorraine
| Description: |
|
Download |
| Filename: |
hijackthis 31 May 08.txt |
| Filesize: |
11.74 KB |
| Downloaded: |
58 Time(s) |
|
|
| Back to top |
|
|
Mister2
SRT Team Lead
Premium Member
Joined: Oct 28, 2004
Posts: 7273
|
| Posted: Sat May 31, 2008 1:50 pm Post subject: |
|
|
Thanks! I like the way you use the date in the filename - makes things so much easier 
I'll ask someone to pop in and check it over. I think there is an entry in there that doesn't look right, but I will defer to the experts.
_________________
Never stop learning
|
|
| Back to top |
|
|
|
|
   |
All
-> FavForums -> Trend Micro HijackThis Logs |
All times are GMT
Goto page Previous 1, 2, 3, 4, 5, 6, 7, 8, 10, 11, 12 Next
|
| Page 7 of 12 |
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
Powered by phpBB © 2001 phpBB Group
|
Forum FAQ
Search
Usergroups
Profile
Login to check your private messages
Login
