hijack this log is gargantuan

luciano991 · May 14, 2006

Hi,

i'm not asking for help with a specific problem yet as you helped me greatly in the past and i have learned a lot. But i have a Hijack this log that has literally hundreds if not thousands of 02 BHO classes, and it would take me forever to delete them one at a time. They are mostly repeated dll files in the windows and windows/system directory. i have cleaned with adaware, spybot, ewido, cwshredder, etc. Is there a way to do mass deletes in hijack this? Or would you like me to start from scratch. i know the drill.

thanks

Luciano

chaslang · May 14, 2006

Just selected all the lines and then click Fix checked (but make sure no browsers are opened). This is your easiest way. Other than that you would have to create a registry patch file which could take just as long.

luciano991 · May 15, 2006

Thanks for your reply.

I have determined that checking each box and clicking fix would be impractical. I have been cleaning this machine all weekend and I am coming to the conclusion that a reformat is in order. I have performed every function you require and recommend in your "before you post" thread. Windows Defender is the noted exception, since it could not be installed until Service Pack 2 was applied and then it couldn't be installed until the blankety-blank Genuine Validation tool was installed and I can't get IE6 or the Windows Update page to come up in the real mode.

I have returned to Safe Mode for one last look and Ewido has come up with almost 40,000 infected objects, most I think from a place in the registry where BHO objects are listed and from the browser cache. I only had 1400 infected objects yesterday.

As always thanks for your help. I think you guys are the best when it comes to spyware infections. You've taught me a lot.

Be well and have a great day. If this last Ewido scan proves helpful I'll give you a shout. Otherwise it's backup and reformat.

thanks,

Luciano

chaslang · May 15, 2006

Good luck! Just a note however! Part of truly completing the READ & RUN ME is the actual posting of the three logs that are requested in steps 6 & 7. These logs should be posted if there are still problems after running the READ ME.

luciano991 · May 16, 2006

Hi,

As usual you are absolutely correct. So, after running all that your request and since I'm still having problems i am attaching the requested log files and asking for your kind help. In the spirit of candor, I will tell you that the only thing i could not complete was the Spybot scan. It would stop at 7500 at would run bot checks forever. It would not complete after hours of trying. Thanks in advance and i look forward to reading your reply.

Luciano

chaslang · May 16, 2006

You did not follow the instructions in step 6 for creating the Bitdefender log and as a result what you have posted is only a log summary which is not useful to us. If you follow the directions in step 6, you would get an HTML file that is renamed to have a .txt extension so it can be upload. This would be the correct full log.

You also did not empty your quarantine folder for Yahoo as step 0 requests.

Also you attached a HijackThis log from safe mode. The instructions request HijackThis logs be from normal boot mode.

Based on what you have posted, you just need to delete the two below files:
C:\WINDOWS\crcz.dll
C:\WINDOWS\msbb.dll

Are you having any malware problems?

Log in or Sign up

hijack this log is gargantuan

luciano991 Private E-2

chaslang MajorGeeks Admin - Master Malware Expert Staff Member

luciano991 Private E-2

chaslang MajorGeeks Admin - Master Malware Expert Staff Member

luciano991 Private E-2

Attached Files:

hijackthis.log

bdscan.txt

Activescan.txt

chaslang MajorGeeks Admin - Master Malware Expert Staff Member