Step #5--"Cleaning Malware" question

Hello,

I am following the steps required before posting my HJT log but have a question about step #5 "Cleaning Malware".

What does this mean--- "Physically unplug your cable to the internet (even if you have dial-up, unplug modem)". What is a modem cable and where do I find it so I can unplug it?? I use dial-up and WindowsXP.

Thank you!

 

My HJT log---still have stuff on my computer!!

Hello,

I'm hoping someone can help me. I have run multiple scans multiple times and STILL have stuff on my computer. I've been at this for about a week or more.

I have followed your instructions at "READ & RUN ME FIRST Before Asking for Support" and even run the additional scans listed at "Alternative Scans" but cannot get rid of everything.

Most of the scans are not finding anything, but Pandasoftware still does.

Here is my HJT log, and then I will post my panda results after that......all as attachments.

I know that the HP files are from my new HP printer/scanner/copier that I recently got but I'm not sure if they should be deleted or not. I had put them in my Recycle bin but then moved them to their own folder until I know for sure whether my printer will work properly without them.


Thanks to anyone who can help me!!
gettinggrayhair

 

Hello,

Thanks so much for your help. I thought I posted a reply but it doesn't look like it is showing up, so here is my reply again.

1. I only use AVG free. I have never used Symantec. I guess it just came with my computer. I left it alone because I've always heard that removing it when it comes with the computer can cause problems because it doesn't totally remove itself from the computer. Is that true or should I delete it and there won't be any problems from doing so?

2. I don't know how to put those 3 HP files back where they came from. Since i moved them out of the trash bin into their own folder all it does now is move them back and forth between the recycle bin and that folder when I use the restore feature. I don't know the original path.

3. None of those 3 things you listed were found in my Add/Remove program.

4. I ran Windows Explorer and deleted the 3 files/folders, but I am having trouble getting rid of the flash.inf. Whenever I hit the enter key to enter the next command line, it repeats this "C:\WINDOWS\Downloaded Program Files\" before I can enter the next command and the backspace key doesn't let me delete it. Here is what it looks like and I can't change it:

cd C:\WINDOWS\Downloaded Program Files\
C:\WINDOWS\Downloaded Program Files\attrib -r -h -s flash.inf
C:\WINDOWS\Downloaded Program Files\del flash.inf
C:\WINDOWS\Downloaded Program Files\exit

5. I didn't proceed to the fixme.reg directions yet. I wanted to ask you about the above problem first.


Thanks again.

 

I apologize if I am making you angry, I don't intend to. I'm an old lady trying to get help.

1. As far as the Symantec, I have had several computers over the years and some had a free trial of Symantec on them when I got them. It's possible this one did too. But I don't remember ever trying to remove it. I do remember trying to find a way to disable it so that it wouldn't run so I could use the AVG, but that didn't involve removing any files. Other friends have worked on my computer in the past for me when I had other troubles.

Can I uninstall it just by using the Add/Remove program, or wouldn't that do it?

I went to the site you told me to and since my version says 2003 I can't use the SymNRT. I don't know how to tell whether or not I ever "installed the 2004 or 2005 version of that program" as it asks under "Remove programs that cannot be removed with SymNRT".
Is there some way I can tell?

Also, at this link that I had to go to from the one you sent me to, (http://service1.symantec.com/SUPPOR...ew=docid&dtype=&prod=&ver=&osv=&osv_lvl=&seg=) , it says,

"In the System Configuration Utility window, on the Startup tab, verify that the following file is checked:

ccApp

If ccApp is unchecked, then check it.
In some cases, you will not see ccApp listed in the System Configuration Utility window at all. In this case, simply go on to the next step.

In the System Configuration Utility window, on the Services tab, verify that all of the following services are present and checked:

Symantec Event Manager
Symantec Network Proxy
Symantec Password Validation
Symantec Settings Manager
ISSVC
Norton AntiVirus Auto-Protect Service
Symantec Network Drivers Service
Symantec Core LC


Click Apply, and then click OK.
Click Yes to restart the computer"

But all these things are not present in my list and this page does not say what to do if they are not all there. I tried checking the "ccApp" and the ones that were listed, but when my computer restarted I got an error message about the configuration untility being changed and I had to go back and undo those checks.

Can you tell me what to do if all those are not present?


2. I moved those HP files after searching the internet for information about them, before getting help here. Some other help forums had told people to remove them because they were actually an open door into their computers. I wasn't sure so I just moved to the recycle bin rather than delete them. Then when I had to run scans that would empty my recycle bin, I didn't want to lose those files so I put them into a separate folder. Sorry.

3. As far as the command line prompt.....I have no idea what that is, or where it is, or how to find it. I simply followed your instructions (with no idea of 'what' I was doing). I know nothing about any settings involved nor how to change anything, other than what you told me to do. I don't understand about the '>' and '\".

4. I will go and do the fixme.reg directions and come back later.


I do appreciate your help very much.