Options
Question before posting HJT log - mark123
Hi there. This is my first post and I wanted to say how grateful I am to those of you who are putting in your personal time to help the helpless. You are all very generous to be doing this.
Before I post a HJT log I wanted to ask a few questions.
1) My two kids and myself each sign onto our own desktop using XP. When I ran Omegakiller it took care of the “big blue toolbar” problem for me, but over the next couple of days my son still found it when he brought up an IE browser after signing onto his desktop. Does this mean I should run the program on each desktop? Is this a ridiculous question and I just didn’t get rid of the problem initially?
2) If I run Ad-aware and then Spybot right afterward, should I reboot between them, and then reboot before creating a HJT log?
3) How long should I keep back-up/quarantine files created by Ad-aware and Spybot before I can safely delete them?
Thanks for the help.
Before I post a HJT log I wanted to ask a few questions.
1) My two kids and myself each sign onto our own desktop using XP. When I ran Omegakiller it took care of the “big blue toolbar” problem for me, but over the next couple of days my son still found it when he brought up an IE browser after signing onto his desktop. Does this mean I should run the program on each desktop? Is this a ridiculous question and I just didn’t get rid of the problem initially?
2) If I run Ad-aware and then Spybot right afterward, should I reboot between them, and then reboot before creating a HJT log?
3) How long should I keep back-up/quarantine files created by Ad-aware and Spybot before I can safely delete them?
Thanks for the help.
0
Comments
I would reboot inbetween removal runs. It can't hurt. I would also reboot before creating a log.
I delete the quarantines right away. I've never found a use for them.
I will definitely run Omegakiller on all the ID's and see what happens. I had not even considered running Ad-aware and Spybot on all the ID's but I'll likely do that too.
Thanks again for the help.
Or perhaps your son is re-infecting the computer with his browsing habits
When I beta test the Omegakiller app, I checked all 4 user accounts on our XP computer, and the app removed the offending items for all users. One of the things Omegakiller does is to quarantine the files it finds, so they cannot be run again.
I would be interested to have you run Omegakiller right now, then log into your profile to see if it is gone. Then, log out of your profile and log immediately into your son's profile to see if the toolbar comes up on his.
Acually, the next time you see the toolbar, run Hijack This, save a log with the date in the file name, but make no fixes with HJT. Then run Omegakiller afterwards. Then, if you see the toolbar again a few days later, run a new HJT scan, save the log with the current date again in the file name. Then compare the 2 to see if the infectant / reloader files are the same, or are different.
Dexter...
I completely agree with that idea, but I thought it would be strange to be re-infected with the same spyware the very next time he used the computer. But I don't rule it out.
I just ran Omegakiller, then checked both profiles. The only difference is that when bringing up a browser on my son's profile it wanted to go to Prosearch.com but eventually said it could not connect (not exact wording). There was no toolbar on either.
I will follow the rest of your instructions the next time we see the toolbar. Thank you, Dexter for your help with this.
Did you use the HOSTS block option? That would be why it would not connect then. Prosearching has been added to the blocked hosts list by Omegakiller. Likely that your son just needs to change his home page presets then.
Let us know if it comes back.
Dexter...