July '05 Update: while this topic contains very good tips and instructions, and has aided countless folks in resolving yuckware issues, the evolution of the yuckware problem has brought about a major revision to the removal and prevention process. Go ahead and look it over, for a general idea of what is involved, but please see THIS TOPIC for the current method.
Although timberlandko had taken the time to create the following
Post and lay out the necessary steps for cleaning a HJT log, Monger as well see this
Post
Many seem to skip the necessary steps in the basics of cleaning thier log with the necessary tools and removing most of the crap that would be removed by the suggested and recommend programs,
I modified an outline slightly from timberlandko and Monger, Use which ever you choose, But please follow the steps prior to posting your HJT log, It will save you and us time if you follow the basics.
Thanks, so here we go
FIRST,
FULLY UPDATE WINDOWS before doing anything else.
Dowload the following program
CWShredder
It should be the current version, but check for updates
Run Program cwshredder and have it fix anything it finds.
Make sure you click the "Fix" button
Next
Download
Ad-Aware SE
Use the: "Check for Updates Now" option and download the latest reference files
Use the Start button, and on the next window, select: Perform Full System Scan
Press Next, and let Ad-aware scan the hard drive
When finished, right-click the window with the entries, choose: Select All from the menu, and click Next
Once AdAware has removed the entries, close the program
Restart the computer
Next
Dowload the latest version of
Spybot 1.3. Please check it for updates, Run the program and have it fix anything it finds in Red.
Restart your computer,
Next
Update your Anti Virus,
Next
Reboot to safe mode ( By tapping the F8 key on Start up)
Delete the entire contents of the below Temp folders, but not the TEMP folder itself.
Remove all the files and sub-folders from the below TEMP Folders:
C:\Documents and Settings\ \Local Settings\Temp
C:\temp
C:\windows\temp
The TIF ( Temporary Internet Files) can also be emptied via:
Internet Explorer--Tools--Internet Options--General tab--"Delete Files",
Also tick the "delete all offline content" box .
Next
Run a full system scan with your Anti Virus,
Run a scan with Ad-aware, Have it fix anything it finds,
Run a scan with Spybot, Again have it fix anything it finds
Next
Restart your computer,
Next
Go Here
BitDefender Scan Online
Run a scan with BitDefender , Be sure and Check Auto Clean. Make a note of anything it can't remove
Next
Go here
Trend Micro - Free online virus Scan
Be sure and check Auto Clean before you do the scan. If it finds anything that it cannot clean have it delete it or make a note of the file location so you can delete it yourself.
Next
Please go
Here and unzip the newest version of HJT into a new dedicated folder,
Create a folder on the C: drive called C:\HJT.
You can do this by going to My Computer (Windows key+e) then double click on C: then right click and select New then Folder and name it hjt.
Unzip HijackThis into this folder. Launch Hijack This, then press Scan, and press Save Log
This will generate a text file that will list all running processes, all applications that are loaded automatically when you start Windows, and more.
Most things are harmless and needed so don't make any changes.
Post a log in a new thread started by you please.
Your likely to get help quicker if you start your own thread, Posting a HJT log in someone elses thread gets to confusing and there is a good chance it will get overlooked.
Note
Please do not post your log to someone else's existing thread. Begin a new topic with your own log.
Stumble It!
Tweet This
Bookmark on Delicious
Share on Facebook
Share on MySpace