A file will be made called txtprtcl.txt that can be found in the root (c:\txtprtcl.txt).
If this file isn’t created, it should suffice to fix the above items with HijackThis.
Upload the logfile created in your next reply by clicking Manage Attachments below the Post Reply box. Click Browse and locate the file and then click Upload.
Once again thanks.
Hopefully I am getting somewhere?. Again I have done as requested but I am not sure whether I have correctly followed your procedure for the manage attatchments section so I have copied and pasted the log below just in case (sorry still learning)
Logfile of HijackThis v1.98.2
Scan saved at 10:16:42, on 21/09/2004
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v5.50 (5.50.4134.0100)
PS for info when I run AGV It still detects that I have 8 files infected with the Trojan virus which it is unable to place in the vault. All 8 are located in
c:\_RESTORE\TEMP\A0002857.CPY
I'm sure I replyed to this post, I can remember writing the reply...
Anyway, your system has saved a copy of the virus in System Restore and your antivirus program is unable to access System Restore. Follow the instructions for Windows Me here and disable then Reenable System Restore to flush the contents and get rid of the Trojan.
You haven't attached the file correctly.
Follow these instructions to upload the log:
1. Come back to this thread and click the button
2. Beneath the Reply box is button that says Manage Attachments. Press Manage Attachments
3. A popup windows will appear. Click the browse button and locate the file. Click it and then click Ok. The Browse... window will then close.
4. Below the Browse button, click Upload. The log will upload and the name of the file will appear above the Upload button.
5. Close the popup window and type your reply and post it.
The latest advice seems to have got rid of the Trojan and the previous advice seems have my browser working fine. Lets hope once you've checked my latest Hijack This Log my PC might be given a clean bill of health.
Heres hoping.
PS I hope I have attached the file correctly. I did the same last time but it did not attach as the file (hijackthis.log) was not recognised. I have therfore saved it as a .doc file in word, please tell me I've got something right.
To anybody reading this thread, do not try to use hijacktools.zip on your computer, the fix is specific to ant33's computer
Hello ant33,
Could you please download the file I have attached called hijacktools.zip. Then close all running programs. You may want to print these instructions.
Unzip the file and copy all three files (cwstemp.bat, cwsuni.exe and cwsreg.reg) into your C:\Windows folder.
Then go to Start> Run and type cmd
When the windows appears type the following:
Type cd.. Press Enter
Type cd.. again. Press Enter
Type cd windows. Press Enter
Type cwstemp.bat. Press Enter and allow the file to run.
Type explorer.exe
When you are done, close all browser windows, restart Hijack This and put a checkmark next to the following entries:
Once again I have done exactly as requested but things never seem to be as straight forward as the e-mail sounds (maybe its just me).
Downloaded the file, closed all running programs, copied 3 files to c:\Windows
went to Start> Run typed cmd got this reply
Windows cannot find 'cmd'. You may have typed the name incorrectly in the Run Dialog or another programme cannot find a system file. To search for a file, click the Start button and click Search.
I did a search for cmd and ended up with list too long to type. So Im sorry its back to you for more help (sorry).
ant33 (just when I thought things were starting to look good)
D-A-L Team Member (UK)
button
(just when I thought things were starting to look good)
