Solve : I hope I did this correct?

1.	Solve : I hope I did this correct?
Answer» Before doing this, could we try and understand what all this will be doing to the computer? Like those 3 things you say to put a checkmark by. We want to make sure this will not cause me to not be able to do certain things anymore with any of my accounts. Those are my useraccounts I use on Funtrivia. Funtrivia is a website that I make quizzes on. So, I want to make sure I wont be accidently removing any of my quizzes I've made. Yes, I did report to you what is going on. The long list of problems is STILL happening. Sorry if we are misunderstanding something here. Everyones computer is set up different so if I am asking you to do something that does not sound right then I don't mind you making sure I'm not going the wrong direction Quote # N3 - Netscape 7: user_pref(\"browser.startup.homepage\", \"http://www.funtrivia.com\"); (C:\Documents and Settings\AMYR\Application Data\Mozilla\Profiles\default\3c1q6q2g.slt\prefs.js) # N3 - Netscape 7: user_pref(\"browser.search.defaultengine\", \"engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src\"); (C:\Documents and Settings\AMYR\Application Data\Mozilla\Profiles\default\3c1q6q2g.slt\prefs.js) I have never seen an entry in a HJT log like this. You can skip that part if you are sure it is needed but you do need to be sure to fix the other entry. Quote Fix This! -> F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,,SKEYS /I Quote from: evilfantasy on May 16, 2009, 07:10:39 PM Everyones computer is set up different so if I am asking you to do something that does not sound right then I don't mind you making sure I'm not going the wrong direction I have never seen an entry in a HJT log like this. You can skip that part if you are sure it is needed but you do need to be sure to fix the other entry. Is funtrivia.com the default homepage you have set your FIREFOX browser to? That's what it looks like to me ... when i saw that funtrivia.com thing. You sure that's a good site? But in all honesty, evilfantasy's one of the masters of malware on ths board as far as I've seen I should have researched first before requesting that you fix it. You never can think you have learned all there is to know with HijackThis... It's definitely legitimate. The prefs.js made me think it was a iFrame infection. OOPS Quote HijackThis N1, N2, N3, N4 Sections These sections are for Netscape and Mozilla Browsers Start and default search pages. These entries are stored in the prefs.js files stored in different places under the C:\Documents and Settings\YourUserName\Application Data folder. Netscape 4's entries are stored in the prefs.js file in the program directory which is generally, DriveLetter:\Program Files\Netscape\Users\default\prefs.js. N1 corresponds to the Netscape 4's Startup Page and default search page. N2 corresponds to the Netscape 6's Startup Page and default search page. N3 corresponds to Netscape 7' Startup Page and default search page. N4 corresponds to Mozilla's Startup Page and default search page. Files Used: prefs.js Sorry if I'm asking too much. Also, thank you again for all the help you all are giving too. Before continuing on with things, just want to double check that I'm understanding the steps to do and do you still need the other logs 2. SUPERAntiSpyware Log The only problem I'm having with the above is I did get the SuperAntiSpyware thing to work but only thing on that one is there are 2 logs I have for that one because noticed that I missed something on the Scanning Control tab thing the options, I accidently messed up with that one and had other things checked too. So, should I POST both logs? I noticed that one of the logs it found something that I'm now wondering if that is half my problems some program called- Adware.eXactAdvertising-Installer I typed that in on my mom's computer to see if I could figure more out about what exactly it is. It mentioned something about CPU usage going up, and that is one of my problems I keep having problems with my CPU usage going up to 100% ever since switching from Earthlink Dialup to Bellsouth DSL. 3. Malwarebytes' Anti-Malware Log I can't even get the Malwarebytes program to install at all on the computer. It keeps looking for the disc when I take it out. Yes, funtrivia is what I have for my start page. I thought that we could put in anything we want? Looks like it's a good thing I haven't done anything yet either since now looking like I don't need to do anything at all with those pref.js things. I noticed you said you need to be sure though on the other one? I just asked my mom and she doesn't understand it either. Also, thought we would mention that our computers are hooked up together. So, making sure some of what is being detected is stuff from her computer? Since my computer keeps getting infected with viruses and spyware so much, is one of the things my mom is afraid of that it can harm her computer somehow? See before with dialup internet we didn't have our computers hooked together. The other thing, I'm trying to understand what all the Combofix does. One of the things I noticed it says Windows Vista, and I don't have Windows Vista. So, will it even work? I'm looking at the page to see if I understand what all it even is, and looks a little scary. Do I need to back anything up before doing this? Like save things to a disc in case it erases something important? We just get so worried about this happening especially since it has happend on so many occasions in the past with us not understanding things all the way. The very first time something happend was when a technician at Compaq had us do an FDisk and before doing it we asked if I need to back anything up? They said no. Which was wrong because it erased everything. Then when I talked to a friend in Michigan who knows alot on computers because he even builds computers said that is what an FDisk does. It reformats things. Which we didn't know that. Also, have had problems with other programs in the past like Ccleaner erasing important stuff because we didn't understand what exactly the files are. Go back to This Post and follow through with those instructions. Quote The other thing, I'm trying to understand what all the Combofix does. One of the things I noticed it says Windows Vista, and I don't have Windows Vista. So, will it even work? Read the instructions. It says "Vista users Right-Click on ComboFix.exe and select Run as administrator (you will receive a UAC prompt, please allow it) You are not a Vista user so it doesn't apply. Just follow the instructions. Everything you need to do will always be there. Quote Also, have had problems with other programs in the past like Ccleaner erasing important stuff because we didn't understand what exactly the files are. Again, just follow the instructions in This Post. That's all I need for now. sorry for all the questions too. but due to my health and disabilities is hard for me to understand and do things in life. I get confused really easily. I'm reading back over things. Could you explain to me though what exactly that thing is? F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,,SKEYS /I We did a search on the internet about it and sounds like it's a bug in the new HJT and someone says not to worry about it. Looking at the word REG sounds like it has something to do with the Registry, which we are a bit worried about doing things to the Registry since we don't understand it at all and the repairmen we have used in the past have all warned us too about not messing with the Registry. We are also wondering, why did the last repairman we had work on the computer right before Christmas not do anything about this file if it is something bad? Quote Looking at the word REG sounds like it has something to do with the Registry, which we are a bit worried about doing things to the Registry since we don't understand it at all and the repairmen we have used in the past have all warned us too about not messing with the Registry. HijackThis is a registry information and repair tool. You are going to have to trust that I know what I'm doing F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,,SKEYS /I <- This is a Serial Key Utility and it is a big security risk. I hope you're alright ... just take things slowly one step at a time and you'll be good soon. Just now get up to speed and evil's gonna help you out some more Combofix is a really nice program to have when your pc is really sick once you know what it can do for you, at least it's successfully cured my pc of issues when I last used it Sorry that we are asking so many questions but we would like to understand all these computer stuff better and all. I hope you can understand why we want to understand everything going on due to all the problems over the years and technicians we have tried in the past who have told us things to do that cause worse problems, and then if you need to know everything that has been done on the computer so that you can give the next technicians all the details of what all has been done to the computer that may have caused the problems. Also, thought you said it was ok to ask too since especially the one thing too you didn't know about the default start pages for Mozilla and Netscape. Only thing about the Serial Key thing is we do have to enter in a serial key for some of the products we use. Oh HijackThis does have to do with the registry? Wasn't sure. See, this one repairman we used right before the one we used right before Christmas blamed us for doing something wrong when we called him after he was working on the computer and caused my scanner to BREAK and ever since then have not been able to get it working again. See we were getting him to help us with some of the stuff this other site was having us do to the computer after reading the HijackThis Log. Which we actually didn't do anything they said to do though since didn't know how to do some of the things anyways. He didn't agree on alot of what they said to do. So, we didn't do it. So, anyways, he was going to charge to come back out and help get the scanner working again. First, trust Evilfantasy. He knows what he's doing. Why do you think he is a Malware Removal Specialist? He deals with HijackThis every day on dozens of computers. Second, trust me for telling you to trust him. Third, Everything you do involves the registry in some way. All HijackThis does is scan through the registry to look for potential security threats, which you can choose to eliminate. If it's any consolation, I've used HiJackThis, and I run scans every few weeks to see if anything is out of line. From where I see it, you have two choices. End this topic and keep your computer at risk of attack, or end your fussing and eliminate the security risk.Quote from: Carbon Dudeoxide on May 17, 2009, 01:17:46 AM First, trust Evilfantasy. He knows what he's doing. Why do you think he is a Malware Removal Specialist? He deals with HijackThis every day on dozens of computers. Second, trust me for telling you to trust him. Third, Everything you do involves the registry in some way. All HijackThis does is scan through the registry to look for potential security threats, which you can choose to eliminate. If it's any consolation, I've used HiJackThis, and I run scans every few weeks to see if anything is out of line. From where I see it, you have two choices. End this topic and keep your computer at risk of attack, or end your fussing and eliminate the security risk. I suggest you should follow the instructions, get the problems solved then afterwards you can go find out the reasons behind what you have done (unless you find something fishy while fixing then that's something else). At least your computer will be happier quicker which is what you want in the end anyway. Quote from: Carbon Dudeoxide on May 17, 2009, 01:17:46 AM From where I see it, you have two choices. End this topic and keep your computer at risk of attack, or end your fussing and eliminate the security risk. Agreed. I don't mind answering questions but I learned everything I know the hard way and I'm not going to start teaching a class here. There comes a point when I have to ask the user. Are you going to post the logs or not? If not then that's fine. If so then please do so. Although we volunteer our time it is work for me having to read all of these long questions and they are not helping in a resolution. Quote from: evilfantasy on May 16, 2009, 03:35:00 PM Only report to me what problems you are having at this immediate moment, things that were happening does me no good. Honestly, we could most likely have been done with this yesterday! With all due respect, it's beginning to be a waste of my time. P.S. You need to move away from using Netscape. It is no longer supported and very vulnerable to malware attack. It's a Java based browser and that is very insecure.This is Amy's mom writing. Sorry for all the questions and for misunderstanding anything here, Yes, we understand that he is a Malware Removal Specialist. But due to mistakes others have made in the past on our computers, that is why we want to make sure it is the right thing to do before doing it so that it doesn't cause any wore problems. I don't understand why you are now SAYING that you don't need to know everything that is happening with the computer. From what we learned, whenever dealing with techs, they want to know the history in case it has to do with what is going on. Plus since the stuff is still happening, isn't that important to know what all has been tried so far. Also, my computer is hooked up with Amy's, where it wasn't in the past, and my Grandson who knows way more about computers than I do, has mentioned to be careful what people tell us to do because could mess mine up. Yes, we know that Netscape isn't out there anymore, but have used it for years with no problems. Her Internet Explorer stopped working though years ago due to being attacked when downloading the AOL Instant Messanger for her class she had just signed up for and some MBKWBar Toolbar came through with the download and started causing popup ads to keep flooding and crash the computer. Which that is the first time we learned about spyware, adware, all that. We did know about viruses, but not the other. So, the repairman we used then said not to use IE anymore and never bothered to fix it. He did put Mozilla on. But now that is not on her computer anymore due to virus messing it up to where everything becomes distorted when trying to use it. So, it seems every browser out there is vulnerable. We also try and read all articles and stuff out there on computer stuff, and understand that its very complicated. Again, sorry if we have caused any problems for you. Sounds like maybe this isn't the best place for us to get help. We understand this is alot of work for you and every other computer techs out there. See everytime we have called for tech support, they always want to know what all has been done so far on computer. Isn't that helpful so that you don't waste your time doing something again that has already been tried? If we are now understanding this right, HiJackThis just has to do with security? Does it not find viruses or spyware? Sounds like maybe this isn't the best place for us to get help. your the first iv'e seen saying that on here , i think you should keep paying the REPAIRMEN because it looks like you do not trust what you are being told on here , harry 48

Answer»

Before doing this, could we try and understand what all this will be doing to the computer? Like those 3 things you say to put a checkmark by. We want to make sure this will not cause me to not be able to do certain things anymore with any of my accounts. Those are my useraccounts I use on Funtrivia. Funtrivia is a website that I make quizzes on. So, I want to make sure I wont be accidently removing any of my quizzes I've made.

Yes, I did report to you what is going on. The long list of problems is STILL happening. Sorry if we are misunderstanding something here.
Everyones computer is set up different so if I am asking you to do something that does not sound right then I don't mind you making sure I'm not going the wrong direction

Quote

# N3 - Netscape 7: user_pref(\"browser.startup.homepage\", \"http://www.funtrivia.com\"); (C:\Documents and Settings\AMYR\Application Data\Mozilla\Profiles\default\3c1q6q2g.slt\prefs.js)
# N3 - Netscape 7: user_pref(\"browser.search.defaultengine\", \"engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src\"); (C:\Documents and Settings\AMYR\Application Data\Mozilla\Profiles\default\3c1q6q2g.slt\prefs.js)

I have never seen an entry in a HJT log like this. You can skip that part if you are sure it is needed but you do need to be sure to fix the other entry.

Quote

Fix This! -> F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,,SKEYS /I

Quote from: evilfantasy on May 16, 2009, 07:10:39 PM

Everyones computer is set up different so if I am asking you to do something that does not sound right then I don't mind you making sure I'm not going the wrong direction

I have never seen an entry in a HJT log like this. You can skip that part if you are sure it is needed but you do need to be sure to fix the other entry.

Is funtrivia.com the default homepage you have set your FIREFOX browser to? That's what it looks like to me ... when i saw that funtrivia.com thing. You sure that's a good site?

But in all honesty, evilfantasy's one of the masters of malware on ths board as far as I've seen I should have researched first before requesting that you fix it. You never can think you have learned all there is to know with HijackThis...

It's definitely legitimate. The prefs.js made me think it was a iFrame infection. OOPS

Quote

HijackThis N1, N2, N3, N4 Sections

These sections are for Netscape and Mozilla Browsers Start and default search pages.

These entries are stored in the prefs.js files stored in different places under the C:\Documents and Settings\YourUserName\Application Data folder. Netscape 4's entries are stored in the prefs.js file in the program directory which is generally, DriveLetter:\Program Files\Netscape\Users\default\prefs.js.

N1 corresponds to the Netscape 4's Startup Page and default search page.

N2 corresponds to the Netscape 6's Startup Page and default search page.

N3 corresponds to Netscape 7' Startup Page and default search page.

N4 corresponds to Mozilla's Startup Page and default search page.

Files Used: prefs.js

Sorry if I'm asking too much. Also, thank you again for all the help you all are giving too.
Before continuing on with things, just want to double check that I'm understanding the steps to do and do you still need the other logs 2. SUPERAntiSpyware Log
The only problem I'm having with the above is I did get the SuperAntiSpyware thing to work but only thing on that one is there are 2 logs I have for that one because noticed that I missed something on the Scanning Control tab thing the options, I accidently messed up with that one and had other things checked too. So, should I POST both logs? I noticed that one of the logs it found something that I'm now wondering if that is half my problems some program called- Adware.eXactAdvertising-Installer
I typed that in on my mom's computer to see if I could figure more out about what exactly it is. It mentioned something about CPU usage going up, and that is one of my problems I keep having problems with my CPU usage going up to 100% ever since switching from Earthlink Dialup to Bellsouth DSL.
3. Malwarebytes' Anti-Malware Log
I can't even get the Malwarebytes program to install at all on the computer. It keeps looking for the disc when I take it out.

Yes, funtrivia is what I have for my start page. I thought that we could put in anything we want?
Looks like it's a good thing I haven't done anything yet either since now looking like I don't need to do anything at all with those pref.js things.
I noticed you said you need to be sure though on the other one? I just asked my mom and she doesn't understand it either.
Also, thought we would mention that our computers are hooked up together. So, making sure some of what is being detected is stuff from her computer? Since my computer keeps getting infected with viruses and spyware so much, is one of the things my mom is afraid of that it can harm her computer somehow? See before with dialup internet we didn't have our computers hooked together.

The other thing, I'm trying to understand what all the Combofix does. One of the things I noticed it says Windows Vista, and I don't have Windows Vista. So, will it even work? I'm looking at the page to see if I understand what all it even is, and looks a little scary. Do I need to back anything up before doing this? Like save things to a disc in case it erases something important? We just get so worried about this happening especially since it has happend on so many occasions in the past with us not understanding things all the way. The very first time something happend was when a technician at Compaq had us do an FDisk and before doing it we asked if I need to back anything up? They said no. Which was wrong because it erased everything. Then when I talked to a friend in Michigan who knows alot on computers because he even builds computers said that is what an FDisk does. It reformats things. Which we didn't know that. Also, have had problems with other programs in the past like Ccleaner erasing important stuff because we didn't understand what exactly the files are.
Go back to This Post and follow through with those instructions.

Quote

The other thing, I'm trying to understand what all the Combofix does. One of the things I noticed it says Windows Vista, and I don't have Windows Vista. So, will it even work?

Read the instructions. It says "Vista users Right-Click on ComboFix.exe and select Run as administrator (you will receive a UAC prompt, please allow it)

You are not a Vista user so it doesn't apply.

Just follow the instructions. Everything you need to do will always be there.

Quote

Also, have had problems with other programs in the past like Ccleaner erasing important stuff because we didn't understand what exactly the files are.

Again, just follow the instructions in This Post. That's all I need for now.

sorry for all the questions too. but due to my health and disabilities is hard for me to understand and do things in life. I get confused really easily.
I'm reading back over things. Could you explain to me though what exactly that thing is? F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,,SKEYS /I
We did a search on the internet about it and sounds like it's a bug in the new HJT and someone says not to worry about it. Looking at the word REG sounds like it has something to do with the Registry, which we are a bit worried about doing things to the Registry since we don't understand it at all and the repairmen we have used in the past have all warned us too about not messing with the Registry. We are also wondering, why did the last repairman we had work on the computer right before Christmas not do anything about this file if it is something bad? Quote

Looking at the word REG sounds like it has something to do with the Registry, which we are a bit worried about doing things to the Registry since we don't understand it at all and the repairmen we have used in the past have all warned us too about not messing with the Registry.

HijackThis is a registry information and repair tool. You are going to have to trust that I know what I'm doing

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,,SKEYS /I <- This is a Serial Key Utility and it is a big security risk. I hope you're alright ... just take things slowly one step at a time and you'll be good soon. Just now get up to speed and evil's gonna help you out some more

Combofix is a really nice program to have when your pc is really sick once you know what it can do for you, at least it's successfully cured my pc of issues when I last used it Sorry that we are asking so many questions but we would like to understand all these computer stuff better and all. I hope you can understand why we want to understand everything going on due to all the problems over the years and technicians we have tried in the past who have told us things to do that cause worse problems, and then if you need to know everything that has been done on the computer so that you can give the next technicians all the details of what all has been done to the computer that may have caused the problems. Also, thought you said it was ok to ask too since especially the one thing too you didn't know about the default start pages for Mozilla and Netscape.
Only thing about the Serial Key thing is we do have to enter in a serial key for some of the products we use.
Oh HijackThis does have to do with the registry? Wasn't sure. See, this one repairman we used right before the one we used right before Christmas blamed us for doing something wrong when we called him after he was working on the computer and caused my scanner to BREAK and ever since then have not been able to get it working again. See we were getting him to help us with some of the stuff this other site was having us do to the computer after reading the HijackThis Log. Which we actually didn't do anything they said to do though since didn't know how to do some of the things anyways. He didn't agree on alot of what they said to do. So, we didn't do it. So, anyways, he was going to charge to come back out and help get the scanner working again.

First, trust Evilfantasy. He knows what he's doing. Why do you think he is a Malware Removal Specialist? He deals with HijackThis every day on dozens of computers.
Second, trust me for telling you to trust him.
Third, Everything you do involves the registry in some way. All HijackThis does is scan through the registry to look for potential security threats, which you can choose to eliminate.
If it's any consolation, I've used HiJackThis, and I run scans every few weeks to see if anything is out of line.

From where I see it, you have two choices. End this topic and keep your computer at risk of attack, or end your fussing and eliminate the security risk.Quote from: Carbon Dudeoxide on May 17, 2009, 01:17:46 AM

First, trust Evilfantasy. He knows what he's doing. Why do you think he is a Malware Removal Specialist? He deals with HijackThis every day on dozens of computers.
Second, trust me for telling you to trust him.
Third, Everything you do involves the registry in some way. All HijackThis does is scan through the registry to look for potential security threats, which you can choose to eliminate.
If it's any consolation, I've used HiJackThis, and I run scans every few weeks to see if anything is out of line.

From where I see it, you have two choices. End this topic and keep your computer at risk of attack, or end your fussing and eliminate the security risk.

I suggest you should follow the instructions, get the problems solved then afterwards you can go find out the reasons behind what you have done (unless you find something fishy while fixing then that's something else). At least your computer will be happier quicker which is what you want in the end anyway.

Quote from: Carbon Dudeoxide on May 17, 2009, 01:17:46 AM

From where I see it, you have two choices. End this topic and keep your computer at risk of attack, or end your fussing and eliminate the security risk.

Agreed. I don't mind answering questions but I learned everything I know the hard way and I'm not going to start teaching a class here. There comes a point when I have to ask the user.

Are you going to post the logs or not? If not then that's fine. If so then please do so.

Although we volunteer our time it is work for me having to read all of these long questions and they are not helping in a resolution.

Quote from: evilfantasy on May 16, 2009, 03:35:00 PM

Only report to me what problems you are having at this immediate moment, things that were happening does me no good.

Honestly, we could most likely have been done with this yesterday!

With all due respect, it's beginning to be a waste of my time.

P.S. You need to move away from using Netscape. It is no longer supported and very vulnerable to malware attack. It's a Java based browser and that is very insecure.This is Amy's mom writing. Sorry for all the questions and for misunderstanding anything here, Yes, we understand that he is a Malware Removal Specialist. But due to mistakes others have made in the past on our computers, that is why we want to make sure it is the right thing to do before doing it so that it doesn't cause any wore problems.
I don't understand why you are now SAYING that you don't need to know everything that is happening with the computer. From what we learned, whenever dealing with techs, they want to know the history in case it has to do with what is going on.
Plus since the stuff is still happening, isn't that important to know what all has been tried so far.
Also, my computer is hooked up with Amy's, where it wasn't in the past, and my Grandson who knows way more about computers than I do, has mentioned to be careful what people tell us to do because could mess mine up.

Yes, we know that Netscape isn't out there anymore, but have used it for years with no problems. Her Internet Explorer stopped working though years ago due to being attacked when downloading the AOL Instant Messanger for her class she had just signed up for and some MBKWBar Toolbar came through with the download and started causing popup ads to keep flooding and crash the computer. Which that is the first time we learned about spyware, adware, all that. We did know about viruses, but not the other. So, the repairman we used then said not to use IE anymore and never bothered to fix it. He did put Mozilla on. But now that is not on her computer anymore due to virus messing it up to where everything becomes distorted when trying to use it. So, it seems every browser out there is vulnerable. We also try and read all articles and stuff out there on computer stuff, and understand that its very complicated.
Again, sorry if we have caused any problems for you. Sounds like maybe this isn't the best place for us to get help. We understand this is alot of work for you and every other computer techs out there. See everytime we have called for tech support, they always want to know what all has been done so far on computer. Isn't that helpful so that you don't waste your time doing something again that has already been tried?
If we are now understanding this right, HiJackThis just has to do with security? Does it not find viruses or spyware?
Sounds like maybe this isn't the best place for us to get help.

your the first iv'e seen saying that on here , i think you should keep paying the

REPAIRMEN because it looks like you do not trust what you are

being told on here , harry 48

Solve : I hope I did this correct?

Discussion

No Comment Found

Related InterviewSolutions

Reply to Comment