[loophole]

and have you actually used killbox on those files

[Advertisements]

Did you copy and paste the filepaths directly into killbox from my diirections?

[loophole]

Did you copy and paste the filepaths directly into killbox from my diirections?

[JHAT76]

And I added them to the drop down box accidently but have not restarted the puter cause I was scared to lose them

[JHAT76]

I copied, but when I hit paste from clipboard it added 60 files, which included these. Like an idiot I didn't pay attention and hit the x button. Realized what I did and did not restart

[loophole]

Ok let me thin of a way out of this

[Atribune]

Hi Guys,

Loophole hope you dont mind me asking a few questions.

Have you rebooted the computer yet since pasting the file in?

If not You can click on Remove Items in the top bar then click on clear list.

If you have rebooted then you will need to put your files back where they were manually.

Can you start by clicking file then history log and pasting any info from the notepad windows that comes up.

[JHAT76]

Have not rebooted, but did go through all steps up to that. Somehow I deleted the notepad file. BUT it basically listed all the files that are in the Submit folder. If I reboot will I lose all these files? Hoiw can I put them back manually?

[Atribune]

Dont Reboot!


Open killbox again
Click tools then go to session manager. This will open regedit. Double click on PendingFileRenameOperations.

This will open another window Highlight and remove all text from this window. Click ok and close out of regedit.

Check to make sure your files are still where they belong.

[JHAT76]

I must be an expert Botcher, I have 4 experts reading this

[JHAT76]

Remove all files as in delete the files correct?

[Atribune]

dont delete any files
!!!!!!!

[JHAT76]

This is the text in the box

\??\C:\Documents and Settings\Kerri\Local Settings\Temporary Internet Files\Content.IE5\index.dat

\??\C:\Documents and Settings\Kerri\Local Settings\Temporary Internet Files\Content.IE5\index.dat

\??\C:\Documents and Settings\Kerri\Local Settings\History\History.IE5\INDEX.DAT

\??\C:\Documents and Settings\Kerri\Local Settings\History\History.IE5\INDEX.DAT

\??\C:\Documents and Settings\Kerri\Cookies\INDEX.DAT

\??\C:\DOCUME~1\Kerri\LOCALS~1\Temp\JET8EB.tmp

\??\C:\DOCUME~1\Kerri\LOCALS~1\Temp\Perflib_Perfdata_4f0.dat

\??\C:\DOCUME~1\Kerri\LOCALS~1\Temp\JET8EB.tmp

\??\C:\DOCUME~1\Kerri\LOCALS~1\Temp\Perflib_Perfdata_4f0.dat

\??\C:\Documents and Settings\LocalService\Cookies\INDEX.DAT

\??\C:\Documents and Settings\LocalService\locals~1\tempor~1\Content.IE5\INDEX.DAT

\??\C:\Documents and Settings\LocalService\Cookies\INDEX.DAT

\??\C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\INDEX.DAT

\??\C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\INDEX.DAT

\??\C:\Documents and Settings\Kerri\Cookies\INDEX.DAT

\??\C:\Documents and Settings\Kerri\locals~1\tempor~1\Content.IE5\index.dat

\??\C:\Documents and Settings\Kerri\Cookies\INDEX.DAT

\??\C:\Documents and Settings\Kerri\Local Settings\History\History.IE5\INDEX.DAT

\??\C:\Documents and Settings\Kerri\Local Settings\Temp\JET8EB.tmp

\??\C:\Documents and Settings\Kerri\Local Settings\Temp\Perflib_Perfdata_4f0.dat

\??\C:\Documents and Settings\Kerri\Local Settings\Temporary Internet Files\Content.IE5\index.dat

\??\C:\Documents and Settings\Kerri\Cookies\INDEX.DAT

\??\C:\Documents and Settings\Kerri\Local Settings\History\History.IE5\INDEX.DAT

\??\C:\Documents and Settings\Kerri\Local Settings\Temp\JET8EB.tmp

\??\C:\Documents and Settings\Kerri\Local Settings\Temporary Internet Files\Content.IE5\index.dat

\??\C:\Documents and Settings\LocalService\Cookies\INDEX.DAT

\??\C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\INDEX.DAT

\??\C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\INDEX.DAT

\??\C:\PROGRA~1\COMMON~1\updmgr

\??\C:\WINDOWS\smdat32a.sys

\??\C:\WINDOWS\System32\smss.exe

\??\C:\WINDOWS\system32\winlogon.exe

\??\C:\WINDOWS\system32\services.exe

\??\C:\WINDOWS\system32\lsass.exe

\??\C:\WINDOWS\system32\svchost.exe

\??\C:\WINDOWS\system32\spoolsv.exe

\??\C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe

\??\C:\WINDOWS\system32\drivers\KodakCCS.exe

\??\c:\PROGRA~1\mcafee.com\agent\mcdetect.exe

\??\c:\PROGRA~1\mcafee.com\vso\mcshield.exe

\??\c:\PROGRA~1\mcafee.com\agent\mctskshd.exe

\??\C:\PROGRA~1\COMMON~1\MICROS~1\VS7DEBUG\MDM.EXE

\??\C:\PROGRA~1\McAfee.com\PERSON~1\MPFSER~1.EXE

\??\C:\WINDOWS\System32\SCSIAC~1.EXE

\??\C:\WINDOWS\wanmpsvc.exe

\??\C:\WINDOWS\Explorer.EXE

\??\C:\WINDOWS\system32\hkcmd.exe

\??\C:\WINDOWS\system32\dla\tfswctrl.exe

\??\C:\WINDOWS\System32\DSentry.exe

\??\C:\PROGRA~1\Dell\MEDIAE~1\PCMSER~1.EXE

\??\C:\PROGRA~1\COMMON~1\Real\UPDATE~1\REALSC~1.EXE

\??\C:\PROGRA~1\MUSICM~1\MUSICM~2\mmtask.exe

\??\C:\PROGRA~1\mcafee.com\agent\mcagent.exe

\??\C:\PROGRA~1\COMMON~1\Dell\EUSW\Support.exe

\??\C:\PROGRA~1\McAfee.com\VSO\mcvsshld.exe

\??\C:\PROGRA~1\Dell\Support\Alert\bin\NOTIFY~1.EXE

\??\c:\progra~1\mcafee.com\vso\mcvsescn.exe

\??\C:\PROGRA~1\support.com\bin\tgcmd.exe

\??\C:\PROGRA~1\QUICKT~1\qttask.exe

\??\C:\PROGRA~1\VIEWPO~1\VIEWPO~3\ViewMgr.exe

\??\C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe

\??\C:\PROGRA~1\NOVADE~1\GREETI~1\REMIND~1.EXE

\??\C:\PROGRA~1\McAfee.com\VSO\oasclnt.exe

\??\C:\PROGRA~1\MESSEN~1\msmsgs.exe

\??\C:\WINDOWS\system32\ctfmon.exe

\??\C:\PROGRA~1\COMMON~1\DataViz\DVZINC~1.EXE

\??\C:\PROGRA~1\DIGITA~1\DLG.exe

\??\C:\PROGRA~1\palmOne\HOTSYNC.EXE

\??\C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe

\??\c:\progra~1\mcafee.com\vso\mcvsftsn.exe

\??\C:\PROGRA~1\INTERN~1\iexplore.exe

\??\C:\WINDOWS\system32\NOTEPAD.EXE

\??\C:\DOCUME~1\Kerri\LOCALS~1\Temp\TEMPOR~1.ZIP\HIJACK~1.EXE

\??\C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\ActiveX\ACROIE~1.DLL

\??\C:\WINDOWS\system32\dla\tfswshx.dll

\??\C:\PROGRA~1\VIEWPO~1\VIEWPO~4\VIEWBA~1.DLL

\??\c:\progra~1\mcafee.com\vso\mcvsshl.dll

\??\C:\PROGRA~1\VIEWPO~1\VIEWPO~4\ViewBar.dll

\??\C:\PROGRA~1\Canon\EASY-W~1\Toolband.dll

\??\C:\WINDOWS\system32\igfxtray.exe

\??\C:\PROGRA~1\COMMON~1\Sonic\UPDATE~1\sgtray.exe

\??\C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe

\??\C:\PROGRA~1\mcafee.com\agent\mcupdate.exe

\??\C:\PROGRA~1\AIM\aim.exe

\??\C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE

\??\C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL

\??\C:\WINDOWS\System32\Shdocvw.dll

\??\C:\PROGRA~1\AWS\WEATHE~1\Weather.exe

\??\C:\WINDOWS\SYSTEM32\igfxsrvc.dll

\??\C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe

[Atribune]

Delete the list of files in the pendingfilerenameoperation box that opens with my last instruction. This will stop the files from being deleted on reboot

[JHAT76]

OK I removed all the above text from the Pending FileRenameOperation

[Atribune]

Ahhh I know what you did. You pasted your whole hijackthis log into the paste from clipboard.

Ok check to make sure your files are intact in the correct folders