TechSpot

8-step program. What's next?

By yeilat
Feb 21, 2009
Topic Status:
Not open for further replies.
  1. Hi

    I've went through the 8 step program.
    every thing is running smoothly though instead of the desktop wallpaper i see bleu background. the logs are attached. what should i do next?
  2. mflynn

    mflynn Newcomer, in training Posts: 2,793

    Run HJT Scan only and Fix the below
    O2 - BHO: (no name) - {54B02808-B60E-44CD-A72D-9865117E4E62} - (no file)

    Uninstall the useless Spynomore.

    Another run indicated!
    OK there were found/removed items in both MBAM and SAS so we need to run again as the first run likely exposed things that were not even seen the first time.

    So another run Quick Scan with both will likely find more. So UPDATE both and run again.

    Mike
  3. yeilat

    yeilat Newcomer, in training Topic Starter

    thanks

    Hi Mike thanks for the help.

    I ran the MBAM and SAS few times and they seem to find stuff.
    I've attached the MBAM and SAS and hijackthis logs again.

    thanks again

    yishai.
  4. mflynn

    mflynn Newcomer, in training Posts: 2,793

    OK now do the below...

    Download SDFix to Desktop.

    http://downloads.andymanchesta.com/RemovalTools/SDFix.exe

    On Desktop run SDdFix It will run (install) then close.

    Then reboot into Safe Mode

    As the computer starts up, tap the F8 key several times.

    On the Boot menu Choose Safe Mode.

    Click thu all the prompts to get to desktop.

    At Desktop
    My Computer C: drive. Double-click to open.

    Look for a folder called SD Fix. Double-click to enter SD Fix.

    Double-click to RunThis.bat. Type Y to begin.

    SD Fix does its job.

    When prompted hit the enter key to restart the computer

    Your computer will reboot.

    On normal restart the Fixtool will run again and complete the removal process then say Finished,
    Hit the Enter key to end the script and load your desktop icons.

    Once the desktop is up, the SDFix report will open on screen and also be saved to the SDFix folder as Report.txt.
    Attach the Report.txt file to your next post.
    =========================================
    Download ComboFix

    NOTE: If you have had ComboFix more than a few days old delete and re-download.

    Get it here: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
    Or here: http://subs.geekstogo.com/ComboFix.exe

    Double click combofix.exe follow the prompts.

    Install Recovery Console if connected to the Internet!

    When finished, it will open a log.
    Attach the log and a new HJT log in your next reply.

    Note: Do not click combofix's window while its running. That may cause it to stall.

    Mike
  5. yeilat

    yeilat Newcomer, in training Topic Starter

    Hi mike
    for some reason McAfee recognizes SDFix.exe as a trojan called Generic.dx hence it blocks it and removes it.

    thanks.
  6. kimsland

    kimsland Ex-TechSpotter Posts: 18,353

    Here's my recommendation on that issue:

    Uninstall your McAfee Antivirus
    Then run the McAfee Removal Tool

    Install (the much better) Avira free AntiVirus
  7. mflynn

    mflynn Newcomer, in training Posts: 2,793

    Roger that!

    So skip SDFix and continue with ComboFix.

    Mike
  8. yeilat

    yeilat Newcomer, in training Topic Starter

    Hi mike,
    I've disabled the mcafee and run combofix. i got the folowing warning:
    "you cannot rename combifix as combofix[1] please use another name ..."

    thanks
  9. mflynn

    mflynn Newcomer, in training Posts: 2,793

    That is not good!

    Rename ComboFix.exe to 12cbo34.exe and run that!

    Mike
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.