Please check my Hijackthis log
- Thread starter Martini
- Start date
- Status
touch
Posts: 976 +0
Hello Martini
Run a scan with HijackThis. Check the following and hit 'Fix checked'
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O20 - AppInit_DLLs:
Reboot to safe mode ->
Restart your computer.
When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a Windows Xp Advanced Options menu.
Select the option for Safe Mode using the arrow keys.
Then press enter on your keyboard to boot into Safe Mode.
.
Find and delete this folder:
C:\Program Files\Search Settings
Reboot normally. Attach fresh hijackthis log, and tell where TR/Crypt.XPACK.Gen are found - Filename and location ? Also tell how your computer are running.
Run a scan with HijackThis. Check the following and hit 'Fix checked'
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O20 - AppInit_DLLs:
Reboot to safe mode ->
Restart your computer.
When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a Windows Xp Advanced Options menu.
Select the option for Safe Mode using the arrow keys.
Then press enter on your keyboard to boot into Safe Mode.
.
Find and delete this folder:
C:\Program Files\Search Settings
Reboot normally. Attach fresh hijackthis log, and tell where TR/Crypt.XPACK.Gen are found - Filename and location ? Also tell how your computer are running.
Did all of the above.
I attached the log from the Avira scan I did before I started this thread.
It seems to be running fine both before and after I made the above changes.
Thank you so much!
touch
Posts: 976 +0
Sounds good 
Click Start, point to Programs, point to Accessories, point to System Tools, and then click Disk Cleanup.
Click the drive you want to scan, and wait while the program calculates how much disk space is available for cleanup.
To delete obsolete files, click the Disk Cleanup tab, select the check boxes of the files that you want to remove, click OK, and then click Yes.
I suggest you read Tony Klein´s article :
So how did I get infected in the first place ->
http://www.spywareinfoforum.com/index.php?showtopic=60955
If you have any comments or questions, feel free to post back
Click Start, point to Programs, point to Accessories, point to System Tools, and then click Disk Cleanup.
Click the drive you want to scan, and wait while the program calculates how much disk space is available for cleanup.
To delete obsolete files, click the Disk Cleanup tab, select the check boxes of the files that you want to remove, click OK, and then click Yes.
I suggest you read Tony Klein´s article :
So how did I get infected in the first place ->
http://www.spywareinfoforum.com/index.php?showtopic=60955
If you have any comments or questions, feel free to post back
- Status
Similar threads
