Please, look at my files

By jaga_k
Mar 23, 2008
Topic Status:
Not open for further replies.
  1. kritius

    kritius TechSpot Guru Posts: 2,087

    Dang, it must not work for 64bit. Ill have to see if someone else can have a look at this, ill get back to later.

    Sorry
  2. jaga_k

    jaga_k Newcomer, in training Topic Starter Posts: 43

    Thanks for trying anyaway, really appreciate it. And I know, 64 is a pain, but I had to get it to have more than 2GB RAM...

    Hope to hear from you soon...
  3. jaga_k

    jaga_k Newcomer, in training Topic Starter Posts: 43

    Any ideas on how to fix this yet?

    I'm a bit afraid to do anything on the computer and I need it for work. How bad is it anyway?
  4. kritius

    kritius TechSpot Guru Posts: 2,087

    Ive pm'd someone to see what they think, but I dont know when theyre going to be back on.

    To me it doesnt look too bad, but ive not had much experience with 64 bit machines so i dont really know, I dont like all those Host file Redirection's though.

    I cant do much else at the minute.
  5. jaga_k

    jaga_k Newcomer, in training Topic Starter Posts: 43

    thanks, ill wait then, hopefully something will come up.
  6. Blind Dragon

    Blind Dragon TechSpot Evangelist Posts: 4,048

    @jaga_k -> On the blue bar above please select Edit Profile -> Then scroll down to the bottom of the page, in the left column select Attachments, Remove anything there. From here on in this thread you should be able to attach.

    These logs are a pain to read, due to so many missing files. My thoughts are this.

    1) Is hijackthis working correctly with your Operating System.
    2) If hijackthis is working correctly then your registry is a mess.

    Crap Cleaner
    • Download from HERE
    • Close all browsers.
    • Run the programme and make sure all the boxes are ticked under the Windows and Applications tabs, Also check All Advanced tabs(except for the Old prefetch Data option, this should be unticked)
    • Click the run cleaner button. Do this several times
    • Click on the registry Icon on the left pane.
    • Scan and Fix on the right side
    • After you fix run scan again (at least 3 times)

    Afterwards attach:
    1) A Hijackthis log
    2) The uninstall list kritius asked for
  7. jaga_k

    jaga_k Newcomer, in training Topic Starter Posts: 43

    I've done everything you asked for, here are the logs (attaching)
  8. jaga_k

    jaga_k Newcomer, in training Topic Starter Posts: 43

    P.S. The dss log. Just in case...

    Thanks for your help.
  9. Blind Dragon

    Blind Dragon TechSpot Evangelist Posts: 4,048

    :Run Kaspersky Online AV Scanner:

    Order to use it you have to use Internet Explorer.
    Go to Kaspersky and click the Accept button at the end of the page.

    Note for Internet Explorer 7 users: If at any time you have trouble with the accept button of the licence, click on the Zoom tool located at the right bottom of the IE window and set the zoom to 75 %. Once the license accepted, reset to 100%.
    • Read the Requirements and limitations before you click Accept.
    • Allow the ActiveX download if necessary.
    • Once the database has downloaded, click Next.
    • Click Scan Settings and change the "Scan using the following antivirus database" from standard to extended and then click OK.
    • Click on "My Computer"
    • When the scan has completed, click Save Report As...
    • Enter a name for the file in the Filename: text box and then click the down arrow to the right of Save as type: and select text file (*.txt)
    • Click Save - by default the file will be saved to your Desktop, but you can change this if you wish.
    Attach the report into your next reply
  10. jaga_k

    jaga_k Newcomer, in training Topic Starter Posts: 43

    I run Kaspersky, but I can't save the log. When I'm trying to save it on the desktop it says that due to the security reasons the file was saved to the Temporary Internet Files (and the folder opens). The file is nowhere to be found, though. Tried to search for it, but nothing comes up. It's probably Vista having a problem again. I'm trying again, as an administrator...

    Kaspersky found quite a few things, though. What should I do if I still can't save the log?
  11. Blind Dragon

    Blind Dragon TechSpot Evangelist Posts: 4,048

    copy and paste it here
  12. jaga_k

    jaga_k Newcomer, in training Topic Starter Posts: 43

    Here it is, managed to save it when run it as an administrator...
  13. Blind Dragon

    Blind Dragon TechSpot Evangelist Posts: 4,048

    Most of the infection appears to be in your cache and backup folders for internet explorer, which is a good thing. There is some outside of there but it shouldnt be too hard to clean up.

    :Clean temp files:

    • Download and Run ATF Cleaner
      Download ATF (Atribune Temp File) Cleaner© by Atribune to your desktop.Double-click ATF Cleaner.exe to open it.

      Under Main choose:

      • Windows Temp
        Current User Temp
        All Users Temp
        Temporary Internet Files
        Prefetch
        Java Cache

        *The other boxes are optional*
        Then click the Empty Selected button.
      if you use Firefox:

      • Click Firefox at the top and choose: Select All
        Click the Empty Selected button.
        NOTE: If you would like to keep your saved passwords, please click NO at the prompt.
      if you use Opera:

      • Click Opera at the top and choose: Select All
        Click the Empty Selected button.
        NOTE: If you would like to keep your saved passwords, please click NO at the prompt.

      Click Exit on the Main menu to close the program

    -----------------------------------------------------------------------------------------------------

    Go to start -> computer -> navigate to
    C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5

    and delete any folders within content.IE5 (should be some random named folders)

    -----------------------------------------------------------------------------------------------------

    I am going to start working on instructions for the rest of the infections, but go ahead and start with this. Then run another scan with kaspersky to see if it got these and show me the log.

    I am not on my normal computer today so it may take me a little while. Please be patient and I should have something for you today.

    Thanks,

    BD
     
  14. jaga_k

    jaga_k Newcomer, in training Topic Starter Posts: 43

    This is the second kaspersky log, after running the ATF cleaner and cleaning Content.IE5


    Thanks!!!
  15. Blind Dragon

    Blind Dragon TechSpot Evangelist Posts: 4,048

    AVG AntiSpyware
    • Launch AVG AntiSpyware
    • Click on the Update Icon at the top, then click Start Update in the left pane
    • After the update click on the Scanner Icon at the top, then select the settings tab, in the first section "How to act?" click on recommended actions and change it to delete.In the reports section make sure it is set to Automatically generate report after every scan
    • Click back to the Scan tab and select Complete System Scan
    • Finally, after the scan, select the Infections Icon at the top, click Select All at the bottom then Remove finally also at the bottom

    Attach the AVG report here
  16. jaga_k

    jaga_k Newcomer, in training Topic Starter Posts: 43

    I run AVG, but couldn't save the report (surprise, surprise!).
    I am attaching the screenshot of the found infections, though. Let me know if I should try to save the report somehow, anyway...
    Thanks!
  17. jaga_k

    jaga_k Newcomer, in training Topic Starter Posts: 43

    Sorry, was wrong. I managed to save the report... Here it is...
  18. Blind Dragon

    Blind Dragon TechSpot Evangelist Posts: 4,048

    Download and Install SDFix
    • Download SDFix and save it to your Desktop.
    • Double click SDFix.exe and it will extract the files to %systemdrive%
      (Drive that contains the Windows Directory, typically C:\SDFix)

    Run SDFix
    • Open the extracted SDFix folder and double click RunThis.bat to start the script.
    • Type Y to begin the cleanup process.
    • It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot.
    • Press any Key and it will restart the PC.
    • When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
    • Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt
    • Attach Report.txt back here
  19. jaga_k

    jaga_k Newcomer, in training Topic Starter Posts: 43

    I can't begin the cleanup process, SDFix doesn't give me this option. Attaching the screenshot...

    Should I run it in safe mode?
  20. Blind Dragon

    Blind Dragon TechSpot Evangelist Posts: 4,048

    Yes please try it from safe mode
  21. jaga_k

    jaga_k Newcomer, in training Topic Starter Posts: 43

    I tried it, but it doesn't work in safe mode either. A screen comes up, but it dissapears even quicker...
  22. Blind Dragon

    Blind Dragon TechSpot Evangelist Posts: 4,048

    Right click RunThis.bat and select Run as Administrator
  23. jaga_k

    jaga_k Newcomer, in training Topic Starter Posts: 43

    I have done it this way from the beginning, it didn't work.
  24. Blind Dragon

    Blind Dragon TechSpot Evangelist Posts: 4,048

    Can you verify that it is installed directly in the system drive-> C:\SDFix
  25. jaga_k

    jaga_k Newcomer, in training Topic Starter Posts: 43

    yes, it is
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.