Please, look at my files
- Thread starter jaga_k
- Start date
- Status
kritius
Posts: 2,077 +0
Ive pm'd someone to see what they think, but I dont know when theyre going to be back on.
To me it doesnt look too bad, but ive not had much experience with 64 bit machines so i dont really know, I dont like all those Host file Redirection's though.
I cant do much else at the minute.
To me it doesnt look too bad, but ive not had much experience with 64 bit machines so i dont really know, I dont like all those Host file Redirection's though.
I cant do much else at the minute.
Blind Dragon
Posts: 3,774 +4
@jaga_k -> On the blue bar above please select Edit Profile -> Then scroll down to the bottom of the page, in the left column select Attachments, Remove anything there. From here on in this thread you should be able to attach.
These logs are a pain to read, due to so many missing files. My thoughts are this.
1) Is hijackthis working correctly with your Operating System.
2) If hijackthis is working correctly then your registry is a mess.
Crap Cleaner
Afterwards attach:
1) A Hijackthis log
2) The uninstall list kritius asked for
These logs are a pain to read, due to so many missing files. My thoughts are this.
1) Is hijackthis working correctly with your Operating System.
2) If hijackthis is working correctly then your registry is a mess.
Crap Cleaner
- Download from HERE
- Close all browsers.
- Run the programme and make sure all the boxes are ticked under the Windows and Applications tabs, Also check All Advanced tabs(except for the Old prefetch Data option, this should be unticked)
- Click the run cleaner button. Do this several times
- Click on the registry Icon on the left pane.
- Scan and Fix on the right side
- After you fix run scan again (at least 3 times)
Afterwards attach:
1) A Hijackthis log
2) The uninstall list kritius asked for
Blind Dragon
Posts: 3,774 +4
:Run Kaspersky Online AV Scanner:
Order to use it you have to use Internet Explorer.
Go to Kaspersky and click the Accept button at the end of the page.
Note for Internet Explorer 7 users: If at any time you have trouble with the accept button of the licence, click on the Zoom tool located at the right bottom of the IE window and set the zoom to 75 %. Once the license accepted, reset to 100%.
Order to use it you have to use Internet Explorer.
Go to Kaspersky and click the Accept button at the end of the page.
Note for Internet Explorer 7 users: If at any time you have trouble with the accept button of the licence, click on the Zoom tool located at the right bottom of the IE window and set the zoom to 75 %. Once the license accepted, reset to 100%.
- Read the Requirements and limitations before you click Accept.
- Allow the ActiveX download if necessary.
- Once the database has downloaded, click Next.
- Click Scan Settings and change the "Scan using the following antivirus database" from standard to extended and then click OK.
- Click on "My Computer"
- When the scan has completed, click Save Report As...
- Enter a name for the file in the Filename: text box and then click the down arrow to the right of Save as type: and select text file (*.txt)
- Click Save - by default the file will be saved to your Desktop, but you can change this if you wish.
I run Kaspersky, but I can't save the log. When I'm trying to save it on the desktop it says that due to the security reasons the file was saved to the Temporary Internet Files (and the folder opens). The file is nowhere to be found, though. Tried to search for it, but nothing comes up. It's probably Vista having a problem again. I'm trying again, as an administrator...
Kaspersky found quite a few things, though. What should I do if I still can't save the log?
Kaspersky found quite a few things, though. What should I do if I still can't save the log?
Blind Dragon
Posts: 3,774 +4
copy and paste it here
Blind Dragon
Posts: 3,774 +4
Most of the infection appears to be in your cache and backup folders for internet explorer, which is a good thing. There is some outside of there but it shouldnt be too hard to clean up.
:Clean temp files:
-----------------------------------------------------------------------------------------------------
Go to start -> computer -> navigate to
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5
and delete any folders within content.IE5 (should be some random named folders)
-----------------------------------------------------------------------------------------------------
I am going to start working on instructions for the rest of the infections, but go ahead and start with this. Then run another scan with kaspersky to see if it got these and show me the log.
I am not on my normal computer today so it may take me a little while. Please be patient and I should have something for you today.
Thanks,
BD
:Clean temp files:
Download and Run ATF Cleaner
Download ATF (Atribune Temp File) Cleaner© by Atribune to your desktop.Double-click ATF Cleaner.exe to open it.
Under Main choose:
Windows Temp
Current User Temp
All Users Temp
Temporary Internet Files
Prefetch
Java Cache
*The other boxes are optional*
Then click the Empty Selected button.
Click Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click NO at the prompt.
Click Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click NO at the prompt.
Click Exit on the Main menu to close the program
-----------------------------------------------------------------------------------------------------
Go to start -> computer -> navigate to
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5
and delete any folders within content.IE5 (should be some random named folders)
-----------------------------------------------------------------------------------------------------
I am going to start working on instructions for the rest of the infections, but go ahead and start with this. Then run another scan with kaspersky to see if it got these and show me the log.
I am not on my normal computer today so it may take me a little while. Please be patient and I should have something for you today.
Thanks,
BD
Blind Dragon
Posts: 3,774 +4
AVG AntiSpyware
Attach the AVG report here
- Launch AVG AntiSpyware
- Click on the Update Icon at the top, then click Start Update in the left pane
- After the update click on the Scanner Icon at the top, then select the settings tab, in the first section "How to act?" click on recommended actions and change it to delete.In the reports section make sure it is set to Automatically generate report after every scan
- Click back to the Scan tab and select Complete System Scan
- Finally, after the scan, select the Infections Icon at the top, click Select All at the bottom then Remove finally also at the bottom
Attach the AVG report here
Blind Dragon
Posts: 3,774 +4
Download and Install SDFix
Run SDFix
- Download SDFix and save it to your Desktop.
- Double click SDFix.exe and it will extract the files to %systemdrive%
(Drive that contains the Windows Directory, typically C:\SDFix)
Run SDFix
- Open the extracted SDFix folder and double click RunThis.bat to start the script.
- Type Y to begin the cleanup process.
- It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot.
- Press any Key and it will restart the PC.
- When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
- Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt
- Attach Report.txt back here
Blind Dragon
Posts: 3,774 +4
Yes please try it from safe mode
Blind Dragon
Posts: 3,774 +4
Right click RunThis.bat and select Run as Administrator
Blind Dragon
Posts: 3,774 +4
Can you verify that it is installed directly in the system drive-> C:\SDFix
- Status
