Trojan horse taken my rights and registry, can't do anything

Page 2 of 2 Previous  1, 2

View previous topic View next topic Go down

Trojan horse taken my rights and registry, can't do anything

Post by Sophia on Tue 20 Jul 2010, 2:40 pm

First topic message reminder :

Somehow I acquired a trojan horse. I have McAfee and AVG. Ran both and got 3 trojans:
program files\shared\lib.dll, temp\kYFZYrwbcT.exe, temporary internet files\content.IE5\5VXVWUTH\Setup.exe

Now I cannot execute any programs nor get onto the internet. I also cannot run the task manager. I am stuck and just can't function. I WILL NOT CONSIDER re-formatting my hard drive. I am communicating from another laptop I have. I have malware but I am not allowed to run it. Apparantly I am no longer the administrator. I even tried to download to a flash drive and install from there but it won't let me install or copy anything.

Sophia

Newbie Surfer
Newbie Surfer

Posts : 19
Joined : 2010-07-20
Operating System : Windows xp

View user profile

Back to top Go down


Re: Trojan horse taken my rights and registry, can't do anything

Post by Sophia on Fri 23 Jul 2010, 10:45 am

It has finally finished and here is the log.

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=7.00.6000.17055 (vista_gdr.100414-0533)
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=cb29a115dc63a74eb508b3cf0fe2ca2d
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-07-22 11:36:49
# local_time=2010-07-22 06:36:49 (-0600, Central Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 2
# compatibility_mode=1024 16777175 100 0 15802216 15802216 0 0
# compatibility_mode=5121 16776537 100 85 106365530 112918173 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=115291
# found=0
# cleaned=0
# scan_time=8710

Sophia

Newbie Surfer
Newbie Surfer

Posts : 19
Joined : 2010-07-20
Operating System : Windows xp

View user profile

Back to top Go down

Re: Trojan horse taken my rights and registry, can't do anything

Post by DragonMaster Jay on Fri 23 Jul 2010, 5:05 pm

Are you gaining control over your computer again?

Let me know of any other issues.


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: Trojan horse taken my rights and registry, can't do anything

Post by Sophia on Sat 24 Jul 2010, 1:36 am

It appears all is well. Is there anything else I need to do?

Sophia

Newbie Surfer
Newbie Surfer

Posts : 19
Joined : 2010-07-20
Operating System : Windows xp

View user profile

Back to top Go down

Re: Trojan horse taken my rights and registry, can't do anything

Post by DragonMaster Jay on Sat 24 Jul 2010, 5:36 am

Your logs appear to be clean. If there are no more issues, then we shall clean up!

Clean up System Restore

Now, to get you off to a clean start, we will be creating a new Restore Point, then clearing the old ones to make sure you do not get reinfected, in case you need to "restore back."
  • Select Start > All Programs > Accessories > System tools > System Restore.
  • On the dialogue box that appears select Create a Restore Point
  • Click NEXT
  • Enter a name e.g. Clean
  • Click CREATE

You now have a clean restore point, to get rid of the bad ones:
  • Select Start > All Programs > Accessories > System tools > Disk Cleanup.
  • In the Drop down box that appears select your main drive e.g. C
  • Click OK
  • The System will do some calculation and the display a dialogue box with TABS
  • Select the More Options Tab.
  • At the bottom will be a system restore box with a CLEANUP button click this
  • Accept the Warning and select OK again, the program will close and you are done


Run OTC to remove our tools

To remove all of the tools we used and the files and folders they created, please do the following:
Please download OTC.exe by OldTimer:
  • Save it to your Desktop.
  • Double click OTC.exe.
  • Click the CleanUp! button.
  • If you are prompted to Reboot during the cleanup, select Yes.
  • The tool will delete itself once it finishes.

Note: If any tool, file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually.

Purge old temporary files

Please download TFC by OldTimer to your desktop
  • Please double-click TFC.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
  • It will close all programs when run, so make sure you have saved all your work before you begin.
  • Click the Start
    button to begin the process. Depending on how often you clean temp
    files, execution time should be anywhere from a few seconds to a minute
    or two. Let it run uninterrupted to completion.
  • Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.


Security Check

Please download Security Check by screen317 from SpywareInfoforum.org or Changelog.fr.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


Tell me in your next reply, if you have completed these tasks:
  • Cleaned System Restore
  • Ran OTC
  • Ran TFC
  • Ran Security Check

Also, let me know how your computer is running, and don't forget to post the contents of the Security Check log.


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: Trojan horse taken my rights and registry, can't do anything

Post by Sponsored content Today at 4:29 am


Sponsored content


Back to top Go down

Page 2 of 2 Previous  1, 2

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum