Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Please help me [RESOLVED]


  • This topic is locked This topic is locked

#31
ken65

ken65

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
Hi No I did the copy and past but when I click on move it my screen goes black then come back. but no file is found I did find a folder when I click on it theres another folder this folder is called window when I click on that folder there nothing in it.
  • 0

Advertisements


#32
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Ok let's see if it is still present.

Copy everything inside the quote box below (starting with dir) and paste it into notepad. Go up to "File > Save As" and click the drop-down box to change the "Save As Type" to "All Files". Save it as findfile.bat on your Desktop.

dir C:\WINDOWS\dxdgns.dll /a h > files.txt
notepad files.txt


Locate findfile.bat on your Desktop and double-click on it. It will open Notepad with some text in it. Please post the contents of that Notepad here.
  • 0

#33
ken65

ken65

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
Volume in drive C has no label.
Volume Serial Number is 20DF-1C31

Directory of C:\WINDOWS

06/13/2007 05:23 AM 34,636 dxdgns.dll
1 File(s) 34,636 bytes

Directory of C:\Documents and Settings\Ken\Desktop
  • 0

#34
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Please go to Start>Run type in Notepad.
Copy what is in the code box below into the open Notepad window.
Change the "Save As Type" to "All Files". Save it as delete.bat on your Desktop.
@Echo off
attrib -s -r -h "C:\WINDOWS\dxdgns.dll"
del /q "C:\WINDOWS\dxdgns.dll"
quit
Don't do anything with this yet.
=====================
*Reboot your computer into SafeMode.
You can do this by restarting your computer and continually tapping the F8 key until a menu appears.
Use your up arrow key to highlight SafeMode then hit enter.

Then please double click on delete.bat a window will open and close quickly.This is normal.


After that please reboot into normal windows and run the findfile.bat again and post the reults her in your next reply.
  • 0

#35
ken65

ken65

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
Volume in drive C has no label.
Volume Serial Number is 20DF-1C31

Directory of C:\WINDOWS


Directory of C:\Documents and Settings\Ken\Desktop
  • 0

#36
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Time for some housekeeping
  • Click START then RUN
  • Now type Combo-fix /u in the runbox and click OK


    • Posted Image

    The above procedure will:
  • Delete the following:
    • ComboFix and its associated files and folders.
    • VundoFix backups, if present
    • The C:\Deckard folder, if present
    • The C:_OtMoveIt folder, if present
  • Reset the clock settings.
  • Hide file extensions, if required.
  • Hide System/Hidden files, if required.
  • Clean System Restore points.

Also delete anything that we used that is left over.
===================================
After that Your log is clean. :)

To find out more information about how you got infected in the first place and some great guidelines to follow to prevent future infections you can read this article by Tony Klein ->Here
  • 0

#37
ken65

ken65

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
It says windows canot find Combo-fix /u make sure you type name correctly
  • 0

#38
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Sorry about that try it without the dash mark between combo and fix.

Like this Combofix /u
  • 0

#39
ken65

ken65

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
Hi Thank you very much for the time and patients
Your help was greatly appriciated and my system is now clean. 1 last thing I would like to ask is when you say Clean System Restore points
can you please explain this to me thanks

Ken
  • 0

#40
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
When you delete files they go to a place called system volume information.
If you were to do a system restore then you could re infect your self.
They are basically points that your computer uses to restore to.

You are welcome :)


Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If your the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0

Advertisements


#41
ken65

ken65

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
Can you please show me how to clean this restore point
  • 0

#42
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
When you uninstalled Combofix it automatically cleans them.
  • 0

#43
ken65

ken65

    Member

  • Topic Starter
  • Member
  • PipPip
  • 32 posts
Again thank you for taking the time to help me with this issue
  • 0

#44
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
You are welcome :)


Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If your the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0

#45
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP