Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

1000s od Pos fules, makeing computer slow and freezing [RESOLVED]


  • This topic is locked This topic is locked

#31
Taco130

Taco130

    Member

  • Topic Starter
  • Member
  • PipPip
  • 54 posts
it isn't posting a log?
  • 0

Advertisements


#32
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Do you mean it didn't produce a log?
  • 0

#33
Taco130

Taco130

    Member

  • Topic Starter
  • Member
  • PipPip
  • 54 posts
yes
  • 0

#34
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Can you retry it with the same cf scrpt please it seems that combofix was interrupted.
Thanks.
  • 0

#35
Taco130

Taco130

    Member

  • Topic Starter
  • Member
  • PipPip
  • 54 posts
i get a compress folder name catchme on the desktop after combo fix?
  • 0

#36
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Did you retry the cf script?
  • 0

#37
Taco130

Taco130

    Member

  • Topic Starter
  • Member
  • PipPip
  • 54 posts
yes
  • 0

#38
Taco130

Taco130

    Member

  • Topic Starter
  • Member
  • PipPip
  • 54 posts
should i restall combofix?
  • 0

#39
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
No just do the following:

Please download the OTMoveIt2 by OldTimer.
  • Save it to your desktop.
  • Please double-click OTMoveIt2.exe to run it. (Vista users, please right click on OTMoveit2.exe and select "Run as an Administrator")
  • Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

    C:\WINDOWS\Downloaded Program Files\gsda.dll 
    C:\WINDOWS\SYSTEM32\edcA01
    C:\VundoFix Backups
    C:\Program Files\QuickTime
    C:\Program Files\McAfee.com
  • Return to OTMoveIt2, right click in the "Paste List of Files/Folders to be Moved" window (under the light blue bar) and choose Paste.
  • Click the red Moveit! button.
  • OTMoveit2 will create a log of moved files in the C:\_OTMoveIt\MovedFiles folder. The log's name will appear as the date and time it was created, with the format mmddyyyy_hhmmss.log. Open this log in Notepad and post its contents in your next reply.
  • Close OTMoveIt2
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.
  • 0

#40
Taco130

Taco130

    Member

  • Topic Starter
  • Member
  • PipPip
  • 54 posts
here it is

File/Folder C:\WINDOWS\Downloaded Program Files\gsda.dll not found.
File/Folder C:\WINDOWS\SYSTEM32\edcA01 not found.
File/Folder C:\VundoFix Backups not found.
File/Folder C:\Program Files\QuickTime not found.
File/Folder C:\Program Files\McAfee.com not found.

OTMoveIt2 v1.0.20 log created on 02172008_180328
  • 0

Advertisements


#41
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Ok great.

Please re-open Hijackthis and click on "Do a system scan only"
Then place a check mark next to these entries below: (If present)

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapp.../search/ie.html
O4 - HKLM\..\Run: [combofix] C:\WINDOWS\system32\kmd.exe /c C:\ComboFix\Combobatch.bat
O8 - Extra context menu item: &Search - http://edits.mywebse...?p=ZJxdm027YYUS
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfar...p1.0.0.15-3.cab
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamesp...nch/alaunch.cab
O16 - DPF: {50BD5CDA-4BA8-4048-8FAA-763F222E41D8} - ms-its:mhtml:file://c:\\nores.mht!http://adxrnet.net/c...::/xpreload.ocx



Now click on Fix Checked and then close Hijackthis.
====================================
Now do the following:

Time for some housekeeping
  • Click START then RUN
  • Now type Combofix /u in the runbox and click OK


    • Posted Image

    The above procedure will delete the following:

    • ComboFix and its associated files and folders.
    • VundoFix backups, if present
    • The C:\Deckard folder, if present
    • The C:_OtMoveIt folder, if present
  • Reset the clock settings.
  • Hide file extensions, if required.
  • Hide System/Hidden files, if required.
  • Clean System Restore points.

Also delete anything that we used that is left over.
===================================
Then I suggest Downloading AVG free and install it as you have no antivirus protection.
=============================
After that Your log is clean. :)

To find out more information about how you got infected in the first place and some great guidelines to follow to prevent future infections you can read this article by Tony Klein ->Here
  • 0

#42
Taco130

Taco130

    Member

  • Topic Starter
  • Member
  • PipPip
  • 54 posts
ok thanks for every

bye
  • 0

#43
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
You are welcome :)


Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If your the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0

#44
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP