Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Bagle.IX and Download Bagle Trojan [RESOLVED]


  • This topic is locked This topic is locked

#121
Linda68

Linda68

    Member

  • Topic Starter
  • Member
  • PipPip
  • 97 posts
The dllcache subdirectory did not exist in Explorer (view hidden files / folders on)
It WAS available though DOS
I searched in Windows for the dllcache directory
-nothing could be found, BUT it found
c:\Qoobox\Quarantine\C\Windows\system32

Nevertheless, I tried to copy from the dllcache subdir in DOS
copy iexplore.exe c:\program files\internet explorer

It said "syntax of command not correct"

At least the tab to show hidden files and folders under Tool-Folder Options HAS returned. It was not there previously.

I sent the report again, didn't see it attached in previous e-mail.

Attached Files


  • 0

Advertisements


#122
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 10,936 posts
Hi, Linda68 :)

There is nothing out of the ordinary in either the files uploaded, nor in the registry reports. The enclosed folder contains a batch file to copy Iexplorer.exe from the dllcache folder to the program files folder.

Open Internet Explorer and go directly to IE Hope page to download IE7.

http://www.microsoft.com/windows/products/winfamily/ie/default.mspx

I you run into problems, run MyPoppy.exe to remove baggle. I am incline to remove programs and their folders that are plugged into Internet Explorer.

  • Open Hijackthis
  • Click on Open the Misc Tools Section
  • Click "Open Uninstall Manager"
  • Click "Save List" (generates uninstall_list.txt)
  • Click Save, and attach the results in your next post.

Keep me posted.
  • 0

#123
Linda68

Linda68

    Member

  • Topic Starter
  • Member
  • PipPip
  • 97 posts
When I tried to install IE7, I received the error (pop up box)
Setup could not verify the integrity of the files needed for installation. Make sure the Cryptographic service is running on the computer.
  • 0

#124
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 10,936 posts
Go to Start -> Run, type Services.msc and click ok.

Scroll down to Cryptographic Services and double click on it. It should be set to Automatic and running.
  • 0

#125
Linda68

Linda68

    Member

  • Topic Starter
  • Member
  • PipPip
  • 97 posts
I stopped the cryptographic service and restarted it, same problem ... unable to load due to *possibility* of cryptographic service not running.
  • 0

#126
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 10,936 posts
Hi, Linda68 :)

Microsoft has various methods to deal with this type of problems. Rather than post each method I have collected all the processes in a batch file. Try each method and test. If the situation is resolved after trying a method, you need not to continue.

The folder is attached. Open the Install folder and click on the batch file. Follow the instructions.

Keep me posted.
  • 0

#127
Linda68

Linda68

    Member

  • Topic Starter
  • Member
  • PipPip
  • 97 posts
Still couldn't get past the same message re: cryptographic service... a few batch files came up with errors re: files being used by another process, tmp*.cat could not be found etc...

I tried to install IE after each process, received the same message for all processes.
I'm really satisfied if I NEVER hace to use IE again. I've actually grown accustomed to Mozilla.
Can I just run Combofix, delete IE, use Mozilla and never have problems again?
  • 0

#128
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 10,936 posts
IE is not deletable.

Have your XP CD handy. Go to Start -> Run copy and paste the following command and click OK:

SFC /ScanNow

You will be asked for the XP CD. Insert the CD and allow the System File Checker scan your computer. Then Restart and try again.
  • 0

#129
Linda68

Linda68

    Member

  • Topic Starter
  • Member
  • PipPip
  • 97 posts
I ran the command, a pop-up box came up, stayed on the screen for a couple minutes and just disappeared. It never prompted for the XP CD. I rebooted and tried it again, same thing.

If I try to run the command a second time without rebooting, a DOS window opens and then it immediately closes.
  • 0

#130
Linda68

Linda68

    Member

  • Topic Starter
  • Member
  • PipPip
  • 97 posts
...a quick browse on my processes tab shows wintems.exe is running
  • 0

Advertisements


#131
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 10,936 posts
It is Baggle. Run Mypoppy.exe. After doing so, see if using Internet Explorer you can do an online scan with Kaspersky WebScanner (Again, use internet Explorer)

Click on Accept

You will be promted to install an ActiveX component from Kaspersky, Click Yes.
  • The program will launch and then begin downloading the latest definition files:
  • Once the files have been downloaded click on NEXT
  • Now click on Scan Settings
  • In the scan settings make that the following are selected:
    • Scan using the following Anti-Virus database:
    Extended (if available otherwise Standard)
    • Scan Options:
    Scan Archives
    Scan Mail Bases
  • Click OK
  • Now under select a target to scan:Select My Computer
  • This will program will start and scan your system.
  • The scan will take a while so be patient and let it run.
  • Once the scan is complete it will display if your system has been infected.
    • Now click on the Save as Text button:
  • Save the file to your desktop.
  • Copy and paste that information in your next post.
Another option would be attempting to do all this in Safe mode with Networking Support.
  • 0

#132
Linda68

Linda68

    Member

  • Topic Starter
  • Member
  • PipPip
  • 97 posts
I am trying to run Kaspersky. A pop-up bar came up with security setting don't allow ActiveX controls installed on etc ...
I went to Tools-Internet Options-Security-Custom level and enabled everything ActiveX I could find and restarted the browser. The information bar is still popping up with the same message.
  • 0

#133
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 10,936 posts

I am trying to run Kaspersky. A pop-up bar came up with security setting don't allow ActiveX controls installed on etc ...
I went to Tools-Internet Options-Security-Custom level and enabled everything ActiveX I could find and restarted the browser. The information bar is still popping up with the same message.

Can I see the Security bar in a screenshot?
  • 0

#134
Linda68

Linda68

    Member

  • Topic Starter
  • Member
  • PipPip
  • 97 posts
Yes, I'll save and send to you later on this evening...around the same time.
It is the pop-up blocker bar, but usually when you click on those, you get messages regarding the plan of action. The only thing you could do with this bar was close it, there weren't any options when clicked.
  • 0

#135
Linda68

Linda68

    Member

  • Topic Starter
  • Member
  • PipPip
  • 97 posts
The jpg is attached.
The bar that you see does NOT provide options as it states. Right and left mouse clicks only display the words..."Information Bar Help".

Attached Thumbnails

  • kaspersky.JPG

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP