[loophole]

I belive also theres a high threat tojan embeded in system 32 that cant be deleted

Why and what is it?

Edit: I have to go to bed. The forums will be down for a few hours tomorrow atleast. I will get back to you as soon as I can

Edited by loophole, 03 November 2005 - 11:26 PM.

[Advertisements]

C:\Program Files\Common Files\system32.dll/gui.exe -> TrojanDownloader.Agent.rv : Error during cleaning Does this mean gue is still in my sytem?

Believe me for Trojans I don t foget easily.
It this ewido asked if i wanted to delete the whole file (System32.dl\gui.exe

Look up gue and you'll see what it can do.

[Classy2]

C:\Program Files\Common Files\system32.dll/gui.exe -> TrojanDownloader.Agent.rv : Error during cleaning Does this mean gue is still in my sytem?

Believe me for Trojans I don t foget easily.
It this ewido asked if i wanted to delete the whole file (System32.dl\gui.exe

Look up gue and you'll see what it can do.

[loophole]

I don't forget easily either

C:\Program Files\Common Files\system32.dll/gui.exe -> TrojanDownloader.Agent.rv : Cleaned with backup

From post 23

If you have reoson to believe this is on your system then please run the ewido scan in safemode again

Edited by loophole, 03 November 2005 - 11:41 PM.

[Classy2]

All I want is my computer to work as before all this happened
For some unknown reason the computer doesnt recognise who is logged in so prgrams icon go to the logged in User TEMP desktop.
Right now IM logged into Admistrator1, it is ignoring my place where I save icons, logs etc. Admistrator1.Cuddles has taken over by Administraor1.. These unoffically just appeared one day User has some how replaced my offical users account!!! All it has in it is local..temp, missing many files.
This why I think the false temp uers should be deleted. Tthere will be no more confusion to find where I saved icons, logs to desktop. Paths in ''Properties..Target paths say DOCUMEN~....admin\2local~temp, So now its adding ADMINISTRATOR ~. When will it and whny does it keep adding these user files by itself??????????
I need to find out the cause of the problem so everything will maybe soon it things will be corrected.
AVG.logs is in .CVS format which i dont know what program to accociate it with to copy into here.
Its just not a matter that the trojan is deleted,. Its about did it rename itself, did it put itself into the startup registry? AVG asked if I wanted to delete the complete path, I click ''no'' Im not sure if my computer needs System 32.dll\gui.exe?
Loophole I understand you are working hard to solve this mystery problem, and I thank you from my heart. But I know when my computer isnt working right.
I really know the comper isnt getting the message of whom is logged in. And finnd out why will solve the biggest problem.


Seeking my answer is addicting,
Sleepless in ny,
classy

Edited by Classy2, 04 November 2005 - 03:21 AM.

[loophole]

So AVG is still picking up something ? You should tell me this. Is it still picking up the gui.exe and where is it located?

[Classy2]

I think AVG and Sygate is letting in too many trojans. Can you reccommed an easy program to monitor and close my ports?
All my sites I saved are all gone. And I didnt run any cleaner.
I went into registry, following instructions from a problem like mine, and deleted Admins1.CUDDLES..001
Not even in safe mode could I delete the rest of CUDDLES.001. I even used killbox to delete the undelteable. Some are still left.
I had a site to show you about locating profiles and domain names and how to change them. I wanted you to read the instructions on how to have new users names and new profile. I will search again tonight. It took hours to locate my problem. Are the user accounts a domain name used in docum and settings?

A very tired brain,
Classy

Edited by Classy2, 04 November 2005 - 02:25 PM.

[loophole]

Class how do you feel about restoring your computer to an earlier state(system restore) Seems to be a viable option at this point.

[Classy2]

My system restore always froze up when I went back more than one time. So it may be a good idea for someone who had no problems. I turned it off to save more ram. Classy

[loophole]

Ok....If you can find that article about your problem exactly I would love to have a look at it I can't find anything similar. I have to leave for the night so I won't be able to reply until late tonight

[Classy2]

I am logged in as Admistrator1 and ewido scaned Administrator1.CUDDLES.001 Can you please help me solve this problem?
When I have the time I'll search all over again to find bthe site which sounded like my problem.
Classy

[Classy2]

Hi Loophole, my homepage is hijacked to AOL I do not use AOL.
If you copy the following in windows data base yo'll sseeee it say the same error

The error says;..%SystemRoot%\system32\notepad.exe
Start in-- %HOMEDRIVE%%HOMEPATH%

How do I stop my broswer from automatically?
Sick right now,
classy

[Classy2]

16 bit windows subsysystem
C:DOCUM~1.001\Temp\. Atempoary file needed for inialiazation could not be created or could be
written to. Make sure that the ;path exists, and disk space is available.

Loophnole this path does not exist. I tried right clicking everywhere in this program to change it to the RIGHT PATH.
This path must mean something
.Every offical or not offic al user used to have a "Temp" file but now they are missing? Why?
Please herlp me loophole,
Classy

[loophole]

In the interst of troubleshooting this, How about we create a new account and see if the problem exists with the new account. We can transfer the items from the profile that is yours to the new one

Go to the documents and settings folder. Then open each folder and find the one with all your favorites and your desktop icons and tell me which one that is

Edited by loophole, 09 November 2005 - 09:04 PM.

[Classy2]

Hi Loophole, I've been away for a while sick. just starting to feel better.

missing (+) Administrator1 ..Administrator..Start menu..user data..windows ..end
missing (+) Administrator1.CUDDLES...NO OTHER FILES
Administrator.1CUDDLES.001...Cookies...Desktop..all icons (on my desktop)..Favotites.(none)..
Start menu..Administrative tools(empty) end
Missing (+) All Users..Desktop(has all icons from Administraor1)..Favorites (none)..Start menu..(Set Program Access)..
..Programs...(Al Programs that r listed in Administrator1)..end
Do you want me to make a new user in ...control panel--Users Accounts?

[loophole]

Good information... It looks like all your favorites are gone from all accounts and administrator1.cuddles is the profile that matches yours the best. I'm a little stumped because the Cuddles account should say Administrator.cuddles without the 1 after administrator. I'm starting to think that ccleaner or cleanup deleted more than they should have. Both programs will delete Favorites if set too.Before we begin do you remember where you stored all the phone numbers you need and any other important stuff. We may have to build you a new profile