Tech Support Forum - View Single Post

tetonbob · 12-01-2005, 10:16 AM

Not quite yet...you want to install SP2 on a completely clean system, or it may cause trouble.

Was this HJT log taken from Safe Mode? It appears as though it may have been, due to the lack of running processes. All HJT logs for review must be taken in normal mode, please.

Please do this:

Empty your Recycle Bin.

Make sure hidden files and folders are still visible.

Go to My Computer->Tools->Folder Options->View tab:
* Under the Hidden files and folders heading, select Show hidden files and folders.
* Uncheck the Hide protected operating system files (recommended) option.
* Click Yes to confirm and then click OK.

Delete these files if they exist:

C:\WINDOWS\SYSTEM32\CSUninstall.exe
C:\RECYCLER\S-1-5-21-3895304184-214099845-2681017343-500\Dc1\WToolsD.cfg

If they resist deletion, boot into safe mode and delete them from there.

Next, from normal mode, do this:

Download Trend Micro™ Anti-Spyware (by clicking the "Scan and Clean your PC" button).

Choose Save, NOT run, and save to your desktop
Double-click the tmas-web-scan.exe icon
It will say "Loading TrendMicro definitions".
Click "Start Scan"

After it's done scanning, click "Scan Results"

Make sure all items found have a check next to them, then click "Clean Threats Now".
Click Exit.

Reboot your computer. I then need you to repeat the same procedure above again... using the TrendMicro tool. I need the log from the second scan/clean...NOT the first...as this will contain what’s left in the system.

In place of the TrendMicro icon will be a text file called "Antispyware.log", please double-click that log and copy the entire contents and paste them here.

Run a new scan with HJT in normal mode, and post the saved scan log here.

12-01-2005, 10:16 AM	#6 (permalink)
tetonbob Manager, Security Center, TSF Academy; Analyst, Security Team Join Date: Jan 2005 Location: Transylvania County, North Carolina, USA Posts: 35,151 OS: 2000 Pro; XP Pro; XP Home	Not quite yet...you want to install SP2 on a completely clean system, or it may cause trouble. Was this HJT log taken from Safe Mode? It appears as though it may have been, due to the lack of running processes. All HJT logs for review must be taken in normal mode, please. Please do this: Empty your Recycle Bin. Make sure hidden files and folders are still visible. Go to My Computer->Tools->Folder Options->View tab: * Under the Hidden files and folders heading, select Show hidden files and folders. * Uncheck the Hide protected operating system files (recommended) option. * Click Yes to confirm and then click OK. Delete these files if they exist: C:\WINDOWS\SYSTEM32\CSUninstall.exe C:\RECYCLER\S-1-5-21-3895304184-214099845-2681017343-500\Dc1\WToolsD.cfg If they resist deletion, boot into safe mode and delete them from there. Next, from normal mode, do this: Download Trend Micro™ Anti-Spyware (by clicking the "Scan and Clean your PC" button). Choose Save, NOT run, and save to your desktop Double-click the tmas-web-scan.exe icon It will say "Loading TrendMicro definitions". Click "Start Scan" After it's done scanning, click "Scan Results" Make sure all items found have a check next to them, then click "Clean Threats Now". Click Exit. Reboot your computer. I then need you to repeat the same procedure above again... using the TrendMicro tool. I need the log from the second scan/clean...NOT the first...as this will contain what’s left in the system. In place of the TrendMicro icon will be a text file called "Antispyware.log", please double-click that log and copy the entire contents and paste them here. Run a new scan with HJT in normal mode, and post the saved scan log here. __________________ Practice Safe Surfing PC Safety and Security--What Do I Need? Because what you don't know, CAN hurt you. Proud Member of ASAP since 2005 Proud Member of UNITE since 2006 Microsoft MVP - Consumer Security 2009