Tech Support Forum - View Single Post

Vikesrock8411 · 12-06-2005, 09:57 AM

Please print out or copy this page to Notepad in order to assist you when carrying out the following instructions.

Please follow the instructions here to clear Sun Java's cache.

Viewing Hidden Files
Go to My Computer >Tools >Folder Options >View tab and make sure that Show hidden files and folders is enabled. Also make sure that the System Files and Folders are showing / visible. Uncheck the Hide protected operating system files option.

Downloads(make sure to save these in a permanent location)
IsearchFix-Double click on it and allow it to install to it's default directory.
Hoster- Unzip it to your desktop.
CWShredder- Download it, but do not run it yet.

Reboot your system in Safe Mode (By repeatedly tapping the F8 key until the menu appears).

File and Folder Deletions
Delete the following Files indicated in RED and Folders indicated in BLUE if they still exist.
C:\Documents and Settings\joneu\Favorites\LIVING\Find a Degree.lnk
C:\WINDOWS\delprot.ini
C:\WINDOWS\drsmartload.dat

C:\PROGRAM FILES\COMMON FILES\InetGet
C:\WINDOWS\SYSTEM32\cache32_rtneg3
C:\Program Files\Common Files\rzrw

Tools
Run CWShredder and click on Agree, then click Fix (it will automatically fix anything it finds for you). If it asks if you want to delete a certain random file, choose No and post that filename here.

Open up Hoster

Make sure that the "make hosts writable?" button in the upper right corner is enabled.
Click back up Host files
Click Restore orginal host files
Close the program

Open the IsearchFix folder and run Isearch.bat. Allow it to finish running then reboot and post the isearchlog.txt

Online Scans

Please open IE and go to
Kaspersky WebScanner

Next Click on Kaspersky Online Scanner

You will be prompted to install an ActiveX component from Kaspersky, Click Yes.

The program will launch and then begin downloading the latest definition files:
Once the files have been downloaded click on NEXT
Now click on Scan Settings
In the scan settings make that the following are selected:
- Scan using the following Anti-Virus database:
- Standard
- Scan Options:
- Scan Archives
  Scan Mail Bases
Click OK
Now under select a target to scan:
- Select My Computer
This will program will start and scan your system.
The scan will take a while so be patient and let it run.
Once the scan is complete it will display if your system has been infected.
- Now click on the Save as Text button:
Save the file to your desktop.
Copy and paste that information in your next post.

* Turn off the real time scanner of any existing antivirus program while performing the online scan

In your next post please include:

Isearchlog.txt
Kaspersky Log
A new Hijackthis! Log

12-06-2005, 09:57 AM	#9 (permalink)
Vikesrock8411 Analyst, Security Team Join Date: Jun 2005 Posts: 3,065 OS: Windows XP	Please print out or copy this page to Notepad in order to assist you when carrying out the following instructions. Please follow the instructions here to clear Sun Java's cache. Viewing Hidden Files Go to My Computer >Tools >Folder Options >View tab and make sure that Show hidden files and folders is enabled. Also make sure that the System Files and Folders are showing / visible. Uncheck the Hide protected operating system files option. Downloads(make sure to save these in a permanent location) IsearchFix-Double click on it and allow it to install to it's default directory. Hoster- Unzip it to your desktop. CWShredder- Download it, but do not run it yet. Reboot your system in Safe Mode (By repeatedly tapping the F8 key until the menu appears). File and Folder Deletions Delete the following Files indicated in RED and Folders indicated in BLUE if they still exist. C:\Documents and Settings\joneu\Favorites\LIVING\Find a Degree.lnk C:\WINDOWS\delprot.ini C:\WINDOWS\drsmartload.dat C:\PROGRAM FILES\COMMON FILES\InetGet C:\WINDOWS\SYSTEM32\cache32_rtneg3 C:\Program Files\Common Files\rzrw Tools Run CWShredder and click on Agree, then click Fix (it will automatically fix anything it finds for you). If it asks if you want to delete a certain random file, choose No and post that filename here. Open up Hoster Make sure that the "make hosts writable?" button in the upper right corner is enabled. Click back up Host files Click Restore orginal host files Close the program Open the IsearchFix folder and run Isearch.bat. Allow it to finish running then reboot and post the isearchlog.txt Online Scans Please open IE and go to Kaspersky WebScanner Next Click on Kaspersky Online Scanner You will be prompted to install an ActiveX component from Kaspersky, Click Yes. The program will launch and then begin downloading the latest definition files: Once the files have been downloaded click on NEXT Now click on Scan Settings In the scan settings make that the following are selected: Scan using the following Anti-Virus database: Standard Scan Options: Scan Archives Scan Mail Bases Click OK Now under select a target to scan: Select My Computer This will program will start and scan your system. The scan will take a while so be patient and let it run. Once the scan is complete it will display if your system has been infected. Now click on the Save as Text button: Save the file to your desktop. Copy and paste that information in your next post. * Turn off the real time scanner of any existing antivirus program while performing the online scan In your next post please include: Isearchlog.txt Kaspersky Log A new Hijackthis! Log