Tech Support Forum - View Single Post

dorts · 11-24-2006, 10:42 AM

Hello and welcome to TSF

Please read this post completely before begining the fix. If there's anything that you do not understand, kindly ask your questions before proceeding. Please ensure that there aren't any opened browsers when you are carrying out the procedures below. Save the following instructions in Notepad as this webpage would not be available when you're carrying out the fix. Please stay with me until your system has been declared clean.

IT IS IMPORTANT THAT YOU DON'T MISS A STEP & PERFORM EVERYTHING IN THE RIGHT ORDER.

You have a very nasty chinese infection and this will take a while to clean. So please hang in there.

Please refrain from using the Internet and disconnect it when not in use.

Connect to the Internet.

Downloads

Please download combofix from this link and save it on your desktop. DO NOT run it yet.

Please download System Repair Engineer and save it to your desktop. Extract the contents of the archive onto your desktop.

Disconnect from the Interent.

Safe Mode

Restart your computer.
Before the Windows logo appear, tap F8 repeatedly. In some systems, this may be the F5 key.
A menu should appear, select Safe Mode from the menu using your arrow keys and then hit Enter on your keyboard.
This will take a while than usual, so just wait.
After it loads, Login on your usual account.

ComboFix

1. Run combofix by clicking on combofix.exe on your desktop.

3. When finished, it shall produce a log for you. It will be located at D:\combofix.txt Post that log in your next reply.

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall.

You may now reboot back to normal mode

SREng

Please start the program by clicking on SREng.exe
Click on Smart Scan (magnifying glass icon)
Click on Scan at the bottom right and the program will start scanning your system.
Once it is done, a new window will open.
Click on Save Reports and save the log on your desktop with the default file name, SREngLOG.log.
You may now exit the program.

Please post the contents of SREngLOG.log in your next reply.

Connect back to the Internet.

Logs

Please post the following logs in your next reply...

D:\combofix.txt
SREngLOG.log
A New HijackThis Log

11-24-2006, 10:42 AM	#2 (permalink)
dorts Analyst, Security Team Join Date: Mar 2006 Location: Singapore Posts: 1,599 OS: Windows XP SP2 My System	Hello and welcome to TSF Please read this post completely before begining the fix. If there's anything that you do not understand, kindly ask your questions before proceeding. Please ensure that there aren't any opened browsers when you are carrying out the procedures below. Save the following instructions in Notepad as this webpage would not be available when you're carrying out the fix. Please stay with me until your system has been declared clean. IT IS IMPORTANT THAT YOU DON'T MISS A STEP & PERFORM EVERYTHING IN THE RIGHT ORDER. You have a very nasty chinese infection and this will take a while to clean. So please hang in there. Please refrain from using the Internet and disconnect it when not in use. Connect to the Internet. Downloads Please download combofix from this link and save it on your desktop. DO NOT run it yet. Please download System Repair Engineer and save it to your desktop. Extract the contents of the archive onto your desktop. Disconnect from the Interent. Safe Mode Restart your computer. Before the Windows logo appear, tap F8 repeatedly. In some systems, this may be the F5 key. A menu should appear, select Safe Mode from the menu using your arrow keys and then hit Enter on your keyboard. This will take a while than usual, so just wait. After it loads, Login on your usual account. ComboFix 1. Run combofix by clicking on combofix.exe on your desktop. 3. When finished, it shall produce a log for you. It will be located at D:\combofix.txt Post that log in your next reply. Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall. You may now reboot back to normal mode SREng Please start the program by clicking on SREng.exe Click on Smart Scan (magnifying glass icon) Click on Scan at the bottom right and the program will start scanning your system. Once it is done, a new window will open. Click on Save Reports and save the log on your desktop with the default file name, SREngLOG.log. You may now exit the program. Please post the contents of SREngLOG.log in your next reply. Connect back to the Internet. Logs Please post the following logs in your next reply... D:\combofix.txt SREngLOG.log A New HijackThis Log __________________ If you think TSF have helped you, please kindly donate to TSF and help keep this site free to all.