MajorGeeks Support Forums

Go Back   MajorGeeks Support Forums > ----------= PC, Desktop and Laptop Support =---------- > Malware Removal
Register FAQ Members List Calendar Casino Mark Forums Read

Malware Removal Malware removal forum. Please see the READ ME FIRST thread before you post. Forum is staffed by a small number of volunteers, please be patient.


Reply
 
Thread Tools Display Modes
  #1  
Old 12-06-06, 08:24
babyturk babyturk is offline
Senior Member
 
Join Date: Mar 2006
Posts: 191
Thanks: 0
Thanked 0 Times in 0 Posts
Exclamation Please help me I have found out trogens attacked my computer

I have found out my computer has some awful trogen can you please help me, I can't figure out, where to find my save log in the couterspy can you please instruct me
I also don't know where the save file is on bitedefender please instruct me......Thank you. Here is my AVG scan for your review.
P.s I have done everything that you instructed me to do in the read before posting. Please help me.
Reply With Quote
Sponsored links
  #2  
Old 12-06-06, 09:19
DavidGP's Avatar
DavidGP DavidGP is offline
MajorGeeks Forum Administrator - Grand Pooh-Bah
 
Join Date: Jan 2002
Location: UK
Posts: 38,606
Thanks: 2,805
Thanked 3,028 Times in 2,756 Posts
Default Re: Please help me I have found out trogens attacked my computer

Hi

You should really be a specialist in running these logs by now, but remember to run them all as specified in the Read Me and include all logs from the scans below:

[*]When you return to make your next post, make sure you attach the following logs and that you have run these scans in the following order too:[LIST][*]CounterSpy[*]AVG Antispyware log - ONLY IF NEEDED you were not able to run CounterSpy[*]Bitdefender - from step 6[*]Panda Scan - from step 6[*]runkeys.txt - the log from GetRunKey.bat[*]newfiles.txt - the log from ShowNew.bat[*]HijackThis



but a couple of pointers on the questions you asked above.

Counterspy Log is found:

To access the CounterSpy scan log...

Quote:
1 View > Spyware Scan > Spyware Scan History

2 Select the scan you'd like to view & save

3 Hit View Details

4 Copy and paste the relevant portions into a notepad file > save and attach as specified in the guide.


Bitdefender log:

Quote:
Bitdefender agree to the license and then select Scan. DO NOT CHANGE THE OPTIONS TO SHOW ALL FILES SCANNED. That will make your logs huge and we don't need to see clean files. Once Bitdefender completes the scan:

Click-on the Detected Problems tab. Then select Click here to export the scan report

When the window comes up to save the report, change the Save as type: box to Text (Tab Delimited) (*.txt) and then in the File name box enter change to bdscan then click save. This will save a file named bdscan.txt in whatever folder you are currently in when you save the file (take notice of where you are at so you can find it later). This bdcan.txt file will actually contain HTML code that we can easily view later while reviewing your log. All we have to do is rename the file to bdscan.html.

If you do not follow these step, you will have an incorrect log or worse a log summary which is useless to us.

Post the bdscan.txt file as an ATTACHMENT. See: HOW TO: Attach Items To Your Post
You MUST attach the Bitdefender log even it it indicates no problems. We want to see it anyway!!!!
The Bitdefender instructions were taken from the Read Me guide you would have read.
Reply With Quote
  #3  
Old 12-06-06, 16:26
babyturk babyturk is offline
Senior Member
 
Join Date: Mar 2006
Posts: 191
Thanks: 0
Thanked 0 Times in 0 Posts
Unhappy Re: Please help me I have found out trogens attacked my computer

Here is my AVG scan. I am sorry for seeming to be somewhat a pest to you.
NO I never will be an expert. Please forgive me as I am totally a computer moron. I hope I posted everything correctly. I truely thank you from the bottom of my heart for helping me out. Merry Christmas!!: :
Attached Files
File Type: log AVG SCAN DEC 5-.log (699 Bytes, 4 views)
File Type: txt bdscan.txt (24.9 KB, 3 views)
File Type: doc Spyware Scan Details.doc(counter spy).doc (20.0 KB, 3 views)
Reply With Quote
  #4  
Old 12-06-06, 16:59
DavidGP's Avatar
DavidGP DavidGP is offline
MajorGeeks Forum Administrator - Grand Pooh-Bah
 
Join Date: Jan 2002
Location: UK
Posts: 38,606
Thanks: 2,805
Thanked 3,028 Times in 2,756 Posts
Default Re: Please help me I have found out trogens attacked my computer

HI BabyT

Stick at it and you will learn alot about PCs... everyone starts out not knowing too much, you'll get their

those are fine, but we will also need your

GetRunKeys
ShowNew
Hijackthis


logs as well, the instructions for these are in the below text........

Also there are steps included for installing, running, and posting HijackThis logs as attachments.
  • Run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support
  • Make sure you check version numbers and get all updates.
  • Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.
  • After doing ALL of the above you still have a problem make sure you have booted to normal mode and run the steps in the below link to properly use HijackThis and attach a log:
Downloading, Installing, and Running HijackThis

Make sure you also rename HijackThis.exe as suggested in the procedures. Use analyse.exe for the new name. This is very important due to some new infections going around.


One thing to do in the meantime is to flush your Java Cache as it has some not welcome pests in it.... to do this follow the below

Start > Settings > Control Panel and double click the Java Plugin > click the Cache Tab > Click the Clear button and then click OK

If you have multiple Java plugin icons in Control Panel follow the above to clear all their caches
Reply With Quote
  #5  
Old 12-06-06, 17:04
babyturk babyturk is offline
Senior Member
 
Join Date: Mar 2006
Posts: 191
Thanks: 0
Thanked 0 Times in 0 Posts
Unhappy Re: Please help me I have found out trogens attacked my computer

: Ok I figured how to do these scans, here they are for your review, thanks again.: : : There has to be something here, I seen the trojen name and all. when I did my AVG scan. Thanks again: :
Attached Files
File Type: txt runkeys.txt (4.0 KB, 2 views)
File Type: txt newfiles.txt (7.7 KB, 3 views)
File Type: txt hijackthis.log.txt (9.1 KB, 5 views)
Reply With Quote
Sponsored links
  #6  
Old 12-06-06, 18:09
DavidGP's Avatar
DavidGP DavidGP is offline
MajorGeeks Forum Administrator - Grand Pooh-Bah
 
Join Date: Jan 2002
Location: UK
Posts: 38,606
Thanks: 2,805
Thanked 3,028 Times in 2,756 Posts
Default Re: Please help me I have found out trogens attacked my computer

Hi

Did you clear your Java cache as mentioned?


also you will need to re-run a few scans again as your ShowNew and GetRunKeys were run from inside the zip files, they need to be unzipped and run as specified below,

GetRunKeys

ShowNew
Reply With Quote
  #7  
Old 12-06-06, 18:14
babyturk babyturk is offline
Senior Member
 
Join Date: Mar 2006
Posts: 191
Thanks: 0
Thanked 0 Times in 0 Posts
Default Re: Please help me I have found out trogens attacked my computer

I went to open the java in control panel, I did just what you said for me to do, and I don't see any cache button, please verify
Thanks again Halo
Reply With Quote
  #8  
Old 12-06-06, 18:22
DavidGP's Avatar
DavidGP DavidGP is offline
MajorGeeks Forum Administrator - Grand Pooh-Bah
 
Join Date: Jan 2002
Location: UK
Posts: 38,606
Thanks: 2,805
Thanked 3,028 Times in 2,756 Posts
Default Re: Please help me I have found out trogens attacked my computer

Quote:
Originally Posted by babyturk
I went to open the java in control panel, I did just what you said for me to do, and I don't see any cache button, please verify
Thanks again Halo
ah ok my fault, maybe different than the one I have in work, try this http://www.java.com/en/download/help/5000020300.xml
Reply With Quote
  #9  
Old 12-06-06, 18:39
babyturk babyturk is offline
Senior Member
 
Join Date: Mar 2006
Posts: 191
Thanks: 0
Thanked 0 Times in 0 Posts
Unhappy Re: Please help me I have found out trogens attacked my computer

Thanks alot Halo!
That worked, java cache is clear!
I hope I did this right here is the Getrunkey like you requested. It won't post it says file was already posted
as well as the show new
You are probably going to get angry at me, but this is the only way I can get it too post I am sorry
I am starting to get a bit frustrated and ready to throw my computer across the room.
Attached Files
File Type: doc GetRunKeys.doc (27.5 KB, 3 views)
File Type: doc ShowNew.doc (29.0 KB, 3 views)
Reply With Quote
  #10  
Old 12-06-06, 19:16
chaslang's Avatar
chaslang chaslang is offline
MajorGeeks Admin - Master Malware Expert
 
Join Date: Feb 2004
Location: Northern New Jersey USA
Posts: 80,164
Thanks: 61
Thanked 7,581 Times in 4,079 Posts
Default Re: Please help me I have found out trogens attacked my computer

Please FOLLOW DIRECTIONS! You are not clicking on the links that Halo gave to you nor are you clicking on the links in the READ ME. You have VERY OLD outdated versions of both ShowNew and GetRunKey. You need to download the current versions. Then YOU MUST EXTRACT all files from the ZIP file into a folder (as specified in the directions). Then you must right click your Start button and select Explore which opens a Windows Explorer window. Now navigate to the folders where you extracted GetRunKey and ShowNew . Find the GetRunKey.bat file and double click on it to run it and create a new runkeys.txt log. The find ShowNew.bat and double click on it to run it and create a new newfiles.txt log. Attach the new logs and please do not put anything into Word Doc anymore. This is never necessary. If you cannot attach something, you are normally doing something wrong or you need to refresh, or you have already attach the EXACT same file which would mean you don't have a new log.
__________________
"There are 10 types of people in this world. Those who understand binary and those who don't."


Support Majorgeeks on Facebook:

Majorgeeks Newsletter
Reply With Quote
Sponsored links
  #11  
Old 12-06-06, 20:30
babyturk babyturk is offline
Senior Member
 
Join Date: Mar 2006
Posts: 191
Thanks: 0
Thanked 0 Times in 0 Posts
Default Re: Please help me I have found out trogens attacked my computer

Hey Chaslang,
I posted the runkeys.text log.
and the newfiles.text log and it said that it is in progress, why can't I see it posted? Please help. Thanks again for all your kindness
Reply With Quote
  #12  
Old 12-06-06, 23:44
babyturk babyturk is offline
Senior Member
 
Join Date: Mar 2006
Posts: 191
Thanks: 0
Thanked 0 Times in 0 Posts
Default Re: Please help me I have found out trogens attacked my computer

Hi has anyone forgotten about me??
Reply With Quote
  #13  
Old 12-07-06, 08:41
babyturk babyturk is offline
Senior Member
 
Join Date: Mar 2006
Posts: 191
Thanks: 0
Thanked 0 Times in 0 Posts
Default Re: Please help me I have found out trogens attacked my computer

HI I realize you all must be busy, but I have not yet heard from anyone since 9pm last night, I am hanging here worried about my computer, can anyone assist me. Thank you.
Reply With Quote
  #14  
Old 12-07-06, 14:33
chaslang's Avatar
chaslang chaslang is offline
MajorGeeks Admin - Master Malware Expert
 
Join Date: Feb 2004
Location: Northern New Jersey USA
Posts: 80,164
Thanks: 61
Thanked 7,581 Times in 4,079 Posts
Default Re: Please help me I have found out trogens attacked my computer

Quote:
Originally Posted by babyturk
HI I realize you all must be busy, but I have not yet heard from anyone since 9pm last night, I am hanging here worried about my computer, can anyone assist me. Thank you.
Have you read this sticky that is at the top of every page in the forum???? Don't Bump! It Only Hurts You!!!

Not following this guideline cost you a days time! Remember this is a free service provided by people who volunteer their time when they have it to give.


Quote:
Originally Posted by babyturk
Hey Chaslang,
I posted the runkeys.text log.
and the newfiles.text log and it said that it is in progress, why can't I see it posted? Please help. Thanks again for all your kindness
I'm not sure what you are doing wrong but you must not be following the directions in HOW TO: Attach Items To Your Post

Try to attach them again. Until you install the correct versions of the programs and run them properly and then attach the logs, there is nothing we can for you.

It would also be a lot more useful if you told us what your problems actually were. Saying "trojans attacked my computer" does not provide us any useful information. Describe your problems? How do you know you have a trojan? Did a scanner detect it? What did it tell you it detected and where was it detected?
__________________
"There are 10 types of people in this world. Those who understand binary and those who don't."


Support Majorgeeks on Facebook:

Majorgeeks Newsletter

Last edited by chaslang; 12-07-06 at 14:42..
Reply With Quote
  #15  
Old 12-07-06, 17:34
babyturk babyturk is offline
Senior Member
 
Join Date: Mar 2006
Posts: 191
Thanks: 0
Thanked 0 Times in 0 Posts
Default Re: Please help me I have found out trogens attacked my computer

I don't like looking like a stupid fool, I did say that I did not understand why my post was not being tended too?? I did see the part about bumping. I don't have an eye problem at all. I am sorry but I don't think I know how to use the zip properly if you can patiently help me out I would truly appreciate that. Thank you.
As I yesterday I did an AVG Scan and it said Trojen found, now as to what kind of trojen I am really not sure- can't remember the name. Should I go and redue the Avg scan? Please let me know. I am getting rid of this computer to my nephew so it is important that it is clean as a whistle if you know what I mean. Thank you for your patience have a winderful day.
I don't know how to get the bold out sorry.
Reply With Quote
Sponsored links
  #16  
Old 12-07-06, 21:23
chaslang's Avatar
chaslang chaslang is offline
MajorGeeks Admin - Master Malware Expert
 
Join Date: Feb 2004
Location: Northern New Jersey USA
Posts: 80,164
Thanks: 61
Thanked 7,581 Times in 4,079 Posts
Default Re: Please help me I have found out trogens attacked my computer

Quote:
Originally Posted by babyturk
I don't like looking like a stupid fool, I did say that I did not understand why my post was not being tended too?? I did see the part about bumping. I don't have an eye problem at all.
If you had seen the post about bumping then you should already have known the answer to why your post had not been answered. Can you afford to be here 24 hours a day???? Well neither can we. We get to each post when we can and as the bumping thread indicates, we work on oldest threads first. So anytime anyone adds unnecessary messages or blatantly just adds a bump message, it is like hanging up when you are waiting on a phone line queue and then call back in later. You are at the bottom of the queue again. Thus if anyone just keeps bumping, they may never get an answer.


Back to your problems with Unzipping!

Didn't you download HijackThis from us in step 7 of the READ ME? It was in a ZIP file and you have extracted it to the correct folder based on your log in message number 5. A similar procedure must be followed anytime you want to extract from a zip file. So quoting from the HJT procedure.

Quote:
To extract hijackthis.exe on WinXP systems without WinZip:
  • Locate the HijackThis.zip file you downloaded and right click on it
  • Select Extract All and click Next
  • Browse your way to the C:\Program Files\HJT folder created above
  • Select the folder and click Next

Using WinZip(assuming it is installed):
  • Locate the HijackThis.zip file you downloaded and right click on it and select Extract to. This will open Winzip.
  • Use the Folders/drives navigation pane to locate and select the C:\Program Files\HJT folder you previously created. After selecting it, make sure it shows in the Extract to: box.
  • Click the Extract button
I cannot tell you exactly since I don't know what you are using to handle ZIP files (WinXP builtin which is not very good and probably why you are confused) or WinZip.

Obviously in the above you would need to replace HijackThis.zip with either GetRunKey.zip or ShowNew.zip and also you would need to replace C:\Program Files with the suggested C:\MGTools
__________________
"There are 10 types of people in this world. Those who understand binary and those who don't."


Support Majorgeeks on Facebook:

Majorgeeks Newsletter

Last edited by chaslang; 12-07-06 at 21:30..
Reply With Quote
  #17  
Old 12-07-06, 22:36
babyturk babyturk is offline
Senior Member
 
Join Date: Mar 2006
Posts: 191
Thanks: 0
Thanked 0 Times in 0 Posts
Default Re: Please help me I have found out trogens attacked my computer

I am sorry but I think I give up, I just can't seem to unzip GetRunKey or ShowNew, guess I will just let the trojens take over
Reply With Quote
  #18  
Old 12-07-06, 22:57
chaslang's Avatar
chaslang chaslang is offline
MajorGeeks Admin - Master Malware Expert
 
Join Date: Feb 2004
Location: Northern New Jersey USA
Posts: 80,164
Thanks: 61
Thanked 7,581 Times in 4,079 Posts
Default Re: Please help me I have found out trogens attacked my computer

Quote:
Originally Posted by babyturk
I am sorry but I think I give up, I just can't seem to unzip GetRunKey or ShowNew, guess I will just let the trojens take over
How did you unzip HijackThis.zip?


I'm wondering if you are not reading the part of the instuctions that say that you need to install WinZIP or similar to be able to extract files.

Do you have the following installed: WinZip If not, you need to download and install it. You need to have a utility on your PC that can work with ZIP files.
__________________
"There are 10 types of people in this world. Those who understand binary and those who don't."


Support Majorgeeks on Facebook:

Majorgeeks Newsletter

Last edited by chaslang; 12-07-06 at 23:36..
Reply With Quote
  #19  
Old 12-07-06, 23:31
chaslang's Avatar
chaslang chaslang is offline
MajorGeeks Admin - Master Malware Expert
 
Join Date: Feb 2004
Location: Northern New Jersey USA
Posts: 80,164
Thanks: 61
Thanked 7,581 Times in 4,079 Posts
Default Re: Please help me I have found out trogens attacked my computer

Download the attachment named MGTools01.zip
  • Find the file wherever you downloaded it too and double click on it.
  • In whatever application opens up on your PC, locate the MGtools.exe file and double click on it.
  • This should automatically make a folder named C:\MGTools and put all the files for GetRunKey and ShowNew into this folder.
  • It will also automatically create both the c:\runkeys.txt log and the c:\newfiles.txt
  • When it finishes you will see the newfiles.txt log popup in notepad. You can just close it.
  • Now attach the c:\runkeys.txt and the c:\newfiles.txt logs to your next message.
Attached Files
File Type: zip MGtools01.zip (249.8 KB, 1 views)
__________________
"There are 10 types of people in this world. Those who understand binary and those who don't."


Support Majorgeeks on Facebook:

Majorgeeks Newsletter
Reply With Quote
  #20  
Old 12-08-06, 21:43
babyturk babyturk is offline
Senior Member
 
Join Date: Mar 2006
Posts: 191
Thanks: 0
Thanked 0 Times in 0 Posts
Default Re: Please help me I have found out trogens attacked my computer

Yes I do have WinZip on my computer. My brother winzipped Hijack this for me and he lives across the country
So I am left here very lost.
Reply With Quote
Sponsored links
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -5. The time now is 11:27.

MajorGeeks.Com Menu

MajorGeeks.Com \ All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ NEW! PC Games \ System Tools \ Macintosh \ Demonews.Com \ Top Downloads

MajorGeeks.Com \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds


Powered by vBulletin® Version 3.8.4
Copyright © 2009 vBulletin Solutions, Inc. All rights reserved.
Ad Management by RedTyger