Almost Clean, need a little help

MrTim · Jan 2, 2006

Hey,
So I spent a good part of yesterday doing the basic cleaning, as per the instructions on this site, and first off, my computer is running much faster already! But there seems to be some lingering issues, I had a number of items pop up with the Panda ActiveScan, and BitDefender said it didn't delete everything (though it looked like it did as it was running). Anyways, I run Windows XP with SP 2, if you need any more specs or anything, just ask me. And I'm posting my logs for ActiveScan, BitDefender, and HJT, so any help to get me rid of the last couple remaining bugs would be really appreciated! Happy New Year!

--Tim

chaslang · Jan 2, 2006

What current problems are you having?

The only items I see that you should delete are in the Panda log. Make sure you have viewing of hidden and system files enabled per the READ ME and boot into safe mode. Use Windows Explorer to locate and delete the below:
C:\FOUND.002\FILE0002.CHK
C:\WINDOWS\SYSTEM32\msfdje.gif
C:\WINDOWS\SYSTEM32\msglji.gif
C:\WINDOWS\SYSTEM32\mshpeb.dll
C:\WINDOWS\SYSTEM32\mskplb.dll
C:\WINDOWS\SYSTEM32\msiaih.dll
C:\WINDOWS\SYSTEM32\msnapl.dll
C:\WINDOWS\SYSTEM32\MFC42ENU.exe
C:\WINDOWS\SYSTEM32\FM20ENU8.exe
C:\WINDOWS\SYSTEM32\?hkdsk.exe <--- DO NOT DELETE CHKDSK.EXE. This is not chkdsk.exe but may look like it. It will be much larger in size than chkdsk.exe. And if sorted in alphabetical order you will probably notice that it is out of place. That's because the ? contains multple unprintable characters on top of the "c". If not sure, just tell me what you find and we will figure out what to do.

MrTim · Jan 2, 2006

Hey, thanks for the help so far. I don't have any problems that I'm noticing right now, I mainly just wanted to know what to do with those files that the Panda log had listed, wanted someone who actually knew what they were doing to let me know if it was okay to delete them

So I deleted all of them except for ?hkdsk.exe, I found 2 programs in the SYSTEM32 folder that were called chkdsk.exe, one of them was in the correct alphabetical order, the other was listed at the very end of the list, so I'm assuming the one that's out of order is the one I should delete? THe one out of order also has a date created/modified that's about the same as the other files I just deleted, and it has an icon that has the initials MFC on it. Other than that, I got rid of everything else, thanks in advance!

--Tim

chaslang · Jan 2, 2006

The valid chkdsk.exe is approx 12 k in size (depends on the SP level) and is in correct alphabetical order.

Delete the other one which is probably much larger and obviously out of order as you said.

Then if you are not having any other malware problems, it is time to go back to step 1 of the READ & RUN ME to Disable System Restore which will flush your Restore Points. Then reboot and enable System Restore to create a new clean Restore Point.

After that, you should work thru the below link:

How to Protect yourself from malware!

MrTim · Jan 2, 2006

Hey, just wanted to say that I got it all done, and everything looks pretty good. Thanks a bunch, chas!

--Tim

chaslang · Jan 2, 2006

You're welcome. Surf Safely!

Log in or Sign up

Almost Clean, need a little help

MrTim Private E-2

Attached Files:

Activescan.txt

bitdefender.txt

hijackthis.log

chaslang MajorGeeks Admin - Master Malware Expert Staff Member

MrTim Private E-2

chaslang MajorGeeks Admin - Master Malware Expert Staff Member

MrTim Private E-2

chaslang MajorGeeks Admin - Master Malware Expert Staff Member