Settings Cleaned Out??

Discussion in 'Malware Help (A Specialist Will Reply)' started by wiggyirl, Feb 7, 2007.

  1. wiggyirl

    wiggyirl Private E-2

    When I started my computer the last few times, this message appeared:

    Windows has detected your settings are corrupted...

    and then another one that read:

    Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off.

    My desktop was totally cleared off and all programs, settings etc had been reset to default.

    I did download some clip-art last night for making a website and one file came with a bunch of other files attached, including "The Weather Channel".

    I imagine something came in with this stuff or when I tried to uninstall some of the stuff, that corrupted the files.

    Can you help?:eek:
     
    wiggyirl, Feb 7, 2007
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Please follow our standard cleaning procedures which are necessary for us to provide you support. Also there are steps included for installing, renaming, running, and posting HijackThis logs as attachments.
    • Run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support
    • Make sure you check version numbers and get all updates.
    • Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.
    • After doing ALL of the above you still have a problem make sure you have booted to normal mode and run the steps in the below link to properly use HijackThis and attach a log:
    Make sure you also rename HijackThis.exe as suggested in the procedures. Use analyse.exe for the new name. This is very important due to some new infections going around.
    • When you return to make your next post, make sure you attach the following logs and that you have run these scans in the following order too:
      • CounterSpy
      • AVG Antispyware log - ONLY IF NEEDED you were not able to run CounterSpy
      • Bitdefender - from step 6
      • Panda Scan - from step 6
      • runkeys.txt - the log from GetRunKey.bat
      • newfiles.txt - the log from ShowNew.bat
      • HijackThis
    NOTE: You can only attach 3 files in a single message so it will require that you use two messages to attach all of these logs!
     
    chaslang, Feb 7, 2007
    #2
  3. wiggyirl

    wiggyirl Private E-2

    Thank you so much.

    I've attached the first three logs. I'll send the second in the next message. I couldn't run CounterSpy, so I did AVG Antisypyware.

    I really think the trojan came in on something called Freeze.

    I hope you can help.
    Thanks,
    wiggyirl (actually was meant to be wiggyGirl)
     

    Attached Files:

    wiggyirl, Apr 11, 2007
    #3
  4. wiggyirl

    wiggyirl Private E-2

    Also, I forgot to add on my previous post that I could not download Panda Scan for some reason???

    Again, thank you very much for your direction. I know it's taken me a long while to get back to you, but I wanted to be as thorough as possible.
     

    Attached Files:

    wiggyirl, Apr 11, 2007
    #4
  5. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Please rename HijackThis.exe as requested in step 7 of the READ ME and then attach a new log.

    You need to goto Add/Remove programs and uninstal My Web Search (Smiley Central) as indicated in step 0 of the READ ME.

    Did you install BitDefender 10 while doing the READ ME? You seem to already have Panda Antivirus installed. You were not suppose to install and run BitDefenders Antivirus package. You were only suppose to run the online scanner.

    Does the below file exist? If so, delete it. In fact, delete the whole c:\pass folder if found.
    C:\pass\intcodec-v6.392.exe

    You did not run GetRunKey properly! The log is out of order almost like you manually created it? However since it took you so long to do these steps, you do not have the correct versions of GetRunKey or ShowNew. You need to download the new versions and use them to get new logs and attach them.

    You should not need to edit anything when running GetRunKey (or ShowNew). When it finishes running, just close the window that opens and then upload the c:\runkeys.txt (or c:\newfile.txt) log that is created.


    Do you use FireFox? If so, you are way out of date and that is a security risk.
     
    chaslang, Apr 12, 2007
    #5

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds