Trojan and other diseases

The first thing I want you to do is to backup all your personal data and files to a cd.

Please refrain from making any changes to your system (updating Windows, installing applications, removing files, etc.) from now on as it might prolong handling your log and make the job for both of us more difficult.

Now download The Avenger by Swandog469, and save it to your Desktop (if need be, download on a different computer and transfer via cd).

* Extract+ avenger.exe from the Zip file and save it to your desktop

Please double-click the RootRepeal.exe previously downloaded.

* Select File then Scan
* On the Select Drives form select drive [ insert drive infected here ] by "ticking" the box for drive [insert drive here] and click OK
* When the scan is complete - highlight each of the following file(s) (one at a time if more then one is listed) by left clicking it. Then use right mouse click and select the Wipe File option only for each file.
c:\documents and settings\grigoris\grigoris.exe
c:\documents and settings\grigoris\reader_s.exe
c:\windows\temp\0603ce18-6a55-4f8e-9185-5dab6e8fa2f7.tmp
c:\documents and settings\grigoris\application data\pridl\pridl.exe
C:\Documents and Settings\Greg\Local Settings\Temp\IXP000.TMP\sys
c:\documents and settings\grigoris\local settings\temp\plugtmp-11\s
* After Wiping all files, immediately reboot your pc!

Please disable all anti-virus and anti-spyware programs while we do the following (re-enable when you are finished):

Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

After clicking Fix, exit HJT.

Now Copy the bold text below to notepad. Save it as fixME.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

Make sure that you tell me if you receive a success message about adding the above
to the registry. If you do not get a success message, it definitely did not work.

* Run avenger.exe by double-clicking on it.
* -Do not change any check box options!!
* Copy everything in the Quote box below, and paste it into the Input script here: part of the window:

* Now click the Execute button.
* Click Yes to the prompt to confirm you want to execute.
* Click Yes to the Reboot now? question that will appear when Avenger finishes running.
* Your PC should reboot, if not, reboot it yourself.
* A log file from Avenger will be produced at C:\avenger.txt and it will popup for you to view when you login after reboot.
-
Now run Ccleaner to clean out only temp files and nothing else!

Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator).

Then attach the below logs:

* C:\Avenger.txt
* C:\MGlogs.zip

 

You continue on with my instructions.

 

My bad...let's do it again.
Please disable all anti-virus and anti-spyware programs while we do the following (re-enable when you are finished):

* Run avenger.exe by double-clicking on it.
* -Do not change any check box options!!
* Copy everything in the Quote box below, and paste it into the Input script here: part of the window:

* Now click the Execute button.
* Click Yes to the prompt to confirm you want to execute.
* Click Yes to the Reboot now? question that will appear when Avenger finishes running.
* Your PC should reboot, if not, reboot it yourself.
* A log file from Avenger will be produced at C:\avenger.txt and it will popup for you to view when you login after reboot.

Please use this link and go to Error message #4 to fix the MGTools error:
Using MGtools

Attach the new logs:
C:\MGLogs.zip
C:\Avenger.txt

 

Are you saying that you do now have Microsoft Netframework installed? If you clicked ok to continue, then you probably did get a new log....so just attach the C:\MGLogs.zip.

 

IMPORTANT NOTE: Some if not many, of your Windows system files are infected. And many other non-Windows files could also be infected. Even if we attempt to fix these problems (which may not be easy to do unless you have an original Windows XP SP3 bootable CD), your system may be unreliable and untrustworthy.You may need to reinstall this system.

Your logs show that your Windows Operating system files have become infected and there is no known reliable fix for this. In addition there are many many other infected files. We could spend a lot of time trying to remove this infection, but odds are that it will not work because the nature of the infection has so many executable system files infected that as soon as we fix one file, other files that are infected will almost immediately or upon the next reboot, just reinfect the files. In addition, your PC would still basically be unreliable/untrustworthy even if we manage to fix the infected files that we can see since there could be many more that we are not seeing.

The safest thing for you to do is backup your personal data immediately since your PC could possible become unbootable at any point in time. Do not back up any executable files. This includes programs that you have downloaded since any of them could be infected.

Once you backup, you need to perform a total reinstall of Windows and all other necessary software. DO NOT reinstall from any executable files you backed up because they are most likely infected.

 

As long as you did not backup any of the file types I referred to, then you should be safe.

As to how to protect yourself in the future:
How to Protect yourself from malware!