Below is what I posted a few days ago .. and no offerings of help .. so where can I go now ?
Hi
It appears now that I have removed crypt trojans with Malawarebytes and AVG. The pc does not "talk" to the internet even though it says network connected. My connection is good as I have it hardwired and it is working perfectly, plugged into my XP machine on the same desk.
Hijackthis says quite a few files are now missing .. eg. lsass.exe .. wbengine.exe for starters. I am unable to enable Windows Firewall .. Restore fails to restore everytime. Hijack cannot access Hosts file. It is there
Any help would be greatly appreciated.
Thanks
Mike
Windows 7 Home Premium 64bit SP1
My Computer
At a glance
Windows 7 Home Premium 64 bit SP1AMD FX(tm)-4100 Quad-Core Processor 3.60GHz
Then save the two text files to you flash drive and upload it from your XP PC
My Computer
At a glance
Windows 7 Ultimate 32-Bit & Windows 7 Ultimat...Intel Core i7 CPU 950 @ 3.07GHzOCZ 6GB (3 x 2GB) 240-Pin DDR3 SDRAM DDR3 160...ATI Radeon HD 5700 Series
Computer Manufacturer/Model Number
Custom Built
OS
Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
After you've done that, let's flush the DNS cache and restore MS's Hosts File.
Copy and paste these lines in Note pad.
@Echo on
pushd\windows\system32\drivers\etc
attrib -h -s -r hosts
echo 127.0.0.1 localhost>HOSTS
attrib +r +h +s hosts
popd
ipconfig /release
ipconfig /renew
ipconfig /flushdns
netsh winsock reset all
netsh int ip reset all
shutdown -r -t 1
del %0
Save as flush.bat to your desktop.
Double click on the flush.bat file to run it.Vista and Windows 7... right click the .bat file and choose to run as Administrator. Your computer will reboot itself.
My Computer
At a glance
Windows 7 Ultimate 32bit SP1Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz4 GBATI Radeon HD 2600 Pro
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Bruce ... somewhere in his 40's
OS
Windows 7 Ultimate 32bit SP1
CPU
Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz
Motherboard
INTEL/D975XBX2
Memory
4 GB
Graphics Card(s)
ATI Radeon HD 2600 Pro
Monitor(s) Displays
Samsung SyncMaster 914v
Screen Resolution
1280 x 1024
Hard Drives
2/500GB each ... ST3500630AS ATA Device.
One is not connected
I'd recommend removing Spybot Search and Destroy 2 . Doesn't do any good .
My Computer
At a glance
Windows 7 Ultimate 32-Bit & Windows 7 Ultimat...Intel Core i7 CPU 950 @ 3.07GHzOCZ 6GB (3 x 2GB) 240-Pin DDR3 SDRAM DDR3 160...ATI Radeon HD 5700 Series
Computer Manufacturer/Model Number
Custom Built
OS
Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
Download Security Check by screen317 from here http://screen317.spywareinfoforum.org/SecurityCheck.exe or here http://screen317.spywareinfoforum.org/
Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt.
Please post the contents of that document.
My Computer
At a glance
Windows 7 Ultimate 32bit SP1Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz4 GBATI Radeon HD 2600 Pro
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Bruce ... somewhere in his 40's
OS
Windows 7 Ultimate 32bit SP1
CPU
Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz
Motherboard
INTEL/D975XBX2
Memory
4 GB
Graphics Card(s)
ATI Radeon HD 2600 Pro
Monitor(s) Displays
Samsung SyncMaster 914v
Screen Resolution
1280 x 1024
Hard Drives
2/500GB each ... ST3500630AS ATA Device.
One is not connected
Results of screen317's Security Check version 0.99.64
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 10 ``````````````Antivirus/Firewall Check:`````````````` Windows Security Center service is not running! This report may not be accurate!
ZoneAlarm Antivirus
AVG Internet Security 2013
Antivirus up to date! (On Access scanning disabled!) `````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.75.0.1300
Java(TM) 7 Update 5 Java version out of Date!
Adobe Flash Player 11.7.700.202
Adobe Reader XI
Mozilla Firefox 19.0.2 Firefox out of Date!
Google Chrome 26.0.1410.64
Google Chrome 27.0.1453.110 ````````Process Check: objlist.exe by Laurent````````
AVG avgwdsvc.exe `````````````````System Health check`````````````````
Total Fragmentation on Drive C: 2% ````````````````````End of Log``````````````````````
My Computer
At a glance
Windows 7 Home Premium 64 bit SP1AMD FX(tm)-4100 Quad-Core Processor 3.60GHz
Download the latest version of Java Runtime Environment (JRE) 7u21. Java SE Downloads
Scroll over to the right (JRE)
Click the "Download" button to the right.
Check the box that says: "Accept License Agreement".
The page will refresh.
Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
Close any programs you may have running - especially your web browser.
Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
[*]Check any item with Java Runtime Environment (JRE or J2SE) in the name.
[*]Click the Remove or Change/Remove button.
[*]Repeat as many times as necessary to remove each Java versions.
Reboot your computer once all Java components are removed.
Then from your desktop double-click on jre-7u21-windows-i586-p.exe to install the newest version.
After doing that, download TFC by Old Timer TFC - Temp File Cleaner by OldTimer - Geeks to Go Forums and save it to your desktop. Save any unsaved work. TFC will close ALL open programs including your browser!
Double-click on TFC.exe to run it. If you are using Vista/Windows 7 right-click on the file and choose Run As Administrator.
Click the Start button to begin the cleaning process and let it run uninterrupted to completion. Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete clean.
Now, I'd like you to scan your machine with ESET OnlineScan
Hold down Control and click on the following link to open ESET OnlineScan in a new window. ESET OnlineScan
Click the
button.
For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
Click on
to download the ESET Smart Installer. Save it to your desktop.
Double click on the
icon on your desktop.
Check
Click the
button.
Accept any security warnings from your browser.
Check
Push the Start button.
ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
When the scan completes, push
Push
, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
Push the
button.
Push
My Computer
At a glance
Windows 7 Ultimate 32bit SP1Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz4 GBATI Radeon HD 2600 Pro
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Bruce ... somewhere in his 40's
OS
Windows 7 Ultimate 32bit SP1
CPU
Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz
Motherboard
INTEL/D975XBX2
Memory
4 GB
Graphics Card(s)
ATI Radeon HD 2600 Pro
Monitor(s) Displays
Samsung SyncMaster 914v
Screen Resolution
1280 x 1024
Hard Drives
2/500GB each ... ST3500630AS ATA Device.
One is not connected
I have done everything you suggested, up to and completed the Temp file cleaner.
I will run Eset tomorrow ... again ... because whilst I was waiting earlier for more guidance I read on another thread about Eset.
I ran it .. one third of the way thru it declared a threat .. HTML/Phishing Gen Trojan. When the prog got to 2/3ds .. AVG popped up and found Backdoor.generic17.gdp .. which it deleted.
I will run Eset tomorrow as you suggest
I really appreciate your help.
Cheers
Mike
My Computer
At a glance
Windows 7 Home Premium 64 bit SP1AMD FX(tm)-4100 Quad-Core Processor 3.60GHz
Have not tried to see if Restore works .. Windows Firewall, I am still unable to change it .. I can hear my music but not hear sounds in WOW .. I uploaded Java and now I see one entry in programs.. Java 7update 21 (64 bit) assume that is correct .. .. otherwise it appears ok
My Computer
At a glance
Windows 7 Home Premium 64 bit SP1AMD FX(tm)-4100 Quad-Core Processor 3.60GHz