Can you navigate to the C:\Users\Paige\AppData\Local\temp folder and delete everything in there.
Are you able to borrow a Vista CD from anyone? It has to be the same version as you have. Eg; Home basic, Ultimate etc.
Printable View
Can you navigate to the C:\Users\Paige\AppData\Local\temp folder and delete everything in there.
Are you able to borrow a Vista CD from anyone? It has to be the same version as you have. Eg; Home basic, Ultimate etc.
I deleted everything except hsperfdata_Paige in the Temp folder.
I can ask around and see if someone has one that I can borrow. Do you think I should just reinstall Vista to replace what I have now? Will that get rid of the viruses? What about just upgrading to Windows 7?
What you end up doing depends really on how your PC is now.
If you are having major problems a reformat may be the way to go. If minor, a repair will probably suffice.
If you have already been considering Windows 7, now might be the time.
I have it here along with a 1Tb hard drive, but haven't found time to install it yet. Maybe tomorrow :).
Does reformat=all data erased? If that's the route that I have to take I guess it will have to be done. I performed a repair early yesterday but I guess it didn't help. I will ask around for CD's tomorrow, I am sure someone has to have one.
Well thank you so much for your help with this. I hope I didn't take any time away from you and hopefully you will get around to installing it soon. I wonder if it really is better. After ME and Vista Microsoft has me reconsidering the worth of a MAC.
Again, I really appreciate your help and assistance with this. :)
Yes. A repair leaves your files intact.Quote:
Originally Posted by Thexy
I am sure I asked you a couple of days ago not to do something I hadn't requested. How did you do a repair without a CD?Quote:
Originally Posted by Thexy
I used the pre-release Windows 7 and it is streets ahead of Vista imo.Quote:
Originally Posted by Thexy
I didn't do a CD repair...I pressed F8 and did a repair thru there. On Dec 19 (the first day) I remember you asking if I did a restore and I tried both and the repair worked and allowed me to boot normal.Quote:
I am sure I asked you a couple of days ago not to do something I hadn't requested. How did you do a repair without a CD?
Of course. I forgot it was a lappie :).
So, what problems are you still having?
It was..and those first 2 days stayed up pretty much the whole time. I thought that the more I let me laptop "sit", the worse the worm would get. Needles to say, with your assistance, I finally got a nice long nap in last night/today.
The only 2 problems that I see is that I am still being redirected in Google and my system is lagging a bit. I clear my Temp files and run Kaspersky pretty much every hour since I've installed it. I have attached the log..its very detailed..:)
Please download GooredFix from one of the locations below and save it to your Desktop
Download Mirror #1
Download Mirror #2
- Ensure all Firefox windows are closed.
- To run the tool, double-click it (XP), or right-click and select Run As Administrator (Vista).
- When prompted to run the scan, click Yes.
- GooredFix will check for infections, and then a log will appear. Please post the contents of that log in your next reply (it can also be found on your desktop, called GooredFix.txt).
Are you still being re-directed now?
Yes, I am still being redirected. But it doesn't happen each time. I don't know if Kaspersy is deleting it and then it reappears from something else or what. I am getting a message saying that there is something (.dll) in my Adobe Shockwave folder so I'm guessing the redirect worm is being deleted but the "root" (?) is staying hidden in a folder. I'm not sure on how viruses actually work, but that's the only thing I can see happening if it is being deleted and nothing else has been downloaded.
GooredFix by jpshortstuff (06.12.09.1)
Log created at 18:36 on 22/12/2009 (Paige)
Firefox version 3.5.6 (en-US)
========== GooredScan ==========
========== GooredLog ==========
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd} [06:24 22/12/2009]
C:\Users\Paige\Application Data\Mozilla\Firefox\Profiles\eaibke6f.default\extensions\
[email protected]oration [09:37 15/11/2009]
{08857884-66b6-48bf-82e4-b0eb89b5c47c} [06:37 18/12/2009]
{1b8cc170-8c85-11db-b606-0800200c9a66} [00:57 25/11/2009]
{20a82645-c095-46ed-80e3-08825760534b} [19:24 01/09/2009]
{4D144BC3-23FB-47de-90C5-63CCB0139CCF} [04:25 03/12/2009]
{635abd67-4fe9-1b23-4f01-e679fa7484c1} [05:50 31/03/2008]
{97bceb59-cfcd-4b16-a863-b3f72cf9f196} [07:31 11/07/2008]
{E2883E8F-472F-4fb0-9522-AC9BF37916A7} [07:15 27/09/2009]
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{20a82645-c095-46ed-80e3-08825760534b}"="c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\" [05:05 12/06/2009]
-=E.O.F=-
I was responding while it downloaded ;p
Couple of things to try still.
Clear the Java Plug-in cache by:
- Clicking Start > Control Panel.
- Double-click the Java icon in the control panel.
The Java Control Panel appears.
- Click Settings under Temporary Internet Files.
The Temporary Files Settings dialog box appears.
- Click Delete Files.
The Delete Temporary Files dialog box appears.
There are three options on this window to clear the cache.
- Delete Files
- View Applications
- View Applets
- Click OK on Delete Temporary Files window.
Note: This deletes all the Downloaded Applications and Applets from the cache.- Click OK on Temporary Files Settings window.
==============
- Go to Start > Control Panel double-click on the Software icon > add/remove programs.
- Search in the list for all previous installed versions of Java. (J2SE Runtime Environment.... )
- Select it and click Remove.
- Then Download and install the newest version from here:
- http://www.java.com/en/download/manual.jsp
==
Find out exactly which dll file is giving the problem and remove it.
I uninstalled and re-installed Java via the link you provided. I deleted the Java folder before I reinstalled it because that is where a few bad scans were reported. I also deleted the npswf32.dll and np32dsw.dll files in the system.32 file folder.
So far, no more redirects, but my comp is still lagging. I noticed a lot of svchost.eve processes running in Task Manager. Does that have anything to do with a virus?
Having multiple instances of svchost.exe is normal. Are there any that you can see that is using a lot of cpu time?