We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
nternet access problem after moving from AOL to Sky
Comments
-
just tried to do this and hijack came up with error at minimain point or something like that and doesnt seem to have got rid of the above files.Well the other possibility is that they've resisted HJT fixing it, so don't be too concerned. If I was more slick with OTL, I could put them all into that.
Tick and Fix these:
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\Docum ents and Settings\Carole\Local Settings\Application Data\lesyyght\tkgahfkx.exe
O1 - Hosts: ÿþ1 2 7 . 0 . 0 . 1 l o c a l h o s t
O1 - Hosts: : : 1 l o c a l h o s t
O2 - BHO: (no name) - {E3215F20-3212-11D6-9F8B-00D0B743919D} - c:\program files\stopzilla!\sziebho.dll (file missing)
O4 - HKUS\S-1-5-18\..\Run: [TkgAhfkx] C:\Documents and Settings\Carole\Local Settings\Application Data\lesyyght\tkgahfkx.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TkgAhfkx] C:\Documents and Settings\Carole\Local Settings\Application Data\lesyyght\tkgahfkx.exe (User 'Default user')O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: STOPzilla Service (szserver) - iS3, Inc. - C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe0 -
Don't worry, it's likely the infection blocking it. Same thing it did here:
" Folder move failed. C:\Documents and Settings\Carole\Local Settings\Application Data\lesyyght scheduled to be moved on reboot."
Just run the Kaspersky scan for now and see how you get on.
Would be a good idea to think about reinstalling Windows though, especially if Waddler's correct about it being Ramnit. Have you backed things up in the past?0 -
I have backed most of my stuff up but I think there are some pics which have not been saved to a disk that I really dont want to lose so will save them in the morning and then if all else fails I will reinstall whatever. i did notice something when it rebooted at one stage it did pop up with a window saying windows xp not running stable or something and to reinstall xp
I will run the scan now and will be back on in the morning and let you know what is what. I am at work so will have to access here as and when.
Thank you so much for your help you have been great0 -
I'd be careful with backups, as Ramnit is a file infector (like the viruses of old!). I'd leave the backup you've already made alone and not access it with the infected machine, and stick those pictures you mentioned onto a spare USB stick or the like. If/when you reinstall, set up security first (e.g. Avast and Malwarebytes) and only then access the backups, and scan them with both programs.
This is one of the cases where it'd be a lot easier to have the machine in front of me - and not because of you! - just the limitations of working online. Most of the tools I use are designed to be used in person, and it's easier to troubleshoot when I can see myself what is happening. If I knew OTL better it'd make life a lot easier, as I can see how it could solve a lot of the problems in that log with the right commands.0 -
What makes you think Ramnit? C:\WINDOWS\imsins.BAK?
No, I'm pretty sure that's legit and a back up of a windows log file related to WU. It's the various tkgahfkx.exe userinit/run entries that makes me suspect ramnit. The reason they are proving troublesome reinforces that somewhat.0 -
Got up this morning and Kaspersky had finished running showing virus TROJAN.WIN32PATCHED.
I cant now access the internet via firefox or access windows it just keeps saying not a win32 application, so looks like I have had it. cant get into windows or anything although my pictures do seem to be still there so will try to back them up later. I am accessing this site from work now.
0 -
Do you have the Windows XP Pro discs?
Ironically every 'win32patched' in the Kaspersky forums is being treated with Combofix. Did Kaspersky give the option to disinfect?
Exactly what steps did you take upon finding 'trojan.win32patched', to not not being able to access Windows?0 -
Yes I have the discs. it did give me the option to disinfect but wouldnt actually perform the task it looks like it has frozen
I just tried to get onto firefox to post on here but it wouldnt let me, I then tried to open windows to type something up and again it wouldnt let me0 -
At worst you can do a repair install of Windows, just to get it working long enough to backup those photos. Just follow whichever of the two guides you find easier to read, and print them off:
http://www.michaelstevenstech.com/XPrepairinstall.htm
http://www.windowsreinstall.com/winxphome/installxpcdrepair/indexfullpage.htm
Alternatively, are you able/allowed to download large files or burn discs from the computer you are using now? If so you'd have more options.0 -
Not sure if I could download to hee I doubt it as there are a lot of sites blocked. I will have a go at what you have said to get the pictures off I dont think there is a lot I havent saved.
I have managed to print off the first link you have just sent but wasnt allowed to open the 2nd link. I will see what I can do tonight.0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 351.7K Banking & Borrowing
- 253.4K Reduce Debt & Boost Income
- 454K Spending & Discounts
- 244.7K Work, Benefits & Business
- 600.2K Mortgages, Homes & Bills
- 177.3K Life & Family
- 258.4K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.2K Discuss & Feedback
- 37.6K Read-Only Boards