scotiabahn
-
Posts
114 -
Joined
-
Last visited
Posts posted by scotiabahn
-
-
I can unzip it on my old E drive, but it won't run nor can I move the .exe to the desktop... as soon as I do a 'mouseover' the filename in explorer it bounces me out and shows wbjrwesa.txt in taskmgr... bother...
-
I wonder if it's possible to put the hjt log zip on a usb drive, unzip it in there, and drag and drop the file onto your desktop, just to see if it's even possible it will allow you to run it.
unfortunately I don't have a USB drive option for the affected machine, but I could try it on an old-fashioned floppy or even the old hard drive still attached for backups...
otherwise I think I'll just have to try and smite it!
-
OK...
so, I've completely removed KB908531 (uninstalled through Control Panel/add/remove programs), deleted any remaining versions of verclsid.exe, including in prefetch, and scoured the registry deleting any remaing references in there, and rebooted the machine..
still won't run CCleaner...
tried looking at task manager again to see if there's anything happening there, see if verclsid is popping up from somewhere else...
no, it isn't, BUT... I have a new suspect that I could use some guidance on... I noticed that when I click on CCleaner I am now getting another process in task manager - wbjrwesa.txt, whatever the h*ll that is...
have tried searching for it on Google but it's not listed there... tried browsing it, but I get 'access denied'... it exists in windows/system32 and prefetch...
any suggestions?
meantime I'll go look a bit further... tempted to just try deleting the damn thing, but as I've already wrecked something else (don't ask!
) trying to get rid of this, I'd like to see whether anyone has any other suggestions... -
thx - I'll have a crack at that in the morning now, only just got the study back after my son finished his homework...
Now I'm really getting worried... I wasn't able to look at the Hijackthis website from my desktop... I downloaded it on my laptop and emailed the zip file across, but I can't expand the zip on my desktop... so do we have malware attacking CCleaner and it's related software, or is this still a verclsid issue, because HJT uses similar classes that MS consider unfriendly?
I'm going to have to try complete removal of KB908531 and see where that gets me, but I'll have to do it later - work to be done...
Meantime, anyybody has anything else to chip in, be glad to hear it...
-
No problem
Read the instructions here and the download button for the hjt log program is at the bottom.
http://forum.piriform.com/index.php?showtopic=1720
This is the part of the forum where to post the log, the new topic button is at the top right hand side.
http://forum.piriform.com/index.php?showforum=12
Any problems, just ask someone will always help if you have problems doing it.
thx - I'll have a crack at that in the morning now, only just got the study back after my son finished his homework...
-
You could always post a hjt log in the section for it on the forum, just to clear up that possibility.
ummm... would you care to explain that in newbie language?
-
Take a look at this
http://www.pcworld.com/article/id,125507-page,1/article.html
there's a lot of those around when you start looking... from what I can work out, the original version was so crummy that they had to put another one out real quick, but that's a year back now... this pc has a (fairly... until this...) stable system so something must have changed more recently...
I've just tried following the guidance further above but that wasn't enough... So far I've renamed two copies of verclsid.exe to *.old (found via standard search function) and deleted the prefetch copy, then rebooted and rescanned - no sign of verclsid.exe anywhere, but no improvement either... still no CClenaer running, still no access to this forum except via laptop rather than desktop...
So... either I haven't managed to find everything... or it's malware...
guess I could try getting uninstalling the MS fix itself... I'd better put the verclsid.old files back to the 'proper' extensions otherwise they may get missed... might try that later unless anyone has any better suggestions (ever hopeful...) but now I gotta got do some other stuff for a while
-
Good luck
I'm still hoping someone will come up with something better before I get to it...
-
Here is the latest I could find
Well, that seems a bit simpler than some of the other guides I've seen so thanks for that, but I still have to switch off VERCLSID which is (allegedly) there to protect my machine..
I have seen something on the MS website relating to problems with HP and Nvidia, and there was a fix for that which updated the registry to make them 'acceptable' to VERCLSID. I guess that would be the ideal solution.. but that all rather presumes that I'm not barking mad in my suggestions about verclsid... haven't got time to do it now, but I guess I could try the guidance above and see what happens - if it doesn't fix it, then that would at least shoot my theory full of holes...
-
I was certainly thinking that it was malware targeting CCleaner at first, but I also found the wilersecurity report about verclsid.exe and my current theory (half-baked lunatic raving more like...) is that something about the last CCleaner upgrade or an MS Update has resulted in this new incompatibility. I reckon that verclsid is checking out CCleaner and bouncing it. The reference on the wildersecurity site talks about verclsid being trapped by yet another utility so they weren't having the same symptoms as me.
Anyway, that's my current wild-eye loony idea...
Happy to hear any suggestions about handling it... I don't really want to dismember verclsid unless I really have to... it's supposed to be at least vaguely useful against REAL malware...
-
I started getting a problem with CCleaner on my desktop PC this afternoon when I tried to run it, it seemed to try and start and then shut down, then tried to start again, then failed and kept repeating until I selected another program to run. I've tried rebooting, an AV scan, SpyBot run without finding anything. The weirdest thing is that from the desktop PC I can't access this forum, or the main CCleaner site or any site that refers to CCleaner, all IE windows shut down as soon as they start to load... I am writing this on my laptop... I have absolutely no idea what is going on... I've even tried uninstalling CCleaner, but I can't even do that because it bounces out just like everything else that refers to CCleaner... It seems like there is something on my machine that is doing some sort of DoS attack but I have no idea what to do about it...
Has anyone got any ideas/suggestions?
Many thanks.
P.S. Been doing some further rummaging - when I try and run CCleaner, the task manager briefly shows VERCLSID as a running process... no idea whether it should or not, but it's the only additional info I have... Sigh... Oh, by the way I can't even look at the folder and files in Explorer, I have to go into DOS and use DIR... Nothing interesting there, all the dates are a week or so past when I updated to a more current version...
) trying to get rid of this, I'd like to see whether anyone has any other suggestions...
CCleaner failing
in CCleaner Bug Reporting
Posted
thanks, hadn't thought of that... a simple rename (dropping the H) didn't work, will now try something more sneaky, rearrange more letters, maybe change the icon... can't think of much else I can do to disguise an exe file, and besides, anything that's this smart will probably be able to see some internal identifier...
back in a bit...
thanks again...