Save Hijack This to your desktop. Double click on the HJTsetup.exe icon. By default it will install to C:\Program Files\Hijack This. Continue to click Next in the setup dialogue boxes until you get to the Select Additional Tasks dialogue. Put a check by Create a desktop icon then click Next again. At the final dialogue box click Finish and it will launch Hijack This. Click on the Do a system scan and save a log file button. It will scan and then open the results in notepad and also save them into the C:\Program Files Hijack This folder
Next can you download the two attached .zip files and save them to your desktop, Extract them and run in safe mode by double clicking look.bat and look1.bat, It will export the information from the registry keys and save it to a text file called look.txt and look1.txt on c:\drive but it may only be able to export the information in safe mode as this looks like a possible Rootkit entry (If it is related to a rootkit then the exports may fail but we can use other methods if thats the case).
To Reboot into Safe Mode , Restart your computer and immediately begin tapping the F8 key on your keyboard. If done right a Windows Advanced Options menu will appear. Select the Safe Mode option and press Enter. (To reboot back to normal mode just restart the pc)
Reboot back to Normal mode and post a Hijack This log and the contents of Look.txt and Look1.txt which will be found in c:\drive on the Spyware Hell area.
(It will only create the text file if it can find the specified keys, One checks in HKLM the other checks HKCU so post back look.txt or look1.txt if they exist)
Save Hijack This to your desktop. Double click on the HJTsetup.exe icon. By default it will install to C:\Program Files\Hijack This. Continue to click Next in the setup dialogue boxes until you get to the Select Additional Tasks dialogue. Put a check by Create a desktop icon then click Next again. At the final dialogue box click Finish and it will launch Hijack This. Click on the Do a system scan and save a log file button. It will scan and then open the results in notepad and also save them into the C:\Program Files Hijack This folder
Next can you download the two attached .zip files and save them to your desktop, Extract them and run in safe mode by double clicking look.bat and look1.bat, It will export the information from the registry keys and save it to a text file called look.txt and look1.txt on c:\drive but it may only be able to export the information in safe mode as this looks like a possible Rootkit entry (If it is related to a rootkit then the exports may fail but we can use other methods if thats the case).
To Reboot into Safe Mode , Restart your computer and immediately begin tapping the F8 key on your keyboard. If done right a Windows Advanced Options menu will appear. Select the Safe Mode option and press Enter. (To reboot back to normal mode just restart the pc)
Reboot back to Normal mode and post a Hijack This log and the contents of Look.txt and Look1.txt which will be found in c:\drive on the Spyware Hell area.
(It will only create the text file if it can find the specified keys, One checks in HKLM the other checks HKCU so post back look.txt or look1.txt if they exist)
Regards Andy
Thanks Andy. I did as advised and the post now sits in Spyware Hell.
Sorry just noticed the reply, Its a rootkit infection and possibly a new variant with it having entries in HKLM and HKCU But the information in the logs makes it easy to deal with
EDIT: just noticed ContextPlus's new homepage which states
"ContextPlus Software Distribution has been Discontinued
Due to concerns over the practices of some of its distribution partners, ContextPlus has determined that it is no longer able to ensure the highest standards of quality and customer care and therefore is discontinuing further distribution of its software"
No ContextPlus would mean No Apropos so its good news (if true)
i believe i am having a similiar problem as ibflav. I am trying to install adobe acrobat and it gave me an error saying i could not access the registry:
i believe i am having a similiar problem as ibflav. I am trying to install adobe acrobat and it gave me an error saying i could not access the registry:
Sorry for the overly late reply, have been suffering from broken router and internet issues for the last while.
Thanks for your help!!! However my problem is still not resolved as i get the same error again when i try to install adobe. But it's ok i guess, i should be formatting my computer soon as i havn't done so in 4 years. Thanks a lot for your help though!!!
Sorry for the overly late reply, have been suffering from broken router and internet issues for the last while.
Thanks for your help!!! However my problem is still not resolved as i get the same error again when i try to install adobe. But it's ok i guess, i should be formatting my computer soon as i havn't done so in 4 years. Thanks a lot for your help though!!!
wish you all the best!!
Quark~
Just a thought. How much free HD space do you have available. Adobe is a very bloated program, and if you haven't formatted in 4 years it's possible that you can't download it because it's too big for your computer right now. (Don't misunderstand, after 4 years you definitely could be due for a format).
Also, have tried to do all of this deleting, and installing in Safe Mode?