BleepingComputer.com: Trojan.TDSS and Rogue.Installer and google redirect

That log is clean as a whistle. Doesn't mean your clean though. Glad you like Sandboxie.

You may have corrupt critical system files. Let's see if we can fix that.

* Click Start > Run and type sfc /scannow and the click OK.
o Note the space between the c and the /
* You may need your Windows XP CD so have it ready.
o If you have Service Pack 2 (SP2) or SP3 installed, you will need the SP2 or SP3 version of the version of the CD. This can be done with a borrowed CD, if you don't have one.
* Allow the scan to run and when completed, reboot the system.


Did sfc prompt you for your install disc?
Any more redirects?
Still having the right click problem?

Thanks,
~ t

Hello thcbytes. No more redirects so far. Right click seems to be ok...YES they did ask me for the windows cd. It said "files that are required for windows to run properly must be copied to the DLL cache. Insert your windows xp professional service pack 3 cd now". By the way, I have windows xp HOME media edition. Is that different than windows professional??

I made the recovery discs directly from my pc. That is a feature that Sony Vaio has. My question is. I made the cd's when I first got pc in 2006. I assume back then it was service pack 2. I know I have updated to service pack 3. Now if I am to make new cd's, would it be service pack 3, or still service pack 2???

Also, if I do this, am I going to lose everything and start from bare bones???

I will not do anything till I hear from you. Please, please, if there is some other way to fix files without installing copy of new windows?????

PS.. My kitty BooBoo thinks I am spending way too much time on pc lately lol

Hiya,

I should have been clearer. Sorry.

• Any XP CD will do, regardless of SP or edition.
  
• This process will only replace individually damaged System Files. It will do nothing else. No formatting or loss of data.
  
• Your kitty thinks you spend too much time on the computer? We better not let your kitty see how much time I spend on the computer then.

Let me know how it goes,
~ t

:::sighs::: It says cd is wrong, insert windows xp professional cd2... All I have are the 2 recovery discs I made off of the machine. It is the entire windows program.. Is this what they want?? Obviously not .. Now what?

I am sure that you have a friend, family member or colleague that will let you borrow their Windows XP install disc. You will not need their product key. It will just copy some critical system files that are damaged for the infection. The sp and version are not important either!

But that is what I have, Windows Install CD's. It is the entire windows program.

You have recovery discs. You need an XP install CD. They are easy to come by. I have at least 5 lying around here. Check around and let me know.

I took a screen shot of what is on cd 1 and cd 2. Also playing a cd right now just to make sure cd-rom drive is working properly, and it is.

thcbytes, on Dec 8 2009, 11:39 PM, said:

Oh I see now. Hmmm email me a copy ;) lol

Perhaps the library you think?? My friends are pc illiterate unfortunately.

I did some googling.. What do you think of this?

Hopefully what that manufacturer has done is copy the Windows XP CD-ROM image to your hard disk. Hard disks are so big these days that doing so takes up very little room and has some advantages I'll talk about in a second.

To find out if the CD-ROM image is on your machine, search for a folder named I386. There may be several but the one we care about will contain close to 7,000 files, two of which will be winnt.exe and winnt32.exe.

I found them but have not opened. Do you think this would work?

Your right.

You can extract the i386 folder from the restore disc to your c:\ drive. Then point sfc to those files. But in order for it to work it will require you to mess with your registry which I think is a bad idea. I have seen many a users corrupt their computer by accidentally hitting the wrong key in the registry.

Here are 2 good links. If you decide to proceed with the registry mod then 1st back up your registry so that if you mess up you can restore it back.

Backup Your Registry with ERUNT

• Please use the following link and scroll down to ERUNT and download it.
  http://aumha.org/freeware/freeware.php
  
• For version with the Installer:
  Use the setup program to install ERUNT on your computer
  
• For the zipped version:
  Unzip all the files into a folder of your choice.

Click Erunt.exe to backup your registry to the folder of your choice.

Note: to restore your registry, go to the folder and start ERDNT.exe

http://www.bleepingcomputer.com/forums/topic43051.html
http://www.updatexp.com/scannow-sfc.html

Your best bet is to borrow a disc from a friend!

Let me know,
Thanks,
~ t

thcbytes.. I am at a total loss!!!! I can't do this, I just can't :-( Is there anything else we can try? Can we just skip this step and leave files as they are? I am on the verge of tears and a migraine reading all the info on this. I can not take the chance to do this. I know I will mess it up totally... I would be willing to just do a total restore, losing everything. Would that fix corrupted files???

I thought you were joking around before when you were talking about crying.

Relax. It really is no big deal. Your computer is now clean!!! We have come a long way! You just have a few System Files that need to get fixed.

Turn on your AV, surf safe and at your leisure find a friend and borrow an install disc to run sfc.

Reinstalling the OS would be overkill. You will find an install disc I am sure. When you do it will be a 5 min tune-up and your done.

Kind regards,
~ t

I DID IT!!!!!!!!!!!!!!! i BACKED UP THE REGISTRY!!!!!!!!!!!!!!!!!

Uh, now what?

I will modify your registry for you. Please let me get a look at the registry key 1st.

Do this...

We need to run a batch file

• Copy the following into notepad (Start>Run>"notepad"). Do not copy the word "code".
  

  regedit /e regkey.txt "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup"

  
  
• Click File, then Save As... .
  
• Click Desktop on the left.
  
• Under the Save as type dropdown, select All Files.
  
• In the box File Name, input fix.bat
  
• Hit OK.
  
• Double click fix.bat. You will see a black command prompt window open then close. It might seem like nothing is happening, but the script is running.

Post the results of regkey.txt. It will be located in the same folder you ran your batch file