You MUST put the following into The Avenger, above the files;
Files to delete:
When you get to safe mode, try going to C:\Documents and Settings\username\Desktop and it should be there.
crunchie
990
Most Valuable Poster
Team Colleague
Featured Poster
inxs93
0
Light Poster
Okay, I found the SDFix in safemode following your guidance. When I got the prompt that says "Type Y to start, A to make a log, and N to exit," I typed "y," and when I hit enter, the program shuts down. Or at least I'm assuming it shuts down because it completely disappears. I'm not sure what I'm doing wrong.
Below is the Avenger log from when I tried to have those two mysterious files removed from my desktop. In Avenger I typed in "Delete these files," or however you said it on the other page, and then ran it. It basically says it can't find them.
Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com
Platform: Windows XP
*******************
Script file opened successfully.
Script file read successfully.
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
Rootkit scan active.
No rootkits found!
Error: file "C:\Documents and Settings\Charlie Kierscht\Desktop\CAGHQ7GL:Zone.Identifier" not found!
Deletion of file "C:\Documents and Settings\Charlie Kierscht\Desktop\CAGHQ7GL:Zone.Identifier" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist
Error: file "C:\Documents and Settings\Charlie Kierscht\Desktop\CATOMXHN:Zone.Identifier" not found!
Deletion of file "C:\Documents and Settings\Charlie Kierscht\Desktop\CATOMXHN:Zone.Identifier" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist
Completed script processing.
*******************
Finished! Terminate.
crunchie
990
Most Valuable Poster
Team Colleague
Featured Poster
What happened the first time you ran SDfix? It must have run ok as you posted the log from it.
Can you list the problems you are still having.
inxs93
0
Light Poster
I'm not sure why SDFix gave me trouble the second time.
Everything seems to be running fine now. The only things still going on are those two files that I can't get rid of from my desktop, and that SPRTCMD.EXE I get on start-up.
Do you think I'm in the clear now?
inxs93
0
Light Poster
Maybe I spoke too soon. Windows Live OneCare just found and removed a trojan downloader, but, I suppose that's just part of being on the Internet.
crunchie
990
Most Valuable Poster
Team Colleague
Featured Poster
What is SPRTCMD.EXE doing?
Do you have hidden files/folders set to show? If so, set it back to normal and see if those files go from your desktop.
Otherwise, tell me the full and complete filepath to them and we will try to clean them up.
inxs93
0
Light Poster
The location for those mysterious files are as follows:
C:\Documents and Settings\Charlie Kierscht\Desktop
The names are: CAT0MXHN. and CAGHQ7GL.
I'm not sure if the hidden files option is on or not.
Concerning the other recurring issue, this is what happens. Upon start-up, the computer will load, and when it's all done, I get a message that comes up on the screen and it says:
SPRTCMD.EXE Unable to Locate Component (this is in the blue part of the box) This application has failed to start because LIBEAY32.dll was not found. Re-installing the application may fix this problem.
If I click "ok," it disappears, then shows up a second time, and when I click "ok" again, it goes away. I haven't the slightest idea what effect this is having on my computer if anything, and even less of an idea what application it's talking about.
crunchie
990
Most Valuable Poster
Team Colleague
Featured Poster
SPRTCMD.EXE is something to do with the Dell support service. See if you can find it in msconfig and disable the startup.
You need to take a look in Folder Options to see if hidden files are set to visible.
inxs93
0
Light Poster
Okay, removing the SPRTCMD from the msconfig start-up screen did the trick.
As far as the folder options, I can't find that. I looked on google and from what I could determine it should be under the tools section of IE, but it's not there.
What should I do?
crunchie
990
Most Valuable Poster
Team Colleague
Featured Poster
No, it's not in IE. Look in the control panel. It should be there, otherwise open any windows folder and on the TOOLS Tab, there should be an option to enter the folder options from there.
inxs93
0
Light Poster
That would explain why I couldn't find it!
So, I checked where you said, and it's set to not show hidden files/folders.
inxs93
0
Light Poster
Hello. I wasn't sure if there was anything else I was supposed to do with those files that I can't remove from the desktop. I wasn't sure if they were related to any of the viruses or not.
And I wanted to take the opportunity to thank you for your help. I cannot possibly tell you how much I appreciate everything you did! I was frantic there, and you totally walked me through every step and got my computer back to normal. So thank you very, very much!
Is there somewhere I can leave a good rating for you, or do I mark it as case closed or what can I do?
Thanks again!
crunchie
990
Most Valuable Poster
Team Colleague
Featured Poster
My apologies. I totally missed your previous post.
Can you go into the desktop folder and delete those files? If not, post back the full path including the file name.
inxs93
0
Light Poster
No worries at all. I know it takes me a while to respond sometimes too.
I tried to delete those mysterious files from the desktop folder, but I still get the error that they cannot be moved. I tried scanning them with a virus program, and they appear to be fine, and the file size is 0K. But it's strange that I cannot get rid of them.
Here are the path names:
C:\Documents and Settings\Charlie Kierscht\Desktop\CAGHQ7GL
C:\Documents and Settings\Charlie Kierscht\Desktop\CATOMXHN
Thanks.
crunchie
990
Most Valuable Poster
Team Colleague
Featured Poster
If you right click on those files and select Properties, are you able to hide them by selecting the 'Hidden' box and applying the setting?
inxs93
0
Light Poster
No, that doesn't do anything.
inxs93
0
Light Poster
I also notice that I cannot get rid of "Wild Tangent." I did some research and found out that it's related to some sort of gaming software. And if I remember right, I got a free game from the McDonald's Monopoly game several years ago, and even though I got rid of the game, the Wild Tangent portion remains. Is it something I should get rid of, or is it no big deal?
crunchie
990
Most Valuable Poster
Team Colleague
Featured Poster
If you want, we can try deleting those two files and see how things go afterwards?
Wild Tangent is no biggy, but I usually get rid of it.
inxs93
0
Light Poster
What should I do to delete the Wild Tangent? I saw something about Hijack This, but I didn't want to go messing with anything without the go ahead from you. It also sounds like Wild Tangent is in use by other things, so I wasn't sure what effect that would have on anything.
crunchie
990
Most Valuable Poster
Team Colleague
Featured Poster
I cannot see wild tangent in the hijackthis log. It must be in your uninstall list.
What about the two desktop files? You want to try something that will maybe delete them?
inxs93
0
Light Poster
Sure, I'd like to have to stop looking at them! The Wild Tangent comes up whenever I run SpybotSD. It keeps coming up as spyware, but if it's nothing to worry about, then I guess I won't worry about it.
cfbfsinc
0
Newbie Poster
SPRTCMD.EXE is something to do with the Dell support service. See if you can find it in msconfig and disable the startup.
You need to take a look in Folder Options to see if hidden files are set to visible.
I found the SPRTCMD.EXE as part of my ConcastDesktopSupport start-up. I had no Dell support service startups.
And, do I understand correctly that "hidden files" should be set to "visible"?
Thanks.
Be a part of the DaniWeb community
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.