Win32:Atraps-PF[tjr] need help Essex

[bruno_hoffmann1]

Still having the same problem...
And i checked today that my task mananger isn't working, works only in safe mode...

i will attach some logs of importance

[bruno_hoffmann1]

Here is attached a printscreen of my problem:

[magna86]

Do the following, we go the extra check.


DDS
Download DDS and save it to your Desktop from here:
http://download.bleepingcomputer.com/sUBs/dds.scr

Double click dds to run the tool.

    * When done, DDS will open two (2) logs:
         1. DDS.txt
         2. Attach.txt

Save both reports to your desktop. Attach DDS.txt and Attach.txt back to topic.



....................



GMER
Download the program from the link below GMER to the Desktop:
GMER download:
www2.gmer.net/download.php

note: File is random named


Double click to run GMER.

  >>  Wait until the initial scan is complete. It will be over soon.
- if you have any inquiry appears, click No;

- Then click Scan and wait until the scan is complete;
- Click Save ...
- Save the report to your Desktop (called Gmer1);



  >>    Right-click on the Gmer window and select Options> Only non MS files - click Scan;
- after a short scan, click Save ...
- Save the report to your Desktop (called Gmer2);




  >>    Click the button >>> and select Auto-start card;

- after a wery short scan, click Copy;
- Open Notepad and place a copied text ( paste option ) - save the report to the Desktop (named Gmer3);

..............


>>Attach here DDS.txt , Attach.txt and Gmer1/2/3 .txt

[bruno_hoffmann1]

Did all the steps but when i click in the auto-scan card the Gmer don't make any scans so, is missing the Gmer 3 report...

But here is the others

[magna86]

You lost admin privileges, but the computer is clean. 
Abaut the GMER, it does not work on x64bit system.  I was in a hurry when I wrote it...


Run this program may solve the problem:

Please download exeHelper to your desktop.
Double-click on exeHelper.com to run the fix.
A black window should pop up, press any key to close once the fix is completed.
Post the contents of exehelperlog.txt (Will be created in the directory where you ran exeHelper.com, and should open at the end of the scan)

[bruno_hoffmann1]

Here is the log

[magna86]

Ok, here is the thing...
As I write, you lost admin privileges but your system is clean.
The logs show no traces of active malware but one which I conclude that it belongs to Keylogger.


Follow this guide...It shuld fix the problem
http://www.addictivetips.com/windows-tips/windows-7-access-denied-permission-ownership/

PS: In new logs i see traces of Combofix. If you wish all works great, you really need to uninstall it.


If you still have a problem than run this is script for OTM.


Please download OTM by OldTimer.

• Save it to your desktop.
  
• Please click OTM and then click >> run.
  
• Copy the lines inside the codebox below to the clipboard by highlighting ALL of them and pressing CTRL + C
  (or, after highlighting, right-click and choose Copy):
  

Code: [Select]

:processes
killallprocesses

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"qubnfe"=-

:files
C:\Program Files (x86)\qubnfe
ipconfig /flushdns /c
recycler /alldrives

:Commands
[Reboot]

• Return to OTM, right click in the Paste Instructions for items to be Moved window (under the yellow bar) and choose Paste.
  
• Click the red Moveit! button.
  
• OTM will restart/reboot the system.

If you still have problem, I can not help you more.
After these steps, if Windows Repair or Permission & Ownership guide did not help,than your options remains to you run simple repair Windows via instalations disk.

[bruno_hoffmann1]

Still having the problem. Well at least my pc is clean 
Thank you for helping me, i am sure that you did your best...

[magna86]

Try this one:

Start > run
cmd
Enter

type:

Code: [Select]

TAKEOWN /A /F C:then the next one

Code: [Select]

TAKEOWN /F C:
this shud give the both admin and your account full permissions to ALL files in the C: drive

Or try tu tipe commands like this:
TAKEOWN /F "C:\Program Files\xxx\xxx\xxx"
or
TAKEOWN /F "C:\somefolder\xxx\xxx\xxx"

( xxx\xxx  =  folders\files )


Or try to follow this guides:
http://www.howtogeek.com/howto/windows-vista/add-take-ownership-to-explorer-right-click-menu-in-vista/

Read it:
http://answers.microsoft.com/en-us/windows/forum/windows_7-security/lost-administrator-account-on-windows-7/62a99dcc-b976-4ad1-9ac5-e7bf803eab83

See this image: Follow it:
http://content.screencast.com/users/xhimit/folders/Jing/media/2c91f39c-212d-48af-9124-a24afb48fd97/2012-05-05_0956.png


...if i help.


> Remove and uninstall tools that we used:

Run OTM and hit CleanUp! button. This will remove and uninstall all tools that we used.

[bruno_hoffmann1]

Okay i give up, my folders will be blocked forever 
Tryed all the guides in the cmd its say that i lost the administrator privileges...