rmurphy

Members
 View Profile  See their activity

  • Content Count

    353

  • Joined

  • Last visited

 Content Type 

Posts posted by rmurphy

  1. Hijackthis Log Help[RESOLVED]

    in Malware Removal

    Posted

    Please download Malwarebytes' Anti-Malware from Here or Here

    Double Click mbam-setup.exe to install the application.

    • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
    • If an update is found, it will download and install the latest version.
    • Once the program has loaded, select "Perform Quick Scan", then click Scan.
    • The scan may take some time to finish,so please be patient.
    • When the scan is complete, click OK, then Show Results to view the results.
    • Make sure that everything is checked, and click Remove Selected.
    • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
    • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
    • Copy&Paste the entire report in your next reply.

    Extra Note:

    If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

    -Ryan

  2. Hijackthis Log Help[RESOLVED]

    in Malware Removal

    Posted

    Let's try this instead for now.

    Please download ComboFix from Here or Here to your Desktop.

    **Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

    1. Please, never rename Combofix unless instructed.
    2. Close any open browsers.
    3. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

      -----------------------------------------------------------

      • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
      • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.

        -----------------------------------------------------------


    • Close any open browsers.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.

    -----------------------------------------------------------

    [*]Double click on combofix.exe & follow the prompts.

    [*]When finished, it will produce a report for you.

    [*]Please post the "C:\ComboFix.txt" along with a new HijackThis log for further review.

    **Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**

    -Ryan

  3. Hijack This Log Hlep Please[INACTIVE]

    in Malware Removal

    Posted

    Open HiJack This and scan. When it finishes, put an X in the box next to these following item(s)

    O4 - HKCU\..\Run: [spyDefender Shield] "C:\Program Files\SpyDefender Pro\SpyDefender.exe" --scan2

    O8 - Extra context menu item: &Viewpoint Search - res://C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll/CXTSEARCH.HTML

    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/dim2/default/popcaploader_v6.cab

    O18 - Protocol: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - mscoree.dll (file missing)

    Close all open windows except for HiJack This and click fix checked.

    Please reboot into safe mode (continually tap the F8 key while your system is starting, select Safe Mode from the menu).

    Remove the following files in bold (if found):

    C:\Program Files\SpyDefender Pro\

    Reboot your computer.

    Please rescan with HijackThis and post a fresh log in this same topic, and let us know how your system's working. :)

    -Ryan

  4. Hijackthis Log Help[RESOLVED]

    in Malware Removal

    Posted

    Welcome to BestTechie! I'm Ryan, and I'll be helping you clean your computer.

    Please download SmitfraudFix (by S!Ri)

    Extract the content (a folder named SmitfraudFix) to your Desktop.

    Open the SmitfraudFix folder and double-click smitfraudfix.cmd

    Select option #1 - Search by typing 1 and press "Enter"; a text file will appear, which lists infected files (if present).

    Please copy/paste the content of that report into your next reply.

    Note : process.exe is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "RiskTool"; it is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user.

    http://www.beyondlogic.org/consulting/proc...processutil.htm

    -Ryan

  5. Infected Pc 2[INACTIVE]

    in Malware Removal

    Posted

    Please download ComboFix from Here or Here to your Desktop.

    **Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

    1. Please, never rename Combofix unless instructed.
    2. Close any open browsers.
    3. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

      -----------------------------------------------------------

      • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
      • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.

        -----------------------------------------------------------


    • Close any open browsers.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.

    -----------------------------------------------------------

    [*]Double click on combofix.exe & follow the prompts.

    [*]When finished, it will produce a report for you.

    [*]Please post the "C:\ComboFix.txt" along with a new HijackThis log for further review.

    **Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**

    -Ryan

  6. Redirected Hosts And Few Spyware (hijackthis Logs)[RESOLVED]

    in Malware Removal

    Posted

    Welcome to BestTechie! I'm Ryan, and I'll be helping you clean your computer.

    Please download ComboFix from Here or Here to your Desktop.

    **Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

    1. Please, never rename Combofix unless instructed.
    2. Close any open browsers.
    3. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

      -----------------------------------------------------------

      • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
      • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.

        -----------------------------------------------------------


    • Close any open browsers.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.

    -----------------------------------------------------------

    [*]Double click on combofix.exe & follow the prompts.

    [*]When finished, it will produce a report for you.

    [*]Please post the "C:\ComboFix.txt" along with a new HijackThis log for further review.

    **Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**

    -Ryan

  7. Hijack This Log Hlep Please[INACTIVE]

    in Malware Removal

    Posted

    == Clear Temporary Files ==

    Please download ATF Cleaner by Atribune.

    This program is for XP and Windows 2000 only

    • Close all Internet Explorer, Firefox, and Opera windows before continuing.
      Double-click ATF-Cleaner.exe to run the program.
      Under Main choose: Select All
      Click the Empty Selected button.

    If you use Firefox browser

    • Click Firefox at the top and choose: Select All
      Click the Empty Selected button.
      NOTE: If you would like to keep your saved passwords, please click No at the prompt.

    If you use Opera browser

    • Click Opera at the top and choose: Select All
      Click the Empty Selected button.
      NOTE: If you would like to keep your saved passwords, please click No at the prompt.

    Click Exit on the Main menu to close the program.

    For Technical Support, double-click the e-mail address located at the bottom of each menu.

    == Clear System Restore==

    Let's make a new restore point and clear the others:

    • Go - Start>Programmes>Accessories>System Tools>System Restore>Create a New Restore point.
      Go - Start>Programmes>Accessories>System Tools>Disc Cleanup>"More Options" Tab>Remove All But Most Recent Point. Please do this for each hard drive that you have connected to the computer

    == Kaspersky Web Scanner ==

    Please do an online scan with Kaspersky WebScanner

    You will need to use Internet Explorer to do this

    Click on Accept

    You will be promted to install an ActiveX component from Kaspersky, Click Yes.

    • The program will launch and then begin downloading the latest definition files:
    • Once the files have been downloaded click on NEXT

    • Now click on Scan Settings
    • In the scan settings make that the following are selected:
      • Scan using the following Anti-Virus database:

      • Extended (if available otherwise Standard)

      • Scan Options:

      • Scan Archives
        Scan Mail Bases

      [*]Click OK

      [*]Now under select a target to scan:

      • Select My Computer

      [*]This will program will start and scan your system.

      [*]The scan will take a while so be patient and let it run.

      [*]Once the scan is complete it will display if your system has been infected.

      • Now click on the Save as Text button:

      [*]Save the file to your desktop.

      [*]Copy and paste that information in your next post.

    == Request Logs ==

    Please post the log from the Kaspersky scan.

    -Ryan

  8. Hijack This Log Hlep Please[INACTIVE]

    in Malware Removal

    Posted

    == Remove Programs ==

    Please go to Add/Remove Programs in the Control Panel, and remove the following programs

    • Java 2 Runtime Environment, SE v1.4.2_06
      Javaâ„¢ 6 Update 2
      Javaâ„¢ 6 Update 3

    Reboot your computer.

    == Install Latest Java ==

    Please go to THIS page, and click on the Download link that is in the Java Runtime Environment (JRE) 6 section.

    Click the radio button next to Accept License Agreement after reviewing it. The page will refresh - this is normal.

    Download the Windows Offline Installation, Multi-language. You will want to save this to a location you will remember.

    Once it has finished downloading, double click it, and follow the prompts to install.

    If it asks to reboot, select Yes.

    == FindAWF Option 3 ==

    Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy):

    C:\Program Files\AdwareAlert\bak

    C:\Program Files\CCleaner\bak

    C:\Program Files\QuickTime\bak

    C:\Program Files\Windows Defender

    C:\WINDOWS\system32\bak

    C:\Program Files\Alwil Software\Avast4

    C:\Program Files\Grisoft\AVG7

    C:\Program Files\HP\HP Software Update\bak

    C:\Program Files\Adobe\Reader 8.0\Reader\bak

    C:\WINDOWS\system32\spool\drivers\w32x86\3\bak

    Double-click on the FindAWF.exe file to run it.

    It will open a command prompt and ask you to "Press any key to continue".

    You will be presented with a Menu.

    1. Press 1 then Enter to scan for bak folders

    2. Press 2 then Enter to restore files from bak folders

    3. Press 3 then Enter to remove bak folders

    4. Press 4 then Enter to reset domain zones

    5. Press E then Enter to EXIT

    Press 3, then press Enter.

    Press any key to continue.

    A Notepad document FindAWF.txt will appear with instructions to click below the line and paste the list of folders to be removed.

    Right click below this line and select Paste, to paste the list of folders copied to the clipboard earlier. Save and close the document.

    The program will proceed to remove the bad folders and will perform another scan for .bak folder

    It may take a few minutes to complete so be patient.

    When it is complete, it will open a text file in notepad called AWF.txt.

    Please copy and paste the contents of the AWF.txt file in your next reply along with a new HiJack This log.

    -Ryan

  9. Hijack This Log Hlep Please[INACTIVE]

    in Malware Removal

    Posted

    • Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy):
      "C:\Program Files\AdwareAlert\bak\AdwareAlert.exe"
      "C:\Program Files\CCleaner\bak\ccleaner.exe"
      "C:\Program Files\QuickTime\bak\qttask.exe"
      "C:\Program Files\Windows Defender\bak\MSASCui.exe"
      "C:\WINDOWS\system32\bak\hkcmd.exe"
      "C:\WINDOWS\system32\bak\igfxtray.exe"
      "C:\WINDOWS\system32\bak\NeroCheck.exe"
      "C:\Program Files\Alwil Software\Avast4\bak\ashDisp.exe"
      "C:\Program Files\Grisoft\AVG7\bak\avgcc.exe"
      "C:\Program Files\HP\HP Software Update\bak\HPWuSchd2.exe"
      "C:\Program Files\Adobe\Reader 8.0\Reader\bak\Reader_sl.exe"
      "C:\WINDOWS\system32\spool\drivers\w32x86\3\bak\hpztsb12.exe"

    • Double-click on the FindAWF.exe file to run it.
    • It will open a command prompt and ask you to "Press any key to continue".
    • You will be presented with a Menu.

      1. Press 1 then Enter to scan for bak folders

      2. Press 2 then Enter to restore files from bak folders

      3. Press 3 then Enter to remove bak folders

      4. Press 4 then Enter to reset domain zones

      5. Press E then Enter to EXIT


    • Press 2, then press Enter.
    • Press any key to continue.
    • A Notepad document FindAWF.txt will appear with instructions to click below the line and paste the list of files to be restored.
    • Right click below this line and select Paste, to paste the list of files copied to the clipboard earlier. Save and close the document.
    • The program will proceed to move the legit files and will perform another scan for .bak folder
    • It may take a few minutes to complete so be patient.
    • When it is complete, it will open a text file in notepad called AWF.txt.
    • Please copy and paste the contents of the AWF.txt file along with an Uninstall List in your next reply.

      To obtain an Uninstall list.

      • Open HijackThis, click Config, click Misc Tools

        Click "
        Open Uninstall Manager
        "

        Click "Save List" (generates
        uninstall_list.txt
        )

    -Ryan

  10. Hijack This Log Hlep Please[INACTIVE]

    in Malware Removal

    Posted

    == Install Recovery Console ==

    Go to Microsoft's website => http://support.microsoft.com/kb/310994

    Select the download that's appropriate for your Operating System.

    Download the file & save it as it's originally named, next to ComboFix.exe.

    Now close all open windows and programs, then drag the setup package onto ComboFix.exe and drop it. Follow the prompts to start ComboFix and when prompted, agree to the End-User License Agreement to install the Microsoft Recovery Console. When complete, a log named CF_RC.txt will open. Please post the contents of that log.

    Please do not reboot your machine until we have reviewed the log.

    == FindAWF ==

    You have a downloader trojan called Downloader.Agent.awf or Downloader.Agent.ayy. This trojan replaces legitimate files that are common on most computers with an infected file. It then moves the legitimate file to a "bak" or backup folder. Please follow the directions below to run FindAWF so we can identify the files that have been infected and the backups then restore them.

    Download FindAWF.exe from here or here, and save it to your desktop.

    • Double-click on the FindAWF.exe file to run it.
    • It will open a command prompt and ask you to "Press any key to continue".
    • You will be presented with a Menu.

      1. Press 1 then Enter to scan for bak folders

      2. Press 2 then Enter to restore files from bak folders

      3. Press 3 then Enter to remove bak folders

      4. Press 4 then Enter to reset domain zones

      5. Press E then Enter to EXIT


    • Press 1, then press Enter
    • It may take a few minutes to complete so be patient.
    • When it is complete, it will open a text file in notepad called AWF.txt.
    • Please copy and paste the contents of the AWF.txt file in your next reply.

    -Ryan

  11. Need Help Please_hijack Log[INACTIVE]

    in Malware Removal

    Posted

    Welcome to BestTechie! I'm Ryan, and I'll be helping you clean your computer.

    Please download ComboFix from Here or Here to your Desktop.

    **Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

    1. Please, never rename Combofix unless instructed.
    2. Close any open browsers.
    3. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

      -----------------------------------------------------------

      • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
      • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.

        -----------------------------------------------------------


    • Close any open browsers.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.

    -----------------------------------------------------------

    [*]Double click on combofix.exe & follow the prompts.

    [*]When finished, it will produce a report for you.

    [*]Please post the "C:\ComboFix.txt" along with a new HijackThis log for further review.

    **Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**

    Also, can you turn off word wrap in Notepad? It actually makes it harder to read logs.

    -Ryan

  12. Sorry...crippled Reg. Server Error[INACTIVE]

    in Malware Removal

    Posted

    Welcome to BEstTechie! I'm Ryan, and I'll be helping you clean you computer.

    Is that the entire log? If it is, let me know. If you already used HiJack This to fix some items, I need them to be restored in order to see a complete log so I can offer you the best advice that I can.

    To restore the backups:

    • Open HiJackThis
    • Click on "View the list of Backups"
    • Place a check mark next to everything in that window
    • Click Restore
    • Click Yes
    • Reboot your computer
    • Run HiJackThis and post a new HiJackThis log for review.

    In any case, I'd like to see an Uninstall List

    To obtain an Uninstall list.

    • Open HijackThis, click Config, click Misc Tools
      Click "Open Uninstall Manager"
      Click "Save List" (generates uninstall_list.txt)

    -Ryan

  13. Hijack This Log Hlep Please[INACTIVE]

    in Malware Removal

    Posted

    Welcome to BestTechie. I'm Ryan, and I'll be helping you clean your computer.

    Please download ComboFix from Here or Here to your Desktop.

    **Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

    1. Please, never rename Combofix unless instructed.
    2. Close any open browsers.
    3. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

      -----------------------------------------------------------

      • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
      • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.

        -----------------------------------------------------------


    • Close any open browsers.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.

    -----------------------------------------------------------

    [*]Double click on combofix.exe & follow the prompts.

    [*]When finished, it will produce a report for you.

    [*]Please post the "C:\ComboFix.txt" along with a new HijackThis log for further review.

    **Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**

    -Ryan

  15. Please Help Me Remove Hacktool.rootkit[INACTIVE]

    in Malware Removal

    Posted

    I'm Ryan, and I'll be helping you clean your computer.

    Download ComboFix from one of the locations below, and save it to your Desktop.

    Double click combofix.exe and follow the prompts. Please, never rename Combofix unless instructed.

    When finished, it shall produce a log for you. Post that log and a HiJackthis log in your next reply

    Note: Do not mouseclick combofix's window while its running. That may cause it to stall

    -Ryan

  16. Adware Popups[INACTIVE]

    in Malware Removal

    Posted

    Welcome to BestTechie! I'm Ryan, and I'll be helping you with your computer.

    Download ComboFix from one of the locations below, and save it to your Desktop.

    Double click combofix.exe and follow the prompts. Please, never rename Combofix unless instructed.

    When finished, it shall produce a log for you. Post that log and a HiJackthis log in your next reply

    Note: Do not mouseclick combofix's window while its running. That may cause it to stall

    -Ryan

  17. Computer Running Really Slow[RESOLVED]

    in Malware Removal

    Posted

    == Remove Programs ==

    Please go to Add/Remove Programs in the Control Panel, and remove the following programs

    • J2SE Runtime Environment 5.0 Update 10
      J2SE Runtime Environment 5.0 Update 11
      J2SE Runtime Environment 5.0 Update 9

    Reboot your computer.

    == Install Latest Java ==

    Please go to THIS page, and click on the Download link that is in the Java Runtime Environment (JRE) 6 section.

    Click the radio button next to Accept License Agreement after reviewing it. The page will refresh - this is normal.

    Download the Windows Offline Installation, Multi-language. You will want to save this to a location you will remember.

    Once it has finished downloading, double click it, and follow the prompts to install.

    If it asks to reboot, select Yes.

    Other than those outdated Java installations, I'm not seeing anything wrong. Read the following page, and follow the steps that it contains. http://users.telenet.be/bluepatchy/miekiem...owcomputer.html

    Let me know if that helps.

    -Ryan

  18. Computer Running Really Slow[RESOLVED]

    in Malware Removal

    Posted

    == Clear Temporary Files ==

    Please download ATF Cleaner by Atribune.

    This program is for XP and Windows 2000 only

    • Close all Internet Explorer, Firefox, and Opera windows before continuing.
      Double-click ATF-Cleaner.exe to run the program.
      Under Main choose: Select All
      Click the Empty Selected button.

    If you use Firefox browser

    • Click Firefox at the top and choose: Select All
      Click the Empty Selected button.
      NOTE: If you would like to keep your saved passwords, please click No at the prompt.

    If you use Opera browser

    • Click Opera at the top and choose: Select All
      Click the Empty Selected button.
      NOTE: If you would like to keep your saved passwords, please click No at the prompt.

    Click Exit on the Main menu to close the program.

    For Technical Support, double-click the e-mail address located at the bottom of each menu.

    == Clear System Restore==

    Let's make a new restore point and clear the others:

    • Go - Start>Programmes>Accessories>System Tools>System Restore>Create a New Restore point.
      Go - Start>Programmes>Accessories>System Tools>Disc Cleanup>"More Options" Tab>Remove All But Most Recent Point. Please do this for each hard drive that you have connected to the computer

    == Kaspersky Web Scanner ==

    Please do an online scan with Kaspersky WebScanner

    You will need to use Internet Explorer to do this

    Click on Accept

    You will be promted to install an ActiveX component from Kaspersky, Click Yes.

    • The program will launch and then begin downloading the latest definition files:
    • Once the files have been downloaded click on NEXT

    • Now click on Scan Settings
    • In the scan settings make that the following are selected:
      • Scan using the following Anti-Virus database:

      • Extended (if available otherwise Standard)

      • Scan Options:

      • Scan Archives
        Scan Mail Bases

      [*]Click OK

      [*]Now under select a target to scan:

      • Select My Computer

      [*]This will program will start and scan your system.

      [*]The scan will take a while so be patient and let it run.

      [*]Once the scan is complete it will display if your system has been infected.

      • Now click on the Save as Text button:

      [*]Save the file to your desktop.

      [*]Copy and paste that information in your next post.

    == Request Logs ==

    Please post the log from the Kaspersky scan along with an Uninstall List.

    • Open HijackThis, click Config, click Misc Tools
      Click "Open Uninstall Manager"
      Click "Save List" (generates uninstall_list.txt)

    -Ryan

  19. Computer Running Really Slow[RESOLVED]

    in Malware Removal

    Posted

    Let's see what weneed to do with this computer.

    Download ComboFix from one of the locations below, and save it to your Desktop.

    Double click combofix.exe and follow the prompts. Please, never rename Combofix unless instructed.

    When finished, it shall produce a log for you. Post that log and a HiJackthis log in your next reply

    Note: Do not mouseclick combofix's window while its running. That may cause it to stall

    -Ryan

  23. Now Receiving Pop Ups With Pop Up Blocker[RESOLVED]

    in Malware Removal

    Posted

    Please go to Add/Remove Programs in the Control Panel, and remove the following programs

    • Java 2 Runtime Environment, SE v1.4.2_03

    Delete the folloing folder: C:\Program Files\Video ActiveX Access\

    Open HiJack This and scan. When it finishes, put an X in the box next to these following item

    O3 - Toolbar: (no name) - {31615D5C-5126-448A-818A-A7CDFEE85A9B} - (no file)

    Close all open windows except for HiJack This and click fix checked.

    Reboot your computer.

    Please go to THIS page, and click on the Download link that is in the Java Runtime Environment (JRE) 6 section.

    Click the radio button next to Accept License Agreement after reviewing it. The page will refresh - this is normal.

    Download the Windows Offline Installation, Multi-language. You will want to save this to a location you will remember.

    Once it has finished downloading, double click it, and follow the prompts to install.

    If it asks to reboot, select Yes.

    How is the computer running?

    -Ryan

  25. Now Receiving Pop Ups With Pop Up Blocker[RESOLVED]

    in Malware Removal

    Posted

    Go to Microsoft's website => http://support.microsoft.com/kb/310994

    Select the download that's appropriate for your Operating System.

    Download the file & save it as it's originally named, next to ComboFix.exe.

    Now close all open windows and programs, then drag the setup package onto ComboFix.exe and drop it. Follow the prompts to start ComboFix and when prompted, agree to the End-User License Agreement to install the Microsoft Recovery Console. When complete, a log named CF_RC.txt will open. Please post the contents of that log.

    Please do not reboot your machine until we have reviewed the log.

    -Ryan