Andro1d

Trusted Helpers
  • Content Count

    737
  • Joined

  • Last visited

Everything posted by Andro1d

  1. Hello again, Step 1 Please re-open HijackThis and scan. Check the boxes next to all the entries listed below. O4 - HKCU\..\Run: [slide.exe] c:\program files\slide\slide.exe Now close all windows other than Hijackthis, then click Fix Checked. Close HijackThis. Please go to Start > Control Panel > Add or Remove Programs and remove the following (if present): slide Step 2 Lets run an F-Secure online scan for Viruses, Spyware and RootKits: Go to http://support.f-secure.com/enu/home/ols.shtml Scroll to the bottom of the page and click the Start scanning button. A window will pop up. Allow
  2. Please download SmitfraudFix (by S!Ri) to your Desktop. Double-click SmitfraudFix.exe Select option #1 - Search by typing 1 and press "Enter"; a text file will appear, which lists infected files (if present). Please copy/paste the content of that report into your next reply. **If the tool fails to launch from the Desktop, please move SmitfraudFix.exe directly to the root of the system drive (usually C:), and launch from there. Note : process.exe is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "RiskTool"; it is not a virus, but a program used to stop system processes. A
  3. Hello and Welcome to BT. I am MoNsTeReNeRgY22 and I will be assisting you with your malware problem today. I can't read your HJT log the way you posted it, do it this way. Open HJT Scan and Save a Log File, it will open in Notepad Go to Format and make sure Wordwrap is Unchecked Go to Edit> Select All.....Edit > Copy and Paste the new log into this thread.
  4. Mhmm, you seem to have a strange issue. Lets dig a little deeper. Step 1 * Click here to download AVG Anti Rootkit and save it to your desktop. Double-click on the avgarkt-setup-1.1.0.42.exe file to run it. Click "I Agree" to agree to the EULA. By default it will install to "G:\Program Files\GRISOFT\AVG Anti-Rootkit". Click "Next" to begin the installation then click "Install". It will then ask you to reboot now to finish the installation. Click "Finish" and your computer will reboot. After it reboots, double-click on the AVG Anti-Rootkit shortcut that is now on your desktop. Click on the "
  5. Hello, No need to poast a new topic, just reply back to this thread. Please download ATF Cleaner by Atribune. This program is for XP and Windows 2000 only Double-click ATF-Cleaner.exe to run the program. Under Main choose: Select All Click the Empty Selected button. If you use Firefox browser Click Firefox at the top and choose: Select All Click the Empty Selected button. NOTE: If you would like to keep your saved passwords, please click No at the prompt. If you use Opera browser Click Opera at the top and choose: Select All Click the Empty Selected button. NOTE: If you would like to keep your
  6. Thank you very much! Try what they say on the following site and let me know how that works out. http://www.winxptutor.com/taskmgr.htm
  7. Ya I have been reading about it here. http://www.computerworld.com/action/articl...ticleId=9041618 & http://neosmart.net/blog/2007/windows-xp-s...lysis-included/ Do you know of a release date?
  8. Hello and Welcome to BT. I am MoNsTeReNeRgY22 and I will be assisting you with your malware problem today. As a heads up, during the process of removing malware from your computer, there are times you may need to use specialized fix tools. This is especially true if you are receiving help from a member of the HJT Team. Certain embedded files that are part of these specialized fix tools may at times be detected by your anti-virus or anti-malware scanner as a "RiskTool", "Hacking tool", "Potentially unwanted tool", a virus or a "Trojan" when that is not the case. These tools have been carefull
  9. Hello and Welcome to BT. I am MoNsTeReNeRgY22 and I will be assisting you with your malware problem today. As a heads up, during the process of removing malware from your computer, there are times you may need to use specialized fix tools. This is especially true if you are receiving help from a member of the HJT Team. Certain embedded files that are part of these specialized fix tools may at times be detected by your anti-virus or anti-malware scanner as a "RiskTool", "Hacking tool", "Potentially unwanted tool", a virus or a "Trojan" when that is not the case. These tools have been carefull
  10. Hello, Step 1 Please download ATF Cleaner by Atribune. This program is for XP and Windows 2000 only Double-click ATF-Cleaner.exe to run the program. Under Main choose: Select All Click the Empty Selected button. If you use Firefox browser Click Firefox at the top and choose: Select All Click the Empty Selected button. NOTE: If you would like to keep your saved passwords, please click No at the prompt. If you use Opera browser Click Opera at the top and choose: Select All Click the Empty Selected button. NOTE: If you would like to keep your saved passwords, please click No at the prompt. Click
  11. Hi, Step 1 Please re-open HijackThis and scan. Check the boxes next to all the entries listed below. O4 - Startup: PowerReg Scheduler.exe Now close all windows other than Hijackthis, then click Fix Checked. Close HijackThis. Step 2 Open notepad and copy/paste the text in the quotebox below into it: Save this as CFScript.txt Then drag the CFScript.txt into ComboFix.exe as you see in the screenshot below. This will start ComboFix again. After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply together with a new HijackThislog. Step 3 Please go HERE t
  12. Hello again, Download ComboFix from Here or Here to your Desktop. Open notepad and copy/paste the text in the quotebox below into it: Save this as CFScript.txt Then drag the CFScript.txt into ComboFix.exe as you see in the screenshot below. This will start ComboFix again. After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply together with a new HijackThislog. Note: Do not mouseclick combofix's window while its running. That may cause it to stall
  13. Hello, Step 1 I need you to rename Hijackthis because I suspect that you may have the Vundo infection that can hide some entries in your log. Please go to the folder where you saved Hijackthis.exe: < C:\Documents and Settings\Jason\Desktop\HiJackThis.exes > Right-click on it, then select Rename. Please rename it to energy.exe Then double-click energy.exe to scan and then post the new logfile. Step 2 lease download VundoFix.exe to your desktop Double-click VundoFix.exe to run it. Click the Scan for Vundo button. Once it's done scanning, click the Remove Vundo button. You will receive a p
  14. Please follow my instructions from the last post reguarding the JAVA update and the F Secure scan.
  15. Hello again, Step 1 Please re-open HijackThis and scan. Check the boxes next to all the entries listed below. R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank O20 - Winlogon Notify: icmec6 - icmec6.dll (file missing) O20 - Winlogon Notify: mljgeca - mljgeca.dll (file missing) Now close all windows other than Hijackthis, then click Fix Checked. Close HijackThis. Step 2 I see that you are running msconfig in /auto mode which means that you may have selectively removed some items in the past from the startup procedure. This can be bad if they are malware, so we wou
  16. Hello and Welcome to BT. I am MoNsTeReNeRgY22 and I will be assisting you with your malware problem today. I can't read your HJT log the way you posted it, do it this way. Open HJT Scan and Save a Log File, it will open in Notepad Go to Format and make sure Wordwrap is Unchecked Go to Edit> Select All.....Edit > Copy and Paste the new log into this thread.
  17. Hello and Welcome to BT. I am MoNsTeReNeRgY22 and I will be assisting you with your malware problem today. Sorry for the delay, we have been quite busy around here. Step 1 Please download SmitfraudFix (by S!Ri) to your Desktop. Double-click SmitfraudFix.exe Select option #1 - Search by typing 1 and press "Enter"; a text file will appear, which lists infected files (if present). Please copy/paste the content of that report into your next reply. **If the tool fails to launch from the Desktop, please move SmitfraudFix.exe directly to the root of the system drive (usually C:), and launch from the
  18. Hello and Welcome to BT. I am MoNsTeReNeRgY22 and I will be assisting you with your malware problem today. Sorry for the delay, we have been quite busy around here. Please go HERE to run Panda's ActiveScan Once you are on the Panda site click the Scan your PC button A new window will open...click the Check Now button Enter your Country Enter your State/Province Enter your e-mail address and click send Select either Home User or Company Click the big Scan Now button If it wants to install an ActiveX component allow it It will start downloading the files it requires for the scan (Note: It may t
  19. Hello and Welcome to BT. I am MoNsTeReNeRgY22 and I will be assisting you with your malware problem today. Sorry for the delay, we have been quite busy around here. Download Deckard's System Scanner (DSS) to your Desktop. Close all applications and windows. Double-click on DSS.exe to run it, and follow the prompts. When it has finished, dss will open two Notepads main.txt and extra.txt -- please copy (CTRL+A and then CTRL+C) and paste (CTRL+V) the contents of main.txt and extra.txt in your next reply. Extra Note: When running DSS, some firewalls may warn that sigcheck.exe is trying to access
  20. Hello and Welcome to BT. I am MoNsTeReNeRgY22 and I will be assisting you with your malware problem today. Sorry for the delay, we have been quite busy around here. Step 1 Download ComboFix from Here or Here to your Desktop. Double click combofix.exe and follow the prompts. When finished, it shall produce a log for you. Post that log and a HiJackthis log in your next reply Note: Do not mouseclick combofix's window while its running. That may cause it to stall Step 2 The steps that I am about to suggest involve modifying the registry. Modfying the registry can be dangerous so we will make a b
  21. Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread. Everyone else please begin a New Topic.
  22. Hello and Welcome to BT. I am MoNsTeReNeRgY22 and I will be assisting you with your malware problem today. Sorry for the delay, we have been quite busy around here. I see that you are using an outdated version of HijackThis, so the first thing we need to tackle is to get you updated to the newest version of HijackThis. Please download the current version of HijackThis from here. Please be sure to save it to a permanent directory, such as C:\HJT. Delete the old version of HijackThis afterwards. Please post a new HJT log with the version you just downloaded.
  23. Hello and Welcome to BT. I am MoNsTeReNeRgY22 and I will be assisting you with your malware problem today. Sorry for the delay, we have been quite busy around here. Download ComboFix from Here or Here to your Desktop. Double click combofix.exe and follow the prompts. When finished, it shall produce a log for you. Post that log and a HiJackthis log in your next reply Note: Do not mouseclick combofix's window while its running. That may cause it to stall
  24. Hello and Welcome to BT. I am MoNsTeReNeRgY22 and I will be assisting you with your malware problem today. Sorry for the delay, we have been quite busy around here. Download ComboFix from Here or Here to your Desktop. Double click combofix.exe and follow the prompts. When finished, it shall produce a log for you. Post that log and a HiJackthis log in your next reply Note: Do not mouseclick combofix's window while its running. That may cause it to stall