-
Content Count
49 -
Joined
-
Last visited
About tj416
-
Rank
Full Member
- Birthday 04/16/1991
Contact Methods
-
Website URL
http://www.spywaretimes.com/
-
ICQ
0
-
Hi DocAlucard, Thanks for submitting the files! Please download VundoFix.exe to your desktop. Double-click VundoFix.exe to run it. Put a check next to Run VundoFix as a task. You will receive a message saying vundofix will close and re-open in a minute or less. Click OK When VundoFix re-opens, click the Scan for Vundo button. Once it's done scanning, click the Remove Vundo button. You will receive a prompt asking if you want to remove the files, click YES Once you click yes, your desktop will go blank as it starts removing Vundo. When completed, it will prompt that it will shutdown your comput
-
Hi DocAlucard, CLICK THIS TO LINK TO BE SURE YOU CAN VIEW HIDDEN FILES Please go here: The Spy Killer Forum Click on "New Topic" Put your name, e-mail address, and this as the title: "Trojan-Downloader.Win32.Delf.pa files" Put a link to this topic in the description box. Then next to the file box, at the bottom, click the browse button, then navigate to this file:C:\WINNT\g11046554.dll [*]Click Open. [*]Repeat the above two steps for these files too: C:\WINNT\SYSTEM32\pmnmnno.dll C:\WINNT\SYSTEM32\windpk32.dll C:\WINNT\system32\admparsek.dll C:\WINNT\system32\compstuic.dll [*]Click Post. T
-
Hi lolocaust, Sorry for the delayed reply, I seemed to have missed this topic. Please post a fresh HijackThis log and I will have a look at it ASAP.
-
Thanks everybody!! I had a great day
-
Hi lolocaust, I'd like to see a fresh HijackThis log because a lot could have changed since my last post. Legacy 6.0 looks Ok to me. Is there any paticular reason that you think it is dangerous?
-
Hi lolocaust, CLICK THIS TO LINK TO BE SURE YOU CAN VIEW HIDDEN FILES Please go here: The Spy Killer Forum Click on "New Topic" Put your name, e-mail address, and this as the title: "C:\WINDOWS\system32\rcnoke\csrss.exe" Put a link to this Besttechie topic in the description box. Then next to the file box, at the bottom, click the browse button, then navigate to this file:C:\WINDOWS\system32\rcnoke\csrss.exe (If you can't find the file, skip this step and proceed to the next step) [*]Click Open. [*]Click Post. Then, download and run CWShredder: Download CWShredder. Save CWShredder.exe to a
-
Hi lolocaust, Please post a fresh HijackThis log.
-
Hi lolocaust, Let us try this again.... Please download MsnVirRem (Either zip or self extracting .exe), and save it to your desktop. Once in place, right click the zip file (or double click the exe), and extract the files to your desktop. It will create another folder called MsnVirRem DO NOT RUN ANYTHING IN IT YET Restart your computer and boot into Safe Mode by hitting the F8 key repeatedly until a menu shows up (and choose Safe Mode from the list). In some systems, this may be the F5 key, so try that if F8 doesn't work. In the new MsnVirRem folder, that you should have on your desktop, doub
-
Hi lolocaust, Post a HijackThis log.
-
Hi lolocaust, Please download MsnVirRem (Either zip or self extracting .exe), and save it to your desktop. Once in place, right click the zip file (or double click the exe), and extract the files to your desktop. It will create another folder called MsnVirRem DO NOT RUN ANYTHING IN IT YET Restart your computer and boot into Safe Mode by hitting the F8 key repeatedly until a menu shows up (and choose Safe Mode from the list). In some systems, this may be the F5 key, so try that if F8 doesn't work. In the new MsnVirRem folder, that you should have on your desktop, double click MsnVir.bat and le
-
Hi lolocaust, Please download VundoFix.exe to your desktop. Double-click VundoFix.exe to run it. Put a check next to Run VundoFix as a task. You will receive a message saying vundofix will close and re-open in a minute or less. Click OK When VundoFix re-opens, click the Scan for Vundo button. Once it's done scanning, click the Remove Vundo button. You will receive a prompt asking if you want to remove the files, click YES Once you click yes, your desktop will go blank as it starts removing Vundo. When completed, it will prompt that it will shutdown your computer, click OK. Turn your computer b
-
Hi ampshock, Don't forget to re-hide all files and folders. To re-hide all files and folders: Open My Computer. Select the Tools menu and click Folder Options. Select the View Tab. Under the Hidden files and folders heading deselect "Show hidden files and folders". Check the Hide protected operating system files (recommended) option. Click Yes to confirm. Click OK. To prevent re-infection in the future: I suggest you download Spyware Blaster to prevent the installation of Spyware in the first place. IE-Spyad puts over 5000 sites in your restricted zone so you'll be protected when you visit in
-
Hi ampshock, Your log looks clean. How is everything running?
-
Hi ampshock, You may want to print out these instructions or save them to your desktop as a text file with Notepad because we will be restarting into Safe Mode later on in the fix and you might not be able to access the Internet. Go to Add/Remove Programs and uninstall (if present): winsupdater winupdates ISTsvc DNS Then, open HijackThis, run a scan and check these items: O2 - BHO: Internet Explorer Web Content Catcher - {FFF4E223-7019-4ce7-BE03-D7D3C8CCE884} - C:\Program Files\DNS\Catcher.dll O4 - HKLM\..\Run: [] winlog.exe O4 - HKLM\..\Run: [winsupdater] C:\Program Files\winsupdater\winsupda
-
Hi ampshock, Since HijackThis does not scan the entire system and only certain areas are scanned to help diagnose the presence of undetected malware in some of the telltale places it hides. It is extremely important that you run a full system scan tool like an online virus scan, Ad-aware SE and Spybot S&D. I would like to START with those steps and finish the cleanup of strays or undetected items with HJT. I have provided instructions on how to run scans with a Online virus scanner, Ad-aware SE and Spybot S&D in this post. 1) Run one of these Online virus scanners: Housecall Panda RAV