therock247uk
Members-
Content Count
960 -
Joined
-
Last visited
About therock247uk
-
Rank
Malware Killer
- Birthday 12/14/1986
Contact Methods
-
AIM
therock247uk
- MSN
-
Website URL
http://www.247fixes.com/
-
ICQ
0
- Yahoo
Profile Information
-
Location
Newark, Nottingham, UK
Recent Profile Visitors
10629 profile views
-
wow @ upload
-
Before we begin, you should save these instructions in Notepad to your desktop, or print them, for easy reference. If you have questions at any point, or are unsure of the instructions, feel free to post here and ask for clarification before proceeding. 1. Please re-open HiJackThis and choose do a system scan only. Check the boxes next to ONLY the entries listed below(if present): R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file) O20 - AppInit_DLLs: equkpe.
-
Download ComboFix from one of these locations: Link 1 Link 2 * IMPORTANT !!! Save ComboFix.exe to your Desktop Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools Double click on ComboFix.exe & follow the prompts. As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boo
-
Download the GMER Rootkit Scanner. Unzip it to your Desktop. Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while the scan is being performed. Do not use your computer for anything else during the scan. Double-click gmer.exe. The program will begin to run. **Caution** These types of scans can produce false positives. Do NOT take any action on any "<--- ROOKIT" entries unless advised by a trained Security Analyst If possible rootkit activity is found, you will be asked if you would like to perform a full scan.
-
Make sure to use Internet Explorer for this Please go to VirSCAN.org FREE on-line scan service Copy and paste the following file path into the "Suspicious files to scan" box on the top of the page: c:\windows\system32\zamopage.dll [*]Click on the Upload button [*]If a pop-up appears saying the file has been scanned already, please select the ReScan button. [*]Once the Scan is completed, click on the "Copy to Clipboard" button. This will copy the link of the report into the Clipboard. [*]Paste the contents of the Clipboard in your next reply.
-
Before we begin, you should save these instructions in Notepad to your desktop, or print them, for easy reference. If you have questions at any point, or are unsure of the instructions, feel free to post here and ask for clarification before proceeding. 1. Please re-open HiJackThis and choose do a system scan only. Check the boxes next to ONLY the entries listed below(if present): O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O20 - AppInit_DLLs: pvfwnn.dll smuwtr.dll c:\windows\system32\zamopage.dll O23 - Service: McAfee Application Installer Cleanup (003425123871276
-
Download Combofix from any of the links below. You must rename it before saving it. Save it to your desktop. Link 1 Link 2 Link 3 -------------------------------------------------------------------- Double click on Combo-Fix.exe & follow the prompts. When finished, it will produce a report for you. Please post the C:\ComboFix.txt along with a HijackThis log so we can continue cleaning the system.
-
Before we begin, you should save these instructions in Notepad to your desktop, or print them, for easy reference. Much of our fix will be done in Safe mode, and you will be unable to access this thread at that time. If you have questions at any point, or are unsure of the instructions, feel free to post here and ask for clarification before proceeding. Download SDFix and save it to your Desktop. Double click SDFix.exe and it will extract the files to %systemdrive% (Drive that contains the Windows Directory, typically C:\SDFix) Please then reboot your computer in Safe Mode by doing the followi
-
Asking a few other helpers ill be back with some ideas.
-
Still having issues from last nite in chat with running it?