Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 91681 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

[Resolved] hxxp://67.201.36.16/nolink.html pop up virus


  • This topic is locked This topic is locked
23 replies to this topic

#16 Icoris

Icoris

    Authentic Member

  • Authentic Member
  • PipPip
  • 29 posts

Posted 15 November 2009 - 07:22 AM

umm combofix keeps giving me that error cannot find c:/combofix/cf20467.cfxxe everytime i startup, anyway to stop this? please help me its really bugging me, i keep thinking my comp is notgood everytime i start up! EDIT: cant do the scan now, gotta wait another 2 hours until im on offpeak because the update for the scanner is downloading so slow.ill post back here when scans done probably in like 3-4 hours. never mind about the combofix problem ,fixed it.

Edited by Icoris, 15 November 2009 - 08:03 AM.

    Advertisements

Register to Remove


#17 Icoris

Icoris

    Authentic Member

  • Authentic Member
  • PipPip
  • 29 posts

Posted 15 November 2009 - 12:14 PM

Finally finished the scan for kaspersky: -------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER 7.0: scan report Monday, November 16, 2009 Operating system: Microsoft Windows XP Professional Service Pack 2 (build 2600) Kaspersky Online Scanner version: 7.0.26.13 Last database update: Sunday, November 15, 2009 17:00:59 Records in database: 3215981 -------------------------------------------------------------------------------- Scan settings: scan using the following database: extended Scan archives: yes Scan e-mail databases: yes Scan area - My Computer: C:\ D:\ E:\ F:\ Scan statistics: Objects scanned: 66215 Threats found: 1 Infected objects found: 1 Suspicious objects found: 0 Scan duration: 00:42:23 File name / Threat / Threats count C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\atapi.sys.vir Infected: Rootkit.Win32.TDSS.y 1 Selected area has been scanned.

#18 CatByte

CatByte

    Classroom Administrator

  • Classroom Admin
  • 21,059 posts
  • MVP

Posted 15 November 2009 - 12:17 PM

Hi,

That item is in quarantine, which we will be cleaning up shortly

(glad you removed the combofix error - that would have cleaned up once we removed ComboFix at the final cleanup)

Please post a fresh DDS and Attach.txt and advise how your computer is running now and if there are any outstanding issues.



We also need to deal with the two infected files reported by Combofix that there are no replacements for on your system.

c:\windows\system32\calc.exe . . . is infected!!
c:\windows\system32\mstsc.exe . . . is infected!!



Those are not critical system files, but should be replaced.

Do you have your installation disk available?

Microsoft MVP 2010, 2011, 2012, 2013, 2014, 2015


#19 Icoris

Icoris

    Authentic Member

  • Authentic Member
  • PipPip
  • 29 posts

Posted 15 November 2009 - 08:58 PM

I do, but as I said before umm, I have another installation of my same OS on another drive and I just checked and I have both those files.

#20 CatByte

CatByte

    Classroom Administrator

  • Classroom Admin
  • 21,059 posts
  • MVP

Posted 15 November 2009 - 10:33 PM

Then can you rename the infected ones c:\windows\system32\calc.exe.vir and c:\windows\system32\mstsc.exe.vir and copy the clean ones into the system32 folder. Then delete the renamed ones. Let me know if that is successful. Then post a fresh DDS log and Attach.txt and advise how your computer is running now and if you have any outstanding issues.

Microsoft MVP 2010, 2011, 2012, 2013, 2014, 2015


#21 Icoris

Icoris

    Authentic Member

  • Authentic Member
  • PipPip
  • 29 posts

Posted 15 November 2009 - 10:38 PM

no problems with renaming and replacing DDS log: DDS (Ver_09-10-26.01) - NTFSx86 Run by Administrator at 15:37:37.71 on Mon 11/16/2009 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_17 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.3326.2733 [GMT 11:00] ============== Running Processes =============== C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe C:\WINDOWS\system32\Ati2evxx.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Unlocker\UnlockerAssistant.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\Rundll32.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Windows Media Player\wmplayer.exe C:\Program Files\Winamp\winamp.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Administrator\Desktop\dds.scr ============== Pseudo HJT Report =============== BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: IeMonitorBho Class: {bf00e119-21a3-4fd1-b178-3b8537e75c92} - c:\program files\megaupload\mega manager\MegaIEMn.dll BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [UnlockerAssistant] c:\program files\unlocker\UnlockerAssistant.exe -H mRun: [RTHDCPL] RTHDCPL.EXE mRun: [P17Helper] Rundll32 P17.dll,P17Helper mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe" IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1256242706359 DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1256242617750 DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab Notify: AtiExtEvent - Ati2evxx.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\admini~1\applic~1\mozilla\firefox\profiles\97mip8de.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.au/|http://www.allkpop.com/|http://seoulbeats.com/ FF - plugin: c:\documents and settings\administrator\local settings\application data\google\update\1.2.183.13\npGoogleOneClick8.dll FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} ---- FIREFOX POLICIES ---- c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true); ============= SERVICES / DRIVERS =============== R2 GEST Service;GEST Service for program management.;c:\program files\gigabyte\energysaver\GSvr.exe [2009-10-23 80392] R3 AtiHdmiService;ATI Function Driver for HDMI Service;c:\windows\system32\drivers\AtiHdmi.sys [2009-10-23 93696] =============== Created Last 30 ================ 2009-11-16 04:37:19 946448 ----a-w- c:\windows\system32\calc.exe 2009-11-16 04:37:19 420352 ----a-w- c:\windows\system32\mstsc.exe 2009-11-15 13:37:55 0 d-----w- C:\Autoruns 2009-11-15 13:37:15 595445 ----a-w- C:\Autoruns.zip 2009-11-14 15:56:26 73728 ----a-w- c:\windows\system32\javacpl.cpl 2009-11-14 15:56:26 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-11-14 11:44:32 190 ----a-w- c:\windows\system32\RESHACK.ini 2009-11-14 10:21:39 0 d-----w- c:\program files\Microsoft 2009-11-14 10:21:24 0 d-----w- c:\program files\Windows Live SkyDrive 2009-11-10 08:05:33 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-11-10 08:05:32 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-11-10 07:34:18 0 d-sha-r- C:\cmdcons 2009-11-10 07:33:02 98816 ----a-w- c:\windows\sed.exe 2009-11-10 07:33:02 77312 ----a-w- c:\windows\MBR.exe 2009-11-10 07:33:02 260608 ----a-w- c:\windows\PEV.exe 2009-11-10 07:33:02 161792 ----a-w- c:\windows\SWREG.exe 2009-11-10 07:17:25 0 d-----w- c:\documents and settings\administrator\DoctorWeb 2009-11-10 06:51:50 0 d-----w- c:\program files\trend micro 2009-11-10 06:44:15 160272 ----a-w- c:\windows\system32\drivers\tmcomm.sys 2009-11-10 06:35:52 2184 ----a-w- c:\windows\system32\wpa.dbl 2009-11-09 13:43:01 0 d-----w- c:\program files\Steam 2009-11-06 02:12:16 212240 ----a-w- c:\windows\system32\richtx32.OCX 2009-11-06 02:12:16 152848 ----a-w- c:\windows\system32\comdlg32.OCX 2009-11-06 02:12:16 124688 ----a-w- c:\windows\system32\MSWINSCK.ocx 2009-11-06 01:57:09 0 d-----w- c:\docume~1\admini~1\applic~1\MessengerDiscovery 2 2009-11-06 01:38:40 0 d-----w- c:\documents and settings\administrator\Tracing 2009-11-06 01:35:10 0 d-----w- c:\program files\common files\Windows Live 2009-10-26 06:14:20 0 d-----w- c:\program files\VideoLAN 2009-10-26 01:35:27 0 d-sh--w- c:\documents and settings\administrator\IECompatCache 2009-10-23 18:05:32 50 ----a-w- c:\windows\MegaManager.INI 2009-10-23 17:30:44 3241 ----a-w- c:\windows\system32\wbem\Outlook_01ca54068cf9279a.mof 2009-10-23 16:39:20 0 d-----w- c:\docume~1\admini~1\applic~1\Megaupload 2009-10-23 14:46:28 0 d-----w- c:\program files\Spybot - Search & Destroy 2009-10-23 14:46:28 0 d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy 2009-10-23 14:23:12 0 d-----w- c:\windows\system32\appmgmt 2009-10-23 14:21:40 0 d-----w- c:\program files\Combined Community Codec Pack 2009-10-23 14:08:33 0 dc-h--w- c:\windows\ie8 2009-10-23 11:16:47 0 d-----w- c:\docume~1\alluse~1\applic~1\Messenger Plus! 2009-10-23 10:59:01 0 d-----w- c:\program files\Megaupload 2009-10-23 10:57:15 0 d-----w- c:\docume~1\admini~1\applic~1\Malwarebytes 2009-10-23 10:57:10 0 d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-10-23 10:57:10 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes 2009-10-23 10:53:30 0 d-----w- c:\program files\uTorrent 2009-10-23 10:52:55 0 d-----w- c:\docume~1\admini~1\applic~1\uTorrent 2009-10-23 10:50:10 0 d-----w- c:\program files\common files\Adobe Systems Shared 2009-10-23 10:45:49 32 ----a-w- c:\windows\CD_Start.INI 2009-10-23 10:40:38 32592 ----a-w- c:\windows\system32\msonpmon.dll 2009-10-23 10:37:19 0 d-----w- c:\program files\Microsoft Visual Studio 8 2009-10-23 10:36:37 0 d-----w- c:\windows\SHELLNEW 2009-10-23 08:32:32 0 d-----w- c:\program files\Messenger Plus! Live 2009-10-23 07:50:10 764868 -c----w- c:\windows\system32\dllcache\apph_sp.sdb 2009-10-23 07:50:10 217118 -c----w- c:\windows\system32\dllcache\apphelp.sdb 2009-10-23 07:50:09 1197294 -c----w- c:\windows\system32\dllcache\sysmain.sdb 2009-10-23 06:21:46 21504 ----a-w- c:\windows\system32\hidserv.dll 2009-10-23 06:21:36 59264 ----a-w- c:\windows\system32\drivers\USBAUDIO.sys 2009-10-23 06:21:32 31616 ----a-w- c:\windows\system32\drivers\usbccgp.sys 2009-10-23 06:19:10 0 d-----w- c:\windows\system32\LogFiles 2009-10-23 05:42:11 8192 ----a-w- c:\windows\REGLOCS.OLD 2009-10-23 05:17:21 0 d-----w- c:\program files\Ventrilo 2009-10-23 05:17:15 262 ----a-w- c:\windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini 2009-10-23 05:15:09 0 d-----w- c:\program files\common files\Wise Installation Wizard 2009-10-23 05:03:44 57472 ----a-w- c:\windows\system32\drivers\redbook.sys 2009-10-23 05:03:14 6400 ----a-w- c:\windows\system32\drivers\enum1394.sys 2009-10-23 05:02:50 74240 ----a-w- c:\windows\system32\usbui.dll 2009-10-23 05:00:43 0 d-----w- c:\program files\common files\ODBC 2009-10-23 05:00:40 0 d-----w- c:\program files\common files\SpeechEngines 2009-10-23 05:00:19 0 d-----r- c:\documents and settings\all users\Documents 2009-10-23 04:23:59 0 dcsh--w- c:\program files\common files\WindowsLiveInstaller 2009-10-22 20:23:35 0 d-----w- c:\program files\iPod 2009-10-22 20:23:34 0 d-----w- c:\program files\iTunes 2009-10-22 20:23:34 0 d-----w- c:\docume~1\alluse~1\applic~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6} 2009-10-22 20:23:25 0 d-----w- c:\program files\Bonjour 2009-10-22 19:55:59 0 d-----w- c:\program files\common files\ATI Technologies 2009-10-22 19:52:20 0 d-----w- c:\program files\ATI Technologies 2009-10-22 19:48:44 0 d-----w- c:\program files\Heroes of Newerth 2009-10-22 19:42:24 0 d-----w- c:\program files\Linksys Wireless-G PCI Wireless Network Monitor 2009-10-22 19:37:54 0 d-----w- c:\program files\Creative 2009-10-22 19:29:06 0 d-----w- c:\program files\Realtek 2009-10-22 19:25:40 0 d-----w- c:\program files\GIGABYTE 2009-10-22 19:19:27 0 d-----w- c:\program files\Symantec 2009-10-22 19:19:21 0 d-----w- c:\program files\Symantec Client Security 2009-10-22 19:19:21 0 d-----w- c:\program files\common files\Symantec Shared 2009-10-22 19:19:21 0 d-----w- c:\docume~1\alluse~1\applic~1\Symantec 2009-10-22 19:18:34 0 d-----w- c:\program files\Nero 2009-10-22 19:18:01 0 d-----w- c:\program files\Real Alternative 2009-10-22 19:17:53 0 d-----w- c:\program files\QuickTime Alternative 2009-10-22 19:17:53 0 d-----w- c:\program files\Media Player Classic 2009-10-22 19:17:47 0 d-----w- c:\program files\K-Lite Codec Pack 2009-10-22 19:10:43 0 d-sh--w- c:\documents and settings\all users\DRM 2009-10-22 19:10:24 0 d--h--w- c:\program files\WindowsUpdate 2009-10-22 19:09:34 0 d-----w- c:\program files\common files\MSSoap 2009-10-22 19:08:23 0 d-----w- c:\program files\Online Services 2009-10-22 19:08:16 0 d-----w- c:\program files\Windows Media Connect 2 2009-10-22 19:07:55 0 d-----w- c:\program files\Desktop 2009-10-22 19:07:54 0 d-----w- c:\program files\Unlocker 2009-10-22 19:07:54 0 d-----w- c:\program files\Microsoft PowerToys 2009-10-22 19:07:54 0 d-----w- c:\program files\HashTab Shell Extension 2009-10-22 19:07:52 0 d-----w- c:\program files\Messenger 2009-10-22 19:07:49 0 d-----w- c:\program files\MSN Gaming Zone 2009-10-22 19:07:14 0 d-----w- c:\program files\Windows NT ==================== Find3M ==================== 2009-11-16 02:53:36 16608 ----a-w- c:\windows\gdrv.sys 2009-10-22 19:42:31 20747 ----a-w- c:\windows\system32\drivers\AegisP.sys 2009-10-22 19:29:03 315392 ----a-w- c:\windows\HideWin.exe 2009-10-22 19:08:44 21640 ----a-w- c:\windows\system32\emptyregdb.dat ============= FINISH: 15:37:46.71 ===============

Attached Files


Edited by Icoris, 15 November 2009 - 10:39 PM.


#22 CatByte

CatByte

    Classroom Administrator

  • Classroom Admin
  • 21,059 posts
  • MVP

Posted 15 November 2009 - 10:46 PM

Hi,

You are clean,

just some housekeeping to do now,

Please do the following:

Visit ADOBEand download the latest version of Acrobat Reader (version 9.2)
Having the latest updates ensures there are no security vulnerabilities in your system.


NEXT

Follow these steps to uninstall Combofix

  • Click START then RUN
  • Now type Combofix /uninstall in the runbox and click OK. Note the space between the ..X and the /U, it needs to be there.

Posted Image




NEXT

Now to remove the rest of the tools that we have used in fixing your machine:
  • Make sure you have an Internet Connection.
  • Download OTC to your desktop and run it
  • A list of tool components used in the Cleanup of malware will be downloaded.
  • If your Firewall or Real Time protection attempts to block OTC to reach the Internet, please allow the application to do so.
  • Click Yes to begin the Cleanup process and remove these components, including this application.
  • You will be asked to reboot the machine to finish the Cleanup process. If you are asked to reboot the machine choose Yes.

Note: If there are any remaining logs on your desktop > right click and delete them.

NEXT


Below I have included a number of recommendations for how to protect your computer against malware infections.

  • It is good security practice to change your passwords to all your online accounts on a fairly regular basis, this is especially true after an infection. Refer to this Microsoft article
    Strong passwords: How to create and use them

    Then consider a password keeper, to keep all your passwords safe.
  • Keep Windows updated by regularly checking their website at :
    http://windowsupdate.microsoft.com/
    This will ensure your computer has always the latest security updates available installed on your computer.

  • SpywareBlaster protects against bad ActiveX, it immunizes your PC against them.

  • SpywareGuard offers realtime protection from spyware installation attempts. Make sure you are only running one real-time anti-spyware protection program ( eg : TeaTimer, Windows Defender ) or there will be a conflict.

  • Make Internet Explorer more secure
    • Click Start > Run
    • Type Inetcpl.cpl & click OK
    • Click on the Security tab
    • Click Reset all zones to default level
    • Make sure the Internet Zone is selected & Click Custom level
    • In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to "Prompt", and ("Initialize and Script ActiveX controls not marked as safe") to "Disable".
    • Next Click OK, then Apply button and then OK to exit the Internet Properties page.
  • ATF Cleaner - Cleans temporary files from IE and Windows, empties the recycle bin and more. Great tool to help speed up your computer and knock out those nasties that like to reside in the temp folders.

  • MVPS Hosts file replaces your current HOSTS file with one containing well known ad sites and other bad sites. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer, meaning it will be difficult to infect yourself in the future.

    WOT, Web of Trust, warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:
    • Green to go
    • Yellow for caution
    • Red to stop
    WOT has an addon available for both Firefox, IE and chrome.

  • For Firefox, I highly recommend this add-on to keep your PC even more secure.
    • NoScript - for blocking ads and other potential website attacks
  • Keep a backup of your important files - Now, more than ever, it's especially important to protect your digital files and memories. This article is full of good information on alternatives for home backup solutions.
  • ERUNT (Emergency Recovery Utility NT) allows you to keep a complete backup of your registry and restore it when needed. The standard registry backup options that come with Windows back up most of the registry but not all of it. ERUNT however creates a complete backup set, including the Security hive and user related sections. ERUNT is easy to use and since it creates a full backup, there are no options or choices other than to select the location of the backup files. The backup set includes a small executable that will launch the registry restore if needed.
  • In light of your recent issue, I'm sure you'd like to avoid any future infections. Please take a look at these well written articles:
    Think Prevention.
    PC Safety and Security--What Do I Need?.


**Be very wary with any security software that is advertised in popups or in other ways. They are not only usually of no use, but often have malware in them.


Thank you for your patience, and performing all of the procedures requested.

Please respond one last time so we can consider the thread resolved and close it, thank-you.

Microsoft MVP 2010, 2011, 2012, 2013, 2014, 2015


#23 Icoris

Icoris

    Authentic Member

  • Authentic Member
  • PipPip
  • 29 posts

Posted 15 November 2009 - 10:48 PM

Thanks for the help, as you can see by the post count, I'm apparently very vulnerable to this stuff haha. Once again thanks for all the help and I'll try and follow the steps!

Edited by Icoris, 15 November 2009 - 10:59 PM.


#24 CatByte

CatByte

    Classroom Administrator

  • Classroom Admin
  • 21,059 posts
  • MVP

Posted 16 November 2009 - 06:09 PM

Since this issue appears to be resolved ... this Topic has been closed. Glad we could be of assistance. If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread. Everyone else please begin a New Topic.

Microsoft MVP 2010, 2011, 2012, 2013, 2014, 2015

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users