Jump to content

Build Theme!
  • Infected?


Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 92813 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


[Resolved] http://error404.index.com or http://error404.com/ after an

  • This topic is locked This topic is locked
20 replies to this topic

#16 SweetTech


    MalwareTeam Emeritus

  • Authentic Member
  • PipPipPipPipPip
  • 3,368 posts

Posted 23 November 2009 - 11:36 PM

i was reading the posts, and i found in the first posts from you, that you told me that we will have to re-immunize with those programs, shall we do this too or we
just gonna skip it as well....???

SpywareBlaster is a program that adds a large list of websites and programs into your settings for Internet Explorer. This helps to protect you as well as preventing you from accidently running and/or downloading a known malicious program(s).
If this is something that you might be interested in downloading to your computer you can take a look at a tutorial on this program here.

remember that we fix it with "regedit"?? my question is, that if malwarebytes runs in the background by itself or if it only works when i turn it ON to scann my pc (because i remember that it was being blocked from my startup programs)

I believe that you should still be able to run MalwareBytes' Anti-Malware normally. I believe that with the Free Version you are able to use the scanner on demand. When we used that regfix that was used to remove that startup program notification that you got when you rebooted your computer. The next time you reboot your computer you shouldn't get that start-up notification window displayed. I hope that this answered your question.

Time for some housekeeping
The following will implement some cleanup procedures as well as reset System Restore points:
Posted Image
Click Start > Run and copy/paste the following bolded text into the Run box and click OK: ComboFix /Uninstall

From your Desktop please delete the following things:
  • Any notepad/logs that we created
  • registrybackup.reg
  • RootRepeal.zip from wherever you downloaded the file to.
  • RootRepeal.exe from where ever you extracted it.
  • DelDomains
  • DDS.scr
  • GMER.zip from wherever you downloaded the file to.
  • GMER.exe from where you extracted it.
  • You may also remove ESET Online Scan via your Add/Remove Programs.
Peer to Peer Program
While reviewing your logs I noticed that you currently have Peer to Peer program(s) installed on your computer.

You currently have the following P2P programs installed:
  • Ares 2.1.1
  • Vuze
Most of the infections that we see today are through P2P file sharing. By uninstalling the programs that I mentioned above you will be doing yourself a favor. It's impossible to trust the source of what is being downloaded from them and a file may or may not be what it appears to be.

How to Uninstall the P2P Programs:
  • Click on Start > Control Panel and double click on Programs and Features.
  • Locate Ares 2.1.1 and click on the Uninstall button to uninstall it.
  • Repeat for Vuze.
  • Close Control Panel when done.
PLEASE NOTE: When your uninstalling the P2P Program(s) some questions are worded in various ways to try and deceive you and keep you from uninstalling their Program.

Outdated Version Older versions have vulnerabilities that malware can use to infect your system.
Please follow these steps to remove older version Java components.
  • Now go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java.
  • Check (highlight) Java™ 6 Update 5.
  • Click the Remove or Change/Remove button.
  • Go to Start > Control Panel (using Classic View) and double-click the Java Icon. (looks like a coffee cup)
    • On the General tab, under Temporary Internet Files, click the Settings button.
    • Next, click on the Delete Files button
    • There are two options in the window to clear the cache - Leave BOTH CheckedApplications and AppletsTrace and Log Files
  • Click OK on Delete Temporary Files Window
    Note: This deletes ALL the Downloaded Applications and Applets from the CACHE.
  • Click OK to leave the Temporary Files Window
  • Click OK to leave the Java Control Panel.
All Clean Speech

===> Make sure you've re-enabled any Security Programs that we may have disabled during the malware removal process. <===

Below I have included a number of recommendations for how to protect your computer against malware infections.
  • It is good security practice to change your passwords to all your online accounts on a fairly regular basis, this is especially true after an infection. Refer to this Microsoft article
    Strong passwords: How to create and use them
    then consider a password keeper, to keep all your passwords safe.
  • Keep Windows updated by regularly checking their website at: http://windowsupdate.microsoft.com/
    This will ensure your computer has always the latest security updates available installed on your computer.
  • SpywareBlaster protects against bad ActiveX, it immunizes your PC against them.
  • SpywareGuard offers realtime protection from spyware installation attempts. Make sure you are only running one real-time anti-spyware protection program ( eg : TeaTimer, Windows Defender ) or there will be a conflict.
  • Make Internet Explorer more secure
    • Click Start > Run
    • Type Inetcpl.cpl & click OK
    • Click on the Security tab
    • Click Reset all zones to default level
    • Make sure the Internet Zone is selected & Click Custom level
    • In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to "Prompt", and ("Initialize and Script ActiveX controls not marked as safe") to "Disable".
    • Next Click OK, then Apply button and then OK to exit the Internet Properties page.
  • ATF Cleaner - Cleans temporary files from IE and Windows, empties the recycle bin and more. Great tool to help speed up your computer and knock out those nasties that like to reside in the temp folders.
  • MVPS Hosts file replaces your current HOSTS file with one containing well known ad sites and other bad sites. Basically, this prevents your computer from connecting to those sites by redirecting them to which is your local computer, meaning it will be difficult to infect yourself in the future.
  • WOT, Web of Trust, warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:
    • Green to go
    • Yellow for caution
    • Red to stop
    WOT has an addon available for both Firefox and IE
  • Please consider using an alternate browser. Mozilla's Firefox browser is fantastic; it is much more
    secure than Internet Explorer, immune to almost all known browser hijackers, and also has the best built-in pop up
    blocker (as an added benefit!) that I have ever seen. If you are interested, Firefox may be downloaded from Here
    • If you choose to use Firefox, I highly recommend this add-on to keep your PC even more secure.
      • NoScript - for blocking ads and other potential website attacks
  • Keep a backup of your important files - Now, more than ever, it's especially important to protect your digital files and memories. This article is full of good information on alternatives for home backup solutions.
  • ERUNT (Emergency Recovery Utility NT) allows you to keep a complete backup of your registry and restore it when needed. The standard registry backup options that come with Windows back up most of the registry but not all of it. ERUNT however creates a complete backup set, including the Security hive and user related sections. ERUNT is easy to use and since it creates a full backup, there are no options or choices other than to select the location of the backup files. The backup set includes a small executable that will launch the registry restore if needed.
  • In light of your recent issue, I'm sure you'd like to avoid any future infections. Please take a look at these well written articles:
    Think Prevention.
    PC Safety and Security--What Do I Need?.
**Be very wary with any security software that is advertised in popups or in other ways. They are not only usually of no use, but often have malware in them.

Thank you for your patience, and performing all of the procedures requested.

Please respond one last time so we can consider the thread resolved and close it, thank-you.

Posted Image

Proud Graduate of the WTT Classroom
Posted Image


Register to Remove

#17 lamar


    Authentic Member

  • Authentic Member
  • PipPip
  • 30 posts

Posted 24 November 2009 - 01:13 PM

[quote]The following will implement some cleanup procedures as well as reset System Restore points:

Click Start > Run and copy/paste the following bolded text into the Run box and click OK: ComboFix /Uninstall

every time i run that via "run"program it tells me that it cannot be find, and that i need to check the spell and try again... i ve also tried ComboFix /U as well and nothing... just cant be found... you know how to get to it???

ps: i downloaded some of the programs that u recomended and they seem pretty good all together thnx

#18 SweetTech


    MalwareTeam Emeritus

  • Authentic Member
  • PipPipPipPipPip
  • 3,368 posts

Posted 24 November 2009 - 05:32 PM

Now to remove most of the tools that we have used in fixing your machine:
  • Make sure you have an Internet Connection.
  • Download OTC to your desktop and run it
  • A list of tool components used in the cleanup of malware will be downloaded.
  • If your Firewall or Real Time protection attempts to block OTC to reach the Internet, please allow the application to do so.
  • Click Yes to begin the cleanup process and remove these components, including this application.
  • You will be asked to reboot the machine to finish the cleanup process. If you are asked to reboot the machine choose Yes.

Posted Image

Proud Graduate of the WTT Classroom
Posted Image

#19 lamar


    Authentic Member

  • Authentic Member
  • PipPip
  • 30 posts

Posted 24 November 2009 - 06:29 PM

done... i think these thread should be closed :D no annoyances anymore... laptop running smooth and have some extra protection now to avoid future attacks thnx sweetTech :D for the exciting week of nonsense logs for me and stuff lmao..... nah seriously i appreciate your help during thise week

#20 SweetTech


    MalwareTeam Emeritus

  • Authentic Member
  • PipPipPipPipPip
  • 3,368 posts

Posted 24 November 2009 - 06:34 PM

lamar, I'm glad that I was able to assist you in getting your computer cleaned up. Stay Safe and Stay Clean. Take Care, SweetTech

Posted Image

Proud Graduate of the WTT Classroom
Posted Image

#21 Tomk


    Beguilement Monitor

  • Global Moderator
  • 20,372 posts

Posted 24 November 2009 - 07:22 PM

Since this issue appears to be resolved ... this Topic has been closed. Glad we could be of assistance. If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread. Everyone else please begin a New Topic.
Microsoft MVP 2010-2014

Related Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users