Re: Spyware
- From: Malke <notreally@xxxxxxxxxxxxxxx>
- Date: Wed, 05 Apr 2006 12:22:28 -0700
Ankur wrote:
A spyware has registered itself to my system and its was not cleaned
by any software known to me Windows defender, Norton , System Mechanic
etc.
it runs an exe msyuc.exe and few other exes ,everytime i login .
i checked registry, and there is an entry under winlogon:
Shell=Explorer.exe, C:\WINDOWS\system32\msyuc.exe
UserInit=C:\WINDOWS\system32\userinit.exe,xofxmvg.exe
I tried to remove both these exes, but they are not getting deleted
from registry.
Also i tried to delete these file manually under safe mode, but they
are not there under these direcotries, i have no hidden files etc.
i dont know how to clean up my registry, any advice will be helpful.
You need to change the userinit registry entry to:
C:\WINDOWS\system32\userinit.exe,
This assumes your Windows installation is on the C: drive. Be sure to
include the trailing comma.
I'll give you a link to systematic malware cleanup steps, but you will
probably need to run HijackThis and post your log at one of the
specialty forums (not here, please) listed at the link below:
http://www.elephantboycomputers.com/page2.html#Removing_Malware
If the procedures look too complex - and there is no shame in admitting
this; we all have our areas of expertise - then take your computer to a
professional computer repair shop (not your local version of
BigStoreUSA).
Malke
--
Elephant Boy Computers
www.elephantboycomputers.com
"Don't Panic!"
MS-MVP Windows - Shell/User
.
- Prev by Date: ethernet attack
- Next by Date: Re: Why don't the Patches work?
- Previous by thread: Re: spyware
- Next by thread: Re: Script to Create Logon ID for Workgroup Server
- Index(es):
Relevant Pages
|
