Re: Rouge files?

From: David H. Lipman (DLipman~nospam~_at_Verizon.Net)
Date: 04/01/05

  • Next message: x: "Delete hidden files"
    Date: Thu, 31 Mar 2005 17:18:22 -0500
    
    

    From: "originalturbo" <originalturbo@discussions.microsoft.com>

    | Are these files real windows files, or rouge files?
    |
    | tscdev.exe
    | msr42u.exe
    | akhvnh.exe
    |
    | They keep trying to access the net, and aw-ware isn't get shot of them

    Dump the contents of the IE Temporary Internet Folder cache (TIF)

    start --> settings --> control panel --> internet options --> delete files

    1) Download the following three items...

             Trend Sysclean Package
             http://www.trendmicro.com/download/dcs.asp

             Latest Trend Pattern File.
             http://www.trendmicro.com/download/pattern.asp

             Ad-aware SE (free personal version v1.05)
             http://www.lavasoftusa.com/

    Trend Sysclean Method 1
    ---------------------------------------
    Create a directory.
    On drive "C:\"
    (e.g., "c:\sysclean")

    Download SYSCLEAN.COM and place it in that directory.
    Download the signature files (pattern files) by obtaining the ZIP file.
    For example; lpt526.zip

    Extract the contents of the ZIP file and place the contents in the same directory as
    SYSCLEAN.COM.

    Trend Sysclean Method 2
    ---------------------------------------
    The utility SYSCLEAN_FE in "Procedure 1" at the following URL
    http://www.ik-cs.com/got-a-virus.htm automates the download and execution process of the
    Trend Sysclean Package.

    2) Update Ad-aware with the latest definitions.
    3) Disable System Restore
            http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm
    4) Reboot your PC into Safe Mode and shutdown as many applications as possible
    5) Using both the Trend Sysclean utility and Ad-aware, perform a Full Scan of your
            platform and clean/delete any infectors/parasites found.
            (a few cycles may be needed)
    6) Restart your PC and perform a "final" Full Scan of your platform using both the
            Trend Sysclean utility and Adaware
    7) Re-enable System Restore and re-apply any System Restore preferences,
            (e.g. HD space to use suggested 400 ~ 600MB),
    8) Reboot your PC.
    9) Create a new Restore point

    * * Please report back your results ! * *

    -- 
    Dave
    http://www.claymania.com/removal-trojan-adware.html
    http://www.ik-cs.com/got-a-virus.htm
    

  • Next message: x: "Delete hidden files"

    Relevant Pages

    • Re: Virus or?
      ... Trend Sysclean Method 1 ... Download SYSCLEAN.COM and place it in that directory. ... Restart your PC and perform a "final" Full Scan of your platform using both the ... Re-enable System Restore and re-apply any System Restore preferences, ...
      (microsoft.public.windowsxp.general)
    • Re: Antivirus & spy remover software
      ... | software, that can be able to protect my pc from known virus., i am using ... Trend Sysclean Method 1 ... Download SYSCLEAN.COM and place it in that directory. ... Re-enable System Restore and re-apply any System Restore preferences, ...
      (microsoft.public.windowsxp.general)
    • Re: Trojan Infection
      ... Trend Sysclean Method 1 ... Download SYSCLEAN.COM and place it in that directory. ... Re-enable System Restore and re-apply any System Restore preferences, ...
      (microsoft.public.windowsxp.security_admin)
    • Re: ISTbar problem
      ... | freewares).i keep them updated.Whenever i use adaware for scanning my hard ... Trend Sysclean Method 1 ... Download SYSCLEAN.COM and place it in that directory. ... Re-enable System Restore and re-apply any System Restore preferences, ...
      (microsoft.public.windowsxp.security_admin)
    • Re: help on DLL error !!!!
      ... Trend Sysclean Method 1 ... Download SYSCLEAN.COM and place it in that directory. ... Reboot your PC into Safe Mode and shutdown as many applications as possible ... Re-enable System Restore and re-apply any System Restore preferences, ...
      (microsoft.public.windowsxp.general)