Re: infected registry files?
- From: "David H. Lipman" <DLipman~nospam~@Verizon.Net>
- Date: Fri, 22 Sep 2006 21:50:37 -0400
From: "amberbootyliscious" <amberbootyliscious@xxxxxxxxxxxxxxxxxxxxxxxxx>
| Hello, can you help?my system was running great for about five months after a
| win32 bug , i had everything secured , on one web page, a windows genuine
| certificate box, said to click yes as it was secure, i did, it was a program
| PESTTRAP , which infected so many files , but the same old story, i needed to
| subscribe , it took so long to get rid of this , it just reappeared every
| time i zapped it with legit anti virus. It has left me with so many extras,
| ill clear it all then NT back door , IE tray hijacker, I spy password
| cracker, I have these quarantined but also parts of my registry are with them
| , it scared me a bit , was wondering if I could send a copy of quarantine
| list to somebody . to give an idea as what i should do with it?Sorry to be
| cheeky but my head is spinning until early hours trying to find out what to
| do. iI spy changed all of my settings on Ie and my yahoo e mails. thanks
Two part reply..
Perform Part 1 then perform Part 2.
If the first two parts don't work, perform the alternate section.
It is suggested that you execute each tool in Normal Mode then in Safe Mode.
Part 1
-----------
Use noahdfear's SmitFraud, SpyAxe, SpyFalcon, et. al., removal tool -- SmitRem.exe
http://noahdfear.geekstogo.com/click%20counter/click.php?id=1
http://www.bleepingcomputer.com/forums/topic43659.html
Part 2
-----------
Download SmitFraud.exe from the URL --
http://www.ik-cs.com/programs/virtools/SmitFraud.exe
Execute; SmitFraud.exe { Note: You must accept the default of C:\McAfee }
Choose; Unzip
Choose; Close
NOTE: You may have to disable your software FireWall or allow WGET.EXE to go through your
FireWall to enable WGET.EXE to download the needed McAfee related files.
Execute; c:\mcafee\clean.bat
{ or Double-click on 'Clean Link' in c:\mcafee }
A final report in HTML format called C:\mcafee\Normal_ScanReport.HTML or
C:\mcafee\Safe_ScanReport.HTML will be generated. At the end of the scan, it will be
displayed in your browser (Opera, FireFox or Internet Explorer). However, if you are using
WinXP, Win2K or Win2003 your system will be left in a state where you will have to manually
shutdown/reboot the PC. On Win9x/ME platforms the report will not be shown in your bowser
but your PC will automatically be shutdown. It is suggested that you move the report out of
c:\mcafee before performing another scan.
It would be best to scan in both Safe Mode and in Normal Mode and save a copy of the HTML
report for each session.
ALTERNATE:
S!ri's SmitfraudFix
http://siri.urz.free.fr/Fix/SmitfraudFix_En.php
Please Copy and Paste the contents of the HTML Log files;
C:\mcafee\Normal_ScanReport.HTML & C:\mcafee\Safe_ScanReport.HTML in your reply.
* * * Please report back your results * * *
--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm
.
- Prev by Date: Re: whats the point of windows firewall?
- Next by Date: Re: Locking Down workstation
- Previous by thread: Re: anti-virus confusion
- Next by thread: Re: infected registry files?
- Index(es):
Relevant Pages
|
|
