Pesty virus

View previous topic View next topic Go down

Re: Pesty virus

Post by Pokerking98 on Tue Aug 11, 2009 1:51 pm

the installer is not running.

Pokerking98
Intermediate
Intermediate

Posts Posts : 77
Joined Joined : 2009-06-10
OS OS : XP
Points Points : 27677
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Pesty virus

Post by Belahzur on Tue Aug 11, 2009 1:55 pm

Yes, that will be corrupted by the virus.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245069
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Pesty virus

Post by Pokerking98 on Tue Aug 11, 2009 3:00 pm

I edited my post, the mbam installer that I downloaded is not installing. It wont run.

Pokerking98
Intermediate
Intermediate

Posts Posts : 77
Joined Joined : 2009-06-10
OS OS : XP
Points Points : 27677
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Pesty virus

Post by Belahzur on Tue Aug 11, 2009 3:18 pm

Rootkit is blocking it.

Hello.

  • Download combofix from here
    [You must be registered and logged in to see this link.]
    [You must be registered and logged in to see this link.]

    1. If you are using Firefox, make sure that your download settings are as follows:

    * Tools->Options->Main tab
    * Set to "Always ask me where to Save the files".

    2. During the download, rename Combofix to Combo-Fix as follows:





    3. It is important you rename Combofix during the download, but not after.
    4. Please do not rename Combofix to other names, but only to the one indicated.
    5. Close any open browsers.
    6. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

  • We need to disable your local AV (Anti-virus) before running Combofix.
  • See [You must be registered and logged in to see this link.] for how to disable your AV.
  • Double click on ComboFix.exe.
  • Follow the prompts. NOTE:
  • ComboFix will check to see if the Microsoft Windows Recovery Console is installed.
    ***It's strongly recommended to have the Recovery Console installed before doing any malware removal.***

    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will automatically proceed with its scan.


  • The Recovery Console provides a recovery/repair mode should a problem occur during a Combofix run.



  • Allow ComboFix to download the Recovery Console.
  • Accept the End-User License Agreement.
  • The Recovery Console will be installed.
  • You will then get this next prompt that asks if you want to continue the malware scan, select yes



  • Allow combofix to run
  • Post C:\combofix.txt back here.

    Note:
    Do not mouseclick combofix's window whilst it's running. That may cause it to stall.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245069
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Pesty virus

Post by Pokerking98 on Tue Aug 11, 2009 4:07 pm

Lol, slight problem?


Pokerking98
Intermediate
Intermediate

Posts Posts : 77
Joined Joined : 2009-06-10
OS OS : XP
Points Points : 27677
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Pesty virus

Post by Belahzur on Tue Aug 11, 2009 4:19 pm

Fine, we'll have to get it manually.

Download the GMER rootkit scan from here: [You must be registered and logged in to see this link.]

  1. Unzip it and start GMER.
  2. Click the >>> tab and then click the Scan button.
  3. Once done, click the Copy button.
  4. This will copy the results to your clipboard.
  5. Paste the results in your next reply.
Note:
If you're having problems with running GMER.exe, try it in safe mode. This tools works in safe mode.
You can also try renaming it since some malware blocks GMER.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245069
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Pesty virus

Post by Pokerking98 on Tue Aug 11, 2009 7:23 pm

Log was huge. would have taken over 10 posts, just to post it so I uploaded it to megaupload. Its just a .txt so no virus.


[You must be registered and logged in to see this link.]

Pokerking98
Intermediate
Intermediate

Posts Posts : 77
Joined Joined : 2009-06-10
OS OS : XP
Points Points : 27677
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Pesty virus

Post by Belahzur on Tue Aug 11, 2009 7:28 pm

Hello.
Your log does show some traces of the rootkit, but no main driver.

See if Combofix will run without being renamed.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245069
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Pesty virus

Post by Pokerking98 on Tue Aug 11, 2009 7:29 pm

It doesnt, I already tried.

Pokerking98
Intermediate
Intermediate

Posts Posts : 77
Joined Joined : 2009-06-10
OS OS : XP
Points Points : 27677
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Pesty virus

Post by Belahzur on Tue Aug 11, 2009 7:36 pm

1. Copy all the text contained in the code box below to your Clipboard by highlighting it and pressing (Ctrl+CCrying


Drivers to delete:
UACd.sys

Files to delete:
C:\DOCUME~1\David's\LOCALS~1\Temp\a.exe
C:\WINDOWS\msa.exe

Registry keys to delete:
HKLM\SYSTEM\CurrentControlSet\Services\UACd.sys
HKLM\SYSTEM\controlset004\Services\UACd.sys

Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.


2. Now, start The Avenger program by clicking on its icon on your desktop.

  • Under "Input script here:", paste in the script from the quote box above.
  • Leave the ticked box "Scan for rootkit" ticked.
  • Then tick "Disable any rootkits found"
  • Now click on the Execute to begin execution of the script.
  • Answer "Yes" twice when prompted.

    The Avenger will automatically do the following:

  • It will Restart your computer.
  • On reboot, it will briefly open a black command window on your desktop, this is normal.
  • After the restart, it creates a log file that should open with the results of Avenger’s actions. This log file will be located at C:\avenger.txt
  • The Avenger will also have backed up all the files, etc., that you asked it to delete, and will have zipped them and moved the zip archives to C:\avenger\backup.zip.
3. Please copy/paste the content of c:\avenger.txt into your reply.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245069
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Pesty virus

Post by Pokerking98 on Wed Aug 12, 2009 2:37 am

Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\tscwbuoy

*******************

Script file located at: \??\C:\pdjmycdg.txt
Script file opened successfully.

Script file read successfully

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

File C:\DOCUME~1\David's\LOCALS~1\Temp\a.exe deleted successfully.
File C:\WINDOWS\msa.exe deleted successfully.
Registry key HKLM\SYSTEM\CurrentControlSet\Services\UACd.sys deleted successfully.
Registry key HKLM\SYSTEM\controlset004\Services\UACd.sys deleted successfully.

Completed script processing.

*******************

Finished! Terminate.

Pokerking98
Intermediate
Intermediate

Posts Posts : 77
Joined Joined : 2009-06-10
OS OS : XP
Points Points : 27677
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Pesty virus

Post by Belahzur on Wed Aug 12, 2009 4:47 pm

Hello.
See if Combofix will run now.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245069
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Pesty virus

Post by Pokerking98 on Wed Aug 12, 2009 9:17 pm

It worked =]

[You must be registered and logged in to see this link.]

Pokerking98
Intermediate
Intermediate

Posts Posts : 77
Joined Joined : 2009-06-10
OS OS : XP
Points Points : 27677
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Pesty virus

Post by Belahzur on Wed Aug 12, 2009 9:38 pm

Hello.
Oh dear...Sad tearing Your Combofix log showns an even worse infection than all of what we've dealt with already, I don't know why this machine is still alive.
It's a file infecter called Virut. Virut spreads across EVERY exe and scr type file on the machine, I see it has messed with one file, but that has been put right. Luckily, I don't see it has messed with any other files, you might have escaped it....just.

Now open a new notepad file.
Input this into the notepad file:

KILLALL::

File::
c:\windows\system32\drivers\txtusprpetbdmxby.sys
c:\windows\system32\drivers\rptobwtibcofyxui.sys
c:\windows\system32\UACcjcduevcjg.dll
c:\windows\system32\UACdtoiobekai.dll
c:\windows\system32\UACtirsivngdm.dll
c:\windows\system32\UACkwtqdulgwd.dat
c:\windows\system32\UACprwtaqesmf.dll
c:\windows\system32\UACvollhamnms.dll
c:\windows\system32\drivers\UACbocpxvoydn.sys
c:\windows\system32\xa.tmp
c:\windows\system32\tofukega.dll
c:\windows\system32\yoyamama.dll
c:\windows\system32\vajetezo.dll
c:\program files\pkpwbdro.txt
c:\windows\system32\kenayiba.dll
c:\windows\system32\kozibala.exe
c:\windows\system32\tepeliju.exe
c:\windows\system32\vuhodoji.dll

Driver::
lnskihss
nkvnxko
npggsvc

Registry::
[-HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{f7d09218-46d7-4d3d-9b7f-315204cd0836}\proxystubclsid]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{f7d09218-46d7-4d3d-9b7f-315204cd0836}\proxystubclsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{f7d09218-46d7-4d3d-9b7f-315204cd0836}\typelib]
[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{e63648f7-3933-440e-b4f6-a8584dd7b7eb}\1.0]

RegLockDel::
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{f7d09218-46d7-4d3d-9b7f-315204cd0836}\proxystubclsid]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{f7d09218-46d7-4d3d-9b7f-315204cd0836}\proxystubclsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{f7d09218-46d7-4d3d-9b7f-315204cd0836}\typelib]
[HKEY_LOCAL_MACHINE\software\Classes\TypeLib\{e63648f7-3933-440e-b4f6-a8584dd7b7eb}\1.0]

Save this as CFScript.txt, save it to your desktop also.
Then drag and drop CFScript.txt into combofix as seen below:


This will open combofix again, agree to it's terms and allow it to run.
It may want to reboot after it's done. (It will warn you if it wants to)
Post the resulting log back here.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245069
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Pesty virus

Post by Pokerking98 on Thu Aug 13, 2009 12:25 am

[You must be registered and logged in to see this link.]

Pokerking98
Intermediate
Intermediate

Posts Posts : 77
Joined Joined : 2009-06-10
OS OS : XP
Points Points : 27677
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Pesty virus

Post by Belahzur on Thu Aug 13, 2009 12:32 am

Hello.
I think that's the worst of it gone, the log looks good now, just need to uninstall a few things.

  • Open HijackThis.
  • When Hijack This opens, click "Open the Misc Tools section"
  • Then select "Open Uninstall Manager"
  • Click on "Save List..." (generates uninstall_list.txt)
  • Click Save, copy and paste the results in your next post.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245069
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Pesty virus

Post by Pokerking98 on Thu Aug 13, 2009 2:52 am

2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
Adobe Acrobat - Reader 6.0.2 Update
Adobe AIR
Adobe AIR
Adobe Anchor Service CS4
Adobe Bridge CS4
Adobe CMaps CS4
Adobe Color - Photoshop Specific CS4
Adobe Color EU Extra Settings CS4
Adobe Color JA Extra Settings CS4
Adobe Color NA Recommended Settings CS4
Adobe Color Video Profiles CS CS4
Adobe CSI CS4
Adobe Default Language CS4
Adobe Device Central CS4
Adobe Drive CS4
Adobe Dynamiclink Support
Adobe ExtendScript Toolkit CS4
Adobe Extension Manager CS4
Adobe Flash CS4
Adobe Flash CS4 Extension - Flash Lite STI en
Adobe Flash CS4 Professional
Adobe Flash CS4 STI-en
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Fonts All
Adobe Linguistics CS4
Adobe Media Encoder CS4
Adobe Media Player
Adobe Media Player
Adobe Output Module
Adobe PDF Library Files CS4
Adobe Photoshop CS4
Adobe Photoshop CS4
Adobe Photoshop CS4
Adobe Photoshop CS4 Support
Adobe Reader 6.0.1
Adobe Search for Help
Adobe Service Manager Extension
Adobe Setup
Adobe Setup
Adobe Shockwave Player
Adobe Type Support CS4
Adobe Update Manager CS4
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS4
AdobeColorCommonSetCMYK
AdobeColorCommonSetRGB
AI RoboForm (All Users)
AIM 6
Alarm 2.0.4
Apple Mobile Device Support
Apple Software Update
ATI Control Panel
ATI Display Driver
Audacity 1.2.6
AutoIt v3.3.0.0
AVS Update Manager 1.0
AVS Video Converter 6
AVS4YOU Software Navigator 1.3
Bonjour
Camtasia Studio 6
CCleaner (remove only)
Cheat Engine 5.5
Choice Guard
CoffeeCup Direct FTP
CoffeeCup Free Zip Wizard
Conexant D850 56K V.9x DFVc Modem
Connect
Dell CinePlayer
Dell Digital Jukebox Driver
Dell Driver Reset Tool
DellSupport
Digital Content Portal
Digital Line Detect
DisSharp
DivX Web Player
DJ Java Decompiler v.3.10.10.93
Drift City
EarthLink setup files
FileZilla Client 3.1.3
FinePix Studio
FinePixViewer Resource
Flock (2.5)
Geometry Solved!
Gogglebox TV
Google Earth
Google Update Helper
HijackThis 2.0.2
HiYo
HiYo
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB961118)
HyperCam 2
ijji - Gunz
ijji Auto Installer
Intel(R) PRO Network Connections Drivers
Intel(R) PROSet for Wired Connections
iTunes
Java 2 Runtime Environment, SE v1.4.2_03
Java DB 10.4.1.3
Java(TM) 6 Update 11
Java(TM) 6 Update 7
Java(TM) SE Development Kit 6 Update 11
Junk Mail filter update
kuler
L33TSig 2 for Windows
Learn2 Player (Uninstall Only)
Macromedia Flash Player
Malwarebytes' Anti-Malware
MapleStory
McAfee Uninstaller
MCU
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft Halo Trial
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Live Add-in 1.3
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Modem Helper
Mozilla Firefox (3.0.13)
MSVCRT
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 Parser and SDK
MSXML 6 Service Pack 2 (KB954459)
Musicmatch for Windows Media Player
My Sim Aquarium
Nero 7 Ultra Edition
neroxml
NetWaiting
NVT Malware Remover Tool v2.0.8b1
Opera 9.64
Pando Media Booster
PaperPort Image Printer
PDF Settings CS4
PE Explorer 1.99 R5
Perfect Uninstaller v6.2.2
Photoshop Camera Raw
Pixel Bender Toolkit
Qualxserve Service Agreement
QuickBooks Simple Start Special Edition
QuickTime
Raptr
RealPlayer Basic
Revo Uninstaller 1.71
Roxio DLA
Roxio MyDVD LE
Roxio RecordNow Audio
Roxio RecordNow Copy
Roxio RecordNow Data
Safari
ScanSoft PaperPort 11
SCAR Divi CDE 3.15b
SciTE4AutoIt3 1-6-2009
Security Update for 2007 Microsoft Office System (KB951550)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB969679)
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft Office Excel 2007 (KB969682)
Security Update for Microsoft Office OneNote 2007 (KB950130)
Security Update for Microsoft Office PowerPoint 2007 (KB957789)
Security Update for Microsoft Office Publisher 2007 (KB969693)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for Microsoft Office Word 2007 (KB969604)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969897)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB973346)
Segoe UI
SHOUTcast DNAS (remove only)
SHOUTcast Source DSP 1.9.0 (remove only)
Skype™ 4.0
SlimBrowser (remove only)
Sonic Activation Module
Sonic Update Manager
StyleXP (remove only)
Subversion 1.4.5-r25188
Suite Shared Configuration CS4
SUPERAntiSpyware Free Edition
TeamViewer 3
TeamViewer 4
Technitium MAC Address Changer v5.0
TGEA 1.8.0 SDK (remove only)
TortoiseSVN 1.6.2.16344 (32 bit)
TVUPlayer 2.4.1.0
Uninstall KnightOnline
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office Outlook 2007 (KB969907)
Update for Outlook 2007 Junk Email Filter (kb971933)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
VC80CRTRedist - 8.0.50727.762
Viewpoint Media Player
WAPT
WebCyberCoach 3.2 Dell
WeGame Client Public Beta 1.1.5
Winamp
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows Media Format 11 runtime
Windows Media Format Runtime
Windows Media Player 10
Windows Media Player 10
WinRAR archiver
WinZip 12.0
WordPerfect Office 12

Pokerking98
Intermediate
Intermediate

Posts Posts : 77
Joined Joined : 2009-06-10
OS OS : XP
Points Points : 27677
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Pesty virus

Post by Belahzur on Thu Aug 13, 2009 4:34 pm

Hello.

Go to Start > Control Panel > Add/Remove Programs and remove the following programs.

    Java 2 Runtime Environment, SE v1.4.2_03
    Java DB 10.4.1.3
    Java(TM) 6 Update 11
    Java(TM) 6 Update 7
    Java(TM) SE Development Kit 6 Update 11
    Viewpoint Media Player

Click Start > Run and copy/paste the following bolded text into the Run box and click OK:

ComboFix /u



This will also reset your restore points.

How is the machine running now?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245069
# Likes # Likes : 1

View user profile

Back to top Go down

Re: Pesty virus

Post by Pokerking98 on Fri Aug 14, 2009 9:21 pm

Awsome, thanks.

Pokerking98
Intermediate
Intermediate

Posts Posts : 77
Joined Joined : 2009-06-10
OS OS : XP
Points Points : 27677
# Likes # Likes : 0

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum