Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Got tagged with TagaSaurus [CLOSED]

Started by Rmendez , Mar 14 2006 11:16 PM

  • This topic is locked This topic is locked

#1
Rmendez
Posted 14 March 2006 - 11:16 PM

Rmendez

    New Member

  • Member
  • Pip
  • 9 posts
Hello
Got tagged with this nasty virus or trojan cant even get online.

Please help!!!

Here is my logfile:

Logfile of HijackThis v1.99.1
Scan saved at 11:00:27 PM, on 3/14/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS2\System32\smss.exe
C:\WINDOWS2\system32\csrss.exe
C:\WINDOWS2\system32\winlogon.exe
C:\WINDOWS2\system32\services.exe
C:\WINDOWS2\system32\lsass.exe
C:\WINDOWS2\system32\svchost.exe
C:\WINDOWS2\System32\svchost.exe
C:\WINDOWS2\System32\svchost.exe
C:\WINDOWS2\System32\svchost.exe
C:\WINDOWS2\Explorer.EXE
C:\WINDOWS2\system32\LEXBCES.EXE
C:\WINDOWS2\system32\spoolsv.exe
C:\WINDOWS2\system32\LEXPPS.EXE
C:\WINDOWS2\cjlihkb.exe
C:\WINDOWS2\AGRSMMSG.exe
C:\WINDOWS2\System32\logon.exe
C:\WINDOWS2\System32\mswupdate32.exe
C:\WINDOWS2\System32\section.exe
C:\WINDOWS2\System32\winPE.exe
C:\WINDOWS2\cjlihkbA.exe
C:\Program Files\Internet Optimizer\optimize.exe
C:\WINDOWS2\SYSC00.exe
C:\sdkhj.exe
C:\WINDOWS2\System32\rundll32.exe
C:\windows2\system32\qldsregk.exe
C:\WINDOWS2\newfrn.exe
C:\mousepad1.exe
C:\WINDOWS2\System32\qjhyuadn.exe
C:\Program Files\Pjwfkq\Olgno.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\PROGRA~1\COMMON~1\wium\wiumm.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\EQAdvice\EQAdvice.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\WINDOWS2\system32\twinmrag.exe
C:\Program Files\Internet Optimizer\actalert.exe
C:\Program Files\FCAdvice\FCAdvice.exe
C:\Program Files\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.fin...siteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchbar.fin...siteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.fin...siteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.findthewebsiteyouneed.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.fin...siteyouneed.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.fin...siteyouneed.com
R3 - URLSearchHook: (no name) - _{02EE5B04-F144-47BB-83FB-A60BD91B74A9} - (no file)
R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - C:\Program Files\SurfSideKick 3\SskBho.dll
O2 - BHO: BHObj Class - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - C:\WINDOWS2\nem220.dll
O2 - BHO: URLLink - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet7_22.dll
O2 - BHO: (no name) - {6001CDF7-6F45-471b-A203-0225615E35A7} - C:\WINDOWS2\DH.dll
O2 - BHO: BHObj Class - {8F4E5661-F99E-4B3E-8D85-0EA71C0748E4} - C:\WINDOWS2\wsem303.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS2\System32\msdxm.ocx
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Windows Logon Application] C:\WINDOWS2\System32\logon.exe
O4 - HKLM\..\Run: [microsft windows updates] mswupdate32.exe
O4 - HKLM\..\Run: [Windows System Section] section.exe
O4 - HKLM\..\Run: [ms ownage] winPE.exe
O4 - HKLM\..\Run: [cjlihkbA] C:\WINDOWS2\cjlihkbA.exe
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe"
O4 - HKLM\..\Run: [TheMonitor] C:\WINDOWS2\SYSC00.exe
O4 - HKLM\..\Run: [mdc] C:\sdkhj.exe
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s
O4 - HKLM\..\Run: [WinTask driver] C:\WINDOWS2\System32\wintask.exe
O4 - HKLM\..\Run: [SurfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe
O4 - HKLM\..\Run: [{91-19-9E-EF-ZN}] C:\windows2\system32\qldsregk.exe CORN001
O4 - HKLM\..\Run: [NewFrn] C:\WINDOWS2\newfrn.exe
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [gimmysmileys] C:\\gimmysmileys1.exe
O4 - HKLM\..\Run: [keyboard] C:\\keyboard1.exe
O4 - HKLM\..\Run: [mousepad] C:\\mousepad1.exe
O4 - HKLM\..\Run: [BrowserUpdateSched] C:\WINDOWS2\system32\twinmrag.exe CORN001
O4 - HKLM\..\Run: [Microsoft ® Windows Binary Runtime Service] C:\WINDOWS2\System32\qjhyuadn.exe
O4 - HKLM\..\Run: [Ngvstl] C:\Program Files\Pjwfkq\Olgno.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\RunServices: [microsft windows updates] mswupdate32.exe
O4 - HKLM\..\RunServices: [Windows System Section] section.exe
O4 - HKLM\..\RunServices: [ms ownage] winPE.exe
O4 - HKCU\..\Run: [Windows System Section] section.exe
O4 - HKCU\..\Run: [CU1] C:\Program Files\Common Files\VCClient\VCClient.exe
O4 - HKCU\..\Run: [CU2] C:\Program Files\Common Files\VCClient\VCMain.exe
O4 - HKCU\..\Run: [SurfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe
O4 - HKCU\..\Run: [wium] C:\PROGRA~1\COMMON~1\wium\wiumm.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [EQAdvice] "C:\Program Files\EQAdvice\EQAdvice.exe"
O4 - HKCU\..\Run: [Registry Cleaner] C:\PROGRA~1\REGIST~1\regclean.exe
O4 - Startup: Z_Start.lnk = C:\WINDOWS2\system32\dwdsregt.exe
O4 - Startup: Zeno.lnk = C:\WINDOWS2\system32\twinmrag.exe
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS2\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS2\web\related.htm
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540013} (CInstall Class) - http://adserver.shar...ver/Install.cab
O18 - Filter: text/html - {994D478A-45D0-4DB4-AE77-288B1E346E99} - C:\Program Files\FCAdvice\FCAdvice.dll
O20 - AppInit_DLLs: repairs303169536.dll,Runner.dll
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS2\system32\LEXBCES.EXE
O23 - Service: Windows Overlay Components - Unknown owner - C:\WINDOWS2\cjlihkb.exe
  • 0

Advertisements

#2
lovethepirk
Posted 15 March 2006 - 08:16 PM

lovethepirk

    Visiting Staff

  • Member
  • PipPipPip
  • 528 posts
Welcome to Geekstogo forums.

You have a lot of bad files in your computer that we need to remove.

When you cannot get online it always presents an interesting problem. We will need you to try several things and then if you can get online that would be great if not then you might have to download a program called EWIDO from another computer and transfer it to this one. If you have no way of doing this we will have to delete some of the bad files manually.

Go to add/remove programs in your control panel and uninstall(if there):
SurfSidekick
New.net or New dot net
Internet Optimizer


Clean out temporary files. Go to Start > Run and type in the box: cleanmgr. Let it scan your system for files to remove. Make sure these 3 are checked and then press *ok* to remove:

Temporary Files
Temporary Internet Files
Recycle Bin


Please download, install, scan your system with the free version of Ewido anti malware:
  • When installing, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
  • When you run ewido for the first time, you will get a warning "Database could not be found!". Click OK. We will fix this in a moment.
  • Click on the Scanner button in the left menu, then click on the Start button. This scan can take quite a while to run, so time to go get a drink and a snack....
  • If ewido finds anything, it will pop up a notification. You can select "clean" and check the boxes "Perform action with all infections" and "Create encrypted backup" before clicking on OK.
  • When the scan finishes, click on "Save Report". This will create a text file. Please then paste the contents of the text file to this thread, along with a new HijackThis log.
Regards,

LTP

let me know how things went, we might have to kill some files manually before you can get back on line :tazz:
  • 0

#3
Rmendez
Posted 20 March 2006 - 01:27 AM

Rmendez

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
To:
lovethepirk

First of all thank you for your help
her is my new log and ewido report

Logfile of HijackThis v1.99.1
Scan saved at 5:41:22 PM, on 3/19/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS2\System32\smss.exe
C:\WINDOWS2\system32\winlogon.exe
C:\WINDOWS2\system32\services.exe
C:\WINDOWS2\system32\lsass.exe
C:\WINDOWS2\system32\svchost.exe
C:\WINDOWS2\System32\svchost.exe
C:\WINDOWS2\Explorer.EXE
C:\WINDOWS2\system32\LEXBCES.EXE
C:\WINDOWS2\system32\spoolsv.exe
C:\WINDOWS2\system32\LEXPPS.EXE
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\WINDOWS2\AGRSMMSG.exe
C:\sdkhj.exe
C:\WINDOWS2\system32\twinmrag.exe
C:\WINDOWS2\System32\qjhyuadn.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\EQAdvice\EQAdvice.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.fin...siteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchbar.fin...siteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.fin...siteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.findthewebsiteyouneed.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.fin...siteyouneed.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.fin...siteyouneed.com
R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - (no file)
O2 - BHO: BHObj Class - {8F4E5661-F99E-4B3E-8D85-0EA71C0748E4} - C:\WINDOWS2\wsem303.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS2\System32\msdxm.ocx
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [mdc] C:\sdkhj.exe
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [gimmysmileys] C:\\gimmysmileys1.exe
O4 - HKLM\..\Run: [keyboard] C:\\keyboard1.exe
O4 - HKLM\..\Run: [BrowserUpdateSched] C:\WINDOWS2\system32\twinmrag.exe CORN001
O4 - HKLM\..\Run: [Microsoft ® Windows Binary Runtime Service] C:\WINDOWS2\System32\qjhyuadn.exe
O4 - HKLM\..\Run: [Ngvstl] C:\Program Files\Pjwfkq\Olgno.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKCU\..\Run: [wium] C:\PROGRA~1\COMMON~1\wium\wiumm.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [EQAdvice] "C:\Program Files\EQAdvice\EQAdvice.exe"
O4 - Startup: Z_Start.lnk = C:\WINDOWS2\system32\dwdsregt.exe
O4 - Startup: Zeno.lnk = C:\WINDOWS2\system32\twinmrag.exe
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS2\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS2\web\related.htm
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540013} (CInstall Class) - http://adserver.shar...ver/Install.cab
O16 - DPF: {9AC54695-69A4-46F1-BE10-10C74F9520D5} (elitectl.DemoCtl) - http://cabs.elitemed...s/mediaview.cab
O18 - Filter: text/html - {994D478A-45D0-4DB4-AE77-288B1E346E99} - C:\Program Files\FCAdvice\FCAdvice.dll
O20 - AppInit_DLLs: Runner.dll
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS2\system32\LEXBCES.EXE
O23 - Service: Windows Overlay Components - Unknown owner - C:\WINDOWS2\cjlihkb.exe (file missing)

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 1:18:16 AM, 3/20/2006
+ Report-Checksum: 6C45B52F

+ Scan result:

C:\WINDOWS2\system32\vxgamet1.exe -> Downloader.Small.ckn : Cleaned with backup
C:\WINDOWS2\system32\vxgamet2.exe -> Downloader.Small.skn : Cleaned with backup
C:\WINDOWS2\system32\vxgame3.exe -> Downloader.CWS.s : Cleaned with backup
C:\WINDOWS2\system32\maxd64.exe -> Trojan.Dialer.ay : Cleaned with backup
C:\Documents and Settings\Tomas\Local Settings\Temp\maxdd.game -> Trojan.Dialer.ay : Cleaned with backup
C:\Documents and Settings\Tomas\Local Settings\Temporary Internet Files\Content.IE5\3TR7D0N8\zgame3[1].exe -> Downloader.CWS.s : Cleaned with backup
C:\Documents and Settings\Tomas\Cookies\tomas@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup
C:\Documents and Settings\Tomas\Cookies\tomas@pro-market[1].txt -> TrackingCookie.Pro-market : Cleaned with backup
C:\Documents and Settings\Tomas\Cookies\[email protected][2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup


::Report End

Edited by Rmendez, 20 March 2006 - 01:29 AM.

  • 0

#4
lovethepirk
Posted 20 March 2006 - 01:06 PM

lovethepirk

    Visiting Staff

  • Member
  • PipPipPip
  • 528 posts
You were/are pretty infected :tazz: This post should get you just about clean. Take your time and I will talk to you later.

Go to add/remove programs in your control panel and uninstall(if there):

FCAdvice
EQAdvice


You need to save this response as a notepade or word document on your desktop for use later when we go into safe mode(no internet access).
You can also print out this response for easy use as well :)

Please download ATF Cleaner by Atribune.
This program is for XP and Windows 2000 onlyDouble-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.
If you use Firefox browserClick Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browserClick Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.
For Technical Support, double-click the e-mail address located at the bottom of each menu.

Scan with HijackThis again and place a check next to these items:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.fin...siteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchbar.fin...siteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.fin...siteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.findthewebsiteyouneed.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.fin...siteyouneed.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.fin...siteyouneed.com
R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - (no file)
O2 - BHO: BHObj Class - {8F4E5661-F99E-4B3E-8D85-0EA71C0748E4} - C:\WINDOWS2\wsem303.dll (file missing)
O4 - HKLM\..\Run: [mdc] C:\sdkhj.exe
O4 - HKLM\..\Run: [BrowserUpdateSched] C:\WINDOWS2\system32\twinmrag.exe CORN001
O4 - HKLM\..\Run: [Microsoft ® Windows Binary Runtime Service] C:\WINDOWS2\System32\qjhyuadn.exe
O4 - HKLM\..\Run: [Ngvstl] C:\Program Files\Pjwfkq\Olgno.exe
O4 - HKCU\..\Run: [wium] C:\PROGRA~1\COMMON~1\wium\wiumm.exe
O4 - HKCU\..\Run: [EQAdvice] "C:\Program Files\EQAdvice\EQAdvice.exe"
O4 - Startup: Z_Start.lnk = C:\WINDOWS2\system32\dwdsregt.exe
O4 - Startup: Zeno.lnk = C:\WINDOWS2\system32\twinmrag.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS2\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS2\web\related.htm
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540013} (CInstall Class) - http://adserver.shar...ver/Install.cab
O16 - DPF: {9AC54695-69A4-46F1-BE10-10C74F9520D5} (elitectl.DemoCtl) - http://cabs.elitemed...s/mediaview.cab
O18 - Filter: text/html - {994D478A-45D0-4DB4-AE77-288B1E346E99} - C:\Program Files\FCAdvice\FCAdvice.dll
O20 - AppInit_DLLs: Runner.dll
O23 - Service: Windows Overlay Components - Unknown owner - C:\WINDOWS2\cjlihkb.exe (file missing)

Close all other windows except HijackThis, and hit Fix Checked

1) Please download the Killbox.
Unzip it to the desktop and run it.

2) Select "Delete on Reboot".
3) Then Click the "All Files" button.

4) Copy the file names below to the clipboard by highlighting everything inside the quote box and then pressing Control-C:

C:\sdkhj.exe
C:\WINDOWS2\system32\twinmrag.exe
C:\WINDOWS2\System32\qjhyuadn.exe
C:\Program Files\Pjwfkq
C:\PROGRA~1\COMMON~1\wium
C:\Program Files\EQAdvice
C:\WINDOWS2\system32\dwdsregt.exe
C:\WINDOWS2\system32\twinmrag.exe
C:\Program Files\FCAdvice
C:\WINDOWS\System32\Runner.dll


5) Return to Killbox, go to the File menu, and choose "Paste from Clipboard".

6) Click the red-and-white "Delete File" button. Click "Yes" at the Delete on Reboot prompt. Click "Yes" to reboot next.

After the reboot go through these steps immediately :)

Download BFU from http://www.merijn.org/files/bfu.zip and unzip it on your desktop. Double-click on BFU.exe.

click the Posted Image icon, and paste this line in the field that appears:

http://metallica.geekstogo.com/alcanshorty.bfu


Click "OK", then "Execute".

click "OK" on the copyright notice, then again when the script ends.

Close BFU. Reboot when done.

If you have any questions about the use of BFU please read here:
http://metallica.gee...structions.html

Post another HJT log for me and let me know how things are.

Regards,

LTP
  • 0

#5
lovethepirk
Posted 01 April 2006 - 03:10 PM

lovethepirk

    Visiting Staff

  • Member
  • PipPipPip
  • 528 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP