Hi Shay
Welcome to geekstogo
Please read through the instructions before you start (you may want to print this out).Please download and install these programs - don't run them yet!!
Please download and unzip
About:Buster to a folder. Inside the folder is a readme file that has instructions on the use of the program.
AboutBuster MUST be updated before you use it.
Start AboutBuster, click the update button, check for update, drag the box to the side and hit download updates, close the box . Don't run it yet.
Please download and install
AD-Aware.Check Here on how setup and use it - please make sure you update it first.
Download and unzip cwsserviceremove to your desktop. use either link below:
cwsserviceremovecwsserviceremove.zipDownload CW-Shredder at the link below:
CWShredder Open Windows Explorer & Go to Tools > Folder Options. Click on the View tab and make sure that "Show hidden files and folders" is checked.
Also uncheck "Hide protected operating system files" and untick "hide extensions for known file types" . Now click "Apply to all folders"
Click "Apply" then "OK"
For anyone using Windows XP, 'Search' will not automatically show hidden files even if your folder options settings are set to do that. Do this so you can see hidden files and folders - Click here to download
xphidden.zip. Extract xphidden.reg from the zip file and save it to the desktop. When done, double-click the xphidden.reg and when asked to merge say yes.
+++++++++++++++++++++++++++++++++++++++++++++++++
Here's the fix:
Important Step
1. Go to Start->Run and type "Services.msc" (without quotes) then hit Ok
Scroll down and find the service called:No items to delete move on to next step When you find it, double-click on it. In the next window that opens, click the Stop button, then click on properties and under the General Tab, change the Startup Type to Disabled. Now hit Apply and then Ok and close any open windows. If you don´t find this service listed go ahead with the next steps.2. Reboot into Safe Mode:
Click here if you don't know how to do this.
3. Press Ctrl+Alt+Delete once -> Click Task Manager -> Click the Processes tab -> Double-click the Image Name column header to alphabetically sort the processes -> Scroll through the list and look for:
C:\WINDOWS\System32\kkgd.dll
C:\DOCUME~1\Trina\LOCALS~1\Temp\se.dll,DllInstall
C:\Program Files\FreeScanner.exe -FastScan
C:\WINDOWS\web\related.htmIf you find the files, click on them, and then click End Process -> Exit the Task Manager.
4.
CLOSE ALL WINDOWS AND BROWSERS Scan with HijackThis and put checks next to all the following,
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
O2 - BHO: (no name) - {387E1277-C542-4ABA-9C88-CD063713251E} - C:\WINDOWS\System32\kkgd.dll (file missing)
O4 - HKLM\..\Run: [sp] rundll32 C:\DOCUME~1\Trina\LOCALS~1\Temp\se.dll,DllInstall
O4 - HKCU\..\Run: [Spyware Vanisher] C:\Program Files\FreeScanner.exe -FastScan
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {7C559105-9ECF-42B8-B3F7-832E75EDD959} (Installer Class) - http://www.xxxtoolba.../0006_adult.cabClick on Fix Checked when finished and exit HijackThis.
Then click on "Fix Checked"
5. Using Windows Explorer
delete the following files if present:If you get an error when deleting a file. Right click on the file and check to see if the read only attribute is checked. if it is uncheck it and try again.
C:\WINDOWS\System32\kkgd.dll
C:\DOCUME~1\Trina\LOCALS~1\Temp\se.dll,DllInstall
C:\Program Files\FreeScanner.exe -FastScan
C:\WINDOWS\web\related.htm(and any other files with the same name that end in .dll, .exe or .dat, you may find them right next to each other,
example - appsw.exe, appsw.dll, appsw.dat)
6. Run AboutBuster . This will scan your computer for the bad files and delete them. Save the report (copy and paste into notepad or wordpad and save as a .txt file) and post a copy back here when you are done with all the steps.
7. Scan with AdAware and let it remove any bad files found.
8. Clean out temporary and TIF files. Go to Start > Run and type in the box: cleanmgr. Let it scan your system for files to remove. Make sure these 3 are checked and then press *ok* to remove:
Download the ccleanerI use this Program and is setup like this all boxs are check.
Clean out all temp files in Mozilla, Internet Explorer.
Internet Explorer: Tools/ Internet Options/ General/ Temporary internet files/ Delete Files
(NOTE, that this may take very long!). You can also set the memory limit to about 80 MB at the Settings.
Mozilla: Edit/ Options/ Extended/ Cache/ Clear Cache
9. Double click on the cwsserviceremove and when asked to merge say yes.
10. Run CW-Shredder - Hit the FIX button - let it run and fix what it finds.
11. Reboot into normal mode.
12. Download the Hoster from here
Press "Restore Original Hosts. and press "OK". Exit Program.
Please run the following free, online virus scans.http://www.pandasoft...n_principal.htmhttp://housecall.tre.../start_corp.aspPlease post the logs From both virus scans and HJT.log we will need them to remove previous infections that have left files on your system.We can definitely help you, but first you need to help us. The first step in this process is to apply Service Pack 1a for Windows XP. Without this update, you're wide open to re-infection, and we're both just wasting our time.
Click here:
http://www.microsoft...p1/default.mspxApply the update, reboot, and post a fresh Hijack This log.
Kc
This topic is locked
Can anyone please help me?
Sign In
Create Account
