spy sheriff deleted wininet.dll [CLOSED]
Started by
el bastardos
, Jul 23 2005 07:23 AM
#16
Posted 24 July 2005 - 04:25 PM
#17
Posted 24 July 2005 - 04:28 PM
Now to see if that copy is infected. For that reason, I need you to submit it to Jotti's for analysis.
1. Click HERE to get to Jotti's site.
2. At the top of the Jotti window, use the Browse button to locate the following file on your system:
F:\Windows\System32\wininet.dll
3. Once you have located the file, click SUBMIT and the content of the file will be uploaded by the site and analysed.
4. Please provide me with the results of the analysis.
Regards,
Trevuren
1. Click HERE to get to Jotti's site.
2. At the top of the Jotti window, use the Browse button to locate the following file on your system:
F:\Windows\System32\wininet.dll
3. Once you have located the file, click SUBMIT and the content of the file will be uploaded by the site and analysed.
4. Please provide me with the results of the analysis.
Regards,
Trevuren
#18
Posted 24 July 2005 - 04:30 PM
done. explorer still not working
#19
Posted 24 July 2005 - 04:31 PM
thanks for your help i really apreciate it.
#20
Posted 24 July 2005 - 04:36 PM
Service load:
0% 100%
File: wininet.dll
Status:
OK
MD5 642cfef8525339fb83f2a1909898eaab
Packers detected:
-
Scanner results
AntiVir
Found nothing
ArcaVir
Found nothing
Avast
Found nothing
AVG Antivirus
Found nothing
BitDefender
Found nothing
ClamAV
Found nothing
Dr.Web
Found nothing
F-Prot Antivirus
Found nothing
Fortinet
Found nothing
Kaspersky Anti-Virus
Found nothing
NOD32
Found nothing
Norman Virus Control
Found nothing
UNA
Found nothing
VBA32
Found nothing
0% 100%
File: wininet.dll
Status:
OK
MD5 642cfef8525339fb83f2a1909898eaab
Packers detected:
-
Scanner results
AntiVir
Found nothing
ArcaVir
Found nothing
Avast
Found nothing
AVG Antivirus
Found nothing
BitDefender
Found nothing
ClamAV
Found nothing
Dr.Web
Found nothing
F-Prot Antivirus
Found nothing
Fortinet
Found nothing
Kaspersky Anti-Virus
Found nothing
NOD32
Found nothing
Norman Virus Control
Found nothing
UNA
Found nothing
VBA32
Found nothing
#21
Posted 24 July 2005 - 04:41 PM
1. Did you remember to REBOOT your system before trying Internet Explorer?
2. What browser are you currently using?
Trevuren
2. What browser are you currently using?
Trevuren
#22
Posted 24 July 2005 - 04:43 PM
yes i did reboot it. i ama currently using mozilla fire fox.
#24
Posted 24 July 2005 - 06:06 PM
i have followed the instructions but it states that internet explorer has been detected so it can't continue
#25
Posted 24 July 2005 - 06:27 PM
Well when we are finished cleaning your system, I recommend you consult with our Windows software Forum to resolve this issue. My specialty is Malware.
I will be back with directions for cleaning your system shortly.
Trevuren
I will be back with directions for cleaning your system shortly.
Trevuren
#26
Posted 24 July 2005 - 06:34 PM
Download smitRem.zip and save the file to your desktop.
Right click on the file and extract it to it's own folder on the desktop.
Place a shortcut to Panda ActiveScan on your desktop.
Please download the trial version of Ewido Security Suite here:
http://www.ewido.net/en/download/
Please read Ewido Setup Instructions
Install it, and update the definitions to the newest files. Do NOT run a scan yet.
If you have not already installed Ad-Aware SE 1.06, follow these download and setup instructions, otherwise, check for updates:
Ad-Aware SE Setup
Don't run it yet!
Next, please reboot your computer in SafeMode by doing the following:
O4 - HKLM\..\Run: [PSGuard spyware remover] F:\Program Files\PSGuard\PSGuard.exe
O16 - DPF: {FF3F0F03-0F01-131A-A3F9-08F02B23E0CC} - http://66.117.37.13/dba1865.exe
Using Windows Explorer, please locate and DELETE the following files/folders (with all their content), if they are still present:
F:\Program Files\PSGuard
Open the smitRem folder, then double click the RunThis.bat file to start the tool. Follow the prompts on screen.
Wait for the tool to complete and disk cleanup to finish.
The tool will create a log named smitfiles.txt in the root of your drive, eg; Local Disk C: or partition where your operating system is installed. Please post that log along with all others requested in your next reply.
Open Ad-aware and do a full scan. Remove all it finds.
Run Ewido:
Next go to Control Panel click Display > Desktop > Customize Desktop > Web > Uncheck "Security Info" if present.
Reboot back into Windows and click the Panda ActiveScan shortcut, then do a full system scan. Make sure the autoclean box is checked!
Save the scan log and post it along with a new HijackThis Log, the contents of the smitfiles.txt log and the Ewido Log by using Add Reply.
Let me know if any problems persist.
Regards,
Trevuren
Right click on the file and extract it to it's own folder on the desktop.
Place a shortcut to Panda ActiveScan on your desktop.
Please download the trial version of Ewido Security Suite here:
http://www.ewido.net/en/download/
Please read Ewido Setup Instructions
Install it, and update the definitions to the newest files. Do NOT run a scan yet.
If you have not already installed Ad-Aware SE 1.06, follow these download and setup instructions, otherwise, check for updates:
Ad-Aware SE Setup
Don't run it yet!
Next, please reboot your computer in SafeMode by doing the following:
- Restart your computer
- After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
- Instead of Windows loading as normal, a menu should appear
- Select the first option, to run Windows in Safe Mode.
O4 - HKLM\..\Run: [PSGuard spyware remover] F:\Program Files\PSGuard\PSGuard.exe
O16 - DPF: {FF3F0F03-0F01-131A-A3F9-08F02B23E0CC} - http://66.117.37.13/dba1865.exe
Using Windows Explorer, please locate and DELETE the following files/folders (with all their content), if they are still present:
F:\Program Files\PSGuard
Open the smitRem folder, then double click the RunThis.bat file to start the tool. Follow the prompts on screen.
Wait for the tool to complete and disk cleanup to finish.
The tool will create a log named smitfiles.txt in the root of your drive, eg; Local Disk C: or partition where your operating system is installed. Please post that log along with all others requested in your next reply.
Open Ad-aware and do a full scan. Remove all it finds.
Run Ewido:
- Click on scanner
- Click on Complete System Scan and the scan will begin.
- NOTE: During some scans with ewido it is finding cases of false positives.
- You will need to step through the process of cleaning files one-by-one.
- If ewido detects a file you KNOW to be legitimate, select none as the action.
- DO NOT select "Perform action on all infections"
- If you are unsure of any entry found select none for now.
- When the scan is finished, click the Save report button at the bottom of the screen.
- Save the report to your desktop
Next go to Control Panel click Display > Desktop > Customize Desktop > Web > Uncheck "Security Info" if present.
Reboot back into Windows and click the Panda ActiveScan shortcut, then do a full system scan. Make sure the autoclean box is checked!
Save the scan log and post it along with a new HijackThis Log, the contents of the smitfiles.txt log and the Ewido Log by using Add Reply.
Let me know if any problems persist.
Regards,
Trevuren
#27
Posted 09 August 2005 - 09:19 PM
Due to lack of feedback, this topic has been closed.
If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users