Thank you again for all your help, it is very much appreciated.
Spyware/Trojans and I still have more[RESOLVED]
Started by
DurangoDAWG
, Nov 12 2005 11:59 AM
-
This topic is locked
#31
Posted 14 November 2005 - 11:49 PM
DurangoDAWG
- Topic Starter
-
- Member
-
- 22 posts
Member
Thank you again for all your help, it is very much appreciated.
#32
Posted 16 November 2005 - 12:36 AM
DurangoDAWG
- Topic Starter
-
- Member
-
- 22 posts
Member
Everything is working great. Any final instructions? I know I still have to hide system system files, turn on restore (set restore point), and what about those ghost entries in the registry?
Thanks again for all your help. Any place to donate (so you can have a beer on me)?
Thanks again for all your help. Any place to donate (so you can have a beer on me)?
#33
Posted 16 November 2005 - 03:10 PM
jwbirdsong
-
- Retired Staff
-
- 668 posts
Trusted Helper
First, let's reset your hidden/system files and folders. System files are hidden for a reason and we don't want to have them openly available and susceptible to accidental deletion.
* Click Start.
* Open My Computer.
* Select the Tools menu and click Folder Options.
* Select the View tab.
* Under the Hidden files and folders heading UNSELECT Show hidden files and folders.
* CHECK the Hide protected operating system files (recommended) option.
* Click Yes to confirm.
* Click OK.
Next, let's clean your restore points and set a new one:
Reset and Re-enable your System Restore to remove infected files that have been backed up by Windows. The files in System Restore are protected to prevent any programs from changing those files. This is the only way to clean these files: (You will lose all previous restore points which are likely to be infected)1. Turn off System Restore.On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Check Turn off System Restore.
Click Apply, and then click OK.
2. Restart your computer.
3. Turn ON System Restore.On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
UN-Check Turn off System Restore.
Click Apply, and then click OK.
[/list]System Restore will now be active again.
Make SURE to read How Did I Get Infected in the First Place??
And yes the ghost entries did slip my mind I'll; post removal after work.
You can donate to the site at THIS LINK
* Click Start.
* Open My Computer.
* Select the Tools menu and click Folder Options.
* Select the View tab.
* Under the Hidden files and folders heading UNSELECT Show hidden files and folders.
* CHECK the Hide protected operating system files (recommended) option.
* Click Yes to confirm.
* Click OK.
Next, let's clean your restore points and set a new one:
Reset and Re-enable your System Restore to remove infected files that have been backed up by Windows. The files in System Restore are protected to prevent any programs from changing those files. This is the only way to clean these files: (You will lose all previous restore points which are likely to be infected)1. Turn off System Restore.On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Check Turn off System Restore.
Click Apply, and then click OK.
2. Restart your computer.
3. Turn ON System Restore.On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
UN-Check Turn off System Restore.
Click Apply, and then click OK.
[/list]System Restore will now be active again.
Make SURE to read How Did I Get Infected in the First Place??
And yes the ghost entries did slip my mind I'll; post removal after work.
You can donate to the site at THIS LINK
#34
Posted 17 November 2005 - 12:51 AM
jwbirdsong
-
- Retired Staff
-
- 668 posts
Trusted Helper
Copy the text in the quote box below to Notepad. Click File>Save as>name=myfix.reg Save as=All File (NOT TEXT) and save it to your desktop....just double click on the myfix.reg file>You will be asked "Are you sure you want the information to the registry. Answer YES...You should get a confermation dialog that says Info was sucessfuly added to the registry.
REGEDIT4
[-HKEY_LOCAL_MACHINE\SOFTWARE\Novo]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{260240CF-5AD9-4A62-A0CB-A0963F852894}]
@="KazaaMan Class"
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{260240CF-5AD9-4A62-A0CB-A0963F852894}\ProgID]
@="KazaaConnect.KazaaMan.1"
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{260240CF-5AD9-4A62-A0CB-A0963F852894}\VersionIndependentProgID]
@="KazaaConnect.KazaaMan"
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{55A3781E-5251-4894-AA7D-DF389C5795A9}]
@="IKazaaMan"
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\KazaaConnect.KazaaMan]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\KazaaConnect.KazaaMan.1]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{BFD09628-386E-42E6-9EFF-D0FDC15BB36C}\1.0]
@="KazaaConnect 1.0 Type Library"
[-HKEY_LOCAL_MACHINE\SOFTWARE\KOptimizer]
"UninstallContentPath"="C:\\Program Files\\Kazaa\\Content"
[-HKEY_USERS\S-1-5-21-3675345140-2382750585-1605616401-1003\Software\Microsoft\Search Assistant\ACMru\5603]
"000"="kazaa"
[-HKEY_USERS\S-1-5-21-3675345140-2382750585-1605616401-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Kazaa Media Desktop]
#35
Posted 22 November 2005 - 04:36 PM
jwbirdsong
-
- Retired Staff
-
- 668 posts
Trusted Helper
Since this issue appears resolved this Topic will be closed. We we're happy we could help.
If you're the topic starter, and need this reopened, please contact a staff member with the address of the thread.
Anyone else please begin a New Topic
If you're the topic starter, and need this reopened, please contact a staff member with the address of the thread.
Anyone else please begin a New Topic
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
