priyankdes
asked on
Any cure 4 my infected computer??
Hey experts,
Till recently my machine was wrking w/o much problem but now i think its exposed to threats from the net....coz now ther's an icon popping up in the taskbar everytime, saying 'Virus Alert!' and displays a msg...
'Your computer is infected!
Critical System Error! System detected virus activities. They may cause critical system failure. Please, use anti-malware software to clean and protect your system from parasite programs. Click here to get all available software.'
I dont have any spyware guards in my machine coz i dont know which are the gud spyware guards these days...so i clicked n put it 2 download 1 of the spyware guards displayed in the site (when i clicked th displayed msg box) calld 'Spyquake'...but i ddnt instal it coz a person told me that ths is a certain spyware.
Now when i go online everytime it shuts down my web browser n reset the homepage, in the background it downloads that spyquake software n instals by itself n scans the system n show that threats in the system hav ben found.....
I have norton system works 2005 installed n updated....but it ddnt detect any sort of threat...
So pls help to get my machine back to normal....also pls suggest any GOOD free software i can download to have protect against these latest spyware, trojans etc....
thanx.....
Priyankdes
Till recently my machine was wrking w/o much problem but now i think its exposed to threats from the net....coz now ther's an icon popping up in the taskbar everytime, saying 'Virus Alert!' and displays a msg...
'Your computer is infected!
Critical System Error! System detected virus activities. They may cause critical system failure. Please, use anti-malware software to clean and protect your system from parasite programs. Click here to get all available software.'
I dont have any spyware guards in my machine coz i dont know which are the gud spyware guards these days...so i clicked n put it 2 download 1 of the spyware guards displayed in the site (when i clicked th displayed msg box) calld 'Spyquake'...but i ddnt instal it coz a person told me that ths is a certain spyware.
Now when i go online everytime it shuts down my web browser n reset the homepage, in the background it downloads that spyquake software n instals by itself n scans the system n show that threats in the system hav ben found.....
I have norton system works 2005 installed n updated....but it ddnt detect any sort of threat...
So pls help to get my machine back to normal....also pls suggest any GOOD free software i can download to have protect against these latest spyware, trojans etc....
thanx.....
Priyankdes
ASKER CERTIFIED SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
Also I forgot to mention download Windows Defender from the Microsoft Website and perform the newest Windows Updates on your Machine.
=)
=)
SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
ASKER
Hey
I tried Ewido (anti-malware) as suggested by SheharyaarSaahil n i think there's a definite improvement n the that icon which appeared on the taskbar has disappeared, also the browser wont shut down n that spyquake software is not getting downloaded....i got ths log file from the program 'Hijackthis' as you guys requested.....
http://www.hijackthis.de/logfiles/6906e6c2f60d4708e67283e392605a2c.html
priyankdes
I tried Ewido (anti-malware) as suggested by SheharyaarSaahil n i think there's a definite improvement n the that icon which appeared on the taskbar has disappeared, also the browser wont shut down n that spyquake software is not getting downloaded....i got ths log file from the program 'Hijackthis' as you guys requested.....
http://www.hijackthis.de/logfiles/6906e6c2f60d4708e67283e392605a2c.html
priyankdes
ASKER
Hey
I tried Ewido (anti-malware) as suggested by SheharyaarSaahil n i think there's a definite improvement n the that icon which appeared on the taskbar has disappeared, also the browser wont shut down n that spyquake software is not getting downloaded....i got ths log file from the program 'Hijackthis' as you guys requested.....
http://www.hijackthis.de/logfiles/6906e6c2f60d4708e67283e392605a2c.html
priyankdes
I tried Ewido (anti-malware) as suggested by SheharyaarSaahil n i think there's a definite improvement n the that icon which appeared on the taskbar has disappeared, also the browser wont shut down n that spyquake software is not getting downloaded....i got ths log file from the program 'Hijackthis' as you guys requested.....
http://www.hijackthis.de/logfiles/6906e6c2f60d4708e67283e392605a2c.html
priyankdes
SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
Remove the following entries from Hijackthis:
O16 - DPF: {74CD40EA-EF77-4BAD-808A-B 5982DA73F2 0} - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1123
O16 - DPF: {D7BF3304-138B-4DD5-86EE-4 91BB6A2286 C} - http://www.azebar.com/install/azesearch.cab
O20 - Winlogon Notify: winhyo32 - winhyo32.dll (file missing)
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
Reboot and run Hijackthis again. Post that log and we can verify that all the nasty programs are completly gone.
O16 - DPF: {74CD40EA-EF77-4BAD-808A-B
O16 - DPF: {D7BF3304-138B-4DD5-86EE-4
O20 - Winlogon Notify: winhyo32 - winhyo32.dll (file missing)
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
Reboot and run Hijackthis again. Post that log and we can verify that all the nasty programs are completly gone.
going fine.... :)
SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
One notice to the Experts. Don't instruct the asker(s) to download the
software from a third party web pages. If you do so, those files can
very easily be patched and changed from the original one, so it can
also contain malicious code.
In this case, the origin of the HijackThis is the "merijn.org"
http://www.merijn.org/files/hijackthis.zip
software from a third party web pages. If you do so, those files can
very easily be patched and changed from the original one, so it can
also contain malicious code.
In this case, the origin of the HijackThis is the "merijn.org"
http://www.merijn.org/files/hijackthis.zip
ASKER
Hey guys
nepostojeci_email here's the link after following ur instructions....but the msn messenger n the gmail notifier disappeared from the taskbar......do i need 2 reinstal them?
http://www.hijackthis.de/logfiles/0b14199b430ec04b43fd7966f0a9f48e.html
nepostojeci_email here's the link after following ur instructions....but the msn messenger n the gmail notifier disappeared from the taskbar......do i need 2 reinstal them?
http://www.hijackthis.de/logfiles/0b14199b430ec04b43fd7966f0a9f48e.html
Looks clean now, still having any issues?
You will need to reinstall msn messanger and gmail as he had you remove the startup entries for them.
You will need to reinstall msn messanger and gmail as he had you remove the startup entries for them.
You don't _have_ to reinstall anything. You could either recreate the following registry entries OR just add them to your startup folder. (In the case of MSN, I think you can just run the program and change its settings to start when Windows starts) Even though you no longer notice icons, the software is still very much on your computer.
These are the registry entries that you can try to recreate. (nepostojeci_email only made a recommendation to remove the items to have fewer things run at startup.) But here are the entries that you can add back in.
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec- b109a192b4 c2}] D:\Program Files\Google\Gmail Notifier\G001-1.0.25.0\gno tify.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\reals ched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCh eck.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Ad obe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office10\OSA.EXE
Let us know if you want help with that.... it's not the prettiest thing, but it can be done.
These are the registry entries that you can try to recreate. (nepostojeci_email only made a recommendation to remove the items to have fewer things run at startup.) But here are the entries that you can add back in.
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\reals
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCh
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Ad
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office10\OSA.EXE
Let us know if you want help with that.... it's not the prettiest thing, but it can be done.
you don't need to reinstall those software, just open MSN msngr, and go
to Tools -> Options -> General, and then select the checkbox:
"Automaticaly run Messenger when I log on to Windows"
For gmail notifier, it is enough to just start it, and it will recreate the
startup link itself. I've made such a recommendation because some
viruses create those entries acting as a well known programs. In
order to deal with that option, I suggested to remove those items too.
Anyway, if you want to turn back changes you have made to your system
you can do it also in HT, by clicking to the "View the list of backups" button
and then choose those items you want back.
to Tools -> Options -> General, and then select the checkbox:
"Automaticaly run Messenger when I log on to Windows"
For gmail notifier, it is enough to just start it, and it will recreate the
startup link itself. I've made such a recommendation because some
viruses create those entries acting as a well known programs. In
order to deal with that option, I suggested to remove those items too.
Anyway, if you want to turn back changes you have made to your system
you can do it also in HT, by clicking to the "View the list of backups" button
and then choose those items you want back.
ASKER
Hey guys....
so far everything had worked perfectly....now the system is running smoothly....
thanks guys for ur excellent work!!!!!!!!!
Priyankdes
so far everything had worked perfectly....now the system is running smoothly....
thanks guys for ur excellent work!!!!!!!!!
Priyankdes
What happened? No points at all?
Come on.. I object..
Is there any MOD here?
Come on.. I object..
Is there any MOD here?
ASKER
Oh i'm so sorry 'nepostojeci email', i actually wanted to split the points among the 5 of u who contributed the useful views on ths.....but i accidently have transfered all of them to SheharyaarSaahil.......I wanted to mention this as soon as it happpend but i couldnt at the time.........really i do want to share the points among the 5 of u.....pls tell me how to make an appeal for this.....i dont know whats the procedure is......
pls let me know ASAP......
again i'm sorry 4 the disappointment..........
Priyankdes
pls let me know ASAP......
again i'm sorry 4 the disappointment..........
Priyankdes
Here you go... this should cover that exact thing you're asking about.
https://www.experts-exchange.com/help.jsp#hi17
https://www.experts-exchange.com/help.jsp#hi17
Your question should get reopened, then you can go back and choose to split the points as you deem fit.
I thought that you gave the points to some other expert because
that solved your problem, but then I saw the point were given to
the post that was at the very begining of this thread, so I've kind
of overreacted..
sorry..
that solved your problem, but then I saw the point were given to
the post that was at the very begining of this thread, so I've kind
of overreacted..
sorry..
http://www.alaynah.net/shehar/clean_system.htm