I believe I have put together a reg file that will fix the firewall issue, and hopefully the Windows Update and security app problem too. I would...
Email recieved. File infected with Win32.Mytob.CU worm. http://www3.ca.com/securityadvisor/virusinfo/virus.aspx?id=43006
Neither of those files appears to be infected, but I have no idea why they would be on your system, or located where they were. If no problems...
Try Panda ActiveScan. If it won't run either, just post a new HJT log.
Sorry for the delay. Download the stand-alone CWShredder 2.14 from here. Save it to the desktop. Fix the following with HijackThis, all...
I'll try to get your log analysed shortly and work up a response. For now, leave these alone. They are valid processes!...
That looks great! Looks like RegSeeker did a good job too! :) I recommend you delete the following files, then empty the recycle bin. File...
The security suite folder is Ewido. C:\Documents and Settings\Owner\Desktop\security suite\ewidoctrl.exe Should probably have been installed to...
Please download the delfiles.zip attached to this post. Save it to your desktop. If it saves as attachment.php, right click and rename to...
Hi Jae, Actually only two files there that need to go. C:\WINDOWS\SYSTEM32\msclock32.dll C:\WINDOWS\SYSTEM32\msplock32.dll There's one...
Just realized I forgot something very important. You should clear out the System Restore points. Certainly don't want to take a chance on needing...
Great! Highlight and copy the first command below. Click start>run and right click>paste, then hit enter. Regardless of the message you get,...
This file makes quite a few changes in the registry and drops a couple of other random named dlls in System32 folder as well. As soon as I get...
I already have your export NBAS1, which is where I found your filename. My last post was directed at TyIndel. ;) To see the contents of a reg...
TyIndel, If you could navigate to the following key and export it, then post the contents, we might see the file that has infected your system...
Welcome to WindowsBBS TyIndel :) Thanks for your input. I'll check out your link soon. ;) NBSA1, File recieved. That's one nasty...
Your log is clean. :) Would you please right click the GetLogXP.bat and choose edit. Maximize the window and replace the next to last line...
That's great, Paul! :D Other than what I've already had you install, I recommend using Spybot along with Ad-aware. Allow it to load SD Helper...
Thanks. :) I meant to do a file search for C:\WINDOWS\System32\pentstrm.exe, using XP's search, not with the RegSrch tool.
Your log is clean. :) You can replace the filepath in those command lines to get rid of these, or locate and delete them though Windows...
Separate names with a comma.
