Exploit.ADODB.AN

Status
Not open for further replies.
emlynt2000

emlynt2000

Posts: 6   +0
Ive keep getting this message come up when i run bitDefender scan.It shows i have an application MICR.F I will attach the logs from bitdefender and also hijack this .So if anyone can help id be very grateful.As the title states this seems to be cause Exploit.ADODB.AN
 
Your system has some nasty infections.

Go and read the Trojan Pakes and other nasties preliminary removal instructions. Follow all the instructions exactly.

Post fresh HJT and AVG Antispyware logs as attachments into this thread, only after doing the above.

Make sure you rename HijackThis.exe to HijackThis1991.exe


Regards Howard :)


This thread is for the use of emlynt2000 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Sorry to bother you again howard but in your instruction * Boot into safe mode, under your normal user name(NOT THE ADMINISTRATOR ACCOUNT).* I am the only user on my computer thus the administrator and you tell us to boot under your normal user name what should i do still boot under the administrator or not.Cheers Emlyn

Ops i forgot when i try to download and run TOOL 2 VIRTUMUNDOBEGONE i get this message *NSIS ERROR* **The installer you are trying to use is corrupted or incomplete .This could be the result of a damaged disk, a failed download or a virus **Ive tried two different sites to download and still the same message
 
First, when you boot into safe mode, you`re given the option of booting under your normal user account name or the administrator. You should boot under your normal account name, otherwise some of the tools may not work.

Try downloading the Virtumundobegone tool again, if you still have problems, skip it and move on to the rest of the instructions.


Regards Howard :)

This thread is for the use of emlynt2000 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Virus FREE

As instructed i followed the guide on virus removal and it seems I'm virus free......Many thanks for the learning experience.Just to be on the safe side i wounder if you could have a look at the log to see if a problem is waiting to happen.Once again thanks howard+-
 
You might want to copy and paste these instructions into a notepad file. Then you can have the file open in safe mode, so you can follow the instructions easier.

Turn off system restore.(XP/ME only) See how here.> http://www.bleepingcomputer.com/forums/tutorial56.html

Boot into safe mode, under your normal user name(NOT THE ADMINISTRATOR ACCOUNT). See how here.> http://www.bleepingcomputer.com/forums/tutorial61.html

In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how here.> http://www.bleepingcomputer.com/forums/tutorial62.html

Go to add remove programmes in your control panel and uninstall anything to do with(if there).

Poker.com

Close control panel.

Open your task manager, by holding down the ctrl and alt keys and pressing the delete key.

Click on the processes tab and end process for(if there).

Poker.exe

Close task manager.

Run HJT with no other programmes open(except notepad). Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).

O9 - Extra button: Poker.com - {6FDD5236-C9F0-49ef-935D-385F5E21991A} - C:\Program Files\Poker.com\Poker.exe (HKCU)

Fix all 018-Protocol entries, except for the 2 MSNMES~1 entries.

Click on the fix checked button.

Close HJT.

Locate and delete the following bold files and/or directories(if there).

C:\Program Files\Poker.com Delete the entire folder.

Reboot into normal mode, turn system restore back on and rehide your protected OS files.

Post a fresh HJT log as well as an AVG Antispyware log.

Regards Howard :)

This thread is for the use of emlynt2000 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Poker and 018 protocol removal

As instructed i have removed poker.com and the 018 protocol entries except them 2 msn.Didnt find any reference to poker.com in add remove but removed it from Program files.Does this mean I'm unable to use this app again(dont want to click on shortcut for poker.com in case i have to go though this all again.
As instructed logs attached.
Once again many thanks Howard
 
Your HJT log is clean.

You shouldn`t use Poker.com as it puts adware on your computer. Just delete the Poker.com shortcut.

If you have any further virus/spyware problems, please post in this therad.

Regards Howard :)

This thread is for the use of emlynt2000 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Thanks Howard hopefully i have learnt my lesson but its a great comfort to know you and your team are here THIS IS A TOP SITE
 
Status
Not open for further replies.

Similar threads

Daniel Sims
Bitdefender defeats Mortal Kombat ransomware with free decryptor
Replies
1
Views
471
Tetr1s
Tetr1s
M
Virus warning popup
Replies
1
Views
531
Mark Fuller
M
R
Solved Norton blocked attack by: System Infected: Miner.Bitcoinminer Activity #
2
Replies
32
Views
3K
Broni
Broni

Latest posts

Back