"Virus Alert!" problem
- Thread starter Ruzumaki
- Start date
- Status
howard_hopkinso
Posts: 21,238 +17
howard_hopkinso
Posts: 21,238 +17
Please don`t keep posting in other threads.
Follow the instructions I have given, it`s not that difficult. Just take your time.
I do not help people via MSN or any other messenger service.
I have deleted your other post.
Regards Howard
Follow the instructions I have given, it`s not that difficult. Just take your time.
I do not help people via MSN or any other messenger service.
I have deleted your other post.
Regards Howard
https://www.techspot.com/vb/topic52166.html <---my problem same with this post. But i don't understand the step u show out >,< .
howard_hopkinso
Posts: 21,238 +17
Which bit of "I don`t help people via Msn", don`t you understand?
Go to the link I gave you above and follow the instructions EXACTLY
Then, post a fresh HJT log into this thread, only after doing the above.
Regards Howard
Go to the link I gave you above and follow the instructions EXACTLY
Then, post a fresh HJT log into this thread, only after doing the above.
Regards Howard
howard_hopkinso
Posts: 21,238 +17
If the file is too big, do the following.
Copy and paste half of the HJT log file into notepad and attach it, then copy and paste the rest of the log into another notepad file and attach that as well.
Regards Howard
Copy and paste half of the HJT log file into notepad and attach it, then copy and paste the rest of the log into another notepad file and attach that as well.
Regards Howard
howard_hopkinso
Posts: 21,238 +17
Boot into safe mode. See how HERE. http://www.bleepingcomputer.com/forums/tutorial61.html
Turn off system restore.(XP/ME only) See how HERE. http://www.bleepingcomputer.com/forums/tutorial56.html
In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how HERE. http://www.bleepingcomputer.com/forums/tutorial62.html
Open your task manager, by holding down the ctrl and alt keys and pressing the delete key.
Click on the processes tab and end process for(if there).
gdnUS2338.exe
77d4a602.exe
Close task manager.
Click start/run and type regsvr32 /u C:\WINDOWS\SYSTEM32\wingdm32.dll into the run box and press the enter key. Note the space between the 2 and the forward slash and again between the u and c.
Run HJT with no other programmes open. Have HJT fix the following, by placing a tick in the little box next to(if there).
O2 - BHO: (no name) - {686a161d-5bd1-4999-8832-6393f41e564c} - C:\WINDOWS\system32\hp107.tmp (file missing)
O4 - HKLM\..\Run: [77d4a602.exe] C:\WINDOWS\system32\77d4a602.exe
O4 - HKCU\..\Run: [77d4a602.exe] C:\Documents and Settings\Hieuy Mac\Local Settings\Application Data\77d4a602.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {3CB357E9-4F9C-7C14-A59C-05824F3A1827} - http://85.255.113.214/1/gdnUS2338.exe
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
O20 - Winlogon Notify: wingdm32 - C:\WINDOWS\SYSTEM32\wingdm32.dll
Click on the fix checked button.
Close HJT.
Locate and delete the following bold files and/or directories(if there).
C:\WINDOWS\SYSTEM32\wingdm32.dll
gdnUS2338.exe
C:\Documents and Settings\Hieuy Mac\Local Settings\Application Data\77d4a602.exe
C:\WINDOWS\system32\77d4a602.exe
C:\WINDOWS\system32\hp107.tmp
Reboot into normal mode and turn system restore back on.
Post a fresh HJT log.
Regards Howard
Turn off system restore.(XP/ME only) See how HERE. http://www.bleepingcomputer.com/forums/tutorial56.html
In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how HERE. http://www.bleepingcomputer.com/forums/tutorial62.html
Open your task manager, by holding down the ctrl and alt keys and pressing the delete key.
Click on the processes tab and end process for(if there).
gdnUS2338.exe
77d4a602.exe
Close task manager.
Click start/run and type regsvr32 /u C:\WINDOWS\SYSTEM32\wingdm32.dll into the run box and press the enter key. Note the space between the 2 and the forward slash and again between the u and c.
Run HJT with no other programmes open. Have HJT fix the following, by placing a tick in the little box next to(if there).
O2 - BHO: (no name) - {686a161d-5bd1-4999-8832-6393f41e564c} - C:\WINDOWS\system32\hp107.tmp (file missing)
O4 - HKLM\..\Run: [77d4a602.exe] C:\WINDOWS\system32\77d4a602.exe
O4 - HKCU\..\Run: [77d4a602.exe] C:\Documents and Settings\Hieuy Mac\Local Settings\Application Data\77d4a602.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {3CB357E9-4F9C-7C14-A59C-05824F3A1827} - http://85.255.113.214/1/gdnUS2338.exe
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
O20 - Winlogon Notify: wingdm32 - C:\WINDOWS\SYSTEM32\wingdm32.dll
Click on the fix checked button.
Close HJT.
Locate and delete the following bold files and/or directories(if there).
C:\WINDOWS\SYSTEM32\wingdm32.dll
gdnUS2338.exe
C:\Documents and Settings\Hieuy Mac\Local Settings\Application Data\77d4a602.exe
C:\WINDOWS\system32\77d4a602.exe
C:\WINDOWS\system32\hp107.tmp
Reboot into normal mode and turn system restore back on.
Post a fresh HJT log.
Regards Howard
howard_hopkinso
Posts: 21,238 +17
Your HJT log is clean.
Just have HJT fix any entries that say file missing, or no file.
Regards Howard
Just have HJT fix any entries that say file missing, or no file.
Regards Howard
howard_hopkinso
Posts: 21,238 +17
Can you give me the exact details of the alert you`re getting?
Regards Howard
Regards Howard
got sum more way to solve tis tricky problem? have been having a problem with this trojan (I assume) that has popped into my task bar. It is a a icon that switches between two images, a blue circle with a question mark inside, and a red circle with a slash inside (like a no smoking sign). On mousing over it, It'll say "Virus Alert!", and upon clicking it it says in bold "Your computer is infected!" followed by a 'solution', "Critical System Error! System detected virus activities...etc." I have ran McAfee, Spybot S&D, Adaware, and am still unable to get rid of it. After a while, two windows also pop up, labled "ULWindowUrl" and "ULWindowSeek." I think the two may be related but have too little knowledge of this stuff to be sure. Does anyone have a solution? It'll be greatly appreciated.
howard_hopkinso
Posts: 21,238 +17
Boot into safe mode. See how HERE. http://www.bleepingcomputer.com/forums/tutorial61.html
Turn off system restore.(XP/ME only) See how HERE. http://www.bleepingcomputer.com/forums/tutorial56.html
In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how HERE. http://www.bleepingcomputer.com/forums/tutorial62.html
Go to add remove programme in your control panel and uninstall anything to do with(if there).
Dap.
Close control panel.
Run HJT with no other programmes open. Have HJT fix the following, by placing a tick in the little box next to(if there).
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
Click on the fix checked button.
Close HJT.
Locate and delete the following bold files and/or directories(if there).
C:\Program Files\DAP
Reboot into normal mode and turn system restore back on.
Regards Howard
Turn off system restore.(XP/ME only) See how HERE. http://www.bleepingcomputer.com/forums/tutorial56.html
In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how HERE. http://www.bleepingcomputer.com/forums/tutorial62.html
Go to add remove programme in your control panel and uninstall anything to do with(if there).
Dap.
Close control panel.
Run HJT with no other programmes open. Have HJT fix the following, by placing a tick in the little box next to(if there).
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
Click on the fix checked button.
Close HJT.
Locate and delete the following bold files and/or directories(if there).
C:\Program Files\DAP
Reboot into normal mode and turn system restore back on.
Regards Howard
lolz? Dap and flashget not a virus wor... It will inflect the Virus Alert! problem ?
Anyway i tryin. I found something interesting about a file call regperf.exe. But i download a software to remove this file(actually it found in virus list). The next day i open window defender, the software explorer. I found again the regperf.exe in my list. After i disable and remove it, it gone until now.
Anyway i tryin. I found something interesting about a file call regperf.exe. But i download a software to remove this file(actually it found in virus list). The next day i open window defender, the software explorer. I found again the regperf.exe in my list. After i disable and remove it, it gone until now.
howard_hopkinso
Posts: 21,238 +17
Thank You SO MUCH!!! The problem SOLVED!!!!~ WEEEEEEEE~ Thank you for teach me so patient!! http://siri.urz.free.fr/Fix/SmitfraudFix_En.php help me alot.
Here with a fresh HJT!
But after i use the program smitfraudfix, i felt my computer got a bit lag. Did i need defragment and check disc?
Here with a fresh HJT!
But after i use the program smitfraudfix, i felt my computer got a bit lag. Did i need defragment and check disc?
howard_hopkinso
Posts: 21,238 +17
- Status
