Virus or malware warning

By Badfinger
Aug 2, 2009
  1. Howdy folks!

    Just got done cleaning one nasty one off my wife's PC.

    Looks like it came from hijack of

    If you have these in C:\windows\system32:


    Those 4 I had to clean out, winpatrol kept popping up asking to allow them to RUN
    at startup and BillP's website had 0 info on any of them, another good sign they
    are malware/virus. Look up winpatrol if you are confused. 8)

    All 4 were read only, and couldn't delete even in safe mode, except 1 (tahalopu.dll)
    I pulled her HD, hooked it up to my system, replaced all 4 with 3 byte files with attributes:
    Read Only/System, so they won't be overwritten, and cleaned ALL the registry entries with the 4 files, once I rebooted with it back in her system, there were over a dozen entries total.

    Her PC is now clean...

    Oh yeah:
    Looks like they tried to phone home to which is in Belgium.
    I have prevent in for that evil stuff also, fortunately. 8)

    I ran my anti-virus scan on C:\windows (inclusive) and it picked up nothing, 8(

    Forgot to mention this was via Firefox 3.5, we quit using IE, since about Firefox .92 beta.

    D3CRYPTM4ST3R TS Rookie Posts: 54

    As far i know .ESET NOD32 antivirus provides a very stable and powerfull network and net protection i am also a big fan of Firefox . Since i installed it i never had such nasty network intrusions! I recommend you try it .
Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...