infected registry files?

G

Guest

Hello, can you help?my system was running great for about five months after a
win32 bug , i had everything secured , on one web page, a windows genuine
certificate box, said to click yes as it was secure, i did, it was a program
PESTTRAP , which infected so many files , but the same old story, i needed to
subscribe , it took so long to get rid of this , it just reappeared every
time i zapped it with legit anti virus. It has left me with so many extras,
ill clear it all then NT back door , IE tray hijacker, I spy password
cracker, I have these quarantined but also parts of my registry are with them
, it scared me a bit , was wondering if I could send a copy of quarantine
list to somebody . to give an idea as what i should do with it?Sorry to be
cheeky but my head is spinning until early hours trying to find out what to
do. iI spy changed all of my settings on Ie and my yahoo e mails. thanks
 
D

David H. Lipman

From: "amberbootyliscious" <[email protected]>

| Hello, can you help?my system was running great for about five months after a
| win32 bug , i had everything secured , on one web page, a windows genuine
| certificate box, said to click yes as it was secure, i did, it was a program
| PESTTRAP , which infected so many files , but the same old story, i needed to
| subscribe , it took so long to get rid of this , it just reappeared every
| time i zapped it with legit anti virus. It has left me with so many extras,
| ill clear it all then NT back door , IE tray hijacker, I spy password
| cracker, I have these quarantined but also parts of my registry are with them
| , it scared me a bit , was wondering if I could send a copy of quarantine
| list to somebody . to give an idea as what i should do with it?Sorry to be
| cheeky but my head is spinning until early hours trying to find out what to
| do. iI spy changed all of my settings on Ie and my yahoo e mails. thanks



Two part reply..

Perform Part 1 then perform Part 2.

If the first two parts don't work, perform the alternate section.

It is suggested that you execute each tool in Normal Mode then in Safe Mode.



Part 1
-----------

Use noahdfear's SmitFraud, SpyAxe, SpyFalcon, et. al., removal tool -- SmitRem.exe
http://noahdfear.geekstogo.com/click counter/click.php?id=1

http://www.bleepingcomputer.com/forums/topic43659.html


Part 2
-----------

Download SmitFraud.exe from the URL --
http://www.ik-cs.com/programs/virtools/SmitFraud.exe

Execute; SmitFraud.exe { Note: You must accept the default of C:\McAfee }
Choose; Unzip
Choose; Close

NOTE: You may have to disable your software FireWall or allow WGET.EXE to go through your
FireWall to enable WGET.EXE to download the needed McAfee related files.

Execute; c:\mcafee\clean.bat
{ or Double-click on 'Clean Link' in c:\mcafee }

A final report in HTML format called C:\mcafee\Normal_ScanReport.HTML or
C:\mcafee\Safe_ScanReport.HTML will be generated. At the end of the scan, it will be
displayed in your browser (Opera, FireFox or Internet Explorer). However, if you are using
WinXP, Win2K or Win2003 your system will be left in a state where you will have to manually
shutdown/reboot the PC. On Win9x/ME platforms the report will not be shown in your bowser
but your PC will automatically be shutdown. It is suggested that you move the report out of
c:\mcafee before performing another scan.

It would be best to scan in both Safe Mode and in Normal Mode and save a copy of the HTML
report for each session.


ALTERNATE:

S!ri's SmitfraudFix
http://siri.urz.free.fr/Fix/SmitfraudFix_En.php




Please Copy and Paste the contents of the HTML Log files;
C:\mcafee\Normal_ScanReport.HTML & C:\mcafee\Safe_ScanReport.HTML in your reply.

* * * Please report back your results * * *
 
I

imhotep

amberbootyliscious said:
Hello, can you help?my system was running great for about five months
after a
win32 bug , i had everything secured , on one web page, a windows genuine
certificate box, said to click yes as it was secure, i did, it was a
program PESTTRAP , which infected so many files , but the same old story,
i needed to subscribe , it took so long to get rid of this , it just
reappeared every time i zapped it with legit anti virus. It has left me
with so many extras, ill clear it all then NT back door , IE tray
hijacker, I spy password cracker, I have these quarantined but also parts
of my registry are with them , it scared me a bit , was wondering if I
could send a copy of quarantine list to somebody . to give an idea as what
i should do with it?Sorry to be cheeky but my head is spinning until early
hours trying to find out what to do. iI spy changed all of my settings on
Ie and my yahoo e mails. thanks
Click to expand...

Ever think about getting a Mac???

Imhotep
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Quarantine list of I spy , IE tray hijacker,worms, rogue programs 1
MEMORY COULD NOT BE READ??? 1
Infected with spyware? 3
Virus, posing as a flash player upgrade on web page,infected my sy 6
system32.exe infected 6
Computer is infected message 11
Viruse infected majorw.exe 3
Key Logger. or Spywayre.? 1

Top