Tech Support Forum - View Single Post

**Angelfire777** · 12-29-2007, 10:51 PM

You may want to print these instructions here or save them in notepad since you'll work offline.

Reboot into Safe Mode.

To enter Safe Mode..

Click Start > Turn Off Computer > Restart > Tap F8 key just before Windows starts to load, > This will bring up a Menu > Use your keyboard to scroll to Safe Mode> Hit enter.

Open HijackThis > choose Scan Only > Place a checkmark in the boxes beside these entries in bold.

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask .exe" -atboottime

Close your browsers and all open windows except for HijackThis, then click "Fix checked". Exit HijackThis.
______

Open NOTEPAD and copy/paste the text in the codebox below into it:

Code:

C:\Program Files\ALLTEL DSL Check-up Center\SmartBridge\MotiveSB .exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx .exe
C:\Program Files\Common Files\Real\Update_OB\realsched .exe
C:\Program Files\Common Files\Symantec Shared\ccApp .exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier .exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif .exe
C:\Program Files\Messenger\msmsgs .exe
C:\Program Files\Picasa2\PicasaMediaDetector .exe   
C:\Program Files\QuickTime\qttask                    .exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt .exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer .exe
C:\Program Files\Symantec AntiVirus\VPTray .exe
C:\WINDOWS\ehome\ehtray .exe
C:\WINDOWS\SONYSYS\VAIO Recovery\PartSeal .exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATI9FA .EXE

Save this as Log.txt

Refering to the picture above, drag Log.txt into RenV.exe

When finished, it shall produce a new log for you. Post that log in your next reply.

12-29-2007, 10:51 PM	#4 (permalink)
Angelfire777 Moderator/Analyst, Security Team ; Rangemaster, TSF Academy Join Date: Oct 2006 Posts: 3,413 OS: Vista	Re: Can't get rid of virtumonde and popups You may want to print these instructions here or save them in notepad since you'll work offline. Reboot into Safe Mode. To enter Safe Mode.. Click Start > Turn Off Computer > Restart > Tap F8 key just before Windows starts to load, > This will bring up a Menu > Use your keyboard to scroll to Safe Mode> Hit enter. Open HijackThis > choose Scan Only > Place a checkmark in the boxes beside these entries in bold. O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask .exe" -atboottime Close your browsers and all open windows except for HijackThis, then click "Fix checked". Exit HijackThis. ______ Open NOTEPAD and copy/paste the text in the codebox below into it: Code: C:\Program Files\ALLTEL DSL Check-up Center\SmartBridge\MotiveSB .exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx .exe C:\Program Files\Common Files\Real\Update_OB\realsched .exe C:\Program Files\Common Files\Symantec Shared\ccApp .exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier .exe C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif .exe C:\Program Files\Messenger\msmsgs .exe C:\Program Files\Picasa2\PicasaMediaDetector .exe C:\Program Files\QuickTime\qttask .exe C:\Program Files\Sony\VAIO Update 3\VAIOUpdt .exe C:\Program Files\Spybot - Search & Destroy\TeaTimer .exe C:\Program Files\Symantec AntiVirus\VPTray .exe C:\WINDOWS\ehome\ehtray .exe C:\WINDOWS\SONYSYS\VAIO Recovery\PartSeal .exe C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATI9FA .EXE Save this as Log.txt Refering to the picture above, drag Log.txt into RenV.exe When finished, it shall produce a new log for you. Post that log in your next reply. __________________ UNITE and ASAP since 2006 If we have helped you, please consider donating. The past won't be able to hurt you unless you keep on looking back at it. Last edited by Angelfire777 : 12-29-2007 at 11:09 PM.