Tech Support Forum - View Single Post

sUBs · 07-20-2005, 07:33 AM

Looks cleaner

Let's get to work..

= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =

I have attached a file to this post - regdel.txt
Download it & rename it "regdel.reg" (inclusive of the quotes)
Double-click on it & answer YES when prompted to merge into the Registry

Unplug your computer from the Internet when you have finished downloading

= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =

Uninstall the following programs, if present, using Control Panel > Add/Remove Programs :

CxtPls
MySearch

= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =

Run a scan with HiJackThis & select(tick) the following & click [Fix checked] :

F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
O2 - BHO: (no name) - {BDC47C62-E84B-252B-DD31-13C1514837CF} - (no file)
O2 - BHO: (no name) - {D1396C01-C870-10F2-BC2B-4A80E8FB5B42} - (no file)
O2 - BHO: (no name) - {F7DBCF31-416D-A863-252C-8660C18BEEAA} - (no file)
O4 - HKLM\..\Run: [lkqtl] C:\WINDOWS\System32\lkqtl.exe
O15 - Trusted Zone: http://www.neededware.com

= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =

Enable the viewing of Hidden files

From Windows Explorer, go to Tools>Folder Options>View tab.
Enable the option for `Show hidden files and folder´
Disable the option for `Hide file extensions for known types´
Disable the option for `Hide protected operating system files´
Click Yes to confirm & then click OK

= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =

Locate and delete the following folder(s), if present:

C:\PROGRAM FILES\CxtPls
C:\PROGRAM FILES\MySearch
C:\WINDOWS\SYSTEM32\Newmsrdk
C:\DOCUMENTS AND SETTINGS\KYLEE\START MENU\PROGRAMS\AdDestroyer
C:\WINDOWS\bundles
C:\WINDOWS\inst
C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\vmss

= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =

C:\Program Files\Windows Media Player\wmplayer.exe.tmp
C:\WINDOWS\Downloaded Program Files\EPXActiveX.ocx
C:\WINDOWS\inf\btgrab.inf
C:\WINDOWS\inf\farmmext.inf
C:\WINDOWS\system32\cp.exe
C:\DOCUMENTS AND SETTINGS\KYLEE\APPLICATION DATA\Sskcwrd.dll
C:\WINDOWS\SYSTEM32\winupdt.bin
C:\keys.ini
C:\WINDOWS\delprot.ini
C:\WINDOWS\SYSTEM32\CasinoGames.ico
C:\WINDOWS\SYSTEM32\Get $888 Free!.ico
C:\WINDOWS\SYSTEM32\partypoker.ico
C:\WINDOWS\System32\lkqtl.exe

Select/Highlight all the filename(s) from the above.
Copy to clipboard by pressing [CTRL]+[C] on your keyboard.
Start KillBox.exe

Go to the File menu, and choose Paste from Clipboard * this feature does not work on older versons of Killbox
Click the dropdown-arrow next to the "Full Path of File to Delete" field.
Verify that the filenames you pasted are found in there.
Select/tick the following:
- Replace on Reboot
- Unregister.dll Before Deleting * if it's not grayed out
Click the RED X button.
Click Yes at the 'Delete on Reboot' prompt.
Click Yes at the 'Pending Operations prompt'.

= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =

REBOOT & Run Cleanup! & configure the program as follows:

Click Options...
Move the arrow down to Custom CleanUp!
Put a check next to the following:
- Empty Recycle Bins
- Delete Cookies
- Delete Prefetch files
- [X]Scan local drives for temporary files (Please uncheck this option)
- Cleanup! All Users
Click OK
Press the CleanUp! button to start the program. Reboot/logoff when prompted.

* CleanUp! will delete all the files in your temp folders without making a backup

= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =

In your next post, please include fresh logs from:

HiJackThis

Please provide details of any problems you encountered whilst performing the above steps & update us on how the computer behaves now

07-20-2005, 07:33 AM	#7 (permalink)
sUBs Asst Manager Security, Expert Analyst, Moderator, Security Team; Rangemaster, Moderator, TSF Academy Join Date: May 2005 Posts: 24,353 OS: N/A	Looks cleaner Let's get to work.. = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = I have attached a file to this post - regdel.txt Download it & rename it "regdel.reg" (inclusive of the quotes) Double-click on it & answer YES when prompted to merge into the Registry Unplug your computer from the Internet when you have finished downloading = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = Uninstall the following programs, if present, using Control Panel > Add/Remove Programs : CxtPls MySearch = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = Run a scan with HiJackThis & select(tick) the following & click [Fix checked] : F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe O2 - BHO: (no name) - {BDC47C62-E84B-252B-DD31-13C1514837CF} - (no file) O2 - BHO: (no name) - {D1396C01-C870-10F2-BC2B-4A80E8FB5B42} - (no file) O2 - BHO: (no name) - {F7DBCF31-416D-A863-252C-8660C18BEEAA} - (no file) O4 - HKLM\..\Run: [lkqtl] C:\WINDOWS\System32\lkqtl.exe O15 - Trusted Zone: http://www.neededware.com = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = Enable the viewing of Hidden files From Windows Explorer, go to Tools>Folder Options>View tab. Enable the option for `Show hidden files and folder´ Disable the option for `Hide file extensions for known types´ Disable the option for `Hide protected operating system files´ Click Yes to confirm & then click OK = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = Locate and delete the following folder(s), if present: C:\PROGRAM FILES\CxtPls C:\PROGRAM FILES\MySearch C:\WINDOWS\SYSTEM32\Newmsrdk C:\DOCUMENTS AND SETTINGS\KYLEE\START MENU\PROGRAMS\AdDestroyer C:\WINDOWS\bundles C:\WINDOWS\inst C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\vmss = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = C:\Program Files\Windows Media Player\wmplayer.exe.tmp C:\WINDOWS\Downloaded Program Files\EPXActiveX.ocx C:\WINDOWS\inf\btgrab.inf C:\WINDOWS\inf\farmmext.inf C:\WINDOWS\system32\cp.exe C:\DOCUMENTS AND SETTINGS\KYLEE\APPLICATION DATA\Sskcwrd.dll C:\WINDOWS\SYSTEM32\winupdt.bin C:\keys.ini C:\WINDOWS\delprot.ini C:\WINDOWS\SYSTEM32\CasinoGames.ico C:\WINDOWS\SYSTEM32\Get $888 Free!.ico C:\WINDOWS\SYSTEM32\partypoker.ico C:\WINDOWS\System32\lkqtl.exe Select/Highlight all the filename(s) from the above. Copy to clipboard by pressing [CTRL]+[C] on your keyboard. Start KillBox.exe Go to the File menu, and choose Paste from Clipboard * this feature does not work on older versons of Killbox Click the dropdown-arrow next to the "Full Path of File to Delete" field. Verify that the filenames you pasted are found in there. Select/tick the following: Replace on Reboot Use Dummy End Explorer Shell While Killing File Unregister.dll Before Deleting * if it's not grayed out Click the RED X button. Click Yes at the 'Delete on Reboot' prompt. Click Yes at the 'Pending Operations prompt'. = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = REBOOT & Run Cleanup! & configure the program as follows: Click Options... Move the arrow down to Custom CleanUp! Put a check next to the following: Empty Recycle Bins Delete Cookies Delete Prefetch files [X]Scan local drives for temporary files (Please uncheck this option) Cleanup! All Users Click OK Press the CleanUp! button to start the program. Reboot/logoff when prompted. * CleanUp! will delete all the files in your temp folders without making a backup = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = In your next post, please include fresh logs from: HiJackThis Please provide details of any problems you encountered whilst performing the above steps & update us on how the computer behaves now __________________ Question - what have you done for the community today?