Tech Support Forum - View Single Post

sUBs · 10-11-2005, 07:18 PM

Start HiJackThis & go to Config>Misc Tools> Open process manager
Select the following and click Kill process one at a time. * Some entries may not be present

C:\WINDOWS\system32\t?skmgr.exe

Then go to this directory - C:\WINDOWS\system32
Delete this file...

t?skmgr.exe (You'll probably see 2 copies of taskmgr. One is legit & the other, bogus)

The malware copy has these attributes..

date of creation - 09/29/2005 09:31 AM
File size - 401,408 bytes (392KB)

After you deleted it, Perform an online scan with Internet Explorer with Panda ActiveScan

Click Scan your PC & a 'pop up' window shall appear. *ensure that your pop up blocker doesn't block it
Click Scan Now
Enter your e-mail address & click Scan Now ...begins downloading 8 MB Panda's ActiveX controls

Begin the scan by selecting My Computer

If it finds any malware, it will offer you a report.
Click on see report. Then click Save report

Post the contents of the report in your next reply along with a new HJT log

*You needn't remain online while it's doing the scan but you have to re-connect after it has finished to see the report.
*Turn off the real time scanner of any existing antivirus program while performing the online scan

10-11-2005, 07:18 PM	#6 (permalink)
sUBs Asst Manager Security, Expert Analyst, Moderator, Security Team; Rangemaster, Moderator, TSF Academy Join Date: May 2005 Posts: 24,350 OS: N/A	Start HiJackThis & go to Config>Misc Tools> Open process manager Select the following and click Kill process one at a time. * Some entries may not be present C:\WINDOWS\system32\t?skmgr.exe Then go to this directory - C:\WINDOWS\system32 Delete this file... t?skmgr.exe (You'll probably see 2 copies of taskmgr. One is legit & the other, bogus) The malware copy has these attributes.. date of creation - 09/29/2005 09:31 AM File size - 401,408 bytes (392KB) After you deleted it, Perform an online scan with Internet Explorer with Panda ActiveScan Click Scan your PC & a 'pop up' window shall appear. ensure that your pop up blocker doesn't block it Click Scan Now* Enter your e-mail address & click Scan Now ...begins downloading 8 MB Panda's ActiveX controls Begin the scan by selecting My Computer If it finds any malware, it will offer you a report. Click on see report. Then click Save report Post the contents of the report in your next reply along with a new HJT log You needn't remain online while it's doing the scan but you have to re-connect after it has finished to see the report. Turn off the real time scanner of any existing antivirus program while performing the online scan __________________ Question - what have you done for the community today?