Tech Support Forum - View Single Post

Vikesrock8411 · 11-29-2005, 08:20 PM

Please print out or copy this page to Notepad in order to assist you when carrying out the following instructions.

Please follow
Symantec’s Guide to clean out your Norton quarantine.

Downloads(make sure to save these in a permanent location)
KillBox v2.0.0.175.exe (it's important that you get version v2.0.0.175)

Tools
Open Cleanup! by double-clicking the icon on your desktop (or from Start > All Programs). Set the program up as follows:

Click Options
Move the slider button down to Custom CleanUp!

Check the following:

Empty Recycle Bins
Delete Cookies
Delete Prefetch files
Cleanup! All Users

Uncheck the following :

Scan local drives for temporary files

Click OK, Press the CleanUp! button to start the program. If prompted to reboot, press No.

Launch KillBox.exe & select the following options:

delete on Reboot

Select all the filenames below & then right-click & select Copy

C:\WINDOWS\prflbmsgp32.dll
C:\WINDOWS\system32\ntsd32.exe

* Go to the File menu, and choose Paste from Clipboard
* Click the RED X button.
* Click Yes at the Delete on Reboot prompt.
* Click Yes at the 'Pending Operations prompt'.

Online Scans
Trend Micro™ Anti-Spyware for the Web Utility (by clicking the "Scan and Clean your PC" button).

Save it to your desktop.
Double-click the new icon on your desktop (tmas-web-scan.exe)
It will say "Loading TrendMicro definitions".
Once the definitions are loaded, the program will appear to close then re-open.
Click "Start Scan"
After it's done scanning, click "Scan Results"
Make sure all items found have a check next to them, then click "Clean Threats Now".
Click Exit.

Reboot your computer. In place of the TrendMicro icon will be a text file called "Antispyware.log", please double-click that log and copy the entire contents and paste them here.

I then need you to repeat the same procedure above again... using the TrendMicro tool. I need the log from the second scan/clean...NOT the first...as this will contain what’s left in the system.

How is your system now? Are the redirects still happening?

In your next post please include:

Antispyware.log (second run)
A new Hijackthis! Log

11-29-2005, 08:20 PM	#6 (permalink)
Vikesrock8411 Analyst, Security Team Join Date: Jun 2005 Posts: 3,065 OS: Windows XP	Please print out or copy this page to Notepad in order to assist you when carrying out the following instructions. Please follow Symantec’s Guide to clean out your Norton quarantine. Downloads(make sure to save these in a permanent location) KillBox v2.0.0.175.exe (it's important that you get version v2.0.0.175) Tools Open Cleanup! by double-clicking the icon on your desktop (or from Start > All Programs). Set the program up as follows: Click Options Move the slider button down to Custom CleanUp! Check the following: Empty Recycle Bins Delete Cookies Delete Prefetch files Cleanup! All Users Uncheck the following : Scan local drives for temporary files Click OK, Press the CleanUp! button to start the program. If prompted to reboot, press No. Launch KillBox.exe & select the following options: delete on Reboot Select all the filenames below & then right-click & select Copy C:\WINDOWS\prflbmsgp32.dll C:\WINDOWS\system32\ntsd32.exe * Go to the File menu, and choose Paste from Clipboard * Click the RED X button. * Click Yes at the Delete on Reboot prompt. * Click Yes at the 'Pending Operations prompt'. Online Scans Trend Micro™ Anti-Spyware for the Web Utility (by clicking the "Scan and Clean your PC" button). Save it to your desktop. Double-click the new icon on your desktop (tmas-web-scan.exe) It will say "Loading TrendMicro definitions". Once the definitions are loaded, the program will appear to close then re-open. Click "Start Scan" After it's done scanning, click "Scan Results" Make sure all items found have a check next to them, then click "Clean Threats Now". Click Exit. Reboot your computer. In place of the TrendMicro icon will be a text file called "Antispyware.log", please double-click that log and copy the entire contents and paste them here. I then need you to repeat the same procedure above again... using the TrendMicro tool. I need the log from the second scan/clean...NOT the first...as this will contain what’s left in the system. How is your system now? Are the redirects still happening? In your next post please include: Antispyware.log (second run) A new Hijackthis! Log