Remove virus
Closed
Gervarod
-
Apr 12, 2010 at 12:08 PM
Ambucias Posts 47310 Registration date Monday February 1, 2010 Status Moderator Last seen February 15, 2023 - Apr 12, 2010 at 05:11 PM
Ambucias Posts 47310 Registration date Monday February 1, 2010 Status Moderator Last seen February 15, 2023 - Apr 12, 2010 at 05:11 PM
Related:
- Remove virus
- Goose virus - Download - Other
- Ntuser.dat virus - Guide
- Can jpg have virus - Guide
- Remove redirecting virus - Guide
- How to remove unhide files virus ✓ - Pen Drive, USB & SD Card Forum
1 response
Ambucias
Posts
47310
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
February 15, 2023
11,162
Apr 12, 2010 at 05:11 PM
Apr 12, 2010 at 05:11 PM
Hello Gevarod,
There you are infected again! And where did you get the infection from: Facebook!
I can tell you how to remove it but you must download and install Hyjackthis:
http://free.antivirus.com/hijackthis/
2. Run a scan and check the following items:
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=localhost:7171
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>
O4 - HKLM\..\Run: [sysldtray] c:\windows\ld08.exe
O4 - HKLM\..\Run: [sysftray2] C:\windows\freddy36.exe
O4 - HKLM\..\Run: [pp] C:\windows\pp02.exe
O4 - HKLM\..\Run: [sysldtray] c:\windows\ld02.exe
O4 - HKCU\..\Run: [SYSDLL] SYSDLL
O4 - HKCU\..\Run: [dll] rundll32 dll32,sm
3. Click on fix checked
4. Deactivate the proxy
On Internet Explorer, tools, options, connections, bottom, deactivate the proxy.
That not all, you must clean-up the rest:
To keep your system safe, you must follow the instructions hereunder to the letter:
1. Download Combofix to your desktop.
http://www.combofix.org/download.php
2.Close all open Windows including this one.
Close or disable all running Antivirus, Antispyware, and Firewall programs as they may interfere with the proper running of ComboFix.
3. Double click on the ComboFix icon.
Windows is issuing this prompt because ComboFix does not have a digital signature. This is perfectly normal and safe and you can click on the Run button to continue.
4. Accept the disclaimer and the recovery
5.You should now press the Yes button to continue. If at any time during the Recovery Console installation you receive a message stating that it failed to install, please allow ComboFix to continue with the scan of your computer.
ComboFix will disconnect your computer from the Internet, so do not be surprised or concerned if you receive any warnings stating that you are no longer on the Internet. When ComboFix has finished it will automatically restore your Internet connection.
While the program is scanning your computer, it will change your clock format, so do not be concerned when you see this happen. When ComboFix is finished it will restore your clock settings to their previous settings.
If you see your Windows desktop disappear, do not worry. This is normal and ComboFix will restore your desktop before it is finished. Eventually you will see a new screen that states the program is almost finished and telling you the programs log file, or report, will be located at C:\ComboFix.txt.
Beware, while ComboFix is running, do not attempt to click with your mouse, tap on thekeyboard, just leave it be.
Gee that took me a lot of typing, kind of tired, let me know how it work.
Regards
There you are infected again! And where did you get the infection from: Facebook!
I can tell you how to remove it but you must download and install Hyjackthis:
http://free.antivirus.com/hijackthis/
2. Run a scan and check the following items:
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=localhost:7171
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>
O4 - HKLM\..\Run: [sysldtray] c:\windows\ld08.exe
O4 - HKLM\..\Run: [sysftray2] C:\windows\freddy36.exe
O4 - HKLM\..\Run: [pp] C:\windows\pp02.exe
O4 - HKLM\..\Run: [sysldtray] c:\windows\ld02.exe
O4 - HKCU\..\Run: [SYSDLL] SYSDLL
O4 - HKCU\..\Run: [dll] rundll32 dll32,sm
3. Click on fix checked
4. Deactivate the proxy
On Internet Explorer, tools, options, connections, bottom, deactivate the proxy.
That not all, you must clean-up the rest:
To keep your system safe, you must follow the instructions hereunder to the letter:
1. Download Combofix to your desktop.
http://www.combofix.org/download.php
2.Close all open Windows including this one.
Close or disable all running Antivirus, Antispyware, and Firewall programs as they may interfere with the proper running of ComboFix.
3. Double click on the ComboFix icon.
Windows is issuing this prompt because ComboFix does not have a digital signature. This is perfectly normal and safe and you can click on the Run button to continue.
4. Accept the disclaimer and the recovery
5.You should now press the Yes button to continue. If at any time during the Recovery Console installation you receive a message stating that it failed to install, please allow ComboFix to continue with the scan of your computer.
ComboFix will disconnect your computer from the Internet, so do not be surprised or concerned if you receive any warnings stating that you are no longer on the Internet. When ComboFix has finished it will automatically restore your Internet connection.
While the program is scanning your computer, it will change your clock format, so do not be concerned when you see this happen. When ComboFix is finished it will restore your clock settings to their previous settings.
If you see your Windows desktop disappear, do not worry. This is normal and ComboFix will restore your desktop before it is finished. Eventually you will see a new screen that states the program is almost finished and telling you the programs log file, or report, will be located at C:\ComboFix.txt.
Beware, while ComboFix is running, do not attempt to click with your mouse, tap on thekeyboard, just leave it be.
Gee that took me a lot of typing, kind of tired, let me know how it work.
Regards