I just gotten over an issue with trojans and malware on my computer so i installed an anti spy program( super anti-spy) but i noticed i still had issues with unknown pop-ups on my browser so i also downloaded an anti-malware(Malware Bytes)
and after finally getting my computer clean i think i also erased some very imporatant registry keys needed to run my windows xp and certain websites properly..do i have to go to a computer specialist?
Help!..Missing Registry Keys!?
October 30, 2009
Is it alright to install kaspersky in a flashdrive and use it to clean an infected pc?
October 13, 2009
a friend’s pc is infiltrated by trojans and it is in "deathbed" condition and it is most advisable now to reformat. problem is, due to the trojans, he can’t back-up his files. is it alright to do that so somehow it can get "cleaned" (that way we may be able to back-up) before totally reformatting?
I have McAfee virus protection plus "super anti spyware" program. I do the scan everyday, delete temp. internet files(cookies, etc.), clean my hard drive, and defragment it. I still get pop ups eventhough the pop up blocker is on, plus when these ads for a virus protection come up, they block pictures. Not to mention, I have two trojans to get rid of which are called Winfixer and Vundo..anyone know how to fix this? Any help would be greatly appreciated. Thanks!
Really bad computer virus problem?
August 7, 2009
I thought I’d solved the problem but it turned out I hadn’t. I got a couple of trojan viruses on my computer the other day, even with NOD32 and Malwarebytes’ AntiMalware, Ad-aware, and Spybot Search and Destroy, which I know are all very good. I scanned with Malwarebytes,and it found two trojans. Here’s the log:
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\tdssdata (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\tdss (Trojan.Agent) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
I deleted the two trojans, so everything was working again (I wasn’t being redirected to other sites on the internet anymore). However, this morning, the same problem has come back. I’m assuming that there is a rootkit installed somewhere, but nothing can find it. I’ve also scanned with VundoFix and RogueRemover, which didn’t find anything either. I scanned with SmitFraudFix, and the log after that came up with a HUGE list of random websites, and then this (sorry for the long question):
Run from C:\Documents and Settings\User\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] – Windows_NT
The filesystem type is
Fix run in normal mode
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler’s .dll
»»»»»»»»»»»»»»»»»»»»»»»» Killing process
»»»»»»»»»»»»»»»»»»»»»»»» hosts
”'(The list of lots of websites fits in here)”’
»»»»»»»»»»»»»»»»»»»»»»»» VACFix
VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix
S!Ri’s WS2Fix: LSP not Found.
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
GenericRenosFix by S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files
»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» AntiXPVSTFix
»»»»»»»»»»»»»»»»»»»»»»»» RK
»»»»»»»»»»»»»»»»»»»»»»»» DNS
Description: 3Com 3C920 Integrated Fast Ethernet Controller (3C905C-TX Compatible) – Packet Scheduler Miniport
DNS Server Search Order: 10.0.0.2
HKLM\SYSTEM\CCS\Services\Tcpip\..\{A94E023C-3A73-4B59-B35B-7AB609AC87BD}: DhcpNameServer=10.0.0.2
HKLM\SYSTEM\CS1\Services\Tcpip\..\{A94E023C-3A73-4B59-B35B-7AB609AC87BD}: DhcpNameServer=10.0.0.2
HKLM\SYSTEM\CS2\Services\Tcpip\..\{A94E023C-3A73-4B59-B35B-7AB609AC87BD}: DhcpNameServer=10.0.0.2
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=10.0.0.2
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=10.0.0.2
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=10.0.0.2
»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning
Registry Cleaning done.
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler’s .dll
»»»»»»»»»»»»»»»»»»»»»»»» End
I’ve tried deleting what SmitFraudFix has found, but it doesn’t seem to work. If I do the scan again on SFF straight afterwards, it finds the same things, but doesn’t delete them.
So, what else is there to do? Haven’t I tried everything? Please don’t recommend programs like AVG, Norton, McAffee and Avast because they are not as good as the ones I am using, and are unlikely to find the rootkit if they better antiviruses can’t.
Thanks!
Clean Registry and Optimize PC
Opinions