rpggamergirl

C:\WINDOWS\system32\cssrss.exe C:\WINDOWS\system32\ctfmona.exe O4 - HKLM\..\Run: [WMDM PMSP Service] C:\WINDOWS\system32\cssrss.exe O4 - HKLM\..\Run: [ctfmona] C:\WINDOWS\system32\ctfmona.exe The above lines in Hijackthis are variants of SDBot, among other nasties as well. Download SDFix and save it to your desktop.(either one below) [url]http://downloads.andymanchesta.com/RemovalTools/SDFix.zip[/url] [url]http://downloads.andymanchesta.com/RemovalTools/SDFix.exe[/url] Double click SDFix.exe and it will extract the files to …

Hi, Please run Hijackthis and put a check next to these entries, close all other windows except Hijackthis and click "Fix Checked" button. [B]O1 - Hosts: 124.238.254.113 [url]www.10280011.com[/url] O1 - Hosts: 124.238.254.113 10280011.com O1 - Hosts: 124.238.254.113 [url]www.10289900.com[/url] O1 - Hosts: 124.238.254.113 10289900.com O1 - Hosts: 124.238.254.113 [url]www.78877788.com[/url] O1 - …

Hi, Your hijackthis log is showing wareout infection! Fixwareout should take care of it. Please download FixWareout from one of these sites: [URL]http://downloads.subratam.org/Fixwareout.exe[/URL] [URL]http://www.bleepingcomputer.com/files/lonny/Fixwareout.exe[/URL] Save it to your desktop and run it. Click Next, then Install, make sure "Run fixit" is checked and click Finish. The fix will begin; follow …

Hi, First we need to know what malware/viruses is in your system. We need to look at your Hijackthis log. Do not fix any entries in Hijackthis, just post the entire log here. "[B]isamonitor[/B]" is a smitfraud file so you most probably have smitfraud infection, the hijackthis log will confirm …

Hi, You have smitfraud infection showing in your logfile. [B]STEP 1:[/B] Please download [URL="http://siri.urz.free.fr/Fix/SmitfraudFix.zip"][B]SmitfraudFix[/B][/URL] (by [B]S!Ri[/B]) Extract the content (a folder named [B]SmitfraudFix[/B]) to your Desktop. Open the [B]SmitfraudFix[/B] folder and double-click [B]smitfraudfix.cmd[/B] Select option #1 - [B]Search[/B] by typing [B]1[/B] and press "[B]Enter[/B]"; a text file will appear, which …

Hi, Your Hijackthis log is showing wareout infection! Uninstall [B]UnSpyPC[/B] or [B]KillAndClean[/B] from Add/Remove Programs if listed: You must have an active Internet connection when running this fix, in order to download the Brute Force Uninstaller (BFU) from Merijn's page. Please download FixWareout from one of these sites: [URL]http://downloads.subratam.org/Fixwareout.exe[/URL] [URL]http://www.bleepingcomputer.com/files/lonny/Fixwareout.exe[/URL] …

Yeah, your hijackthis log looks clean! but the symptom you mentioned sounds very much like a smitfraud infection but not showing in your log. Try renaming hijackthis.exe, some entries might show up then. Navigate to the directory where you saved [B][COLOR=blue]Hijackthis.exe[/COLOR][/B]: [B]C:\Documents and Settings\Administrator.KENMORE\My Documents\New Folder1\HijackThis.exe[/B] Right-click on hijackthis.exe, then …

Hi, 1. Open HiJackThis Click on the "Config..." button on the bottom right Click on the tab "Misc Tools" Click on "[B]Delete File on Reboot[/B]" Navigate to this file --> [B]C:\WINDOWS\SYSTEM32\winogk32.dll[/B] Double click on that file. HJT asks you if you want to reboot, now. Click "[B]No[/B]" Do that for …

Hi, 1. Please download [URL="http://www.atribune.org/ccount/click.php?id=4"][B][COLOR=red]VundoFix.exe[/COLOR][/B][/URL] to your desktop Double-click [B]VundoFix.exe[/B] to run it. Click the [B]Scan for Vundo[/B] button. Once it's done scanning, click the [B]Remove Vundo[/B] button. You will receive a prompt asking if you want to remove the files, click [B]YES[/B] Once you click yes, your desktop will …

Hi Andrew, Can you please rename Hijackthis.exe because I suspect that you may have the Vundo infection that can hide some entries in your log. Navigate to the directory where you saved Hijackthis.exe: [COLOR=blue]C:\Program Files\HijackThis\HijackThis.exe[/COLOR] Right-click on hijackthis.exe, then select [B]Rename[/B]. Name it something like: [B]some.exe[/B] (or whatever you want) …

Hi, What you have is smitfraud and wareout infections. Follow the instructions in order please. [B]1.[/B] Please download [URL="http://siri.urz.free.fr/Fix/SmitfraudFix.zip"][B][COLOR=red]SmitfraudFix[/COLOR][/B][/URL] (by [B]S!Ri[/B]) Extract the content (a folder named [B]SmitfraudFix[/B]) to your Desktop. Next, please reboot your computer in [B]Safe Mode[/B] by doing the following : [LIST] [*]Restart your computer [*]After hearing …

Hi, Your Hijackthis log is showing the contemptible Trojan Torpig, which can allow an attacker to gain control of the system, log keystrokes, steal passwords, access personal data, send malevolent outgoing traffic, and close the security warning messages displayed by some anti-virus and security programs. I would advise for you …

Hi, You have smitfraud infection there! You may want to print out or make a copy of these instructions before starting, because you will not be able to connect to the internet during most of this fix. Download [URL="http://noahdfear.geekstogo.com/click%20counter/click.php?id=1"]smitRem.exe[/URL] and save the file to your desktop. Double click on the …

Hi, Please download SmitfraudFix: [URL]http://siri.geekstogo.com/SmitfraudFix.php[/URL] Extract the content (a folder named SmitfraudFix) to your Desktop. Next, please reboot your computer in [B]Safe Mode[/B] by rebooting the computer, and repeatedly tapping the F8 key as the pc starts. Choose "[B]Safe Mode[/B]" from the options listed. Once in Safe Mode, open the …

Hi, You have a trojan dialer there. Please Open HiJackThis Click on the "Config..." button on the bottom right Click on the tab "Misc Tools" Click on "[B]Delete File on Reboot[/B]" Navigate to this file --> [B]C:\WINDOWS\SYSTEM32\winloj32.dll[/B] Double click on that file. HJT asks you if you want to reboot, …