| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 111634 | 2010-08-05 00:44:00 | clkh71yhks66.com how do i get rid of it | petemit (1134) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 1124715 | 2010-08-05 00:44:00 | I have had this on my computer for the last 2 days It causes explorer and firefox to crash when i first start them up for a few times then settles down I am running win xp professional on a 6 yr old toshiba laptop with 1.5 gb ram i have aset smart suite 4 which pics up the incoming request from the website when i go online a red box comes up from time to time to tell me it has stopped it eset has picked up the following virus and quarentined them 2-8-2010 variant win32/kryptic.fug trogan 3-8-2010 win32 olmarik.ach trogan I have run cc cleaner, Malawarebytes which found these problems Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Database version: 4383 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 3/08/2010 3:32:39 p.m. mbam-log-2010-08-03 (15-32-39).txt Scan type: Full scan (C:\|) Objects scanned: 231363 Time elapsed: 1 hour(s), 12 minute(s), 1 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 5 Registry Values Infected: 1 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 4 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\QZAIB7KITK (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\YVIBBBHA8C (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\System\CurrentControlSet\Servic es\SSHNAS (Trojan.Renos) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\SolutionAV (Rogue.AntivirSolutionPro) -> Quarantined and deleted successfully. Registry Values Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run\yqrhimwc (Rogue.AntivirusSuite.Gen) -> Quarantined and deleted successfully. Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\Documents and Settings\bob\Local Settings\Temp\4c0676af.exe (Rogue.AntivirSolutionPro) -> Quarantined and deleted successfully. C:\Documents and Settings\bob\Local Settings\Temp\b7837ead.exe (Rogue.AntivirSolutionPro) -> Quarantined and deleted successfully. C:\WINDOWS\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> Quarantined and deleted successfully. C:\WINDOWS\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job (Trojan.Downloader) -> Quarantined and deleted successfully. and superantispyware which found disabled folder option HKLM\software\microsoft\windows\current version\explorer\advanced\folder\hidden\showall (checked value -AwAAAA==) and also trojan agent/gen-sshnas all of these programs were downloaded yesterday and have current anti spam/ virus updates obviously the problem is still on my computer so i would love to get rid of it a google search online and it seems like its a hard one to remove properly any ideas and help much appreciated |
petemit (1134) | ||
| 1124716 | 2010-08-05 01:08:00 | Try This (www.scanforfree.com). :) |
Trev (427) | ||
| 1124717 | 2010-08-05 01:17:00 | Disable system restore or boot into safe mode then delete it By the looks of it its removed those files |
Speedy Gonzales (78) | ||
| 1124718 | 2010-08-05 01:29:00 | thanks for your reply have you used this program to clean this infection? as i googled this program yesterday and it had a lot of negitive reports about it with most saying it is as bad as some of the malaware it deletes. and that it doesnt clean up like it says it does so unless you have used it with good results especially with this infection and can recomend it i will wait and try and find another program to use thanks again for your help peter |
petemit (1134) | ||
| 1124719 | 2010-08-05 01:32:00 | Well no I haven't because I haven't been infected with it. If you believe everything everyone else says about it. Dont use it | Speedy Gonzales (78) | ||
| 1124720 | 2010-08-05 01:46:00 | Hi Speedy im, just a bit confused as your reply came while i was replying to trev are you saying to use stopzilla in safe mode with sytem restore off then delete the program or to use the programs i have allready used in safe mode Thanks Peter |
petemit (1134) | ||
| 1124721 | 2010-08-05 01:47:00 | could try trojan remover | GameJunkie (72) | ||
| 1124722 | 2010-08-05 01:53:00 | Or try reviewing/avoiding sites that are causing these rogue downloads. P2P sites? I thought it was cleaned up, from a similar post that was posted few days ago. | kahawai chaser (3545) | ||
| 1124723 | 2010-08-05 02:02:00 | I was talking about malwarebytes not stopzilla, whatever that is Dont install / run too many programs at the same time. They'll end up conflicting with each other |
Speedy Gonzales (78) | ||
| 1124724 | 2010-08-05 05:26:00 | Thanks i have run mallawarebytes and superantispy in safe mode with restore off but it is just the same. they say all is good but it is just the same when i first load into explorer it tries to crash it and wont let me load sights like this forum with out having several goes. after a while it settles down and seems to work oka i havnt tried trojan remover yet will have to wait till tomorrow to try that thanks Peter |
petemit (1134) | ||
| 1 2 3 | |||||