Solved how can i remove virus from my acer note book

June 19, 2011 at 10:56:11
Specs: Windows XP
my acer note book is effected from trojan viruses

See More: how can i remove virus from my acer note book

Report •


#1
June 19, 2011 at 11:22:05
✔ Best Answer
AIZU,

Is your AntiVirus notifying you of that?

Does it give you the names of the files, etc., that are infected?

The more info we know, the better we will be able to help you.

In the meantime, try the following:

Restart your computer.
Tap the F8 key on the keyboard repeatedly until you are presented with the Boot Options screen
Using the arrow keys, select the Safe Mode with Networking option
Press the Enter key
Log in to the account you normally use

In Safe Mode with Networking,

Download iExplore.exe, a renamed copiy of rKill:
http://www.bleepingcomputer.com/dow...

[If the file does not download, paste the following, >without the quotes or brakets<, in the address bar of your browser:
[“http://www.bleepingcomputer.com/download/anti-virus/rkill”]]

Save the file to the Desktop, and double-click on it. (For Vista/Windows 7, select: Run as Administrator)
Ignore any messages, and allow the file to run until the command window closes.

Without a reboot, download Malwarebytes’ Anti-Malware (black button with green and white icon) Save to the Desktop:
http://download.cnet.com/Malwarebyt...

Double-click mbam-setup.exe and follow the prompts to install the program. (For Vista or Windows 7, select: Run as Administrator)


Run Malwarfebytes’ AntiMalware and update the program.
Once updated, select Perform Full Scan and click the scan button.

When the scan finishes, click OK in the message box, and you will see the results of the scan.

Click the Remove Selected button to get rid of the malware.

When Malwarebytes finishes, you may be prompted to reboot. If so, reboot.


Please post the Malwarebytes log in your reply so we can see where we are at, and plan any additional removal strategy, if necessary.

~~~~
Retired - Doin' Dis, Dat, and slapping malware.


Report •

#2
June 21, 2011 at 13:24:30
TR/BHO.Zwangi.1618 ,TR/Crypt.CFI.Gen ,TR/ATRAPS.Gen ,TR/Swisyn.acfq i can't remove this viruses..............

Report •

#3
June 21, 2011 at 15:45:48
Please press on with the instructions in Post #1, and we will take things from there.

Thanks!

~~~~
Retired - Doin' Dis, Dat, and slapping malware.


Report •

Related Solutions

#4
June 24, 2011 at 19:36:02
Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Database version: 6943

Windows 5.1.2600 Service Pack 3 (Safe Mode)
Internet Explorer 8.0.6001.18702

6/25/2011 5:34:41 AM
mbam-log-2011-06-25 (05-34-41).txt

Scan type: Full scan (C:\|)
Objects scanned: 224831
Time elapsed: 22 minute(s), 13 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 5
Registry Values Infected: 2
Registry Data Items Infected: 0
Folders Infected: 6
Files Infected: 11

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47a3-BD87-1E41684E07BB} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QuestBrowse (Adware.QuestBrowse) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\QuestBrowse (Adware.QuestBrowse) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{d08d9f98-1c78-4704-87e6-368b0023d831} (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\WindowMessenger (Worm.AutoRun.Gen) -> Value: WindowMessenger -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Windows Alerter (Trojan.Agent) -> Value: Windows Alerter -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
c:\program files\funwebproducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\relevantknowledge (Spyware.MarketScore) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\questbrowse (Adware.QuestBrowse) -> Quarantined and deleted successfully.
c:\program files\questbrowse (Adware.QuestBrowse) -> Quarantined and deleted successfully.
c:\program files\questbrowse\questbrwsearch_deleted_ (Adware.QuestBrowse) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\questbrwsearch (Adware.QuestBrowse) -> Quarantined and deleted successfully.

Files Infected:
c:\program files\questbrowse\uninstall.exe (Adware.QuestBrowse) -> Quarantined and deleted successfully.
c:\program files\questbrowse\questbrwsearch_deleted_\questbrwsearch.dll (Adware.Agent.Gen) -> Quarantined and deleted successfully.
c:\program files\relevantknowledge\rlls64.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
c:\program files\relevantknowledge\rlservice.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
c:\program files\relevantknowledge\rlvknlg64.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b3360738-0af5-4780-90e0-04c95830c98c}\RP64\A0069827.exe (Adware.QuestBrowse) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b3360738-0af5-4780-90e0-04c95830c98c}\RP66\A0070149.exe (Adware.QuestBrowse) -> Quarantined and deleted successfully.
c:\program files\common files\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\program files\relevantknowledge\MSVCP71.DLL (Spyware.MarketScore) -> Quarantined and deleted successfully.
c:\program files\relevantknowledge\MSVCR71.DLL (Spyware.MarketScore) -> Quarantined and deleted successfully.
c:\program files\relevantknowledge\shfscp.dat (Spyware.MarketScore) -> Quarantined and deleted successfully.


Report •

#5
June 24, 2011 at 20:24:33
Are you still having problems? Run the AntiVirus program again, and see if the results change.

If the scan you previously used comes up clean, then, this is a good time to create a System Restore Point:
http://support.microsoft.com/kb/948247

...and, also, remove all the System Restore points except the most recent one:
http://support.microsoft.com/kb/555367

~~~~
Retired - Doin' Dis, Dat, and slapping malware.


Report •

#6
June 25, 2011 at 10:46:20
Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Database version: 6943

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

6/25/2011 8:43:42 PM
mbam-log-2011-06-25 (20-43-42).txt

Scan type: Full scan (C:\|)
Objects scanned: 226885
Time elapsed: 1 hour(s), 12 minute(s), 14 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 4

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\system volume information\_restore{b3360738-0af5-4780-90e0-04c95830c98c}\RP109\A0103349.exe (Adware.QuestBrowse) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b3360738-0af5-4780-90e0-04c95830c98c}\RP109\A0103351.dll (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b3360738-0af5-4780-90e0-04c95830c98c}\RP109\A0103352.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b3360738-0af5-4780-90e0-04c95830c98c}\RP109\A0103353.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.


Report •

#7
June 25, 2011 at 12:42:32
Please reset System Restore.
Right-click 'My Computer' and select 'Properties'.
Click the 'System Restore' tab in the window that appears
Check the box that says "Turn off System Restore on all drives"
Click Apply.

Click Yes, and agree to the prompt.
This will delete the restore points.

Click OK in the Properties window, and reboot the computer.

When the Desktop appears, right-click 'My Computer' and select 'Properties'
Uncheck the "Turn off System Restore..." box and click Apply > OK

Run Mawarebytes' once again, and post its report.

~~~~
Retired - Doin' Dis, Dat, and slapping malware.


Report •

#8
June 26, 2011 at 12:04:29

Avira AntiVir Personal
Report file date: Sunday, June 26, 2011 18:33

Scanning for 2790993 virus strains and unwanted programs.

The program is running as an unrestricted full version.
Online services are available:

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 3) [5.1.2600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : ACER-9EA435052F

Version information:
BUILD.DAT : 10.0.0.648 31823 Bytes 4/1/2011 18:36:00
AVSCAN.EXE : 10.0.4.2 442024 Bytes 6/17/2011 21:22:44
AVSCAN.DLL : 10.0.3.0 46440 Bytes 4/1/2010 09:57:04
LUKE.DLL : 10.0.3.2 104296 Bytes 3/4/2011 11:36:59
LUKERES.DLL : 10.0.0.1 12648 Bytes 2/10/2010 20:40:49
VBASE000.VDF : 7.10.0.0 19875328 Bytes 11/6/2009 06:05:36
VBASE001.VDF : 7.11.0.0 13342208 Bytes 12/14/2010 11:37:07
VBASE002.VDF : 7.11.3.0 1950720 Bytes 2/9/2011 11:37:08
VBASE003.VDF : 7.11.5.225 1980416 Bytes 4/7/2011 19:32:33
VBASE004.VDF : 7.11.8.178 2354176 Bytes 5/31/2011 21:22:43
VBASE005.VDF : 7.11.8.179 2048 Bytes 5/31/2011 21:22:43
VBASE006.VDF : 7.11.8.180 2048 Bytes 5/31/2011 21:22:43
VBASE007.VDF : 7.11.8.181 2048 Bytes 5/31/2011 21:22:43
VBASE008.VDF : 7.11.8.182 2048 Bytes 5/31/2011 21:22:43
VBASE009.VDF : 7.11.8.183 2048 Bytes 5/31/2011 21:22:43
VBASE010.VDF : 7.11.8.184 2048 Bytes 5/31/2011 21:22:43
VBASE011.VDF : 7.11.8.185 2048 Bytes 5/31/2011 21:22:43
VBASE012.VDF : 7.11.8.186 2048 Bytes 5/31/2011 21:22:43
VBASE013.VDF : 7.11.8.222 121856 Bytes 6/2/2011 21:22:43
VBASE014.VDF : 7.11.9.7 134656 Bytes 6/4/2011 21:22:43
VBASE015.VDF : 7.11.9.42 136192 Bytes 6/6/2011 21:22:43
VBASE016.VDF : 7.11.9.72 117248 Bytes 6/7/2011 21:22:43
VBASE017.VDF : 7.11.9.107 130560 Bytes 6/9/2011 21:22:43
VBASE018.VDF : 7.11.9.143 132096 Bytes 6/10/2011 21:22:43
VBASE019.VDF : 7.11.9.172 141824 Bytes 6/14/2011 21:22:43
VBASE020.VDF : 7.11.9.214 144896 Bytes 6/15/2011 21:22:44
VBASE021.VDF : 7.11.9.244 196608 Bytes 6/16/2011 21:22:44
VBASE022.VDF : 7.11.9.245 2048 Bytes 6/16/2011 21:22:44
VBASE023.VDF : 7.11.9.246 2048 Bytes 6/16/2011 21:22:44
VBASE024.VDF : 7.11.9.247 2048 Bytes 6/16/2011 21:22:44
VBASE025.VDF : 7.11.9.248 2048 Bytes 6/16/2011 21:22:44
VBASE026.VDF : 7.11.9.249 2048 Bytes 6/16/2011 21:22:44
VBASE027.VDF : 7.11.9.250 2048 Bytes 6/16/2011 21:22:44
VBASE028.VDF : 7.11.9.251 2048 Bytes 6/16/2011 21:22:44
VBASE029.VDF : 7.11.9.252 2048 Bytes 6/16/2011 21:22:44
VBASE030.VDF : 7.11.9.253 2048 Bytes 6/16/2011 21:22:44
VBASE031.VDF : 7.11.10.12 60416 Bytes 6/17/2011 21:22:44
Engineversion : 8.2.5.20
AEVDF.DLL : 8.1.2.1 106868 Bytes 3/4/2011 11:36:49
AESCRIPT.DLL : 8.1.3.65 1606010 Bytes 6/17/2011 21:22:44
AESCN.DLL : 8.1.7.2 127349 Bytes 3/4/2011 11:36:48
AESBX.DLL : 8.2.1.34 323957 Bytes 6/17/2011 21:22:44
AERDL.DLL : 8.1.9.9 639347 Bytes 4/2/2011 09:05:12
AEPACK.DLL : 8.2.6.9 557429 Bytes 6/17/2011 21:22:44
AEOFFICE.DLL : 8.1.1.25 205178 Bytes 6/17/2011 21:22:44
AEHEUR.DLL : 8.1.2.128 3547512 Bytes 6/17/2011 21:22:44
AEHELP.DLL : 8.1.17.2 246135 Bytes 6/17/2011 21:22:44
AEGEN.DLL : 8.1.5.6 401780 Bytes 6/17/2011 21:22:44
AEEMU.DLL : 8.1.3.0 393589 Bytes 3/4/2011 11:36:40
AECORE.DLL : 8.1.21.1 196983 Bytes 6/17/2011 21:22:44
AEBB.DLL : 8.1.1.0 53618 Bytes 3/4/2011 11:36:39
AVWINLL.DLL : 10.0.0.0 19304 Bytes 3/4/2011 11:36:53
AVPREF.DLL : 10.0.0.0 44904 Bytes 3/4/2011 11:36:52
AVREP.DLL : 10.0.0.10 174120 Bytes 6/17/2011 21:22:44
AVREG.DLL : 10.0.3.2 53096 Bytes 3/4/2011 11:36:52
AVSCPLR.DLL : 10.0.4.2 84840 Bytes 6/17/2011 21:22:44
AVARKT.DLL : 10.0.22.6 231784 Bytes 3/4/2011 11:36:50
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 3/4/2011 11:36:51
SQLITE3.DLL : 3.6.19.0 355688 Bytes 6/17/2010 11:27:22
AVSMTP.DLL : 10.0.0.17 63848 Bytes 3/4/2011 11:36:53
NETNT.DLL : 10.0.0.0 11624 Bytes 6/17/2010 11:27:21
RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 3/4/2011 11:37:12
RCTEXT.DLL : 10.0.58.0 97128 Bytes 3/4/2011 11:37:12

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\Program Files\Avira\AntiVir Desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium

Start of the scan: Sunday, June 26, 2011 18:33

Starting search for hidden objects.

The scan of running processes will be started
Scan process 'msdtc.exe' - '42' Module(s) have been scanned
Scan process 'dllhost.exe' - '63' Module(s) have been scanned
Scan process 'dllhost.exe' - '47' Module(s) have been scanned
Scan process 'vssvc.exe' - '50' Module(s) have been scanned
Scan process 'avscan.exe' - '72' Module(s) have been scanned
Scan process 'avcenter.exe' - '64' Module(s) have been scanned
Scan process 'NclRSSrv.exe' - '16' Module(s) have been scanned
Scan process 'NclUSBSrv.exe' - '21' Module(s) have been scanned
Scan process 'iexplore.exe' - '125' Module(s) have been scanned
Scan process 'iexplore.exe' - '78' Module(s) have been scanned
Scan process 'ServiceLayer.exe' - '32' Module(s) have been scanned
Scan process 'iPodService.exe' - '32' Module(s) have been scanned
Scan process 'ctfmon.exe' - '27' Module(s) have been scanned
Scan process 'boostspeed.exe' - '54' Module(s) have been scanned
Scan process 'MWLService.exe' - '35' Module(s) have been scanned
Scan process 'msmsgs.exe' - '51' Module(s) have been scanned
Scan process 'avgnt.exe' - '52' Module(s) have been scanned
Scan process 'DATAMN~1.EXE' - '41' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '71' Module(s) have been scanned
Scan process 'LManager.exe' - '47' Module(s) have been scanned
Scan process 'PLFSetI.exe' - '34' Module(s) have been scanned
Scan process 'mwlDaemon.exe' - '53' Module(s) have been scanned
Scan process 'igfxsrvc.exe' - '25' Module(s) have been scanned
Scan process 'RTHDCPL.EXE' - '38' Module(s) have been scanned
Scan process 'igfxpers.exe' - '25' Module(s) have been scanned
Scan process 'Explorer.EXE' - '158' Module(s) have been scanned
Scan process 'wscntfy.exe' - '20' Module(s) have been scanned
Scan process 'alg.exe' - '35' Module(s) have been scanned
Scan process 'IAANTMon.exe' - '38' Module(s) have been scanned
Scan process 'YahooAUService.exe' - '43' Module(s) have been scanned
Scan process 'svchost.exe' - '74' Module(s) have been scanned
Scan process 'UpdaterService.exe' - '23' Module(s) have been scanned
Scan process 'svchost.exe' - '44' Module(s) have been scanned
Scan process 'RS_Service.exe' - '17' Module(s) have been scanned
Scan process 'GoogleUpdate.exe' - '37' Module(s) have been scanned
Scan process 'mbamservice.exe' - '42' Module(s) have been scanned
Scan process 'avshadow.exe' - '28' Module(s) have been scanned
Scan process 'dsiwmis.exe' - '18' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '35' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '51' Module(s) have been scanned
Scan process 'avguard.exe' - '57' Module(s) have been scanned
Scan process 'svchost.exe' - '36' Module(s) have been scanned
Scan process 'sched.exe' - '45' Module(s) have been scanned
Scan process 'spoolsv.exe' - '61' Module(s) have been scanned
Scan process 'svchost.exe' - '39' Module(s) have been scanned
Scan process 'svchost.exe' - '34' Module(s) have been scanned
Scan process 'svchost.exe' - '32' Module(s) have been scanned
Scan process 'svchost.exe' - '163' Module(s) have been scanned
Scan process 'svchost.exe' - '42' Module(s) have been scanned
Scan process 'svchost.exe' - '55' Module(s) have been scanned
Scan process 'lsass.exe' - '60' Module(s) have been scanned
Scan process 'services.exe' - '29' Module(s) have been scanned
Scan process 'winlogon.exe' - '69' Module(s) have been scanned
Scan process 'csrss.exe' - '16' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan executable files (registry).
The registry was scanned ( '1222' files ).


Starting the file scan:

Begin scan in 'C:\' <ACER>
C:\Documents and Settings\aizaz hussain\Local Settings\Application Data\Temp\{15C3CA05-4169-4B50-ACD9-591D1240FA5F}
[WARNING] The file could not be read!


End of the scan: Sunday, June 26, 2011 19:32
Used time: 58:09 Minute(s)

The scan has been done completely.

8742 Scanned directories
230842 Files were scanned
0 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
0 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
230842 Files not concerned
7053 Archives were scanned
1 Warnings
0 Notes
358564 Objects were scanned with rootkit scan
0 Hidden objects were found


Report •

#9
June 26, 2011 at 13:24:46
Please run Mawarebytes' once again, and post its report.

~~~~
Retired - Doin' Dis, Dat, and slapping malware.


Report •

#10
June 26, 2011 at 13:52:16
Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Database version: 6949

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

6/26/2011 11:32:33 PM
mbam-log-2011-06-26 (23-32-33).txt

Scan type: Full scan (C:\|)
Objects scanned: 208960
Time elapsed: 40 minute(s), 3 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


Report •

#11
June 26, 2011 at 16:47:56
Are you still having problems?

~~~~
Retired - Doin' Dis, Dat, and slapping malware.


Report •

#12
June 27, 2011 at 09:17:33
on the desktop icons are shaded blue around the each icon

Report •

#13
June 27, 2011 at 09:21:49
Download RogueKiller
http://tigzy.geekstogo.com/Tools/Ro...
Save it to your Desktop

Close all open programs.

For XP, simply double-click RogueKiller.exe
For Vista/Windows 7, right click the file and select: Run as Administrator

When prompted, type 1 and hit Enter.

An RKreport.txt should appear on your Desktop.

Note: If the program is blocked, do not hesitate to try several times. If it really does not work (it could happen), rename it to winlogon.exe

>>Please post the contents of the >RKreport.txt< in your reply.<<

We will take further action based on the results of this report.

~~~~
Retired - Doin' Dis, Dat, and slapping malware.


Report •

#14
June 28, 2011 at 08:46:21
RogueKiller V5.2.5 [06/24/2011] by Tigzy
contact at http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.sur-la-toile.com/discuss...

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User: aizaz hussain [Admin rights]
Mode: Scan -- Date : 06/28/2011 18:45:44

Bad processes: 1
[SUSP PATH] PLFSetI.exe -- c:\windows\plfseti.exe -> KILLED

Registry Entries: 2
[SUSP PATH] HKLM\[...]\Run : PLFSetI (C:\WINDOWS\PLFSetI.exe) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

HOSTS File:
127.0.0.1 localhost


Finished : << RKreport[1].txt >>
RKreport[1].txt


Report •

#15
June 28, 2011 at 10:14:59
Run RougeKiller, and use Option # 2

Aso post its report, and give some feedback as to how the computer is doing.

~~~~
Retired - Doin' Dis, Dat, and slapping malware.


Report •

#16
June 28, 2011 at 12:27:15
RogueKiller V5.2.5 [06/24/2011] by Tigzy
contact at http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.sur-la-toile.com/discuss...

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User: aizaz hussain [Admin rights]
Mode: Remove -- Date : 06/28/2011 22:24:40

Bad processes: 1
[SUSP PATH] PLFSetI.exe -- c:\windows\plfseti.exe -> KILLED

Registry Entries: 2
[SUSP PATH] HKLM\[...]\Run : PLFSetI (C:\WINDOWS\PLFSetI.exe) -> DELETED
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

HOSTS File:
127.0.0.1 localhost


Finished : << RKreport[1].txt >>
RKreport[1].txt

NOTHING HAS CHANGED STILL BLUE COLOUR REFLECTS AROUND THE ICON


Report •

#17
June 28, 2011 at 13:08:30
Try right-clicking My computer, select Properties
Go to the Advanced tab.
In the Performance area click Settings
In the Visual effects tab, check: >Use Drop Shadows for Icon Labels<

Sometimes it is necessary to reboot for the change to take effect, or to log off, and log in.

Also, sometimes you need to uncheck an item if it is checked, click apply, reboot, and then go back in and recheck the item.

~~~~
Retired - Doin' Dis, Dat, and slapping malware.


Report •

#18
July 3, 2011 at 11:04:54
on the desktop icons are shaded blue around the each icon
still its remaning...........and after shut down wen i m restarting its taking long time to start\


Report •

#19
July 3, 2011 at 15:51:41
Let's try this:

Right Click on My Computer Icon and Click on Properties,

Under Performance, click on Advanced tab and click on Settings

Under Visual Effects tab, select the option that says: "Let Windows chose whats Best For My Computer"

Click on Apply and OK to reflect the changes.

Hopefully the desktop icons are now back to normal.

If not, also check for any Active Desktop options that might be causing the issue.
Right Click the Desktop
Click on Properties
Click on Desktop and click on customize.
Select the Web tab and uncheck all the options in the Web Page box
Also uncheck: Lock desktop items.

If none of the above works, there still may be some unknown malware or spyware on your pc., and we will try another scan.

~~~~
Retired - Doin' Dis, Dat, and slapping malware.


Report •

#20
July 6, 2011 at 08:44:34
thanks alot its works.................

Report •

#21
July 6, 2011 at 09:24:34
AIZU,

Glad you got the problem solved.

Have a great day!!

~~~~
Retired - Doin' Dis, Dat, and slapping malware.


Report •

#22
August 25, 2011 at 06:09:46
my anti virus had expired......wer can i get free anti virus
and wen i do video calling with skype my note book restarts

Report •


Ask Question