InterviewSolution
Saved Bookmarks
InterviewSolution
| 1. |
Solve : I need help, i have a weird virus i don't know how to get rid of it? |
|
Answer» Sounds like you might have SmitFraud. Give me a few minutes and I'll take a look at your log. Quote from: pleasehelp on June 18, 2007, 11:41:01 PM to personalize avg?The License sales number is for registering AVG - you probably only want the trial so you don't enter anything.You should only need to download... AVG Anti-Virus Free AVG Anti-Spyware Free AVG Anti-Rootkit Free See below,run all three. http://free.grisoft.com/doc/1Dark Blade, I appreciate you trying to help, but please be careful. This sort of THING takes a certain amount of training for one to know what they're doing. It's very easy to get legitimate files and INFECTIONS confused, and if we disable/remove the wrong ones, it can cause a lot of problems. My RESEARCH gives me no reason to see the mentioned files as a threat. In fact, I BELIEVE they are related to the user's BIOS. Of course, this isn't concrete, so... pleasehelp, Please head over to VirusTotal, and copy/paste and scan each of the below files (one at a time)... C:\WINDOWS\system32\PhxPsSvr.exe C:\WINDOWS\system32\PhxVtSvr.exe Once you have done that, please post the results of each file. Before proceding, download AVG Anti-Virus and AVG Anti-Spyware from the link provided by street1 (you may want to disable your CA Antivirus). These programs are free and don't require registration or activation. UPDATE both of them (but don't scan yet). And now, let's go over your log... Once we start, you won't have access to this post anymore, so I recommend that you print out this post or save it to a Notepad file. Open HijackThis and scan again. Check the following entries, but don't do anything to them yet... O2 - BHO: MSVPS System - {218B7D50-BC37-4FA8-A57F-6E8DE692BD79} - C:\WINDOWS\vpsnetwork.dll O21 - SSODL: vpssup - {17495F36-7D6D-4858-ADAA-8DCA6C203EE5} - C:\WINDOWS\vpssup.dll O21 - SSODL: expro - {886C00DD-C91B-4046-83AE-B0FDA18CC0EE} - C:\WINDOWS\expro.dll O24 - Desktop Component 0: Privacy Protection - file:///C:\WINDOWS\privacy_danger\index.htm (This appears to be what's giving you trouble.) Now, close all windows (including this one) besides HijackThis, then click Fix Checked. Close HijackThis and reboot into Safe Mode and enable hidden files and folders. Navigate to and delete the following folder(s) if present... C:\WINDOWS\privacy_danger Navigate to and delete the following file(s) if present... C:\WINDOWS\vpsnetwork.dll C:\WINDOWS\vpssup.dll C:\WINDOWS\expro.dll Go ahead and scan with both AVG programs, one at a time. If you run them both at the same time, it can cause problems. When your scan has completed, go to Control Panel and open up the Display Properties. Click on the Desktop tab and then click on the Customize Desktop button. From there, click on the Web tab and under Web pages:, you will see a list of items. If you see anything with a name like Privacy Danger, select it and click on the Delete button. If it's not there, then simply exit. Once you've done all of this, reboot into Normal Mode and post a new HijackThis log so we can see if there's any other junk we need to clean up. Let me know how everything's running now and if you had any problems following my steps.how do i reboot into safe mode and enable hidden files and folders? (thanks for all the help by the way)and it keeps resetting my homepage to some weird page.As your computer is booting up, continuously tap the F8 key and it should take you to a menu that will let you choose Safe Mode. If F8 doesn't work, then try the different F keys (F5 and F10 are common ones). Once you have completed all of my above steps, post a new log and we'll see what else needs to be done.Due to lack of feedback, I am closing this topic. If you are the original poster and you would like this topic to be re-opened for any reason, PM me or another moderator and it can be arranged. If you are not the original poster and you require help, please start a New Topic with information about your computer and your problem. |
|