Jump to content
Posted 08 May 2009 - 11:51 AM
Posted 08 May 2009 - 12:41 PM
Posted 08 May 2009 - 12:49 PM
Posted 08 May 2009 - 12:52 PM
Posted 08 May 2009 - 02:07 PM
Edited by jaf72, 08 May 2009 - 02:10 PM.
Posted 08 May 2009 - 03:05 PM
Posted 08 May 2009 - 07:55 PM
Posted 08 May 2009 - 08:01 PM
Posted 09 May 2009 - 09:37 AM
C:\WINDOWS\Temp\msb.dll (Worm.Autorun) -> Delete on reboot.
C:\WINDOWS\Temp\nsrbgxod.bak (Trojan.Agent) -> Delete on reboot.
What you have is very stubborn and extremely hard to remove
Two options left-Post a HJT log or re-install
If you want to give removal of the infection a try, please read the pinned topic titled "Preparation Guide For Use Before Posting A Hijackthis Log". If you cannot complete a step, then skip it and continue with the next. In Step 6 there are instructions for downloading and running DDS which will create a Pseudo HJT Report as part of its log.
When you have done that, post your log in the HijackThis Logs and Malware Removal forum, NOT here, for assistance by the HJT Team Experts. A member of the Team will walk you through, step by step, on how to clean your computer. If you post your log back in this thread, the response from the HJT Team will be delayed because your post will have to be moved. This means it will fall in line behind any others posted that same day.
Some types of malware can result in a system so badly damaged that a Repair Install will NOT help!. Reinstalling Windows without first wiping the entire hard drive with a repartition and/or format will not remove the infection. The reinstall will only overwrite the Windows files. Any malware on the system will still be there afterwards. Starting over by wiping your drive, reformatting, and performing a clean install of the OS or doing a factory restore removes everything and is the safest action.
In case you need help with this, please review:
Reformatting a hard disk deletes all data. If you decide to reformat, you can back up all your important documents, personal data files and photos. The safest practice is not to backup any executable files (*.exe), screensavers (*.scr) or autorun (.ini) files because they may be infected by malwareware appending itself to the executable. Some types of malware may even disguise itself by adding and hiding its extension to the existing extension of files so be sure you look closely at the full file name. After reformatting, as a precaution, make sure you scan these files with your anti-virus prior to copying them back to your hard drive.
- XP Clean Install Interactive Setup
- How to reformat your computer in case of a severe malware infection
- Reformat & Clean Install Windows XP
Note: If your using an IBM, HP, Compaq or Dell machine, you may not have an original XP CD Disk. By policy Microsoft no longer allows OEM manufactures to include the original Windows XP CD-ROM on computers sold with Windows preinstalled. Instead, most computers manufactured and sold by OEM vendors come with a vendor-specific Recovery Disk or Recovery Partition for performing a clean "factory restore" that will reformat your hard drive, remove all data and restore the computer to the state it was in when you first purchased it.
If you need additional assistance with reformatting, you can start a new topic in the Windows XP Home and Professional forum.
Posted 09 May 2009 - 05:22 PM
0 members, 0 guests, 0 anonymous users