Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Adclicker-aj.gen / Spysheriff


  • Please log in to reply
2 replies to this topic

#1 PAEMT

PAEMT

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:30 AM

Posted 13 December 2005 - 03:13 PM

additionally, is there anything in my regedit.exe I should/can manually remove? I've noticed some suspicious files under;

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop
(contains)

no changing wallpaper reg_dword 0x00000000 (0)


HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer

default
classic shell
noactive desktop
no drive type auto run
no save settings
no themes tab

and


HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System

disable task mgr
no color choice
no disp Appearance Page
no disp background page
no disp cpl
no disp scrsavpage
no disp settings page
no size choice
no visual style choice


all are reg_dword and have the 0x000... value


thanks again

george

BC AdBot (Login to Remove)

 


m

#2 tg1911

tg1911

    Lord Spam Magnet


  • Members
  • 19,274 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SW Louisiana
  • Local time:11:30 PM

Posted 13 December 2005 - 03:37 PM

PAEMT,
I've moved your HijackThis log to the proper forum.
You can find it at this link:
PAEMT's HJT log

Please refrain from making any changes to your system, until your log has been examined, and cleaned.

NOTE:
Once you have made the post, please, DO NOT make another post in the HJT forum, until it has been responded to by a member of the HJT Team. The first thing they look for, when looking for logs to reply to, is 0 replies. If you make another post, there will be 1 reply. The team member, glancing over the replies, might assume someone is already helping you out, and will not respond. So, just make your post, and let it sit there, until a team member responds. This way you will be taken care of, in the most timely manner.
MOBO: GIGABYTE GA-MA790X-UD4P, CPU: Phenom II X4 955 Deneb BE, HS/F: CoolerMaster V8, RAM: 2 x 1G Kingston HyperX DDR2 800, VGA: ECS GeForce Black GTX 560, PSU: Antec TruePower Modular 750W, Soundcard: Asus Xonar D1, Case: CoolerMaster COSMOS 1000, Storage: Internal - 2 x Seagate 250GB SATA, 2 x WD 1TB SATA; External - Seagate 500GB USB, WD 640GB eSATA, 3 x WD 1TB eSATA

Become a BleepingComputer fan: Facebook

#3 PAEMT

PAEMT
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:30 AM

Posted 13 December 2005 - 03:42 PM

I appreciate that. sorry for posting in the wrong forum. I was in a rush in case IE was shut down on me again.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users