BlueJaguar
2006-06-20, 04:40
for the last four....hours.....i am sittin on my comp....
removing all sorts of spywares....
that my good younger has got from somewhere....
My root C:\ was full of new hukking files like
defender26.exe
drsmaartload1.exe and many drsmartload variants...
then there was keyboard25 and newname25
warebundle.exe
dfndr.exe
mendoza...and some others
And The MOst Dangerous of alll......
The command.exe
i started removing them manually....
then thru a software(vich i use a lot)....Filemap BB....
i came to know that many new dll files are there in sytem directoreez
which i thot will take too much of my time to delete...so i installed spybot
and ran a scan..
most of the things were cured...along with the registry entries of the files i already
deleted....
For the things left....I googled..and
download look2me destroyer...and vundoo fix...from atrribune.
but still command.exe was left...
it was thee most frustrating spyware i've ever encourtd...
i used HJT....to delete it on boot....
and so that problem too was cured!
And just when i thot everything was fine...
i noticed a little crap in taskmngr named updmangr.exe
'Microsoft (R) Windows Update Manager Tool'
but soon i discoverd it too was a spyware....
a new one....as it didn have many google results....
This new crap was not there before...and i think it was downloaded thru command.exe
I am goin to do a manual delete
But it would be better if i take an experts advice first ;) ......
it's also connecting to a site......
As i m writing this a few pop ups have come up....
This updmangr...cant be ended thru taskmngr(ie starts itself again).
ANd Every time i start Ie (6)....a Windows pop up "preparing to install"..."Microsoft office 2003")that the version i have)
why is it so?and how can it be cured?Is it from the removal of the Older wwares
Its in the folder C:\windows\update
Should I go on with my manual deleting!...or do some other fixes??or do you need more information?
and i also wanted to know about this HJT entry
O17 - HKLM\System\CCS\Services\Tcpip\..\{DF00B573-F1E7-472E-A003-0F9E7F1983D6}: NameServer = 212.11.191.72 212.11.191.73
Thnx
-The Jaguar...BLue jaguar
removing all sorts of spywares....
that my good younger has got from somewhere....
My root C:\ was full of new hukking files like
defender26.exe
drsmaartload1.exe and many drsmartload variants...
then there was keyboard25 and newname25
warebundle.exe
dfndr.exe
mendoza...and some others
And The MOst Dangerous of alll......
The command.exe
i started removing them manually....
then thru a software(vich i use a lot)....Filemap BB....
i came to know that many new dll files are there in sytem directoreez
which i thot will take too much of my time to delete...so i installed spybot
and ran a scan..
most of the things were cured...along with the registry entries of the files i already
deleted....
For the things left....I googled..and
download look2me destroyer...and vundoo fix...from atrribune.
but still command.exe was left...
it was thee most frustrating spyware i've ever encourtd...
i used HJT....to delete it on boot....
and so that problem too was cured!
And just when i thot everything was fine...
i noticed a little crap in taskmngr named updmangr.exe
'Microsoft (R) Windows Update Manager Tool'
but soon i discoverd it too was a spyware....
a new one....as it didn have many google results....
This new crap was not there before...and i think it was downloaded thru command.exe
I am goin to do a manual delete
But it would be better if i take an experts advice first ;) ......
it's also connecting to a site......
As i m writing this a few pop ups have come up....
This updmangr...cant be ended thru taskmngr(ie starts itself again).
ANd Every time i start Ie (6)....a Windows pop up "preparing to install"..."Microsoft office 2003")that the version i have)
why is it so?and how can it be cured?Is it from the removal of the Older wwares
Its in the folder C:\windows\update
Should I go on with my manual deleting!...or do some other fixes??or do you need more information?
and i also wanted to know about this HJT entry
O17 - HKLM\System\CCS\Services\Tcpip\..\{DF00B573-F1E7-472E-A003-0F9E7F1983D6}: NameServer = 212.11.191.72 212.11.191.73
Thnx
-The Jaguar...BLue jaguar