-
Computer is infected
I have win32.Delf.uc , win32.tdss.reg and tdss.rtk. but i had someone try and fix it and they went in to my reg and deleted most everthing under
HKEY_LOCAL MACHINE/SYSTEM/CONTROLSET001/SERVICE/SHAREDACESS/PARAMETERS/FIREWALLPOLICY/AUTHORIZEDAPPLICATIONS/LIST
HKEY_LOCAL MACHINE/SYSTEM/CONTROLSET001/SERVICE/SHAREDACESS/PARAMETERS/FIREWALLPOLICY/GLOBALLYOPENPORT/LIST
HE DID THIS for controlset001 002 and 003 how do i get it so i can i get it so i can get on internet to download the dds?
im running windows xp on a presario v6000
Processes running
svschost.exe
ctfmon.exe
spybotds.exe
csrss.exe
explorer.exe
smss.exe
lsass.exe
services.exe
svchost.exe
svchost.exe
svnshost.exe
winlogon.exe
uvt3fg5.exe running 8 times
-
Please read Before You Post
While best efforts are made to assist in removing infections safely, unexpected stuff can happen. It is advisable that you back up your important data before starting any clean up procedure. Neither Safer Networking Forums nor the Analyst providing the advice may be held responsible for any loss.
Do not install or uninstall any software or hardware until we're done.
You have a few nasty programs running . Did whoever worked on your registry create any backups ?
Can you do a system restore to restore your system prior to when they changed the registry.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules