Virtumode and Vundo...? Help?

Status
Not open for further replies.
1) Be sure TeaTimer is still disabled.

2) Download ResetTeaTimer.bat.
http://downloads.subratam.org/ResetTeaTimer.bat
Double click ResetTeaTimer.bat
to remove all entries set by TeaTimer (and preventing TeaTimer to restore them upon reactivation).

3) Open HijackThis and choose "Do a system scan only" then check the box in front of these line items:

O2 - BHO: (no name) - {A15C2B67-CA39-4186-BF60-E06D7A62E780} - C:\WINDOWS\system32\mljgg.dll (file missing)

Close all programs but HJT and all browser windows, then click on "Fix Checked"

That would normally remove the item, it has no file and is just a dead registry entry.

You have these restrictions set on your browser:
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

I am not sure if they are blocking that area or not, the BHO is a browser plugin?
Would it be okay to continue this thread onto my home-computer? I'll post a HJT/KOS log in a few hours, unless something comes up.
Click to expand...
That is negative, start a new topic with your information here: http://forums.spybot.info/forumdisplay.php?f=22
I have no way of knowing which volunteer will be available at that time, we are scattered all over the earth.

Thanks
 
Ah, got it, it just needed a reboot after deletion.

Alrighty, thank you very kindly, ma'am, it was a pleasure malware-removing with your guidance.

Hopefully I get you as an overseer with my tower, and after that, may we never meet here again.

:]

Have a great day!
 
Status
Not open for further replies.
Back
Top