Recovery following Myzor

Advertise at AfterDawn.com

Link to us!

Private messages

Compose a private message

List of all updated threads

Threads without replies

Search messages

Wednesday 22.1.2025 / 23:59

Search AfterDawn Forums:

afterdawn.com > forums > software, operating systems and more > windows - virus and spyware problems > recovery following myzor

Browse by topic

Forums

Start a new thread

Recovery following Myzor

Jump to:

Posted

Message

shamrockp

Newbie

1. October 2006 @ 10:38

Link to this message

Viruses gone, but having trouble with some programs and processes such as Outlook Express and Windows Update. Uninstalled Ad-Aware 6 and installed Ad-Aware SE. Here is the Ad-Aware log followed by latest HijackThis log.

ArchiveData(auto-quarantine- 2006-10-01 14-23-58.bckp)
Referencefile : SE1R47 24.05.2005
======================================================

ISTBAR.DOTCOMTOOLBAR
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
obj[0]=Regkey : interface\{9388907f-82f5-434d-a941-bb802c6dd7c1}

ISTBAR
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
obj[1]=Regkey : typelib\{8c752c5e-3c10-4076-af0a-ffc69fa20d1b}
obj[38]=Regkey : aspfile\persistenthandler
obj[39]=Regkey : software\microsoft\downloadmanager

MPGCOM TOOLBAR
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
obj[2]=Regkey : clsid\{39c0d1ad-078d-47bf-aecd-3cd8151d902f}
obj[3]=Regkey : iempg.iempgobj
obj[4]=Regkey : iempg.iempgobj.1
obj[5]=Regkey : interface\{ffffffff-ffff-ffff-ffff-5f8507c5f4e8}
obj[6]=Regkey : typelib\{7280873c-bdf4-429d-a320-f69eeedd8e6d}
obj[7]=Regkey : typelib\{ffffffff-ffff-ffff-ffff-5f8507c5f4e7}
obj[40]=File : C:\WINDOWS\fonts\iempg.dat
obj[41]=File : C:\WINDOWS\fonts\mpgcom.ins

ALEXA
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
obj[8]=RegValue : .DEFAULT\software\microsoft\internet explorer\extensions\cmdmapping "{c95fe080-8f5d-11d2-a20b-00aa003c157a}"
obj[9]=RegValue : S-1-5-18\software\microsoft\internet explorer\extensions\cmdmapping "{c95fe080-8f5d-11d2-a20b-00aa003c157a}"
obj[10]=RegValue : S-1-5-21-1801674531-1788223648-725345543-1004\software\microsoft\internet explorer\extensions\cmdmapping "{c95fe080-8f5d-11d2-a20b-00aa003c157a}"

TRACKING COOKIE
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
obj[11]=IECache Entry : Cookie:wes@advertising.com/
obj[12]=IECache Entry : Cookie:wes@media.fastclick.net/
obj[13]=IECache Entry : Cookie:wes@mediaplex.com/
obj[14]=IECache Entry : Cookie:wes@overture.com/
obj[15]=IECache Entry : Cookie:wes@atdmt.com/
obj[16]=IECache Entry : Cookie:wes@questionmarket.com/
obj[17]=IECache Entry : Cookie:wes@imrworldwide.com/cgi-bin
obj[18]=IECache Entry : Cookie:wes@fastclick.net/
obj[19]=IECache Entry : Cookie:wes@2o7.net/
obj[20]=IECache Entry : Cookie:wes@hitbox.com/
obj[21]=IECache Entry : Cookie:wes@adserver1.teracent.net/
obj[22]=IECache Entry : Cookie:wes@bluestreak.com/
obj[23]=IECache Entry : Cookie:wes@doubleclick.net/
obj[24]=IECache Entry : Cookie:wes@ehg-idgentertainment.hitbox.com/
obj[25]=IECache Entry : Cookie:wes@excite.com/
obj[26]=IECache Entry : Cookie:wes@adrevolver.com/
obj[27]=IECache Entry : Cookie:wes@www1.addfreestats.com/cgi-bin
obj[28]=IECache Entry : Cookie:wes@ehg-globalgamingleague.hitbox.com/
obj[29]=IECache Entry : Cookie:wes@tribalfusion.com/
obj[30]=IECache Entry : Cookie:wes@media.adrevolver.com/adrevolver/
obj[31]=IECache Entry : Cookie:wes@bfast.com/
obj[32]=IECache Entry : Cookie:wes@statcounter.com/
obj[33]=IECache Entry : Cookie:wes@engage.everyone.net/
obj[34]=IECache Entry : Cookie:wes@casalemedia.com/
obj[35]=IECache Entry : Cookie:wes@ads.addynamix.com/
obj[36]=IECache Entry : Cookie:wes@ads.pointroll.com/

POSSIBLE BROWSER HIJACK ATTEMPT
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
obj[37]=File : C:\Documents and Settings\wes\Favorites\Entertainment\GameHouse Games.url

Logfile of HijackThis v1.99.1
Scan saved at 2:29:37 PM, on 10/1/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\System32\NILaunch.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\KASPER~1\KASPER~2\KASPER~3\OESpamTest.ExE
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\PROGRA~1\AIM\aim.exe
C:\WINDOWS\System32\ctfmon.exe
C:\PROGRA~1\P2PNET~1\P2PNET~1.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Security Suite\Kaspersky

Anti-Hacker\KAVPF.exe
C:\Program Files\NuvaTime\NuvaTime(tm).exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\System32\devldr32.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WgaTray.exe
C:\PROGRA~1\Lavasoft\AD-AWA~2\Ad-Aware.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\HjT\HijackThis_v1.99.1.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

http://www.yahoo.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}

- C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -

C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program

Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program

Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [Net-It Launcher] C:\WINDOWS\System32\NILaunch.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility]

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program

Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program

Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky

Lab\Kaspersky Security Suite\Kaspersky Anti-Virus Personal\kav.exe"

/minimize
O4 - HKLM\..\Run: [OESpamTest]

C:\PROGRA~1\KASPER~1\KASPER~2\KASPER~3\OESpamTest.ExE
O4 - HKLM\..\Run: [MediaPipe P2P Loader] "C:\Program

Files\p2pnetworks\mpp2pl.exe" /H
O4 - HKLM\..\Run: [Notification Utility] "C:\Program

Files\ItBill\itbill.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE

/Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware

4.0\ewido.exe" /minimized
O4 - HKLM\..\Run: [MSPY2002]

C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync]

C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A]

C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKCU\..\Run: [AIM] C:\PROGRA~1\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program

Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Kaspersky Anti-Hacker.lnk = C:\Program

Files\Kaspersky Lab\Kaspersky Security Suite\Kaspersky

Anti-Hacker\KAVPF.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft

Office\Office10\OSA.EXE
O4 - Global Startup: NuvaTime(tm).lnk = C:\Program

Files\NuvaTime\NuvaTime(tm).exe
O8 - Extra context menu item: E&xport to Microsoft Excel -

res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -

C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} -

C:\PROGRA~1\AIM\aim.exe
O12 - Plugin for .spop: C:\Program Files\Internet

Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: http://download.windowsupdate.com
O16 - DPF: {13EC55CF-D993-475B-9ACA-F4A384957956} (Controller Class) -

https://www.windowsonecare.com/install/cli/1.0.0971.42/WinSSWebAgent.CA

B
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine

Advantage Validation Tool) - http://go.microsoft.com/fwlink/?

LinkID=39204
O16 - DPF: {2ED9BC2B-4DF1-472E-9B5E-55477D2C97F5} (Microsoft Data

Collection Control) - https://support.microsoft.com/OAS/ActiveX/odc.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class)

-

http://update.microsoft.com/microsoftupd...s/en/x86/client

/muweb_site.cab?1159561026014
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer

Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {D6376DD2-C2BD-49B2-A1B1-138F869633F3} (ASPRO Installer

Class) - http://acs.pandasoftware.com/activescanpro/as5/asproinst.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) -

http://download.mcafee.com/molbin/iss-lo...4856/mcfscan.ca

b
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development

a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky

Lab\Kaspersky Security Suite\Kaspersky Anti-Virus Personal\kavsvc.exe

[ + quote]

Niobis

Senior Member

1. October 2006 @ 12:48

Link to this message

Go here and run ActiveScan. When it finishes, save the results.

Note: when you see the HijackThis log in NotePad, click Format and make sure Word Wrap is checked.

Post the ActiveScan log along with a new HijackThis log.

[ + quote]

Don't be fooled any longer.
http://www.youtube.com/watch?v=BUtbGYgsIu4&feature=related

This message has been edited since posting. Last time this message was edited on 1. October 2006 @ 12:50

shamrockp

Newbie

2. October 2006 @ 17:00

Link to this message

Here are the activescan and hijack logs (p.s. Notepad word wrap is on):

Incident Status Location

Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\wes\Cookies\wes@advertising[2].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\wes\Cookies\wes@atdmt[2].txt
Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\wes\Cookies\wes@burstnet[2].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\wes\Cookies\wes@doubleclick[1].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\wes\Cookies\wes@mediaplex[1].txt
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\wes\Cookies\wes@questionmarket[1].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\wes\Cookies\wes@realmedia[1].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\wes\Cookies\wes@tribalfusion[2].txt
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\wes\Desktop\SmitfraudFix\SmitfraudFix\Process.exe
Virus:Eicar.Mod Not disinfected C:\KAV\Personal\CD English\data1.cab[eicar.html]
Potentially unwanted tool:Application/MediaPipe Not disinfected C:\Program Files\p2pnetworks\mpp2pl.exe
Potentially unwanted tool:Application/MediaPipe Not disinfected C:\Program Files\p2pnetworks\p2pnetworks.exe

Logfile of HijackThis v1.99.1
Scan saved at 8:55:09 PM, on 10/2/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\System32\NILaunch.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\KASPER~1\KASPER~2\KASPER~3\OESpamTest.ExE
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\PROGRA~1\AIM\aim.exe
C:\WINDOWS\System32\ctfmon.exe
C:\PROGRA~1\P2PNET~1\P2PNET~1.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Security Suite\Kaspersky

Anti-Hacker\KAVPF.exe
C:\Program Files\NuvaTime\NuvaTime(tm).exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\System32\devldr32.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WgaTray.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\HjT\HijackThis_v1.99.1.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

http://www.yahoo.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}

- C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -

C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program

Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program

Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [Net-It Launcher] C:\WINDOWS\System32\NILaunch.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility]

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program

Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program

Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky

Lab\Kaspersky Security Suite\Kaspersky Anti-Virus Personal\kav.exe"

/minimize
O4 - HKLM\..\Run: [OESpamTest]

C:\PROGRA~1\KASPER~1\KASPER~2\KASPER~3\OESpamTest.ExE
O4 - HKLM\..\Run: [MediaPipe P2P Loader] "C:\Program

Files\p2pnetworks\mpp2pl.exe" /H
O4 - HKLM\..\Run: [Notification Utility] "C:\Program

Files\ItBill\itbill.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE

/Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware

4.0\ewido.exe" /minimized
O4 - HKLM\..\Run: [MSPY2002]

C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync]

C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A]

C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKCU\..\Run: [AIM] C:\PROGRA~1\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program

Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Kaspersky Anti-Hacker.lnk = C:\Program

Files\Kaspersky Lab\Kaspersky Security Suite\Kaspersky

Anti-Hacker\KAVPF.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft

Office\Office10\OSA.EXE
O4 - Global Startup: NuvaTime(tm).lnk = C:\Program

Files\NuvaTime\NuvaTime(tm).exe
O8 - Extra context menu item: E&xport to Microsoft Excel -

res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -

C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} -

C:\PROGRA~1\AIM\aim.exe
O12 - Plugin for .spop: C:\Program Files\Internet

Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: http://download.windowsupdate.com
O16 - DPF: {13EC55CF-D993-475B-9ACA-F4A384957956} (Controller Class) -

https://www.windowsonecare.com/install/cli/1.0.0971.42/WinSSWebAgent.CA

B
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine

Advantage Validation Tool) - http://go.microsoft.com/fwlink/?

LinkID=39204
O16 - DPF: {2ED9BC2B-4DF1-472E-9B5E-55477D2C97F5} (Microsoft Data

Collection Control) - https://support.microsoft.com/OAS/ActiveX/odc.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class)

-

http://update.microsoft.com/microsoftupd...s/en/x86/client

/muweb_site.cab?1159561026014
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer

Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {D6376DD2-C2BD-49B2-A1B1-138F869633F3} (ASPRO Installer

Class) - http://acs.pandasoftware.com/activescanpro/as5/asproinst.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) -

http://download.mcafee.com/molbin/iss-lo...4856/mcfscan.ca

b
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development

a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky

Lab\Kaspersky Security Suite\Kaspersky Anti-Virus Personal\kavsvc.exe

[ + quote]

Niobis

Senior Member

2. October 2006 @ 17:06

Link to this message

Uninstall P2PNetworks unless needed. Some consider it adware.

Go here and download CCleaner.

Note: If you do not want Yahoo! Toolbar uncheck the option when installing.

Close all windows.
Open CCleaner.
Click "Run Cleaner".

Should be clean now. Any problems?

[ + quote]

Don't be fooled any longer.
http://www.youtube.com/watch?v=BUtbGYgsIu4&feature=related

shamrockp

Newbie

8. October 2006 @ 15:20

Link to this message

It seems my computer is officially clean. However, it didn't help with the problems I am having post-virus. That is, problems using Microsoft products such as Outlook Express, Windows Update, and Excel. I am trying to get help from them. Thanks for all your help!!!

[ + quote]

Niobis

Senior Member

8. October 2006 @ 18:53

Link to this message

Post a new HijackThis log.

[ + quote]

Don't be fooled any longer.
http://www.youtube.com/watch?v=BUtbGYgsIu4&feature=related

shamrockp

Newbie

9. October 2006 @ 11:52

Link to this message

I figured out how to download and reinstall Windows XP Service Pack 2 without using Windows Update. This successfully fixed all my problems!

[ + quote]

Start a new thread

afterdawn.com > forums > software, operating systems and more > windows - virus and spyware problems > recovery following myzor


		User name	Password

		Not registered yet? Register here. Lost your password? Click here.