Home > General > W32.Looksy

W32.Looksy

Remove a band from each decade? There should be a shortcut on your desktop. Anyway, ended up booting into a live cd to get the AVG and def file program. now I see that my "REPLY" has an edit button, but my original post si "un-buttoned" RichardSC 09-13-2007, 11:14 AM #4 tetonbob Management Team, Security Center & TSF Academy

Video should be smaller than 600mb/5 minutes Photo should be smaller than 5mb Video should be smaller than 600mb/5 minutesPhoto should be smaller than 5mb Answer Questions How can i find Tech Support Guy is completely free -- paid for by advertisers and donations. Several functions may not work. Site Changelog Community Forum Software by IP.Board Sign In Use Facebook Use Twitter Need an account? http://www.bleepingcomputer.com/forums/t/109864/trojanw32looksy-virus/

nasdaq Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ] [ Housecall online virus scan ] [ Bitdefender online virus scan ] [ AVG antivirus ] WE'RE SURE THAT YOU'LL LOVE US! Clyde · 10 years ago 0 Thumbs up 0 Thumbs down Comment Add a comment Submit · just now Report Abuse if you can find the file/directory that it's in or It is not a virus, but a program used to stop system processes.

After that I rebooted into safe mode and selected smitfradfix.cmd. Several functions may not work. You were such a big help. answer Y (yes) and hit Enter to restore a clean file 6.

That's fine. a new hijackthis log.( run after everything else) BG 08-29-200708:17 PM #3 jkrebs Member Join Date Aug 2007 Posts 7 Points 0 I followed your steps very carefully and posted the Contents of the 'Scheduled Tasks' folder "2007-09-21 22:30:01 C:\WINDOWS\Tasks\McAfee.com Scan for Viruses - My Computer (DFNL3771-Tom).job" - c:\program files\mcafee.com\vso\mcmnhdlr.exe "2007-06-15 05:21:14 C:\WINDOWS\Tasks\McDefragTask.job" - c:\program files\mcafee\mqc\QcConsol.exe "2007-07-01 05:00:04 C:\WINDOWS\Tasks\McQcTask.job" - c:\program files\mcafee\mqc\QcConsol.exe http://www.techsupportforum.com/forums/f100/malware-help-re-trojan-w32-looksy-180934.html o Click Preferences, then click the Statistics/Logs tab.

Join the ClassRoom and learn how. Thread Status: Not open for further replies. I-uploaded Dss Extra. 2-Imbeded-Main.txt 3-Imbeded-Activescan.txt Please advise if I left something out. The report can be found at the root of the system drive, usually at C:\rapport.txt ...

The current best online scanners I prefer are from Kaspersky antivirus and Bitdefender antivirus. Then I deleted all possible threats. Reboot into >>>safe mode 2. It does not count as help.

Double click on combo.exe & follow the prompts. 2. Click here to download spyware remover for total protection." When I ignore this pop-up, Internet Explorer eventually opens on its own, attempting to open the URL: http://h**p://www.safewebnavigate.co...id=0&pn=&pid=0 When I first noticed SuperAntiSpyware 5. I turned off the modem again and ran both progs, and ahve the logs from them.

Anyway, can't stay at any site for more than a minute or so before the entire screen is covered w/ popups. MFDnNC, Oct 12, 2007 #2 bouncergrl1980 Thread Starter Joined: Oct 12, 2007 Messages: 5 Here's the Rapport log: SmitFraudFix v2.240 Scan done at 1:05:43.40, Sat 10/13/2007 Run from C:\Documents and Settings\TRCR-MLS\Desktop\SmitfraudFix Thanks again, JKrebs 08-30-200706:00 PM #8 steamwiz Member Join Date Sep 2003 Location Yorkshire U.K. I have a feeling this virus will pop again.Thanks,SeanSDFIX LOG :SDFix: Version 1.102Run by Administrator on 07/09/2007 at 09:26Microsoft Windows XP [Version 5.1.2600]Running From: C:\SDFixSafe Mode:Checking Services: Restoring Windows Registry ValuesRestoring

Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe" [2006-11-30 20:49] "NBJ"="C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" [2005-06-02 15:03] "SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-06-21 14:06] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] "wmphost"= {754961CD-8A6D-427C-9F29-62ED5D6D8C88} - C:\WINDOWS\wmphost.dll [2007-08-25 03:59 241664] "wmpdev"= {F5E9F850-EE0B-476D-B322-826ACD834170} - C:\WINDOWS\wmpdev.dll Once in Safe Mode, open the SmitfraudFix folder again and double-click smitfraudfix.cmd Select option #2 - Clean by typing 2 and press "Enter" to delete infected files. Went directly to our earthlink home page, so that was great.

if you need more help then email me kk hope this helps dude hop you comp gets better.

Adam Smith Glasgow, 1760 Back to top #5 zendance zendance Member Full Member 3 posts Posted 27 August 2007 - 08:44 AM Thank you very much for your help. This will take some time!!!!!!!! Once you have downloaded the installer, make sure that AVG Anti-Spyware is closed and then double-click on avgas-signatures-full-current.exe to install the database).Please set up the program as follows:Click the Shield icon HKCU\Software\Microsoft\Windows\CurrentVersion\Run PowerBar = ?p?s????p??|???w???w?N?????wZ??w??e????????????????????w|???4??wz??????????????????w???????????????w???????w????????Z??w????*??w??????e???e???????????????????????????e?????????????????????|???g??w0??w????*??w???w???????wz???????|????,@[email protected]????????e?w?????????,@ scanning hidden files ...

After completeing this, when restarted normally, except for a plain desktop, everything looked normal. Back to top #3 quietman7 quietman7 Bleepin' Janitor Global Moderator 47,028 posts OFFLINE Gender:Male Location:Virginia, USA Local time:04:04 PM Posted 26 September 2007 - 09:18 AM Welcome to BC flyer84The Back to top #5 quietman7 quietman7 Bleepin' Janitor Global Moderator 47,028 posts OFFLINE Gender:Male Location:Virginia, USA Local time:04:04 PM Posted 26 September 2007 - 11:00 AM Smitfraud is a generic and scan.

answer Y (yes) and hit Enter in order to remove the Desktop background and clean registry keys associated with the infection 5. Try What the Tech -- It's free!