Confirm Action

Are you sure you wish to do this?

Confirm Cancel
Member Login

Posted: 1/15/2011 10:28:52 AM EDT
[Last Edit: 2/1/2011 4:00:47 PM EDT by EXPcustom]
Looks like a new Spyware/malware and its a doozy, made a fake windows directory in the C drive, disables administrators rights to regedit etc...

Anyone have any experience removing this one yet?

I remember removing the Antivirus 2010 was easy, just boot in safemode remove the two recently modified/created .dll files but this one is more complicated, looks like its pretty new spyware also...
Link Posted: 1/15/2011 11:20:16 AM EDT
boot in safe mode back up your data and format c
Link Posted: 2/1/2011 3:58:54 PM EDT
I figured it out without having to reformat C:

Boot into safe mode with no networking, make sure you can see hidden files by enabling it in folder options on Win7. Turn up your security levels so it asks for permission before it runs any programs.

Run Malware bytes updated version.

When you boot up into regular mode get into task manager right away, end process and programs you do not need. Also make sure to say no to whatever program wants to run during boot up, like setup.exe. Run Msconfig and turn off unnessasry start up programs, a lot of those are the spyware.

Run Malwarebytes again then reboot.

Now your computer should be able to get online without the browser hijack, go run House Call PC from you browser. Run Malware bytes again.

Repeat this step till all full scans from both programs come back clean. Took me about four scans/reboots.

Some of these steps maybe unesasary but it is what worked for me.

Link Posted: 2/2/2011 2:44:54 PM EDT
Link Posted: 2/2/2011 3:16:15 PM EDT

Originally Posted By nukldragr:

No tech support for you.
Top Top