Byteman
Malware Destroyer
The only one I can't find info on is dart mpeg surf.exe. Please do the following in the exact order stated (it's important).
If you don't reconize it lets kill it. First open hjt and click the "open the misc tools section" button. then click the "open process manager" button. If you see it, kill it, (if it doesn't let you than open the "kill on reboot" tool and use that, also in the misc. tools section of hjt.). Also out of curiousity lets look at the host file. Back on the misc tools click the "host file manager" button and make sure that everything has an # in front of it except for 127.0.0.1 localhost.
Now run a hjt scan and delete the following:
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.gkpishmwqtlvknbpc.biz/o/...u83fKpP1vu.html
O4 - HKCU\..\Run: [The four] C:\DOCUME~1\Sebouh\APPLIC~1\4OPTIO~1\dart mpeg surf.exe
Now DONT reboot yet. Make sure your set to view all files and folders and hidden and system files (Mycomputer/Tools/FolderOptions/view tab). Then go to the dart mpeg surf.exe file and delete it. if it doesn't let you, go to hjt and in the misc tools open the "delete file on reboot" button, browse to the file and let hjt do it's thing. At this point, reboot to SAFEMODE and double check that the file is gone. If not delete while in safemode. Reboot normal and reset you IE web settings (control panel/Internet options/Programs tab/"reset web settings button and Advanced tab/restore defaults). Then open IE and see if you get MSN.
If you don't reconize it lets kill it. First open hjt and click the "open the misc tools section" button. then click the "open process manager" button. If you see it, kill it, (if it doesn't let you than open the "kill on reboot" tool and use that, also in the misc. tools section of hjt.). Also out of curiousity lets look at the host file. Back on the misc tools click the "host file manager" button and make sure that everything has an # in front of it except for 127.0.0.1 localhost.
Now run a hjt scan and delete the following:
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.gkpishmwqtlvknbpc.biz/o/...u83fKpP1vu.html
O4 - HKCU\..\Run: [The four] C:\DOCUME~1\Sebouh\APPLIC~1\4OPTIO~1\dart mpeg surf.exe
Now DONT reboot yet. Make sure your set to view all files and folders and hidden and system files (Mycomputer/Tools/FolderOptions/view tab). Then go to the dart mpeg surf.exe file and delete it. if it doesn't let you, go to hjt and in the misc tools open the "delete file on reboot" button, browse to the file and let hjt do it's thing. At this point, reboot to SAFEMODE and double check that the file is gone. If not delete while in safemode. Reboot normal and reset you IE web settings (control panel/Internet options/Programs tab/"reset web settings button and Advanced tab/restore defaults). Then open IE and see if you get MSN.
