Hi pi><boy
I cannot help you with recommendations for antivirus-products. Myself,
I do not really know avast! antivirus (except its name), but I am pretty
happy with AVG[1a]. But for sure, you should do a TrendMicro Housecall[1b].
Assuming, you have installed Free Download Manager, the following entries
should be removed immediately:
These should be checked more carefully (but I would remove them)Code:F2 - REG:system.ini: UserInit=userinit.exe,userinit32.exe -> Refers to W32/Rbot-YE[2] O4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe -> AdWare.ToolBar.Azesearch O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe -> ISTBar foistware O10 - Unknown file in Winsock LSP: c:\windows\system32\espfspi.dll -> questionable[3]
You could remove (I guess):Code:F2 - REG:system.ini: Shell=Explorer.exe jusched.exe -> have you installed the java runtime environment? O4 - HKLM\..\Run: [dot] dot.exe O4 - HKLM\..\RunServices: [dot] dot.exe -> If you do not know them, remove them![4]
Make sure, these are your correct Nameservers (ISP provided):Code:O9 - Extra button: Research (HKLM)
Useful sites for further informations: Neuber.com[5] and liutilities.com[6].Code:O17 - HKLM\System\CCS\Services\Tcpip\..\{78D92740-3062-4DED-8EA0-1ED26A96EE27}: NameServer = 61.0.128.65 61.0.0.5
I strongly recommend you to follow foxyloxley's tutorial[7]!
Cheers
[1a] http://free.grisoft.com/freeweb.php
[1b] http://housecall.trendmicro.com/
[2] http://www.sophos.com/virusinfo/analyses/w32rbotye.html
[3] http://castlecops.com/lsp-104.html
[4] http://castlecops.com/t115917-Dot_exe_in_StartUp.html
[5] http://www.neuber.com/taskmanager/pr...sched.exe.html
[6] http://www.liutilities.com/products/...brary/jusched/
[7] http://www.antionline.com/showthread...hreadid=265440
Reply With Quote