We are adding a new computer repair blog to the family! Check it out for all sorts of computer repair tips and how-tos!
Archive for the 'Uncategorized' Category
Adding a New Computer Repair Blog
September 17, 2007A reminder.
June 25, 2007In case you missed the link below, Spylocked (just like all the other SmitFraud spyware infections) is spreading across the internet.
You will need a guide like this one to help you remove spylocked.
Great Spyware Removal Sites on the Web
April 18, 2007Complete List of Computer Help Tutorials (Pages 2, 3, 4, & 5)
How to Install RAM Memory
How to Remove all Symantec Norton Products From Your Computer
How to Remove the Spy Falcon Spyware Infection (Pages 2, 3, & 4)
How to Use Visual Compatibility Modes in Windows XP
How to Make a Set of Windows XP Boot Disks
How to [...]
Computer Repair in Lincoln Nebraska
April 17, 2007Computer repair in Lincoln Nebraska rules at Schrock Innovations! Thanks Thor for having such great service and thanks to your technicians for getting the job done right the first time. I would recommend these guys anytime!
Surge in SpyLocked Spyware Infections – Free Removal
April 13, 2007We have been seeing an increase in customers getting infected with the spylocked spyware infection. I blogged about it at the time.
I have found a complete set of remove spylocked instructions. Let me know if you need help with them.
Check out my new blog
March 30, 2007If you are into technology news visit my new blog at http://www.thorschrock.com. Have a good one!
How to Remove Brave Sentry 2.0
August 11, 2006A new spyware infection cameacross my bench today. It is a variant of the SpywareQuake infection called Brave Sentry 2.0. You can view complete Brave Sentry removal instructions at http://www.schrockinnovations.com/removebravesentry.php
Trojan.PPDropper.B Discovered Today
July 12, 2006Trojan.PPDropper.B may arrive as a Powerpoint attachment in the following email:
From:
[REMOVED]@gmail.com
To:
Undisclosed-Recipient:;
Subject:
[CHINESE CHARS]
Attachment:
[CHINESE CHARS].ppt
When Trojan.PPDropper.B is executed, it performs the following actions:
Exploits an undocumented Microsoft Powerpoint Remote Code Execution Vulnerability using a malformed string, once the Powerpoint attachment is executed.
Drops and executes the following file which is a variant of Backdoor.Bifrose.E:
%System%\regvrt.exe
Note: %System% [...]
Backdoor.Haxdoor.N Discovered Today
July 12, 2006When Backdoor.Haxdoor.N is executed, it performs the following actions:
Drops the following files:
%System%\qo.dll
%System%\qo.sys
%System%\dvb03a.dll
%System%\dvb03a.sys
%System%\dvb06a.sys
Note: %System% is a variable that refers to the System folder. By default this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
Creates the following files to store the gathered information:
%System%\klo5.sys
%System%\lps.dat
%System%\dt163.dt
%System%\m012741.dat
%System%\tn145.dat
%System%\rddom.a3d
%System%\r85064.dat
%System%\wmx.a3d
Hides all of the above files using a rootkit.
Creates the services dvb03a [...]
W32.Looked.P Discovered Today
July 12, 2006When W32.Looked.P is executed, it performs the following actions:
Creates the following files:
%Windir%\rundl132.exe – a copy of W32.Looked.P
%CurrentFolder%\vDll.dll – a copy of Downloader
Note:
%System% is a variable that refers to the System folder. By default this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
%CurrentFolder% is a variable that refers to the folder where the [...]
