Epic Hook 3.6 CODMW3 ------------ how to get rid of the bug
hey if you used the Epic Hook 3.6 CODMW3 hack that was posted you've got a bug
for vista so far its put a copy of its self in C:\Users\Administrator\AppData\Roaming delete it
also its in startup so goto run and type in msconfig then goto startup and then uncheck the box that has C:\Users\Administrator\AppData\Roaming in the root
that and the site itself I THINK makes another exe called 9904269_hc.exe in your temp files its deffinately from the hack tho so get rid of it
if i find anything else i'll edit this post
Edit: ok so delete the one you un-rar-ed
delete the 9904269_hc.exe or what ever it is in your temp files (because its a random number it MAY be different for you so sort br date and look for the most recent one)
then goto Start>run>msconfig then goto startup tab then uncheck the box that has the hack in it and then goto it and delete it
then you should be clean... if not hey i tried
Edit:One more thing! open up task manager and look for any extra copys on Firefox.exe or Iexplore.exe (or whatever browser you use) and end the process
round 2: ok get hijack this and look for anything like this in your temp folder like a Svchost.exe get rid of it and then goto regedit
goto HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Run delete the Microsoft windows telnet thats there
then in hijack look for O4 - HKLM\..\run:[microsft windows telnet] and get rid of the value if all goes well it should be gone
Final round: okay so i've been pretty pretty pretty stoned over this holiday season so here it is yuo have to disable system restore and do all of this sorry for the confusion
Last edited by Nomonames2; 12-27-2011 at 09:35 AM.
Deleting Only would make no sense , its not possible to delete, cause the files always come back! Simple google malwarebytes (its free) Scan your PC , it will find the malware & destroy it permanently!
I just used system restore to go back to a 'safe' point a few days ago... first time ESET hasn't detected something malicious (I do have PUA detection disabled, and the firewall did stop it calling home). While I didn't try using it with MW3 I am 99% it was fake.
Oh, the file was not approved... it was hosted externally.