sarahw

Not a problem. Thanks for letting me know the final result.

Hi, Congratulations, your log is now clean. Time for some housekeeping Click START then RUN Now type Combofix /u in the runbox and click OK [*] When shown the disclaimer, Select "2" The above procedure will: Delete the following: ComboFix and its associated files and folders. VundoFix backups, if present The C:\Deckard folder, if present The C:_OtMoveIt folder, if present [*] Reset the clock settings. [*] Hide file extensions, if required. [*] Hide System/Hidden files, if required. [*] Reset System Restore. A well protected computer should have at least an Anti Virus and Firew

Sure, I could give a copy of Vi$ta a good home to test malware samples on it. You've got a good laid out forum for malware removal. Keep the the good work.

Hi, 1. First download AVG Anti-Spyware from HERE and save that file to your desktop. This is a 30 day trial of the program Once you have downloaded AVG Anti-Spyware, locate the icon on the desktop and double-click it to launch the set up program. Once the setup is complete you will need run AVG Anti-Spyware and update the definition files. On the main screen select the icon "Update" then select the "Update now" link.Next select the "Start Update" button, the update will start and a progress bar will show the updates being installed. [*]Once the update has completed select the "Scanner" icon a

Hi, Welcome to the site I will be handling your log to help you get cleaned up. Please give me some time to look it over and I will get back to you as soon as possible. I want you to show hidden files. There are instructions HERE to help you do this. You should have Administrator rights to perform the fixes. Some of the instructions I give may need to be printed or saved for reference during the fix. Some of the fix will be done in Safe Mode so you will be unable to access this thread at that time. Please dont use any of the tools without specific instructions. Some of them are dangerous (and

Can you please tell me the exact message. Including the clsid (the numbers).

The files must already be gone. Can you post a fresh Hijack this log so I can see if the registry entries are gone.

Hi nick. This forum is for one on one Malware infection support. Please read the information threads at the top of this forum and Start your own thread. Post a Hijack This log and somebody will help you. Hi Acidic, Please Post the DSS scan when ready.

1. Please open Notepad Click Start , then Run Type notepad .exe in the Run Box. 2. Now copy/paste the entire content of the codebox below into the Notepad window: 3. Save the above as CFScript.txt 4. Then drag the CFScript.txt into ComboFix.exe as depicted in the animation below. This will start ComboFix again. 5. After reboot, (in case it asks to reboot), please post the following reports/logs into your next reply: Combofix.txt A new HijackThis log. Please tell me how the computer is running.

Delete that version, and download it from the other link.

How is the computer running? Are you getting the popups still? When you said you would uninstall the program, which program was it?

Hi, I want you to run a Anti-Spyware scan and and an online Anti-Virus scan. 1. First download AVG Anti-Spyware from HERE and save that file to your desktop. This is a 30 day trial of the program Once you have downloaded AVG Anti-Spyware, locate the icon on the desktop and double-click it to launch the set up program. Once the setup is complete you will need run AVG Anti-Spyware and update the definition files. On the main screen select the icon "Update" then select the "Update now" link.Next select the "Start Update" button, the update will start and a progress bar will show the updates being

Download ComboFix from Here or Here to your Desktop. Double click combofix.exe and follow the prompts. When finished, it shall produce a log for you. Post that log and a HiJackthis log in your next reply Note: Do not mouseclick combofix's window while its running. That may cause it to stall

Hi, As its been a few days, please post another Hijack This log. This is because your computers condition may have changed.

Hi, I would like you to run a few scans. Anti-Spyware and Anti-Virus. 1. First download AVG Anti-Spyware from HERE and save that file to your desktop. This is a 30 day trial of the program Once you have downloaded AVG Anti-Spyware, locate the icon on the desktop and double-click it to launch the set up program. Once the setup is complete you will need run AVG Anti-Spyware and update the definition files. On the main screen select the icon "Update" then select the "Update now" link.Next select the "Start Update" button, the update will start and a progress bar will show the updates being insta

Hi, I will be handling your log now that MoNsTeReNeRgY22 is on vacation. Please give me some time to look it over and I will get back to you as soon as possible. I want you to show hidden files. There are instructions HERE to help you do this. You should have Administrator rights to perform the fixes. Some of the instructions I give may need to be printed or saved for reference during the fix. Some of the fix will be done in Safe Mode so you will be unable to access this thread at that time. Please dont use any of the tools without specific instructions. Some of them are dangerous (and could

As it has been 7 days, this topic is now closed. (Inactive) If you would like it reopened to continue with your problem, please send a PM.

Hi, Just one more thing I would like you to remove. Please re-open HiJackThis and choose do a system scan only. Check the boxes next to ONLY the entries listed below: O4 - HKLM\..\Run: [Windows Explorer] C:\WINDOWS\explore.exe O4 - HKLM\..\Run: [dumprep] C:\WINDOWS\system32\spoolw.exe Now close all windows other than HiJackThis, including browsers, so that nothing other than HijackThis is open, then click Fix Checked. A box will pop up asking you if you wish to fix the selected items. Please choose YES. Once it has fixed them, please exit/close HijackThis. Please download the OTMoveIt by OldT

1. Please open Notepad Click Start , then Run Type notepad .exe in the Run Box. 2. Now copy/paste the entire content of the codebox below into the Notepad window: 3. Save the above as CFScript.txt 4. Then drag the CFScript.txt into ComboFix.exe as depicted in the animation below. This will start ComboFix again. 5. After reboot, (in case it asks to reboot), please post the following reports/logs into your next reply: Combofix.txt A new HijackThis log.

Hi, Download ComboFix from Here or Here to your Desktop. Double click combofix.exe and follow the prompts. When finished, it shall produce a log for you. Post that log and a HiJackthis log in your next reply Note: Do not mouseclick combofix's window while its running. That may cause it to stall

Hi, A tick means check the square box next to the line in your Hijack This program that matches the line I gave you in the previous post. If you run into any more problems with Hijack This (or with deleting the file in Safe Mode), let me know. I will leave this topic open for when you return.

Hi, Your computer is very infected. 1. Please download VundoFix.exe to your desktop Double-click VundoFix.exe to run it. Click the Scan for Vundo button. Once it's done scanning, click the Remove Vundo button. You will receive a prompt asking if you want to remove the files, click YES Once you click yes, your desktop will go blank as it starts removing Vundo. When completed, it will prompt that it will reboot your computer, click OK. Please post the contents of C:\vundofix.txt and a new HiJackThis log in a reply to this thread. Note: It is possible that VundoFix encountered a file it could not

Hi, Welcome to the site I will be handling your log to help you get cleaned up. Please give me some time to look it over and I will get back to you as soon as possible. I want you to show hidden files. There are instructions HERE to help you do this. You should have Administrator rights to perform the fixes. Some of the instructions I give may need to be printed or saved for reference during the fix. Some of the fix will be done in Safe Mode so you will be unable to access this thread at that time. Please dont use any of the tools without specific instructions. Some of them are dangerous (and

Hi, Open Hijack This and place a tick next to this item: F3 - REG:win.ini: load=C:\WINDOWS\system32\mljjk.exe Reboot into Safe Mode and delete this file: C:\WINDOWS\system32\mljjk.exe Reboot as you normally would, and post another Hijack This log in a reply here.

Sure.