[Infected Or Not? Computer Having Problems]

Open HiJackThis. It should open to a "New users quickstart" menu

Click "Open the Misc Tools section"

Click "Delete a file on reboot..."

In the "Enter file to delete on reboot..." window, navigate to:

C:\WINDOWS\system32\

And select the file

mi1.exe

Then click Open. After you click Open, HiJackThis will ask you if you want to restart your computer now. click NO.

Repeat for mi2.exe only reboot after mi2.exe

Please download OTCleanIt from HERE to your desktop.

Double click to run it. It will clean up the assortment of tools used during malware removal. When it has finnished, it will ask you to reboot so it can remove itself.

Are you still haveing the slow loading issues??

[F-secure And Dss Logs Now Included[RESOLVED]]

s it time to return this darn Dell and yell at the kids to stop downloading crap?

Yes it is....to both.

I tried to post yesterday and had some major issues, sorry for the delay.

Time for some housekeeping

• Click START then RUN
  
• Now type Combofix /u in the runbox and click OK
  • 
    

The above procedure will:

• Delete the following:
  • ComboFix and its associated files and folders.
    
  • VundoFix backups, if present
    
  • The C:\Deckard folder, if present
    
  • The C:_OtMoveIt folder, if present
    

  [*] Reset the clock settings.

  [*] Hide file extensions, if required.

  [*] Hide System/Hidden files, if required.

  [*] Reset System Restore.

I'm going to forgot the USUAL closing speech for you for couple of reasons. You've got most tools already. You've read enough of then here over last few year you know as well I do.

You also know you own mind and know what your system (read kid) needs on it.

One thing I did say in the post that never made it on yesterday is the following.

Result: 0 malware found

In the many months I've been using this scanner this is a 1st for me.

LOTS of times I'll get a result of 1 found (cookies) but never a zero...even on my own boxes.

Good job

Glad I was able to help you a bit..if you need any other help/question let me know.

[Infected Or Not? Computer Having Problems]

Looks pretty good...couple of questionable file... the following should take care of them.

Download and scan with SUPERAntiSpyware Free for Home Users

• Double-click SUPERAntiSpyware.exe and use the default settings for installation.
  
• An icon will be created on your desktop. Double-click that icon to launch the program.
  
• If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here.)
  
• Under "Configuration and Preferences", click the Preferences button.
  
• Click the Scanning Control tab.
  
• Under Scanner Options make sure the following are checked (leave all others unchecked):
  • Close browsers before scanning.
    
  • Scan for tracking cookies.
    
  • Terminate memory threats before quarantining.
    

  [*] Click the "Close" button to leave the control center screen.

  [*] Back on the main screen, under "Scan for Harmful Software" click Scan your computer.

  [*] On the left, make sure you check C:\Fixed Drive.

  [*] On the right, under "Complete Scan", choose Perform Complete Scan.

  [*] Click "Next" to start the scan. Please be patient while it scans your computer.

  [*] After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".

  [*] Make sure everything has a checkmark next to it and click "Next".

  [*] A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.

  [*] If asked if you want to reboot, click "Yes".

  [*] To retrieve the removal information after reboot, launch SUPERAntispyware again.

  • Click Preferences, then click the Statistics/Logs tab.
    
  • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    
  • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    
  • Please copy and paste the Scan Log results in your next reply.
    

  [*] Click Close to exit the program.

Please run the F-Secure Online Scanner

Note: This Scanner is for Internet Explorer Only!

• Click on the Start Scanning button at bottom of page.
  
• Accept the License Agreement and the ActiveX install.
  
• Once the ActiveX installs,Click Full System Scan
  
• Once the download completes,the scan will begin automatically.
  
• The scan will take some time to finish,so please be patient.
  
• When the scan completes, click the Automatic cleaning (recommended) button.
  
• Click the Show Report button and Copy&Paste the entire report to your Desktop for later posting.
  

Post

• SAS log
  
• F-Secure log
  
• Freh HijackThis log
  

in your next reply.

[Topic: Browsers Wont Open. Pc Is Slow. Something Fishy Going On]

Please download ATF Cleaner by Atribune.

This program is for XP and Windows 2000 only

• Double-click ATF-Cleaner.exe to run the program.
  Under Main choose: Select All
  Click the Empty Selected button.
  

If you use Firefox browser

• Click Firefox at the top and choose: Select All
  Click the Empty Selected button.
  NOTE: If you would like to keep your saved passwords, please click No at the prompt.
  

If you use Opera browser

• Click Opera at the top and choose: Select All
  Click the Empty Selected button.
  NOTE: If you would like to keep your saved passwords, please click No at the prompt.
  

Click Exit on the Main menu to close the program.

For Technical Support, double-click the e-mail address located at the bottom of each menu.

Download OTScanIt.exe to your Desktop and double-click on it to extract the files. It will create a folder named OTScanIt on your desktop.

Note: You must be logged on to the system with an account that has Administrator privileges to run this program.

• Close ALL OTHER PROGRAMS.
  
• Open the OTScanIt folder and double-click on OTScanIt.exe to start the program (if you are running on Vista then right-click the program and choose Run as Administrator).
  
• In the Drivers section click on Non-Microsoft.
  
• Under Additional Scans click the checkboxes in front of the following items to select them:
  • Reg - BotCheck
    File - Additional Folder Scans
    
    

  [*]Do not change any other settings.

  [*]Now click the Run Scan button on the toolbar.

  [*]Let it run unhindered until it finishes.

  [*]When the scan is complete Notepad will open with the report file loaded in it.

  [*]Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.

  [*]Save the file to your desktop or another place that you will be able to find it back.

Use the Add Reply button and attach the scan file using the BROWSE button below where you type your response.

[Infected Or Not? Computer Having Problems]

Deckard's System Scanner

Download Deckard's System Scanner (DSS) to your Desktop. Note: You must be logged onto an account with administrator privileges.

1. Close all applications and windows.
   
2. Double-click on dss.exe to run it, and follow the prompts.
   
3. When the scan is complete, two text files will open - main.txt <- this one will be maximized and extra.txt <-this one will be minimized
   
4. Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt here.
   
5. Please attach extra.txt to your post.
   

To attach a file to a new post, simply

1. Go to the Atachments section on the post composition page.(just below the text entry window), and
   
2. copy and paste the following into the "Select a file" box:
   C:\Deckard\System Scanner\extra.txt
   
   

   
   

3. Click Upload.
   

What DSS will do:

• create a new System Restore point in Windows XP and Vista.
  
• clean your Temporary Files, Downloaded Program Files, and Internet Cache Files, and also empty the Recycle Bin on all drives.
  
• check some important areas of your system and produce a report for your analyst to review. DSS automatically runs HijackThis for you, but it will also install and place a shortcut to HijackThis on your desktop if you do not already have HijackThis installed.
  Using Internet Explorer please do an online scan with Kaspersky Online Scanner
  Click on Kaspersky Online Scanner
  Click "I accept"
  You will be prompted to install an ActiveX component from Kaspersky, Click Yes.
  • The program will launch and then start to download the latest definition files.
    
  • Once the scanner is installed and the definitions downloaded, click Next.
    
  • Now click on Scan Settings
    
  • In the scan settings make sure that the following are selected:
    • Scan using the following Anti-Virus database:
      
      • Extended (If available otherwise Standard)
        

      [*]Scan Options:

      • Scan Archives
        
      • Scan Mail Bases
        

    [*]Click OK

    [*]Now under select a target to scan select My Computer

    [*]The scan will take a while so be patient and let it run. Once the scan is complete it will display if your system has been infected.

    [*]Now click on the Save report button.

    [*]Call it Kaspersky.txt

    [*]Expand the arrow beside "file types" and save as .txt file.

    [*]Save the file to your desktop.

    [*]Copy and paste that information in your next post.

  *Note

  If you have Internet Explorer 7 installed:

  If you have trouble getting past the initial download you may need to use the "zoom" tool at bottom right of the scanner window and increase it to 125% to see and press the "accept" button.

  Page will reload and you should be able to carry on scan.

  If the KAV log has your email all over it -- please attach it rather than copy/paste.

[F-secure And Dss Logs Now Included[RESOLVED]]

I have gained administrative control after running sfc /scannow and using Kelly's Korner.

What a great site, huh. and sfc was comming up on my list of to do's

I'm gonna assume you've trashed the Limewire folder. Doesn't look like Limewire is current/active at least.

Do you know what is in C:\Die MoFo folder? Just name is a little quirky... Could be from Trojan OR from you to KILL said Trojans.

Only thing I see off hand is C:\Documents and Settings\Lindy Calkins\Application Data\xxx.exe.

If unknown to you perhaps check it at VirusTotal and remove if infected.

I'm also not certian on this Safeboot key

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Oknx64.sys]
@=""

I'll look into it.

I'd also like one other/last Online opinion when you have time.

Please run the F-Secure Online Scanner

Note: This Scanner is for Internet Explorer Only!

• Click on the Start Scanning button at bottom of page.
  
• Accept the License Agreement and the ActiveX install.
  
• Once the ActiveX installs,Click Full System Scan
  
• Once the download completes,the scan will begin automatically.
  
• The scan will take some time to finish,so please be patient.
  
• When the scan completes, click the Automatic cleaning (recommended) button.
  
• Click the Show Report button and Copy&Paste the entire report to your Desktop for later posting.
  

Post

• Fsecure results
  
• Fresh Dss log (main.txt only)
  

in your next reply.

PS Also You've kept/got McAfee disabled instead of uninstalled. By choice? Still valid perhaps and just as a backup?? No harm just curious.

[F-secure And Dss Logs Now Included[RESOLVED]]

Would you upload a copy of C:\WINDOWS\system32\hrum135.txt for me to HERE please.

Most times when a txt file is found as infected it's just cuz of a string in the file. In you case not so sure. IF it really is a text file.

Talking to OT about your error, he says he's seen that before when missing one of the crypo dll OR in your case

I have finally gotten the Services to stay enabled.

is Crypo svc running??

If we can't get a log there let's try another route

Please visit the webpage HERE for instructions for downloading and running ComboFix.

Post the log from ComboFix when you've accomplished that.

If, for some reason you are unable to get the CF log do the following please.

Deckard's System Scanner

Download Deckard's System Scanner (DSS) to your Desktop. Note: You must be logged onto an account with administrator privileges.

1. Close all applications and windows.
   
2. Double-click on dss.exe to run it, and follow the prompts.
   
3. When the scan is complete, two text files will open - main.txt <- this one will be maximized and extra.txt <-this one will be minimized
   
4. Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt here.
   
5. Please attach extra.txt to your post.
   

To attach a file to a new post, simply

1. Go to the Atachments section on the post composition page.(just below the text entry window), and
   
2. copy and paste the following into the "Select a file" box:
   C:\Deckard\System Scanner\extra.txt
   
   

   
   

3. Click Upload.
   

What DSS will do:

• create a new System Restore point in Windows XP and Vista.
  
• clean your Temporary Files, Downloaded Program Files, and Internet Cache Files, and also empty the Recycle Bin on all drives.
  
• check some important areas of your system and produce a report for your analyst to review. DSS automatically runs HijackThis for you, but it will also install and place a shortcut to HijackThis on your desktop if you do not already have HijackThis installed.
  

[New Member Requesting Help Please Regarding Popups]

Download Malwarebytes' Anti-Malware from Here or Here

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
  
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  

Reboot

Download OTScanIt.exe to your Desktop and double-click on it to extract the files. It will create a folder named OTScanIt on your desktop.

• Close any open browsers.
  
• If your Real protection or Antivirus intervenes with OTScanIt, allow it to run.
  
• Open the OTScanit folder and double-click on OTScanit.exe to start the program.
  
• Leave all the setting to the default except as noted below
  
• Under Additional Scans sections, check the following
  • Reg - BotCheck
    

  [*]Now click the Run Scan button on the toolbar.

  [*]The program will be scanning huge amounts of data so depending on your system it could take a long time to complete. Let it run unhindered until it finishes.

  [*]When the scan is complete Notepad will open with the report file loaded in it.

  [*]Save that notepad file

If the log is too large to post, use the Reply button, scroll down to the attachments section and attach the notepad file here.

[F-secure And Dss Logs Now Included[RESOLVED]]

TheTerrorist_75 Welcome to BestTechie. Sorry you had to visit under these circumstances. ROFLMAO.... Just couldn't resist that.

Let's see if we can get you cleaned up the rest of the way.

Download OTScanIt.exe to your Desktop and double-click on it to extract the files. It will create a folder named OTScanIt on your desktop.

• Close any open browsers.
  
• If your Real protection or Antivirus intervenes with OTScanIt, allow it to run.
  
• Open the OTScanit folder and double-click on OTScanit.exe to start the program.
  
• Leave all the setting to the default except as noted below
  • Check the box for Scan all user accounts
    
  • Under Additional Scans sections, check the following
    • Reg - BotCheck
      
    • Reg - Disable MS Config items
      

  [*]Now click the Run Scan button on the toolbar.

  [*]The program will be scanning huge amounts of data so depending on your system it could take a long time to complete. Let it run unhindered until it finishes.

  [*]When the scan is complete Notepad will open with the report file loaded in it.

  [*]Save that notepad file

If the log is too large to post, use the Reply button, scroll down to the attachments section and attach the notepad file here.

[Malware/spyware Removal]

Next download Malwarebytes' Anti-Malware from Here or Here

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
  
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  

Reboot and post

• MBAM report
  
• Fresh HijackThis log make AFTER the reboot
  

in your reply here.

[Outlook Express]

Just to add.

Two site no OE user should be with out.

Tom Koch's Inside OE and Dr. Steve Cochran's OE Help

[Help Request To Remove Wowfx.dll]

Please visit the webpage HERE for instructions for downloading and running ComboFix.

Post the log from ComboFix when you've accomplished that.

[Internet Problem (hijackthis Log Included)]

See if you can upload it HERE

[Hijackthis Log - Dell 5150 Laptop Slooowwww...]

Nothing showing in your logs could just be a matter of cleaning out your temp/TIFs

• Go to start > run and type: cleanmgr and click ok.
  
• Let it scan your system for files to remove.
  
• Make sure Temporary Files, Temporary Internet Files, and Recycle Bin are thef only things checked.
  
• Press OK to remove them.
  

Please download ATF Cleaner by Atribune.

This program is for XP and Windows 2000 only

• Double-click ATF-Cleaner.exe to run the program.
  Under Main choose: Select All
  Click the Empty Selected button.
  

If you use Firefox browser

• Click Firefox at the top and choose: Select All
  Click the Empty Selected button.
  NOTE: If you would like to keep your saved passwords, please click No at the prompt.
  

If you use Opera browser

• Click Opera at the top and choose: Select All
  Click the Empty Selected button.
  NOTE: If you would like to keep your saved passwords, please click No at the prompt.
  

Click Exit on the Main menu to close the program.

For Technical Support, double-click the e-mail address located at the bottom of each menu.

Download and scan with SUPERAntiSpyware Free for Home Users

• Double-click SUPERAntiSpyware.exe and use the default settings for installation.
  
• An icon will be created on your desktop. Double-click that icon to launch the program.
  
• If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here.)
  
• Under "Configuration and Preferences", click the Preferences button.
  
• Click the Scanning Control tab.
  
• Under Scanner Options make sure the following are checked (leave all others unchecked):
  • Close browsers before scanning.
    
  • Scan for tracking cookies.
    
  • Terminate memory threats before quarantining.
    

  [*] Click the "Close" button to leave the control center screen.

  [*] Back on the main screen, under "Scan for Harmful Software" click Scan your computer.

  [*] On the left, make sure you check C:\Fixed Drive.

  [*] On the right, under "Complete Scan", choose Perform Complete Scan.

  [*] Click "Next" to start the scan. Please be patient while it scans your computer.

  [*] After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".

  [*] Make sure everything has a checkmark next to it and click "Next".

  [*] A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.

  [*] If asked if you want to reboot, click "Yes".

  [*] To retrieve the removal information after reboot, launch SUPERAntispyware again.

  • Click Preferences, then click the Statistics/Logs tab.
    
  • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    
  • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    
  • Please copy and paste the Scan Log results in your next reply.
    

  [*] Click Close to exit the program.

[Internet Problem (hijackthis Log Included)]

Download RegSeeker from here:

http://www.softpedia.com/progDownload/RegS...nload-4229.html

Save and extract its contents to the desktop

1. A new folder will appear on your desktop. Within the folder, click on RegSeeker.exe. Click on Find in registry. Copy and paste the following string and click on Search.
   2559A1F4-21D7-11D4-BDAF-00C04F60B9F0
   
2. When scanning has finished, click Select, then on Select All.
   
3. Click on Action, then on Export selected items.
   
4. Name the export Report. It will be saved in RegSeeker > Backup folder.
   
5. Please ATTACH this file in a reply
   

[Internet Problem (hijackthis Log Included)]

got a program called spinrite, should i use this to fix the problem?

Certainly an option. If you DO use spinrite I sugguest you reboot once it's done and iimmediatly do a Chkdisk

Another is to install the Recovery Console (if not already installed) and run Chkdsik from there.

Guided info HERE

PS are you still getting the disconnects??

[Internet Problem (hijackthis Log Included)]

A nasty file or two...nothing too malicious.

You DO have LOTS of empty entries in your startup..

Wengo

FreeCall

all the Viop entries.

IF you uninstalled then the entries should have been removed by the programs when uninstalling.

Open HijackThis and put a check next to the following:

O4 - HKCU\..\Run: [Wengo] "C:/Program Files/Wengo/wengophone.exe" -background

O4 - HKCU\..\Run: [FreeCall] "C:\Program Files\FreeCall.com\FreeCall\FreeCall.exe" -nosplash -minimized

O4 - HKCU\..\Run: [Voipwise] "C:\Program Files\Voipwise.com\Voipwise\Voipwise.exe" -nosplash -minimized

O4 - HKCU\..\Run: [VoipBuster] "C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe" -nosplash -minimized

O4 - HKCU\..\Run: [VoipStunt] "C:\Program Files\VoipStunt.com\VoipStunt\VoipStunt.exe" -nosplash -minimized

O4 - HKCU\..\Run: [LowRateVoip] "C:\Program Files\LowRateVoip\LowRateVoip.exe" -nosplash -minimized

Close progrmas/windows (Even this one) besides HijackThis and click Fix checked.

Close HijackThis

Next download Malwarebytes' Anti-Malware from Here or Here

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
  
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  
• Copy&Paste the entire report in your next reply along with a fresh HijackThis log.
  

PS The logs also showed

The file system structure on the disk is corrupt and unusable.

Please run the chkdsk utility on the volume \Device\HarddiskVolume1

Go ahead and run a scan disk on your C: drive.

[Internet Problem (hijackthis Log Included)]

Deckard's System Scanner

Download Deckard's System Scanner (DSS) to your Desktop. Note: You must be logged onto an account with administrator privileges.

1. Close all applications and windows.
   
2. Double-click on dss.exe to run it, and follow the prompts.
   
3. When the scan is complete, two text files will open - main.txt <- this one will be maximized and extra.txt <-this one will be minimized
   
4. Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt here.
   
5. Please attach extra.txt to your post.
   

To attach a file to a new post, simply

1. Go to the Atachments section on the post composition page.(just below the text entry window), and
   
2. copy and paste the following into the "Select a file" box:
   C:\Deckard\System Scanner\extra.txt
   
   

   
   

3. Click Upload.
   

What DSS will do:

• create a new System Restore point in Windows XP and Vista.
  
• clean your Temporary Files, Downloaded Program Files, and Internet Cache Files, and also empty the Recycle Bin on all drives.
  
• check some important areas of your system and produce a report for your analyst to review. DSS automatically runs HijackThis for you, but it will also install and place a shortcut to HijackThis on your desktop if you do not already have HijackThis installed.
  

[Please Help Me Guys! Wnl32.dll Keeps Coming Back.]

Sorry for the delay in responding to your request. We (the helpers here and elsewhere) are just swampped with logs.

If you still need help do the following.

Please visit the webpage HERE for instructions for downloading and running ComboFix.

Post the log from ComboFix when you've accomplished that.]HERE for instructions for downloading and running ComboFix.

Post the log from ComboFix when you've accomplished that.

[Storageprotector Spyware[INACTIVE]]

Please download VundoFix.exe to your desktop

• Double-click VundoFix.exe to run it.
  
• Click the Scan for Vundo button.
  
• Once it's done scanning, click the Remove Vundo button.
  
• You will receive a prompt asking if you want to remove the files, click YES
  
• Once you click yes, your desktop will go blank as it starts removing Vundo.
  
• When completed, it will prompt that it will reboot your computer, click OK.
  
• Please post the contents of C:\vundofix.txt and a the CF log from below in a reply to this thread.
  

Note: It is possible that VundoFix encountered a file it could not remove. In this case, VundoFix will run on reboot, simply follow the above instructions starting from "Click the Scan for Vundo button" when VundoFix appears upon rebooting.

Please visit the webpage HERE for instructions for downloading and running ComboFix.

Post the log from ComboFix when you've accomplished that.

[Blank Ie Windows[INACTIVE]]

Hey yardmaster I just got a PM from the forum owner telling me that Email notification have not been working.

Sorry I had NO idea you've waited this long. I guess when I thought I didn't get notice in last poist I should have watched closer.

I'm gonna ASSume you are still having this issue.

Download and scan with SUPERAntiSpyware Free for Home Users

• Double-click SUPERAntiSpyware.exe and use the default settings for installation.
  
• An icon will be created on your desktop. Double-click that icon to launch the program.
  
• If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here.)
  
• Under "Configuration and Preferences", click the Preferences button.
  
• Click the Scanning Control tab.
  
• Under Scanner Options make sure the following are checked (leave all others unchecked):
  • Close browsers before scanning.
    
  • Scan for tracking cookies.
    
  • Terminate memory threats before quarantining.
    

  [*] Click the "Close" button to leave the control center screen.

  [*] Back on the main screen, under "Scan for Harmful Software" click Scan your computer.

  [*] On the left, make sure you check C:\Fixed Drive.

  [*] On the right, under "Complete Scan", choose Perform Complete Scan.

  [*] Click "Next" to start the scan. Please be patient while it scans your computer.

  [*] After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".

  [*] Make sure everything has a checkmark next to it and click "Next".

  [*] A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.

  [*] If asked if you want to reboot, click "Yes".

  [*] To retrieve the removal information after reboot, launch SUPERAntispyware again.

  • Click Preferences, then click the Statistics/Logs tab.
    
  • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    
  • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    
  • Please copy and paste the Scan Log results in your next reply.
    

  [*] Click Close to exit the program.

[Blank Ie Windows[INACTIVE]]

Let try something different then (Sorry I don' think I got a notice of your reply)

Deckard's System Scanner

Download Deckard's System Scanner (DSS) to your Desktop. Note: You must be logged onto an account with administrator privileges.

1. Close all applications and windows.
   
2. Double-click on dss.exe to run it, and follow the prompts.
   
3. When the scan is complete, two text files will open - main.txt <- this one will be maximized and extra.txt <-this one will be minimized
   
4. Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt here.
   
5. Please attach extra.txt to your post.
   

To attach a file to a new post, simply

1. Go to the Atachments section on the post composition page.(just below the text entry window), and
   
2. copy and paste the following into the "Select a file" box:
   C:\Deckard\System Scanner\extra.txt
   
   

   
   

3. Click Upload.
   

What DSS will do:

• create a new System Restore point in Windows XP and Vista.
  
• clean your Temporary Files, Downloaded Program Files, and Internet Cache Files, and also empty the Recycle Bin on all drives.
  
• check some important areas of your system and produce a report for your analyst to review. DSS automatically runs HijackThis for you, but it will also install and place a shortcut to HijackThis on your desktop if you do not already have HijackThis installed.
  

[Help Me[INACTIVE]]

Please visit the webpage HERE for instructions for downloading and running ComboFix.

Post the log from ComboFix when you've accomplished that.

[Blank Ie Windows[INACTIVE]]

Please visit the webpage HERE for instructions for downloading and running ComboFix.

Post the log from ComboFix when you've accomplished that.

[Frustrated College Student[INACTIVE]]

Well the GINA file are used for log in, fast user switching, etc. I'm betting you also no longer have a Welcome screen when you start Windows, correct? The one that displays user name...

Netgear uses thier own verison of msgina (RtlGina2.dll) and it has been know to cause all sort of login/start/switching issues.

MS-MVP Doug Knox has a fix/check for such issues. Go to his website HERE and download/use the XP_FixLogon.ZIP ..direction are on the page.

Let me know how you get on with this and if it fixes the issue.

Also do you have a XP install CD..incase we need to repair/fix some other files??