Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

help please


  • Please log in to reply
4 replies to this topic

#1 adalia

adalia

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:28 PM

Posted 09 May 2005 - 10:25 AM

Logfile of HijackThis v1.99.1
Scan saved at 18:25:08, on 09.05.2005
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\PROGRAM FILES\RHINOSOFT.COM\ALLEGROSURF\ALLEGROSURF.EXE
C:\PROGRAM FILES\RHINOSOFT.COM\ALLEGROSURF\NETMON.EXE
C:\PROGRAM FILES\KASPERSKY LAB\KASPERSKY ANTI-VIRUS PERSONAL\KAVSVC.EXE
C:\WINDOWS\SYSTEM\MDM.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\SISTRAY.EXE
C:\WINDOWS\SYSTEM\CARPSERV.EXE
C:\PROGRAM FILES\RHINOSOFT.COM\ALLEGROSURF\NETMONMONITOR.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\INTERNAT.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAM FILES\KASPERSKY LAB\KASPERSKY ANTI-VIRUS PERSONAL\KAV.EXE
C:\WINDOWS\CONFIG\SYSTEM\SERVICES.EXE
C:\PROGRAM FILES\SPAMIHILATOR\SPAMIHILATOR.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\PROGRAM FILES\YAHOO!\MESSENGER\YMSGR_TRAY.EXE
C:\PROGRAM FILES\WINZIP\WINZIP32.EXE
C:\WINDOWS\TEMP\HIJACKTHIS.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = ftp=localhost:80;http=localhost:80;https=localhost:80
F1 - win.ini: run=C:\WINDOWS\SPEEDY.BATc:\windows\speedy.bat,c:\windows\speedy.scr,c:\windows\scrsvr.exe,c:\windows\instit.bat,c:\windows\marco!.scr,c:\windows\alevir.exe,c:\windows\Brasil.pif,c:\windows\natal!.pif
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [SiS Tray] C:\WINDOWS\SYSTEM\SISTRAY.EXE
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [NetworkMonitor] C:\Program Files\RhinoSoft.com\AllegroSurf\NetMonMonitor.exe
O4 - HKLM\..\Run: [internat.exe] internat.exe
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize
O4 - HKLM\..\Run: [Spees1] C:\WINDOWS\Speedy.scr
O4 - HKLM\..\Run: [ SystemCheck] C:\WINDOWS\Config\system\services.exe
O4 - HKLM\..\RunServices: [AllegroSurfEngine] C:\PROGRAM FILES\RHINOSOFT.COM\ALLEGROSURF\ALLEGROSURF.EXE -9Xservice
O4 - HKLM\..\RunServices: [NetMonNT] C:\PROGRAM FILES\RHINOSOFT.COM\ALLEGROSURF\NETMON.EXE -9Xservice
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [kavsvc] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe"
O4 - HKLM\..\RunServices: [Machine Debug Manager] C:\WINDOWS\SYSTEM\MDM.EXE
O4 - HKCU\..\Run: [Spamihilator] "C:\Program Files\Spamihilator\spamihilator.exe"

BC AdBot (Login to Remove)

 


#2 adalia

adalia
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:28 PM

Posted 09 May 2005 - 10:55 AM

I don't know what to delete, ca you tell me?

Logfile of HijackThis v1.99.1
Scan saved at 18:25:08, on 09.05.2005
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\PROGRAM FILES\RHINOSOFT.COM\ALLEGROSURF\ALLEGROSURF.EXE
C:\PROGRAM FILES\RHINOSOFT.COM\ALLEGROSURF\NETMON.EXE
C:\PROGRAM FILES\KASPERSKY LAB\KASPERSKY ANTI-VIRUS PERSONAL\KAVSVC.EXE
C:\WINDOWS\SYSTEM\MDM.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\SISTRAY.EXE
C:\WINDOWS\SYSTEM\CARPSERV.EXE
C:\PROGRAM FILES\RHINOSOFT.COM\ALLEGROSURF\NETMONMONITOR.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\INTERNAT.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAM FILES\KASPERSKY LAB\KASPERSKY ANTI-VIRUS PERSONAL\KAV.EXE
C:\WINDOWS\CONFIG\SYSTEM\SERVICES.EXE
C:\PROGRAM FILES\SPAMIHILATOR\SPAMIHILATOR.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\PROGRAM FILES\YAHOO!\MESSENGER\YMSGR_TRAY.EXE
C:\PROGRAM FILES\WINZIP\WINZIP32.EXE
C:\WINDOWS\TEMP\HIJACKTHIS.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = ftp=localhost:80;http=localhost:80;https=localhost:80
F1 - win.ini: run=C:\WINDOWS\SPEEDY.BATc:\windows\speedy.bat,c:\windows\speedy.scr,c:\windows\scrsvr.exe,c:\windows\instit.bat,c:\windows\marco!.scr,c:\windows\alevir.exe,c:\windows\Brasil.pif,c:\windows\natal!.pif
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [SiS Tray] C:\WINDOWS\SYSTEM\SISTRAY.EXE
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [NetworkMonitor] C:\Program Files\RhinoSoft.com\AllegroSurf\NetMonMonitor.exe
O4 - HKLM\..\Run: [internat.exe] internat.exe
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize
O4 - HKLM\..\Run: [Spees1] C:\WINDOWS\Speedy.scr
O4 - HKLM\..\Run: [ SystemCheck] C:\WINDOWS\Config\system\services.exe
O4 - HKLM\..\RunServices: [AllegroSurfEngine] C:\PROGRAM FILES\RHINOSOFT.COM\ALLEGROSURF\ALLEGROSURF.EXE -9Xservice
O4 - HKLM\..\RunServices: [NetMonNT] C:\PROGRAM FILES\RHINOSOFT.COM\ALLEGROSURF\NETMON.EXE -9Xservice
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [kavsvc] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe"
O4 - HKLM\..\RunServices: [Machine Debug Manager] C:\WINDOWS\SYSTEM\MDM.EXE
O4 - HKCU\..\Run: [Spamihilator] "C:\Program Files\Spamihilator\spamihilator.exe"

#3 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:09:28 PM

Posted 09 May 2005 - 11:20 AM

Hello adalia and welcome to the BC forums. Please do not create multiple topics for the same log. It creates extra work for the volunteers here by having duplicate work done on the same post when they could be helping others who are in need.

This log appears to be incomplete. We need a complete HijackThis (HJT) log file to be able to analyze what is happening on your computer.

Start HijackThis and click the Do a system scan and save a log button to perform a scan and create a log file. When the scan is complete, Notepad will open up with the log file in it. While in Notepad, press Ctrl-A to select all text and then Ctrl-C to copy the text to the clipboard.

POST the log in this thread using the Add Reply button. Click in the data-entry window and press Ctrl-V to paste the log into the window. Add any other comments which you believe might be helpful in our analysis. and click the Add Reply button.

I will review your log when it comes in.


DO NOT MAKE ANY CHANGES OR CLICK "FIX CHECKED" UNTIL I CHECK THE LOG, AS SOME OF THE FILES ARE LEGIT AND VITAL TO THE FUNCTION OF YOUR COMPUTER

OT

Edited by OldTimer, 09 May 2005 - 11:21 AM.

I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#4 adalia

adalia
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:28 PM

Posted 10 May 2005 - 02:12 AM

the new log:

Logfile of HijackThis v1.99.1
Scan saved at 10:09:42, on 10.05.2005
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\PROGRAM FILES\RHINOSOFT.COM\ALLEGROSURF\ALLEGROSURF.EXE
C:\PROGRAM FILES\RHINOSOFT.COM\ALLEGROSURF\NETMON.EXE
C:\PROGRAM FILES\KASPERSKY LAB\KASPERSKY ANTI-VIRUS PERSONAL\KAVSVC.EXE
C:\WINDOWS\SYSTEM\MDM.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\SISTRAY.EXE
C:\WINDOWS\SYSTEM\CARPSERV.EXE
C:\PROGRAM FILES\RHINOSOFT.COM\ALLEGROSURF\NETMONMONITOR.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\INTERNAT.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAM FILES\KASPERSKY LAB\KASPERSKY ANTI-VIRUS PERSONAL\KAV.EXE
C:\WINDOWS\CONFIG\SYSTEM\SERVICES.EXE
C:\PROGRAM FILES\SPAMIHILATOR\SPAMIHILATOR.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\PROGRAM FILES\YAHOO!\MESSENGER\YPAGER.EXE
C:\WINDOWS\NOTEPAD.EXE
C:\PROGRAM FILES\WINZIP\WINZIP32.EXE
C:\WINDOWS\TEMP\HIJACKTHIS.EXE

F1 - win.ini: run=C:\WINDOWS\SPEEDY.BATc:\windows\speedy.bat,c:\windows\speedy.scr,c:\windows\scrsvr.exe,c:\windows\instit.bat,c:\windows\marco!.scr,c:\windows\alevir.exe,c:\windows\Brasil.pif,c:\windows\natal!.pif
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [SiS Tray] C:\WINDOWS\SYSTEM\SISTRAY.EXE
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [NetworkMonitor] C:\Program Files\RhinoSoft.com\AllegroSurf\NetMonMonitor.exe
O4 - HKLM\..\Run: [internat.exe] internat.exe
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe" /minimize
O4 - HKLM\..\Run: [Spees1] C:\WINDOWS\Speedy.scr
O4 - HKLM\..\Run: [ SystemCheck] C:\WINDOWS\Config\system\services.exe
O4 - HKLM\..\RunServices: [AllegroSurfEngine] C:\PROGRAM FILES\RHINOSOFT.COM\ALLEGROSURF\ALLEGROSURF.EXE -9Xservice
O4 - HKLM\..\RunServices: [NetMonNT] C:\PROGRAM FILES\RHINOSOFT.COM\ALLEGROSURF\NETMON.EXE -9Xservice
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [kavsvc] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe"
O4 - HKLM\..\RunServices: [Machine Debug Manager] C:\WINDOWS\SYSTEM\MDM.EXE
O4 - HKCU\..\Run: [Spamihilator] "C:\Program Files\Spamihilator\spamihilator.exe"

thank you

#5 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:09:28 PM

Posted 10 May 2005 - 10:24 AM

Hi adalia. The log seems pretty short bu that might just be your setup. Quite minimalist :thumbsup: . Let's get started. Please print these directions and then proceed with the following steps in order.

Step #1

Download CCleaner and install it but do not run it yet.

Important
Your copy of HijackThis needs to be in a folder of it's own. If it is run from Temporary folders the backups and HijackThis itself could be accidentally deleted if the Temporary folders are cleaned. If it is run from the desktop then the backup files and folders can clutter up the desktop and be accidentally deleted. If it is run from inside a compressed file then the backups are not created at all.
  • Please open My Computer
  • Double-click on Local Disk (C:)
  • Click on the File menu, point to New and then click on Folder. Name the folder 'HijackThis' or 'HJT'.
  • Unzip to or copy and paste HijackThis.exe to the new folder.
Step #2

Start in Safe Mode Using the F8 method:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until the boot menu appears.
  • Use the arrow keys to select the Safe Mode menu item.
  • Press the Enter key.
Step #3

Start HijackThis and click the Scan button to perform a scan. Look for the following items and click in the checkbox in front of each item to select it:F1 - win.ini: run=C:\WINDOWS\SPEEDY.BATc:\windows\speedy.bat,c:\windows\speedy.scr,c:\windows\scrsvr.exe,c:\windows\instit.bat,c:\windows\marco!.scr,c:\windows\alevir.exe,c:\windows\Brasil.pif,c:\windows\natal!.pif
O4 - HKLM\..\Run: [Spees1] C:\WINDOWS\Speedy.scr
O4 - HKLM\..\Run: [ SystemCheck] C:\WINDOWS\Config\system\services.exe

Now close ALL open windows except HijackThis and click the Fix Checked button to finish the repair.

Step #4

We need to make sure all hidden files are showing so please:

We need to make sure all hidden files are showing so please:
  • Open My Computer.
  • Select the View menu and click Folder Options.
  • Select the View tab.
  • In the Hidden files section select Show all files.
  • Click OK.
Find the following files/folders and delete them (don't worry if they are already gone):C:\WINDOWS\Speedy.scr
C:\WINDOWS\Config\system\services.exe
C:\WINDOWS\SPEEDY.BAT
c:\windows\scrsvr.exe
c:\windows\instit.bat
c:\windows\marco!.scr
c:\windows\alevir.exe
c:\windows\Brasil.pif
c::\windows\natal!.pif

Step #5

Start CCleaner and click on the Run Cleaner button in the lower right-hand corner. When it is finished close CCleaner.

Step #6

Reboot normally and run at least 2 of the following on-line virus scans:Trend Micro Housecall
BitDefender On-Line Virus Scan
Panda ActiveScan
eTrust Antivirus Web Scanner
Make sure that you choose "fix" or "clean".

Step #7

AdAware SE

Download, install, update, configure and run a scan with Ad-aware SE:
  • Download and Install AdAware SE Personal, keeping the default options. However, some of the settings will need to be changed before your first scan.
  • Close ALL windows except Ad-Aware SE.
  • Click on the‘world’ icon at the top right of the Ad-Aware SE window and let AdAware SE update the reference list for the adware and malware.
  • Once the update is finished click on the ‘Gear’ icon (second from the left at the top of the window) to access the preferences/settings window:
    • In the ‘General’ window make sure the following are selected in green:
      • Under Safety:
        • Automatically save log-file
      • Automatically quarantine objects prior to removal
      • Safe Mode (always request confirmation)
    • Under Definitions:
      • Prompt to update outdated definitions - set the number of days
  • Click on the ‘Scanning’ button on the left and select in green:
    • Under Driver, Folders & Files:
      • Scan Within Archives
    • Under Select drives & folders to scan:
      • choose all hard drives
    • Under Memory & Registry: all green
      • Scan Active Processes
      • Scan Registry
      • Deep Scan Registry
      • Scan my IE favorites for banned URL’s
      • Scan my Hosts file
  • Click on the ‘Advanced’ button on the left and select in green:
    • Under Shell Integration:
      • Move deleted files to recycle bin
    • Under Logfile Detail Level: all green
      • include addtional object information
      • DESELECT - include negligible objects information
      • include environment information
    • Under Alternate Data Streams:
      • Don't log streams smaller than 0 bytes
      • Don't log ADS with the following names: CA_INOCULATEIT
  • Click the ‘Tweak’ button and select in green:
    • Under ‘Scanning Engine’:
      • Unload recognized processes during scanning
      • Scan registry for all users instead of current user only
    • Under ‘Cleaning Engine’:
      • Let Windows remove files in use at next reboot
    • Under Log Files:
      • Include basic Ad-aware SE settings in logfile
      • Include additional Ad-aware SE settings in logfile
      • Please do not check: Include Module list in logfile
  • Click on ‘Proceed’ to save the settings.
  • Click ‘Start’
  • Choose 'Perform Full System Scan'
  • DESELECT "Search for negligible risk entries", as negligible risk entries (MRU's) are not considered to be a threat.
  • Click ‘Next’ and Ad-Aware SE will scan your hard drive(s) with the options you have selected and clean automatically.
  • If Ad-Aware SE finds bad entries, you will receive a list of what it found in the window
  • Save the log file when it asks and then click ‘Finish’
  • REBOOT to complete the removal of what Ad-Aware SE found.
Step #8

OK. Reboot your computer normally, start HijackThis and perform a new scan. Use the Add Reply button to post your new log file back here along with details of any problems you encountered performing the above steps and I will review it when it comes in.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users