therock247uk

Your log is clean. Here are some tips, to reduce the potential for spyware infection in the future, I strongly recommend installing the following applications: Detect and Remove Programs: How to use Ad-Aware to remove Spyware <= If you suspect that you have spyware installed on your computer, here are instructions on how to download, install and then use Ad-Aware. How to use Spybot to remove Spyware <= If you suspect that you have spyware installed on your computer, here are instructions on how to download, install and then use Spybot. Similar to Ad-Aware, I strongly recommend both to c

Go to start, run type "services.msc" with out the quotes find the service. Task Manager Message Service Right click and stop it, make the start up type to disabled. When you have done that go into Hijackthis > open the misc tools section > delete an NT service and delete TSKMS. Then post a new Hijackthis log here in a reply.

Open Hijackthis and click scan. Then check mark the following entries R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/1988ade7385f4c...ip/RdxIE601.cab O23 - Service: Task Manager Message Service (TSKMS) - Unknown owner -

Looks clean...

Just making sure you have no left overs... Delete the files. (if present) c:\winnt\usta32.ini Then post a new Hijackthis log here in a reply.

Please download ATF Cleaner by Atribune. This program is for XP and Windows 2000 only Double-click ATF-Cleaner.exe to run the program. Under Main choose: Select All Click the Empty Selected button. If you use Firefox browser Click Firefox at the top and choose: Select All Click the Empty Selected button. NOTE: If you would like to keep your saved passwords, please click No at the prompt. If you use Opera browser Click Opera at the top and choose: Select All Click the Empty Selected button. NOTE: If you would like to keep your saved passwords, please click No at the prompt. Click Exit on the Ma

Follow my instructions in the above post...

Please download SmitfraudFix (by S!Ri) Extract the content (a folder named SmitfraudFix) to your Desktop. Open the SmitfraudFix folder and double-click smitfraudfix.cmd Select option #1 - Search by typing 1 and press "Enter"; a text file will appear, which lists infected files (if present). Please copy/paste the content of that report into your next reply. Note : process.exe is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "RiskTool"; it is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between "good" and "malicious" use

First download ewido anti-spyware from HERE and save that file to your desktop. This is a 30 day trial of the program Once you have downloaded ewido anti-spyware, locate the icon on the desktop and double-click it to launch the set up program. Once the setup is complete you will need run ewido and update the definition files. On the main screen select the icon "Update" then select the "Update now" link.Next select the "Start Update" button, the update will start and a progress bar will show the updates being installed. [*]Once the update has completed select the "Scanner" icon at the top of t

Click start > run type msconfig check mark normal startup reboot and post a new Hijackthis log here in a reply...

Download WindPFind Extract WinPFind.zip to your c:\ folder. Reboot your computer into Safe Mode Then open c:\WinPFind and double-click on WinPFind.exe. When the program is open, click on the Start Scan button to start scanning your computer. Be patient as this scan may take a while. When it is done, it will show a log and tell you the scan is completed. Reboot your computer back to normal mode and and post the contents of c:\WinPFind\WinPFind.txt as a reply to this topic.

Open Hijackthis and click scan. Then check mark the following entries R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwe...tup1.0.0.15.cab Now close all open windows except Hijackthis and click fix checked Then post a ne

Ok follow this... Please download VundoFix.exe to your desktop. Double-click VundoFix.exe to run it. Put a check next to Run VundoFix as a task. You will receive a message saying vundofix will close and re-open in a minute or less. Click OK When VundoFix re-opens, Right click the list box then select add files and add C:\WINDOWS\system32\jkkji.dll Click the Remove Vundo button. You will receive a prompt asking if you want to remove the files, click YES Once you click yes, your desktop will go blank as it starts removing Vundo. When completed, it will prompt that it will shutdown your computer,

Can you just try copying and pasting this into the box then trying to upload? C:\WINDOWS\system32\jkkji.dll

Please go here to upload a suspicious file for analysis. Enter your username from this forum Copy and paste the link to this thread Browse for this filename: C:\WINDOWS\system32\jkkji.dll In the comments, please mention that I asked you to upload this file Click on Send File

Can you post me the log anyway? c:\vundofix.txt

Please download VundoFix.exe to your desktop. Double-click VundoFix.exe to run it. Put a check next to Run VundoFix as a task. You will receive a message saying vundofix will close and re-open in a minute or less. Click OK When VundoFix re-opens, click the Scan for Vundo button. Once it's done scanning, click the Remove Vundo button. You will receive a prompt asking if you want to remove the files, click YES Once you click yes, your desktop will go blank as it starts removing Vundo. When completed, it will prompt that it will shutdown your computer, click OK. Turn your computer back on. Please

First download ewido anti-spyware from HERE and save that file to your desktop. This is a 30 day trial of the program Once you have downloaded ewido anti-spyware, locate the icon on the desktop and double-click it to launch the set up program. Once the setup is complete you will need run ewido and update the definition files. On the main screen select the icon "Update" then select the "Update now" link.Next select the "Start Update" button, the update will start and a progress bar will show the updates being installed. [*]Once the update has completed select the "Scanner" icon at the top of t

A malicious .DLL file is disrupting the LSP chain on your computer. We need to get rid of it. 1. Please download LSPFix from here. 2. Run the LSPFix.exe that you have just finished downloading. 3. Check the I know what I'm doing box. 4. In the Keep box you should see one or more instances of newdotnet6_38.dll. 5. Select every instance of newdotnet6_38.dll and move each one to the Remove box by clicking the >> button. 6. When you are done click Finish>>. Then post a new Hijackthis log here in a reply.

Go to where you saved Hijackthis.exe (D:\ARCHIVE\Application Archive\system utils\hijackthis\) right click on Hijackthis.exe click rename, rename it to hjt.exe reopen it make a log then post it here in a reply...

No problem... Closing...

Can you disable Adwatch or uninstall lavasoft adware and try again?

Boot into safemode to do this keep tapping F8 on your keyboard while your PC is starting up you will get a menu select safemode. While in safemode open Hijackthis and click scan. Then check mark the following entries O4 - HKCU\..\Run: [XP Tools] "C:\Program Files\XP Tools\xptools.exe" /min Now close all open windows except Hijackthis and click fix checked Reboot and post a new Hijackthis log here in a reply.

Have you tried going to Start > Settings > Control Panel > Add/Remove and uninstall XP Tools?

Your logs look to be all clean.... Here are some tips, to reduce the potential for spyware infection in the future, I strongly recommend installing the following applications: Spywareblaster <= SpywareBlaster will prevent spyware from being installed. Spywareguard <= SpywareGuard offers realtime protection from spyware installation attempts. How to use Ad-Aware to remove Spyware <= If you suspect that you have spyware installed on your computer, here are instructions on how to download, install and then use Ad-Aware. How to use Spybot to remove Spyware <= If you suspect that you ha