jwbirdsong

Open HiJackThis. It should open to a "New users quickstart" menu Click "Open the Misc Tools section" Click "Delete a file on reboot..." In the "Enter file to delete on reboot..." window, navigate to: C:\WINDOWS\system32\ And select the file mi1.exe Then click Open. After you click Open, HiJackThis will ask you if you want to restart your computer now. click NO. Repeat for mi2.exe only reboot after mi2.exe Please download OTCleanIt from HERE to your desktop. Double click to run it. It will clean up the assortment of tools used during malware removal. When it has finnished, it will ask you to

Yes it is....to both. I tried to post yesterday and had some major issues, sorry for the delay. Time for some housekeeping Click START then RUN Now type Combofix /u in the runbox and click OK The above procedure will: Delete the following: ComboFix and its associated files and folders. VundoFix backups, if present The C:\Deckard folder, if present The C:_OtMoveIt folder, if present [*] Reset the clock settings. [*] Hide file extensions, if required. [*] Hide System/Hidden files, if required. [*] Reset System Restore. I'm going to forgot the USUAL closing speech for you for couple of

Looks pretty good...couple of questionable file... the following should take care of them. Download and scan with SUPERAntiSpyware Free for Home Users Double-click SUPERAntiSpyware.exe and use the default settings for installation. An icon will be created on your desktop. Double-click that icon to launch the program. If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here.) Under "Configuration and Pref

Please download ATF Cleaner by Atribune. This program is for XP and Windows 2000 only Double-click ATF-Cleaner.exe to run the program. Under Main choose: Select All Click the Empty Selected button. If you use Firefox browser Click Firefox at the top and choose: Select All Click the Empty Selected button. NOTE: If you would like to keep your saved passwords, please click No at the prompt. If you use Opera browser Click Opera at the top and choose: Select All Click the Empty Selected button. NOTE: If you would like to keep your saved passwords, please click No at the prompt. Click Exit on the Ma

Deckard's System Scanner Download Deckard's System Scanner (DSS) to your Desktop. Note: You must be logged onto an account with administrator privileges. Close all applications and windows. Double-click on dss.exe to run it, and follow the prompts. When the scan is complete, two text files will open - main.txt <- this one will be maximized and extra.txt <-this one will be minimized Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt here. Please attach extra.txt to your post. To attach a file to a new post, simply Go to the Atachments section on the post composition pa

What a great site, huh. and sfc was comming up on my list of to do's I'm gonna assume you've trashed the Limewire folder. Doesn't look like Limewire is current/active at least. Do you know what is in C:\Die MoFo folder? Just name is a little quirky... Could be from Trojan OR from you to KILL said Trojans. Only thing I see off hand is C:\Documents and Settings\Lindy Calkins\Application Data\xxx.exe. If unknown to you perhaps check it at VirusTotal and remove if infected. I'm also not certian on this Safeboot key [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Oknx64

Would you upload a copy of C:\WINDOWS\system32\hrum135.txt for me to HERE please. Most times when a txt file is found as infected it's just cuz of a string in the file. In you case not so sure. IF it really is a text file. Talking to OT about your error, he says he's seen that before when missing one of the crypo dll OR in your case is Crypo svc running??If we can't get a log there let's try another route Please visit the webpage HERE for instructions for downloading and running ComboFix. Post the log from ComboFix when you've accomplished that. If, for some reason you are unable to get

Download Malwarebytes' Anti-Malware from Here or Here Double Click mbam-setup.exe to install the application. Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish. If an update is found, it will download and install the latest version. Once the program has loaded, select "Perform Quick Scan", then click Scan. The scan may take some time to finish,so please be patient. When the scan is complete, click OK, then Show Results to view the results. Make sure that everything is checked, and click Remove Selected. When disin

TheTerrorist_75 Welcome to BestTechie. Sorry you had to visit under these circumstances. ROFLMAO.... Just couldn't resist that. Let's see if we can get you cleaned up the rest of the way. Download OTScanIt.exe to your Desktop and double-click on it to extract the files. It will create a folder named OTScanIt on your desktop. Close any open browsers. If your Real protection or Antivirus intervenes with OTScanIt, allow it to run. Open the OTScanit folder and double-click on OTScanit.exe to start the program. Leave all the setting to the default except as noted belowCheck the box for Scan all

Next download Malwarebytes' Anti-Malware from Here or Here Double Click mbam-setup.exe to install the application. Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish. If an update is found, it will download and install the latest version. Once the program has loaded, select "Perform Quick Scan", then click Scan. The scan may take some time to finish,so please be patient. When the scan is complete, click OK, then Show Results to view the results. Make sure that everything is checked, and click Remove Selected. When

Just to add. Two site no OE user should be with out. Tom Koch's Inside OE and Dr. Steve Cochran's OE Help

Please visit the webpage HERE for instructions for downloading and running ComboFix. Post the log from ComboFix when you've accomplished that.

See if you can upload it HERE

Nothing showing in your logs could just be a matter of cleaning out your temp/TIFs Go to start > run and type: cleanmgr and click ok. Let it scan your system for files to remove. Make sure Temporary Files, Temporary Internet Files, and Recycle Bin are thef only things checked. Press OK to remove them. Please download ATF Cleaner by Atribune. This program is for XP and Windows 2000 only Double-click ATF-Cleaner.exe to run the program. Under Main choose: Select All Click the Empty Selected button. If you use Firefox browser Click Firefox at the top and choose: Select All Click th

Download RegSeeker from here: http://www.softpedia.com/progDownload/RegS...nload-4229.html Save and extract its contents to the desktop A new folder will appear on your desktop. Within the folder, click on RegSeeker.exe. Click on Find in registry. Copy and paste the following string and click on Search. 2559A1F4-21D7-11D4-BDAF-00C04F60B9F0 When scanning has finished, click Select, then on Select All. Click on Action, then on Export selected items. Name the export Report. It will be saved in RegSeeker > Backup folder. Please ATTACH this file in a reply

Certainly an option. If you DO use spinrite I sugguest you reboot once it's done and iimmediatly do a Chkdisk Another is to install the Recovery Console (if not already installed) and run Chkdsik from there. Guided info HERE PS are you still getting the disconnects??

A nasty file or two...nothing too malicious. You DO have LOTS of empty entries in your startup.. Wengo FreeCall all the Viop entries. IF you uninstalled then the entries should have been removed by the programs when uninstalling. Open HijackThis and put a check next to the following: O4 - HKCU\..\Run: [Wengo] "C:/Program Files/Wengo/wengophone.exe" -background O4 - HKCU\..\Run: [FreeCall] "C:\Program Files\FreeCall.com\FreeCall\FreeCall.exe" -nosplash -minimized O4 - HKCU\..\Run: [Voipwise] "C:\Program Files\Voipwise.com\Voipwise\Voipwise.exe" -nosplash -minimized O4 - HKCU\..\Run: [VoipBust

Deckard's System Scanner Download Deckard's System Scanner (DSS) to your Desktop. Note: You must be logged onto an account with administrator privileges. Close all applications and windows. Double-click on dss.exe to run it, and follow the prompts. When the scan is complete, two text files will open - main.txt <- this one will be maximized and extra.txt <-this one will be minimized Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt here. Please attach extra.txt to your post. To attach a file to a new post, simply Go to the Atachments section on the post composition pa

Sorry for the delay in responding to your request. We (the helpers here and elsewhere) are just swampped with logs. If you still need help do the following. Please visit the webpage HERE for instructions for downloading and running ComboFix. Post the log from ComboFix when you've accomplished that.]HERE for instructions for downloading and running ComboFix. Post the log from ComboFix when you've accomplished that.

Please download VundoFix.exe to your desktop Double-click VundoFix.exe to run it. Click the Scan for Vundo button. Once it's done scanning, click the Remove Vundo button. You will receive a prompt asking if you want to remove the files, click YES Once you click yes, your desktop will go blank as it starts removing Vundo. When completed, it will prompt that it will reboot your computer, click OK. Please post the contents of C:\vundofix.txt and a the CF log from below in a reply to this thread. Note: It is possible that VundoFix encountered a file it could not remove. In this case, VundoFix will

Hey yardmaster I just got a PM from the forum owner telling me that Email notification have not been working. Sorry I had NO idea you've waited this long. I guess when I thought I didn't get notice in last poist I should have watched closer. I'm gonna ASSume you are still having this issue. Download and scan with SUPERAntiSpyware Free for Home Users Double-click SUPERAntiSpyware.exe and use the default settings for installation. An icon will be created on your desktop. Double-click that icon to launch the program. If asked to update the program definitions, click "Yes". If not, update t

Let try something different then (Sorry I don' think I got a notice of your reply) Deckard's System Scanner Download Deckard's System Scanner (DSS) to your Desktop. Note: You must be logged onto an account with administrator privileges. Close all applications and windows. Double-click on dss.exe to run it, and follow the prompts. When the scan is complete, two text files will open - main.txt <- this one will be maximized and extra.txt <-this one will be minimized Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt here. Please attach extra.txt to your post. To attach a

Please visit the webpage HERE for instructions for downloading and running ComboFix. Post the log from ComboFix when you've accomplished that.

Please visit the webpage HERE for instructions for downloading and running ComboFix. Post the log from ComboFix when you've accomplished that.

Well the GINA file are used for log in, fast user switching, etc. I'm betting you also no longer have a Welcome screen when you start Windows, correct? The one that displays user name... Netgear uses thier own verison of msgina (RtlGina2.dll) and it has been know to cause all sort of login/start/switching issues. MS-MVP Doug Knox has a fix/check for such issues. Go to his website HERE and download/use the XP_FixLogon.ZIP ..direction are on the page. Let me know how you get on with this and if it fixes the issue. Also do you have a XP install CD..incase we need to repair/fix some other files