Sponsored By

chewy

Room Mate Screwed Up Cpu Again

Recommended Posts

Logfile of HijackThis v1.99.1

Scan saved at 5:06:28 PM, on 8/23/2005

Platform: Windows 2000 SP4 (WinNT 5.00.2195)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:

C:\WINNT\System32\smss.exe

C:\WINNT\system32\winlogon.exe

C:\WINNT\system32\services.exe

C:\WINNT\system32\lsass.exe

C:\WINNT\system32\svchost.exe

C:\WINNT\system32\LEXBCES.EXE

C:\WINNT\system32\spoolsv.exe

C:\WINNT\system32\LEXPPS.EXE

e:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe

e:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe

C:\WINNT\system32\Brmfrmps.exe

C:\WINNT\System32\svchost.exe

C:\WINNT\System32\mnmsrvc.exe

C:\WINNT\system32\MSTask.exe

C:\WINNT\system32\stisvc.exe

C:\WINNT\System32\WBEM\WinMgmt.exe

C:\WINNT\System32\mspmspsv.exe

C:\WINNT\System32\inetsrv\inetinfo.exe

C:\WINNT\Explorer.EXE

C:\WINNT\system32\devldr32.exe

D:\Program Files\Creative\SBLive2k\AudioHQ\AHQTB.EXE

C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe

C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe

D:\qttask.exe

E:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe

E:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe

C:\Program Files\NaviSearch\bin\nls.exe

C:\WINNT\system32\rundll32.exe

C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe

C:\Program Files\Brother\ControlCenter2\brctrcen.exe

C:\WINNT\system32\ctfmon.exe

C:\PROGRA~1\ezula\mmod.exe

D:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe

D:\hijack\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.venusseek.com/home.html

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://home.netscape.com/home/winsearch.html

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.qsrch.com/

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

R3 - URLSearchHook: (no name) - {20EC3D2D-33C1-4C9D-BC37-C2D500688DA2} - C:\Program Files\TV Media\TvmBho.dll

N1 - Netscape 4: user_pref("browser.startup.homepage", "http://www.excite.com/"); (D:\Program Files\Netscape\Users\ibkrista\prefs.js)

O2 - BHO: NavErrRedir Class - {0199DF25-9820-4bd5-9FEE-5A765AB4371E} - (no file)

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - d:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

O2 - BHO: ShowBarObj Class - {43AE45CB-DDA7-454B-9650-93A4C090BDB8} - D:\Matts Crap\Eyetide Viewer\Toolbar\ETBar.dll

O2 - BHO: URLLink Class - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet6_38.dll

O2 - BHO: MEGASEAR - {4E7BD74F-2B8D-469E-C0FF-FA7FB592BF30} - C:\WINNT\DOWNLO~1\megasear.dll

O2 - BHO: Quick! - {4E7BD74F-2B8D-469E-C0FF-FD67B79CAF2C} - C:\PROGRA~1\quickbar\quickbar.dll

O2 - BHO: InstaFinder - {4E7BD74F-2B8D-469E-DCF7-F96DA086B434} - C:\WINNT\DOWNLO~1\instafin.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - d:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: LinkTracker Class - {6A6E50DC-BFA8-4B40-AB1B-159E03E829FD} - C:\WINNT\system32\lmf32v.dll

O2 - BHO: BAHelper Class - {A3FDD654-A057-4971-9844-4ED8E67DBBB8} - C:\Program Files\SideFind\sfbho.dll

O2 - BHO: NLS UrlCatcher Class - {AEECBFDA-12FA-4881-BDCE-8C3E1CE4B344} - C:\WINNT\system32\nvms.dll

O2 - BHO: Helper Class - {D80C4E21-C346-4E21-8E64-20746AA20AEB} - C:\Program Files\NavExcel Search Toolbar\NavExcelBar.dll

O2 - BHO: BrowserHelper Class - {EBCDDA60-2A68-11D3-8A43-0060083CFB9C} - C:\WINNT\System32\nzdd.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx

O3 - Toolbar: MEGASEAR - {4E7BD74F-2B8D-469E-C0FF-FA7FB592BF30} - C:\WINNT\DOWNLO~1\megasear.dll

O3 - Toolbar: &EyeTideBar - {987D027C-F0EF-40fa-9A1A-C45007F1F36F} - D:\Matts Crap\Eyetide Viewer\Toolbar\ETBar.dll

O3 - Toolbar: NavExcel Toolbar - {5AA06644-BC46-4220-A460-47A6EB47C96D} - C:\Program Files\NavExcel Search Toolbar\NavExcelBar.dll

O3 - Toolbar: YourSiteBar - {86227D9C-0EFE-4f8a-AA55-30386A3F5686} - C:\PROGRA~1\YOURSI~1\ysb.dll

O3 - Toolbar: Quick! - {4E7BD74F-2B8D-469E-C0FF-FD67B79CAF2C} - C:\PROGRA~1\quickbar\quickbar.dll

O4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logon

O4 - HKLM\..\Run: [3dfx Tools] rundll32.exe 3dfxCmn.dll,CMNUpdateOnBoot

O4 - HKLM\..\Run: [3dfx Task Manager] "C:\Program Files\3dfx Interactive\3dfx Tools\Apps\3dfxMan.exe"

O4 - HKLM\..\Run: [incredimail] D:\PROGRA~1\INCRED~1\bin\IncMail.exe /c

O4 - HKLM\..\Run: [PrinTray] C:\WINNT\System32\spool\DRIVERS\W32X86\2\printray.exe

O4 - HKLM\..\Run: [AudioHQ] d:\Program Files\Creative\SBLive2k\AudioHQ\AHQTB.EXE

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe

O4 - HKLM\..\Run: [PCBG] D:\PROGRA~1\INTRIG~1\pcbodyguard.exe /start

O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe

O4 - HKLM\..\Run: [QuickTime Task] "D:\qttask.exe" -atboottime

O4 - HKLM\..\Run: [TV Media] C:\Program Files\TV Media\Tvm.exe

O4 - HKLM\..\Run: [AVG7_CC] e:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP

O4 - HKLM\..\Run: [AVG7_EMC] e:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe

O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe

O4 - HKLM\..\Run: [bullsEye Network] C:\Program Files\BullsEye Network\bin\bargains.exe

O4 - HKLM\..\Run: [NaviSearch] C:\Program Files\NaviSearch\bin\nls.exe

O4 - HKLM\..\Run: [sais] c:\program files\180solutions\sais.exe

O4 - HKLM\..\Run: [21em3vjb] C:\WINNT\system32\21em3vjb.exe

O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,NewDotNetStartup -s

O4 - HKLM\..\Run: [spyware Stormer] C:\Program Files\Spyware Stormer\SpywareStormer.Exe

O4 - HKLM\..\Run: [Hot_Tarts_mc] C:\Program Files\Mpb\Dialers\Hot_Tarts_mc\Hot_Tarts_mc.exe /dontdial

O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot

O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe

O4 - HKLM\..\Run: [indexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe

O4 - HKLM\..\Run: [setDefPrt] C:\Program Files\Brother\Brmfl04a\BrStDvPt.exe

O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun

O4 - HKLM\..\Run: [dxvid] c:\winnt\system32\dxvid.exe /nocomm

O4 - HKCU\..\Run: [Yahoo! Pager] D:\Program Files\Yahoo!\Messenger\ypager.exe -quiet

O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe

O4 - HKCU\..\Run: [steam] "d:\program files\steam\steam.exe" -silent

O4 - HKCU\..\Run: [Windows Registry Repair Pro] C:\Program Files\3B Software\Windows Registry Repair Pro\RegistryRepairPro.exe 4

O4 - HKCU\..\Run: [TV Media] C:\Program Files\TV Media\Tvm.exe

O4 - HKCU\..\Run: [NIM] D:\Program Files\Netscape\Program\AIM\aim.exe -cnetwait.odl

O4 - HKCU\..\Run: [eZmmod] C:\PROGRA~1\ezula\mmod.exe

O4 - HKCU\..\Run: [eZWO] C:\PROGRA~1\Web Offer\wo.exe

O4 - Startup: Eyetide Launcher.lnk = D:\Matts Crap\Eyetide Viewer\EyetideController.exe

O4 - Global Startup: Status Monitor.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe

O8 - Extra context menu item: &Add animation to IncrediMail Style Box - D:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm

O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000

O8 - Extra context menu item: Search Using Copernic Agent - E:\Mike's\Music\Copernic Agent\Web\SearchExt.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\system32\msjava.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINNT\system32\msjava.dll

O9 - Extra button: SideFind - {10E42047-DEB9-4535-A118-B3F6EC39B807} - C:\Program Files\SideFind\sidefind.dll

O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - E:\Mike's\Music\Copernic Agent\CopernicAgent.exe (file missing)

O9 - Extra 'Tools' menuitem: Launch Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - E:\Mike's\Music\Copernic Agent\CopernicAgent.exe (file missing)

O9 - Extra button: @d:\Program Files\Messenger2\im2_ie_plugin.dll,-4 - {410C30C7-098A-4090-928E-F1D356D34C7F} - d:\Program Files\Messenger2\im2_ie_plugin.dll

O9 - Extra 'Tools' menuitem: Run IM2 Messenger - {410C30C7-098A-4090-928E-F1D356D34C7F} - d:\Program Files\Messenger2\im2_ie_plugin.dll

O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\WINNT\system32\shdocvw.dll

O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\WINNT\system32\shdocvw.dll

O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - E:\Mike's\Music\Copernic Agent\CopernicAgent.exe (file missing)

O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe

O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINNT\System32\Shdocvw.dll

O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - D:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe

O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - D:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe

O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyPoker.net\partypokernet.exe

O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyPoker.net\partypokernet.exe

O10 - Hijacked Internet access by New.Net

O10 - Hijacked Internet access by New.Net

O10 - Hijacked Internet access by New.Net

O10 - Hijacked Internet access by New.Net

O10 - Hijacked Internet access by New.Net

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

O16 - DPF: {00000EF1-0786-4633-87C6-1AA7A44296DA} - http://www.addictivetechnologies.net/DM0/cab/17kd11fg.cab

O16 - DPF: {0878B424-1F95-4E26-B5AB-F0D349D89650} - http://download.bargain-buddy.net/download...MARKETING11.cab

O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540000} (CInstall Class) - http://www.spywarestormer.com/files2/Install.cab

O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/cha...v43/yacscom.cab

O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} - http://www.ysbweb.com/ist/softwares/v4.0/ysb_regular.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by23fd.bay23.hotmail.msn.com/resources/MsnPUpld.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab

O16 - DPF: {7A32634B-029C-4836-A023-528983982A49} - http://fdl.msn.com/public/chat/msnchat42.cab

O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab

O16 - DPF: {A031D222-B496-11D2-9CC8-00105A10AAF6} (WONWebLauncher Class) - http://www.flipside.com/cab/WONWebLauncherControl.cab

O16 - DPF: {ABBE3C6B-2B1C-426E-B51B-1BE7E9562EA3} (CDRD4UB40.ctlCDRD4UB40) - https://secure.cdrd.co.uk/CDRD4UB40.CAB

O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} - http://fdl.msn.com/zone/datafiles/heartbeat.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http://sc.groups.msn.com/controls/PhotoUC/MsnPUpld.cab

O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} (PhotosCtrl Class) - http://ca.f2.pg.photos.yahoo.com/ocx/us/yexplorer1_9us.cab

O16 - DPF: {E87A6788-1D0F-4444-8898-1D25829B6755} - http://fdl.msn.com/public/chat/msnchat4.cab

O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} (Yahoo! Companion) - http://us.dl1.yimg.com/download.yahoo.com/...ebio5_1_5_0.cab

O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/contents/setup...er/imloader.cab

O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab

O18 - Filter: text/html - {DFAA31C8-A356-4313-9D95-5EDAB46C5070} - C:\WINNT\system32\lmf32v.dll

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - e:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - e:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe

O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Unknown owner - C:\WINNT\system32\Brmfrmps.exe" -service (file missing)

O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe

O23 - Service: fxSVC (fxScanner) - Unknown owner - C:\WINNT\fxsvc.exe (file missing)

O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINNT\system32\LEXBCES.EXE

O23 - Service: MMtask Engine (MMtaskEngine) - Unknown owner - C:\WINNT\System32\mmtask.exe (file missing)

O23 - Service: ptssvc - KODAK - D:\Program Files\digipics\Kodak EasyShare software\bin\ptssvc.exe

O23 - Service: ZESOFT - Unknown owner - C:\WINNT\zeta.exe

:blink:

Share this post


Link to post
Share on other sites

Hello chewy.

You have several items on your computer which are better removed with automated scanners. First, we'll remove a couple of programs.

Step 1

Go to Add/Remove Programs and remove New.Net or NewDotNet.

If there is no listing for it, use the uninstaller at newdotnet.com

Use procedure 4 to remove it. It requires that an internet connection be active while doing it.

Go here and follow the instructions on removal for TvMedia. Reboot when finished removing.

Step 2

Please download the trial version of Ewido security suite.

Install and Update Ewido:

  1. Download and install Ewido security suite.
  2. When installing, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
  3. Launch Ewido, there should be an icon on your desktop for it to double-click.
    • The program will prompt you to update, click the OK button.
    • The program will now go to the main screen.

[*]You will need to update ewido to the latest definition files.

  • On the left hand side of the main screen click update.
  • Click on Start Update.
  • The update will start and a progress bar will show the updates being installed.

[*]Once the updates are installed, close the program.

Scanning With Ewido:

  1. Reboot into Safe Mode (tap F8 during bootup, use arrow keys to select Safe Mode, then hit 'enter').
  2. Launch Ewido again.
    • Click on scanner
    • Click on Complete System Scan and the scan will begin.
    • While the scan is in progress you will be prompted to clean files, click OK
    • When it asks if you want to clean the first file, put a check in the lower left corner of the boxes that say "Perform action on all infections"and "Create encrypted backup" then choose clean and click OK.
    • Once the scan has completed, there will be a button located on the bottom of the screen named Save report
    • Click Save report.
    • Save the report .txt file to your desktop.

[*]Now close ewido security suite.

Step 3

Please download and install Ad-Aware SE and Spybot S&D according to the following instructions. If you already have these programs, please make sure they are the latest version (Ad-Aware SE Personal 1.06, Spybot Search and Destroy 1.4), than run scans as described below.

Scanning with Spybot S&D:

  1. Downloaded and Install Spybot S&D accepting the Default Settings.
  2. In the Menu Bar at the top of the Spybot window you will see 'Mode'. Make certain that 'default mode' has a check mark beside it.
  3. Close ALL windows except Spybot S&D.
  4. Click the button to ‘Search for Updates’ then download and install the Updates.
  5. Next click the button ‘Check for Problems’
  6. When Spybot is complete, it will be showing ‘RED’ entries bold 'Black' entries and ‘GREEN’ entries in the window.
  7. Make certain there is a check mark beside all of the RED entries ONLY.
  8. Choose ‘Fix Selected Problems’ and allow Spybot to fix the RED entries.
  9. REBOOT to complete the scan and clear memory.
  10. Do not enable Tea Timer until the log is clean as it will prevent the fix from working.

Scanning with Ad-Aware SE:

  1. Download and Install Ad-Aware SE, keeping the default options. However, some of the settings will need to be changed before your first scan.
  2. Close ALL windows except Ad-Aware SE.
  3. Click on the‘world’ icon at the top right of the Ad-Aware SE window and let AdAware SE update the reference list for the adware and malware.
  4. Once the update is finished click on the ‘Gear’ icon (second from the left at the top of the window) to access the preferences/settings window.
    • In the ‘General’ window make sure the following are selected in green:
      • Automatically save log-file
      • Automatically quarantine objects prior to removal
      • Safe Mode (always request confirmation)

[*]Under Definitions:

  • Prompt to udate outdated definitions - set the number of days

[*]Click on the ‘Scanning’ button on the left and select in green :

  • Under Driver, Folders & Files:
    • Scan Within Archives

    [*]Under Select drives & folders to scan -

    • choose all hard drives

    [*]Under Memory & Registry: all green

    [*]Scan active processes

    [*]Scan registry

    [*]Deep-scan registry

    [*]Scan my IE favorites for banned URLs

    [*]Scan my Hosts file

[*]Click on the ‘Advanced’ button on the left and select in green:

  • Under Shell Integration:
    • Move deleted files to recycle bin

    [*]Under Logfile Detail Level: (all green)

    • include addtional object information
    • DESELECT - include negligible objects information
    • include environment information

    [*]Under Alternate Data Streams:

    • Don't log streams smaller than 0 bytes
    • Don't log ADS with the following names: CA_INOCULATEIT

[*]Click the ‘Tweak’ button and select in green:

  • Under the ‘Scanning Engine’:
    • Unload recognized processes during scanning
    • Scan registry for all users instead of current user only

    [*]Under the ‘Cleaning Engine’:

    • Always try to unload modules before deletion
    • During removal, unload Explorer and IE if necessary
    • Let Windows remove files in use at next reboot

    [*]Under the Log Files:

    • Include basic Ad-aware SE settings in logfile
    • Include additional Ad-aware SE settings in logfile
    • Create logfile for removal operations.
    • Please do not check or make green: Include Module list in logfile

[*]Click on ‘Proceed’ to save the settings.

[*]Click ‘Start’

  • Choose:'Perform Full System Scan'
  • DESELECT "Search for negligible risk entries", as negligible risk entries (MRU's) are not considered to be a threat.

[*]Click ‘Next’ and Ad-Aware SE will scan your hard drive(s) with the options you have selected and clean automatically.

[*]If Ad-Aware SE finds bad entries, you will receive a list of what it found in the window, click "Next".

[*]The bad files will be listed, right click the pane and click "Select all objects" - this will put a check mark in the box at the side, click "Next" again and click "OK" at the prompt "# objects will be removed. Continue?".

[*]Save the logfile when asked.

[*]REBOOT to complete the removal of what Ad-Aware SE found.

Step 4

Please post the Uninstall List from HijackThis

  • Open Hijackthis and click None of the above, just start the program.
  • Click Config... < Misc Tools < Open Uninstall Manager.
  • Click Save list... and save the file as uninstall_list.txt to a location of your choice.
  • Copy/Past the results of this file in your next reply.

Step 5

Prepare your reply

  • Scan with HijackThis and post the new log as a reply to this thread.
  • Post the Ewido report.
  • Post the results of uninstall_list.txt.

Share this post


Link to post
Share on other sites

This thread is being closed due to inactivity. If you would like it to be reopened, please contact one of the moderators.

Thanks,

Matt

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.