Could somebody please help me get rid of this virus. I have attached a hjt doc for your perusal and please treat this as urgent. Thanks

:-) Hi Ladyluv,

I'll take a look, need to move this topic to the HijackThis log forum.

TTFN

T

:-D OK LadyLuv,

Crisis management engaged.

I am going to need you to do a few things for me starting with downloading the some programs.

I would like you to download CCleaner, Spy Sweeper, Adaware SE, Spybot S&D, ewido, and RegSupremePro from my signature. Please install them, and update Spy Sweeper, Adaware, ewido, and Spybot.

Next please make sure all files and folders are showing, in Windows Explorer, click on Tools, Folder Options, View, Show all Hidden Files and Folders.

Then disable your System Restore, right click on My Computer, click on Properties. Click on the System Restore tab and put a check in disable System Restore. Answer Yes to any warnings.
Then, please run the Housecall link in my signature, it is an online virus scanner, let it fix everything that it finds.

Now I would like you to install and run Housecall from my signature, it is an online virus scanner, let it fix whatever it finds.

OK, now that that is done, please boot into Safe Mode, tap the F8 key while booting and choose Safe Mode from the menu. Open CCleaner, make sure that all options are checked, including Advanced, answer Yes to any warnings. Click on Analyze and let it run, when it has finished, click on Run Cleaner. Once that has finished, close CCleaner.

Now run a full scan with both Adaware SE, Spybot S&D, and ewido in that order. Quarantine everything that Adaware finds. Fix everything in red, that Spybot finds. Have ewido fix each of the things it finds in turn, but make sure to read them, ewido occassionally comes up with false positives. If you are unsure, answer? none? for action to be taken, it will show up in the log. When ewido has finished, click save log, I will need you to post it back here when you are done.

Next run HijackThis!, choosing the top option of saving a log. Put a check next to the following items and click on Fix. Then delete the items in bold if they are still in your computer.

I would then ask that you run CCleaner again, letting it clean everything that it finds.

Boot into Normal Mode, run RegSupremePro, it will want to create a back up of your registry, let it. When it is finished, click on Registry Cleaner and select Agressive, let it run. When it is finished, click on Select, choose All, click on Fix. Close RegSupremePro.

Run HJT one more time, posting the new log back here.

We will be looking for your reply,

TTFN

T

Also add this entry to the fix list:

O4 - HKCU\..\Run: [ctfnom.exe] C:\WINDOWS\OSRSS.exe

and after fixing , delete the file in bold.

Thanks
I am working on it currently and will give you a feed back and soon as I am done. I really appreciate the help.

:-D No problem, that's what we're here for.

Looking forward to your reply,

TTFN

T