Hi Gray,
Welcome back, sorry to have it be under such negative circumstances though.
Can you please follow these instructions and then post back your logs?
To start with I would like you to do this:
First disable system restore to prevent re-infection.
(you can turn it back on when youre pc is clean).
How to disable system restore:
WinXP.
Click the Start button.
Right-click My Computer, and then click Properties.
On the System Restore tab, check Turn off System Restore or Turn off System Restore on all drives.
Make sure all files and folders are showing; Right click on My Computer, click on Explore, Tools, Folder Options, View. Make sure Show All Files and Folders is selected.
Clean out your computer
Please download
CCleaner Install and run it, make sure that all options are selected including Advanced, answer OK to all warnings. Click on Analyze, when it has finished, click on Run Cleaner. Close out of CCleaner.
Do a virus scan Housecall. Also run
Stinger - Trojan Remover.
If you get report of files that can?t be cleaned/deleted please write down the filenames and locations and post that in your reply.
Download
Ewido Security Suite- Install Ewido Security Suite.
- When installing, under Additional Options uncheck Install background guard and Install scan via context menu
- Launch Ewido, there should be a big "E" icon on your desktop, double-click it.
- The program will prompt you to update click the "OK" button
- The program will now go to the main screen
- You will need to update Ewido to the latest definition files.
- On the left hand side of the main screen click update
- Click on Start
- The update will start and a progress bar will show the updates being installed.*
- After the updates are installed, exit ewido.
Once the updates are installed do the following:
- If you have an "always on" connection to the internet, physically disconnect that connection until you are finished with Safe Mode and have rebooted back into normal mode.
- Reboot into Safe Mode, restart your computer, tap the F8* key. Use your up arrow key to highlight Safe Mode, then hit enter.
Close all open windows/programs/folders and then run Ewido.* Have nothing else open while ewido performs its scan!
- Click on Scanner , Settings
- Under "How to scan" all boxes should be selected
- Under "Possibly unwanted software" all boxes should be selected
- Under "What to scan" select scan every file
- Click OK, Complete system scan
- Let the program scan the machine
- If ewido finds anything, it will pop up a notification.*
NOTE:* We have been finding some cases of false positives with the new version of Ewido, so you need to step through the fixes one-by-one.* If Ewido finds something that you
KNOW is legitimate (for example, parts of AVG Antivirus, AOL, pcAnywhere and the game "Risk" have been flagged.* In particular, watch for alerts that have the word "Heuristic" in them - if you recognize the file name as "friendly," these may actually be false positives) select "none" as the action.*
DO NOT check "Perform action with all infections."* If you are unsure of an entry, select "none" for the time being.* We will see that in the log when you post it later and let you know if ewido needs to be run again.
Once the scan has completed, there will be a button located on the bottom of the screen named
Save report.
Click Save report. Save the report to your desktop, exit ewido
Note:
If during your scan Ewido "crashes" or "hangs", please try scanning again. Before running the scan, click on 'Scanner' (the 3rd bar from the top on the left) and Choose 'Settings'. Uncheck 'Scan in NTFS Alternate Data Streams' as this can cause problems in overly infected systems. Click 'OK' and run a new scan.
Download
HijackThis from my signature, make sure to install it into its own folder. Run it using the top option of saving a log file, save both the ewido and HijackThis logs back here.
Look forward to your reply,
TTFN
LGW
PC Help Forum
» Security & Safety
» [Fixed] Hijackthis! Logs
»
[Fixed] A troublesome virus
[Fixed] A troublesome virus
Linear Mode
