bcastner
Premium,VIP,MVM
join:2002-09-25
Chevy Chase, MD
clubs: 
 ·Verizon Online DSL
1 edit | reply to Weedpicker
Re: HJT Log
TeaTimer is not necessary with Windows Defender installed. It also at times prevent anti-malware utilities from fixing certain things. Please disable TeaTimer for now until you are clean. For Vista with Windows Defender, I would not install this at all.
• Open Spybot Search & Destroy.
• In the Mode menu click "Advanced mode" if not already selected.
• Choose Yes at the Warning prompt.
• Expand the Tools menu.
• Click Resident.
• Uncheck the Resident "TeaTimer" (Protection of overall system settings) active. box.
• In the File menu click Exit to exit Spybot Search & Destroy.
Similarly, Spyware Doctor will prevent cleaning your computer. Please disable it for now.
From within Spyware Doctor, click the "]OnGuard" button on the left side.
Uncheck "Activate OnGuard".
Please download ATF Cleaner
It does not require any installation.. It is set up to clean Windows 2k, XP & Vista TEMP folders, as well as IE, FireFox and Opera, Temporary Internet Files and Cookies.
• Double-click ATF-Cleaner.exe to run the program.
For all browsers:
• Under Main choose: Select All
• Click the Empty Selected button.
Next, if you use Firefox (and some Mozilla-based browsers)
• Click Firefox at the top and choose: Select All
• Click the Empty Selected button.
Next, if you use the Opera browser
• Click Opera at the top and choose: Select All
• Click the Empty Selected button. :!: Click Exit on the Main menu to close the program.
Reconfigure Windows Vista to show hidden files:
To enable the viewing of Hidden files follow these steps:
•Close all programs so that you are at your desktop.
•Open the Control Panel menu and click Folder Options.
•After the new window appears select the View tab.
•Put a checkmark in the checkbox labeled Display the contents of system folders.
•Under the Hidden files and folders section select the radio button labeled Show hidden files and folders.
•Remove the checkmark from the checkbox labeled Hide file extensions for known file types.
•Remove the checkmark from the checkbox labeled Hide protected operating system files.
•Press the Apply button and then the OK button and exit My Computer.
•Now your computer is configured to show all hidden files. Malware Removal Steps
1. Download and Run -- ComboFix©
Download this file -- to your Desktop -- from any of these sources:
• Disconnect from the Internet.
• Disable your Antivirus software -- this includes any Script Blocking Feature it may have.
Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.
• A window will open with a warning. Accept any disclaimers to start the fix. When the scan completes Notepad will open with with your results log open. Do a File, Exit and answer 'Yes' to save changes.
A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock.
2. Please download MalwareBytes Anti-malware (MBAM) from one of the following links:
Once downloaded, close all programs and Windows on your computer (including this one.)
Double-click on the icon on your desktop named Download_mbam-setup.exe. This will start the installation of MBAM onto your computer.
When the installation begins, keep following the prompts in order to continue with the installation process. Do not make any changes to default settings and when the program has finished installing, make sure you leave both the Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware checked. Then click on the Finish button.
MBAM will now automatically start and you will see a message stating that you should update the program before performing a scan. As MBAM will automatically update itself after the install, you can press the OK button to close that box and you will now be at the main program.
On the Scanner tab, make sure the the Perform quick scan option is selected and then click on the Scan button to start scanning your computer.
MBAM will now start scanning your computer for malware. This process can take quite a while, so we suggest you go and do something else and periodically check on the status of the scan.
When the scan is finished a message box will appear that it has completed scanning successfully. Click OK. Now click Show Results. Make sure all entries have a checkmark at their far left. You should now click on the Remove Selected button to remove all the listed malware. MBAM will now delete all of the files and registry keys and add them to the programs quarantine.
When MBAM has finished removing the malware, it will open the scan log and display it in Notepad. Review the log as desired, and then close the Notepad window. Remember where you saved the log file, as we will want to see it later.
3. Run HijackThis again, and save the log file.
Submit to the Forum:
• The contents of C:\Combofix.txt;
• The MBAM log results;
• The new HijackThis log.
--
============
MS-MVP 2004 - -2008, ASAP Member
Users Helping Users
|
