[shawn_dsm]

> Editted per request

Edited by Tigger93, 14 October 2006 - 01:34 PM.

[Advertisements]

Hiya!

Open HiJackThis and fix these:
O16 - DPF: {19E28AFC-EAE3-4CE5-AC83-2407B42F57C9} (MSSecurityAdvisor Class) -

O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)

Go Run and type in msconfig and click Ok

Goto the startup tab and click Enable All

Restart your computer and post a new HJT log please.

[Tigger93]

Hiya!

Open HiJackThis and fix these:
O16 - DPF: {19E28AFC-EAE3-4CE5-AC83-2407B42F57C9} (MSSecurityAdvisor Class) -

O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)

Go Run and type in msconfig and click Ok

Goto the startup tab and click Enable All

Restart your computer and post a new HJT log please.

[shawn_dsm]

> Editted per request

Edited by Tigger93, 14 October 2006 - 01:35 PM.

[Tigger93]

While TeaTimer is an excellent tool for the prevention of spyware, it can sometimes prevent HijackThis from fixing certain things.
Please disable TeaTimer for now until you are clean. TeaTimer can be re-activated once your HijackThis log is clean.

• Open Spybot Search & Destroy.
• In the Mode menu click "Advanced mode" if not already selected.
• Choose "Yes" at the Warning prompt.
• Expand the "Tools" menu.
• Click "Resident".
• Uncheck the "Resident "TeaTimer" (Protection of overall system settings) active." box.
• In the File menu click "Exit" to exit Spybot Search & Destroy.

Open HijackThis, click Config, click Misc Tools
Click "Open Uninstall Manager"
Click "Save List" (generates uninstall_list.txt)
Click Save, copy and paste the results in your next post.

[shawn_dsm]

> Editted per request

Edited by Tigger93, 14 October 2006 - 01:35 PM.

[Tigger93]

First download AVG Anti-Spyware from HERE and save that file to your desktop.
This is a 30 day trial of the program

• Once you have downloaded AVG Anti-Spyware, locate the icon on the desktop and double-click it to launch the set up program.
• Once the setup is complete you will need run AVG Anti-Spyware and update the definition files.
• On the main screen select the icon "Update" then select the "Update now" link.
  • Next select the "Start Update" button, the update will start and a progress bar will show the updates being installed.
• Once the update has completed select the "Scanner" icon at the top of the screen, then select the "Settings" tab.
• Once in the Settings screen click on "Recommended actions" and then select "Quarantine".
• Under "Reports"
  • Select "Automatically generate report after every scan"
  • Un-Select "Only if threats were found"

Close AVG Anti-Spyware, Do Not run a scan just yet, we will shortly.

• Reboot your computer into SafeMode. You can do this by restarting your computer and continually tapping the F8 key until a menu appears. Use your up arrow key to highlight SafeMode then hit enter.
  IMPORTANT: Do not open any other windows or programs while AVG Anti-Spyware is scanning, it may interfere with the scanning proccess:
• Lauch AVG Anti-Spyware by double-clicking the icon on your desktop.
• Select the "Scanner" icon at the top and then the "Scan" tab then click on "Complete System Scan".
• AVG Anti-Spyware will now begin the scanning process, be patient this may take a little time.
  Once the scan is complete do the following:
• If you have any infections you will prompted, then select "Apply all actions"
• Next select the "Reports" icon at the top.
• Select the "Save report as" button in the lower left hand of the screen and save it to a text file on your system (make sure to remember where you saved that file, this is important).
• Close AVG Anti-Spyware and reboot your system back into Normal Mode and post the results of the AVG Anti-Spyware report scan.

[Tigger93]

Download WindPFind

Extract WinPFind.zip to your c:\ folder.

Reboot your computer into Safe Mode

Then open c:\WinPFind and double-click on WinPFind.exe.
When the program is open, click on the Start Scan button to start scanning your computer. Be patient as this scan may take a while.
When it is done, it will show a log and tell you the scan is completed. Reboot your computer back to normal mode and and post the contents of c:\WinPFind\WinPFind.txt as a reply to this topic.

[shawn_dsm]

> Editted per request. - Tigger

Edited by Tigger93, 14 October 2006 - 01:19 PM.

[Tigger93]

Ok, can you go here and upload and scan these files:
C:\WINDOWS\SYSTEM32\wbdbase.deu
C:\WINDOWS\bootstat.dat

Save the results from the scan and post them in your next reply please.

[Tigger93]

Ok, since nothing was found, lets try this:

Download Combofix here

2. Double click combofix.exe & follow the prompts.
3. When finished, it shall produce a log for you. Post that log in your next reply

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall

[shawn_dsm]

> Editted per request

Edited by Tigger93, 14 October 2006 - 01:35 PM.

[Tigger93]

Nothing...

Go Start > Search and search for sw.exe If it finds anything, please post the location to that file.

[Tigger93]

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.