Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

[Resolved] aurora please help asap.


  • This topic is locked This topic is locked

#1
hamik

hamik

    Member

  • Member
  • PipPip
  • 61 posts
Hi I have Aurora and it is getting on my nerves.If I could get some help that would be greatly appreciated.Well here is my log please help me out asap because my dad has to use this computer in 2 days and if he sees this he will be :tazz:
Here is my log.


Logfile of HijackThis v1.99.1
Scan saved at 9:14:11 PM, on 6/27/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.exe
c:\windows\system32\yrsxmfr.exe
C:\Program Files\Java\j2re1.4.2_08\bin\jusched.exe
C:\WINDOWS\System32\service.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\armgame\Desktop\New Folder (2)\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drs...esearch.cgi?id=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.drs...esearch.cgi?id=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://copart.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drs...esearch.cgi?id=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.drs...esearch.cgi?id=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://websearch.drs...esearch.cgi?id=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://websearch.drs...esearch.cgi?id=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = websearch.drsnsrch.com/q.cgi?q=
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
O2 - BHO: Band Class - {01F44A8A-8C97-4325-A378-76E68DC4AB2E} - C:\WINDOWS\systb.dll
O3 - Toolbar: (no name) - {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_08\bin\jusched.exe
O4 - HKLM\..\Run: [Registry Value Name] service.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [Win Server Updt] C:\WINDOWS\wupdt.exe
O4 - HKLM\..\Run: [mrredvk] c:\windows\system32\yrsxmfr.exe r
O4 - HKLM\..\RunServices: [Registry Value Name] service.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_08\bin\npjpi142_08.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_08\bin\npjpi142_08.dll
O23 - Service: Windows lsass Service (lsass) - Unknown owner - C:\WINDOWS\lsass.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINDOWS\svcproc.exe

Edited by hamik, 27 June 2005 - 10:15 PM.

  • 0

Advertisements


#2
tj416

tj416

    Visiting Staff

  • Member
  • PipPipPip
  • 323 posts
Hi hamik,

You may want to print out these instructions or save them to your desktop as a text file with Notepad because we will be restarting into Safe Mode later on in the fix and you might not be able to access the Internet.
  • Prepare Ewido Security Suite for use:
    • Download the trial version of Ewido Security Suite.
    • Install the Program.
    • Click on the "update" button on the left hand side of the window.
    • Click on "Start Update".
    • You should not run the program yet so Exit the program.
  • Prepare Nailfix for use:
    • Download Nailfix.
    • Unzip the contents of the zip file to your Desktop.
    • Do not run it yet.
  • Reboot into Safe mode. To reboot in Safe mode:
    • Restart your computer and immediately begin tapping the F8 key on your keyboard.
    • If done right a Windows Advanced Options menu will appear. Select the Safe Mode option and press Enter.
  • Run Nailfix:
    • Double-click on Nailfix.cmd.
    • Your desktop and icons will disappear and reappear, and a window should open and close very quickly. Don't be alarmed, this is normal.
  • Run Ewido Security Suite:
    • Open Ewido Security Suite.
    • Click on the "scanner" button on the left hand side of the window.
    • Click on "Start".
    • After the scan is completed, save the logfile from the scan.
  • Run HijackThis:
    • Open HijackThis, run a scan and check this item:
      • F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
    • Close all windows and browsers, except HijackThis, and have HijackThis fix them by clicking on Fix Checked.
  • Restart your computer normally to return to normal mode.
  • Prepare in your reply:
    • Please post a fresh HijackThis log.
    • Please post the Ewido Security Suite log.

  • 0

#3
hamik

hamik

    Member

  • Topic Starter
  • Member
  • PipPip
  • 61 posts
here it is Logfile of HijackThis v1.99.1
Scan saved at 10:32:43 PM, on 6/27/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Java\j2re1.4.2_08\bin\jusched.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\MsPMSPSv.exe
c:\windows\system32\upbipf.exe
C:\Documents and Settings\armgame\Desktop\New Folder (2)\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drs...esearch.cgi?id=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.drs...esearch.cgi?id=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://copart.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drs...esearch.cgi?id=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.drs...esearch.cgi?id=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://websearch.drs...esearch.cgi?id=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://websearch.drs...esearch.cgi?id=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = websearch.drsnsrch.com/q.cgi?q=
O2 - BHO: Band Class - {01F44A8A-8C97-4325-A378-76E68DC4AB2E} - C:\WINDOWS\systb.dll (file missing)
O3 - Toolbar: (no name) - {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_08\bin\jusched.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [bqmlnqk] c:\windows\system32\upbipf.exe r
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_08\bin\npjpi142_08.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_08\bin\npjpi142_08.dll
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: Windows lsass Service (lsass) - Unknown owner - C:\WINDOWS\lsass.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (

---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 10:27:37 PM, 6/27/2005
+ Report-Checksum: 74BF67F2

+ Date of database: 6/28/2005
+ Version of scan engine: v3.0

+ Duration: 17 min
+ Scanned Files: 49344
+ Speed: 46.25 Files/Second
+ Infected files: 49
+ Removed files: 49
+ Files put in quarantine: 49
+ Files that could not be opened: 0
+ Files that could not be cleaned: 0

+ Binder: Yes
+ Crypter: Yes
+ Archives: Yes

+ Scanned items:
C:\

+ Scan result:
C:\Documents and Settings\armgame\Cookies\armgame@ads.tripod.lycos.co[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\armgame\Cookies\armgame@bannerspace[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\armgame\Cookies\armgame@burstnet[2].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\armgame\Cookies\armgame@geocities[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\armgame\Cookies\armgame@hb.lycos[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\armgame\Cookies\armgame@realmedia[2].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\armgame\Cookies\armgame@servedby.netshelter[2].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\armgame\Cookies\armgame@www.myaffiliateprogram[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\armgame\Desktop\New Folder (2)\backups\backup-20050626-163612-505.dll -> Spyware.ImiBar.d -> Cleaned with backup
C:\Documents and Settings\armgame\Local Settings\Temporary Internet Files\Content.IE5\2L0PA5GL\abiuninst[1].exe -> Spyware.BetterInternet -> Cleaned with backup
C:\Documents and Settings\armgame\Local Settings\Temporary Internet Files\Content.IE5\2L0PA5GL\Poller[1].exe -> Spyware.BetterInternet -> Cleaned with backup
C:\Documents and Settings\armgame\Local Settings\Temporary Internet Files\Content.IE5\7588D7BL\aurora[1].exe -> Spyware.BetterInternet.c -> Cleaned with backup
C:\Documents and Settings\armgame\Local Settings\Temporary Internet Files\Content.IE5\7588D7BL\Nail[1].exe -> Trojan.Nail -> Cleaned with backup
C:\Documents and Settings\armgame\Local Settings\Temporary Internet Files\Content.IE5\DDFNAW2T\DrPMon[1].dll -> Trojan.Agent.db -> Cleaned with backup
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GH0J2L4N\tct101[1].dll -> TrojanDownloader.Dyfuca.eg -> Cleaned with backup
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\I12345OP\nem220[1].dll -> TrojanDownloader.Dyfuca -> Cleaned with backup
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\O789ATUD\DrPMon[2].dll -> Trojan.Agent.db -> Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\0ED3EAC6-21DA-42D9-AC44-400FC8\C2E093EB-3B0A-45A5-9B0F-CFF8A5 -> TrojanDownloader.Small.asf -> Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\7CDBB0FB-53AF-4278-88C8-C18693\4C908681-335F-402B-A4BE-157FF2 -> Trojan.Agent.db -> Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\8215985B-3245-45C3-9BC9-F7BCBA\ABB3AA65-DAE5-4CFA-BA21-C90652 -> Spyware.180Solutions -> Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\C300FDD1-9E27-446E-8344-56C393\AD322D06-52EC-480E-BE3B-03E0EA -> Spyware.180Solutions -> Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\C708E932-CB8B-44DA-8612-FA64E4\4B30AA8B-9CFF-4701-9FA4-E3E08D -> TrojanDownloader.Dyfuca.eg -> Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\EF239E4F-538E-4226-8E61-015E74\F16B1B0B-F5A9-49ED-9CDA-6AA104 -> TrojanDownloader.Small.asf -> Cleaned with backup
C:\WINDOWS\lsass.exe -> Backdoor.SdBot.xd -> Cleaned with backup
C:\WINDOWS\qcwsjtpccju.exe -> Spyware.BetterInternet -> Cleaned with backup
C:\WINDOWS\SSK3_B5.exe -> TrojanDropper.Small.qn -> Cleaned with backup
C:\WINDOWS\systb.dll -> Spyware.ImiBar.d -> Cleaned with backup
C:\WINDOWS\system32\mqexdlm.srg -> Spyware.BargainBuddy.q -> Cleaned with backup
C:\WINDOWS\system32\rdriv.sys -> Trojan.Rootkit.k -> Cleaned with backup
C:\WINDOWS\system32\rwmuumm.exe -> Spyware.BetterInternet -> Cleaned with backup
C:\WINDOWS\system32\service.exe -> Backdoor.RBot.Generic -> Cleaned with backup
C:\WINDOWS\tdtb.exe -> Trojan.Imiserv.c -> Cleaned with backup
C:\WINDOWS\Temp\Del12.tmp -> TrojanDownloader.Small.asf -> Cleaned with backup
C:\WINDOWS\Temp\Del28.tmp -> Spyware.180Solutions -> Cleaned with backup
C:\WINDOWS\Temp\res10.tmp -> Spyware.180Solutions -> Cleaned with backup
C:\WINDOWS\Temp\res11.tmp -> Spyware.180Solutions -> Cleaned with backup
C:\WINDOWS\Temp\res12.tmp -> Spyware.180Solutions -> Cleaned with backup
C:\WINDOWS\Temp\res13.tmp -> Spyware.180Solutions -> Cleaned with backup
C:\WINDOWS\Temp\res5.tmp -> Spyware.180Solutions -> Cleaned with backup
C:\WINDOWS\Temp\res6.tmp -> Spyware.180Solutions -> Cleaned with backup
C:\WINDOWS\Temp\res7.tmp -> Spyware.180Solutions -> Cleaned with backup
C:\WINDOWS\Temp\res8.tmp -> Spyware.180Solutions -> Cleaned with backup
C:\WINDOWS\Temp\res9.tmp -> Spyware.180Solutions -> Cleaned with backup
C:\WINDOWS\Temp\resB.tmp -> Spyware.180Solutions -> Cleaned with backup
C:\WINDOWS\Temp\resC.tmp -> Spyware.180Solutions -> Cleaned with backup
C:\WINDOWS\Temp\resD.tmp -> Spyware.180Solutions -> Cleaned with backup
C:\WINDOWS\Temp\resE.tmp -> Spyware.180Solutions -> Cleaned with backup
C:\WINDOWS\Temp\resF.tmp -> Spyware.180Solutions -> Cleaned with backup
C:\WINDOWS\wupdt.exe -> TrojanDownloader.Intexp.c -> Cleaned with backup


::Report End
I don't think it fixed it because when eidos is on in normal mode it keeps asking to clean something and that keeps happening

Edited by hamik, 27 June 2005 - 11:36 PM.

  • 0

#4
tj416

tj416

    Visiting Staff

  • Member
  • PipPipPip
  • 323 posts
Hi hamik,

Please post the entire HijackThis log. Looks like something is missing at the bottom of the log.
  • 0

#5
hamik

hamik

    Member

  • Topic Starter
  • Member
  • PipPip
  • 61 posts
Here it is
Logfile of HijackThis v1.99.1
Scan saved at 10:38:23 PM, on 6/28/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\j2re1.4.2_08\bin\jusched.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\armgame\Desktop\New Folder (2)\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://copart.com/
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_08\bin\jusched.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_08\bin\npjpi142_08.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_08\bin\npjpi142_08.dll
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft.../as5/asinst.cab
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
  • 0

#6
tj416

tj416

    Visiting Staff

  • Member
  • PipPipPip
  • 323 posts
Hi hamik,
  • Prepare rdrivRem.zip for use:
    • Download rdrivRem.zip.
    • Unzip the contents of rdrivRem.zip to your desktop but do not run it yet.
  • Reboot into Safe mode. To reboot in Safe mode:
    • Restart your computer and immediately begin tapping the F8 key on your keyboard.
    • If done right a Windows Advanced Options menu will appear. Select the Safe Mode option and press Enter.
  • Run rdrivRem.zip:
    • Double-click rdrivRem.bat.
    • Follow the instructions on the screen.
    • After it's complete, rdriv.txt will be created in the rdrivRem folder.
  • Run Ewido Security Suite:
    • Open Ewido Security Suite.
    • Click on the "scanner" button on the left hand side of the window.
    • Click on "Start".
    • After the scan is completed, save the logfile from the scan.
  • Clean out temporary files:
    • Start | Run | type cleanmgr | OK
    • Let it scan your system for files to remove.
    • Make sure Temporary Files, Temporary Internet Files, and Recycle Bin are the only things checked.
    • Click "OK" to remove them.
    • Click "Yes" to confirm the deletion.
  • Restart your computer normally to return to normal mode.
  • Free TrendMicro Housecall scan:
    • Vist the TrendMicro Housecall website.
    • Select your country from the drop-down list and click "Go".
    • Choose "Yes" at the ActiveX Security Warning prompt.
    • Please wait while the Housecall engine is updated.
    • Select the drives to be scanned by placing a check in their respective boxes.
    • Check the "Auto Clean" box.
    • Click "SCAN" in order to begin scanning your system.
    • Please be patient while Housecall scans your system for malicious files.
    • If not auto-cleaned, remove anything it finds.
    • Click "Close" to exit the Housecall scanner.
    • Choose "Yes" at the HouseCall message prompt.
  • Prepare your reply:
    • Please post a fresh HijackThis log
    • Please post the ewido log file.
    • Please post the contents rdriv.txt.

  • 0

#7
hamik

hamik

    Member

  • Topic Starter
  • Member
  • PipPip
  • 61 posts
I fixed my spyware problem thanks for the help anyway.
  • 0

#8
tj416

tj416

    Visiting Staff

  • Member
  • PipPipPip
  • 323 posts
Since this issue appears to be resolved ... this Topic has been closed. Sorry I couldn't help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP