Results 1 to 3 of 3

Thread: Help meout here

  1. #1
    Junior Member
    Join Date
    Jun 2008
    Posts
    2

    Unhappy Help meout here

    -------------------------------------------------------------------------------
    KASPERSKY ONLINE SCANNER REPORT
    Saturday, June 07, 2008 10:50:14 PM
    Operating System: Microsoft Windows XP Professional, Service Pack 1 (Build 2600)
    Kaspersky Online Scanner version: 5.0.98.0
    Kaspersky Anti-Virus database last update: 9/06/2008
    Kaspersky Anti-Virus database records: 841128
    -------------------------------------------------------------------------------

    Scan Settings:
    Scan using the following antivirus database: extended
    Scan Archives: true
    Scan Mail Bases: true

    Scan Target - My Computer:
    C:\
    D:\

    Scan Statistics:
    Total number of scanned objects: 51223
    Number of viruses found: 8
    Number of infected objects: 27
    Number of suspicious objects: 0
    Duration of the scan process: 01:12:22

    Infected Object Name / Virus Name / Last Action
    C:\Documents and Settings\Adrian\Application Data\Mozilla\Firefox\Profiles\2i16he7x.default\cert8.db Object is locked skipped
    C:\Documents and Settings\Adrian\Application Data\Mozilla\Firefox\Profiles\2i16he7x.default\history.dat Object is locked skipped
    C:\Documents and Settings\Adrian\Application Data\Mozilla\Firefox\Profiles\2i16he7x.default\key3.db Object is locked skipped
    C:\Documents and Settings\Adrian\Application Data\Mozilla\Firefox\Profiles\2i16he7x.default\parent.lock Object is locked skipped
    C:\Documents and Settings\Adrian\Application Data\Mozilla\Firefox\Profiles\2i16he7x.default\search.sqlite Object is locked skipped
    C:\Documents and Settings\Adrian\Application Data\Mozilla\Firefox\Profiles\2i16he7x.default\urlclassifier2.sqlite Object is locked skipped
    C:\Documents and Settings\Adrian\Cookies\index.dat Object is locked skipped
    C:\Documents and Settings\Adrian\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
    C:\Documents and Settings\Adrian\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
    C:\Documents and Settings\Adrian\Local Settings\Application Data\Mozilla\Firefox\Profiles\2i16he7x.default\Cache\_CACHE_001_ Object is locked skipped
    C:\Documents and Settings\Adrian\Local Settings\Application Data\Mozilla\Firefox\Profiles\2i16he7x.default\Cache\_CACHE_002_ Object is locked skipped
    C:\Documents and Settings\Adrian\Local Settings\Application Data\Mozilla\Firefox\Profiles\2i16he7x.default\Cache\_CACHE_003_ Object is locked skipped
    C:\Documents and Settings\Adrian\Local Settings\Application Data\Mozilla\Firefox\Profiles\2i16he7x.default\Cache\_CACHE_MAP_ Object is locked skipped
    C:\Documents and Settings\Adrian\Local Settings\History\History.IE5\index.dat Object is locked skipped
    C:\Documents and Settings\Adrian\Local Settings\History\History.IE5\MSHist012008060720080608\index.dat Object is locked skipped
    C:\Documents and Settings\Adrian\Local Settings\Temp\Perflib_Perfdata_5d0.dat Object is locked skipped
    C:\Documents and Settings\Adrian\Local Settings\Temp\~DFC56F.tmp Object is locked skipped
    C:\Documents and Settings\Adrian\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
    C:\Documents and Settings\Adrian\ntuser.dat Object is locked skipped
    C:\Documents and Settings\Adrian\ntuser.dat.LOG Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp Object is locked skipped
    C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\settings.dat Object is locked skipped
    C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
    C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
    C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
    C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
    C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
    C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
    C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
    C:\Documents and Settings\mihai\Local Settings\Temporary Internet Files\Content.IE5\9Q0VAN0K\index[1] Infected: Backdoor.Win32.Agent.jvp skipped
    C:\Documents and Settings\mihai\Local Settings\Temporary Internet Files\Content.IE5\ALBODGBM\index[1] Infected: Packed.JS.Agent.d skipped
    C:\Documents and Settings\mihai\Local Settings\Temporary Internet Files\Content.IE5\BFP7B1CW\index[2] Infected: Packed.JS.Agent.d skipped
    C:\Documents and Settings\mihai\Local Settings\Temporary Internet Files\Content.IE5\BFP7B1CW\index[4] Infected: Packed.JS.Agent.d skipped
    C:\Documents and Settings\mihai\Local Settings\Temporary Internet Files\Content.IE5\CPA74HYZ\b[1].js Infected: Exploit.HTML.Iframe.FileDownload.bb skipped
    C:\Documents and Settings\mihai\Local Settings\Temporary Internet Files\Content.IE5\CYO3OQXQ\index[2] Infected: Packed.JS.Agent.d skipped
    C:\Documents and Settings\mihai\Local Settings\Temporary Internet Files\Content.IE5\G9QB8T63\b[3].js Infected: Exploit.HTML.Iframe.FileDownload.bc skipped
    C:\Documents and Settings\mihai\Local Settings\Temporary Internet Files\Content.IE5\G9QB8T63\b[4].js Infected: Exploit.HTML.Iframe.FileDownload.bc skipped
    C:\Documents and Settings\mihai\Local Settings\Temporary Internet Files\Content.IE5\G9QB8T63\index[3] Infected: Packed.JS.Agent.d skipped
    C:\Documents and Settings\mihai\Local Settings\Temporary Internet Files\Content.IE5\LUCZCD74\index[1] Infected: Backdoor.Win32.Agent.jvp skipped
    C:\Documents and Settings\mihai\Local Settings\Temporary Internet Files\Content.IE5\QTSTEDWT\index[2] Infected: Backdoor.Win32.Agent.jvp skipped
    C:\Documents and Settings\mihai\Local Settings\Temporary Internet Files\Content.IE5\SDQBWHIN\b[1].js Infected: Exploit.HTML.Iframe.FileDownload.bb skipped
    C:\Documents and Settings\mihai\Local Settings\Temporary Internet Files\Content.IE5\SDQBWHIN\b[2].js Infected: Exploit.HTML.Iframe.FileDownload.bc skipped
    C:\Documents and Settings\mihai\Local Settings\Temporary Internet Files\Content.IE5\W56JC5U7\b[2].js Infected: Exploit.HTML.Iframe.FileDownload.bb skipped
    C:\Documents and Settings\mihai\Local Settings\Temporary Internet Files\Content.IE5\W56JC5U7\index[1] Infected: Packed.JS.Agent.d skipped
    C:\Documents and Settings\mihai\Local Settings\Temporary Internet Files\Content.IE5\W56JC5U7\index[2] Infected: Packed.JS.Agent.d skipped
    C:\Documents and Settings\mihai\Local Settings\Temporary Internet Files\Content.IE5\Y6PQTB49\index[2] Infected: Backdoor.Win32.Agent.jvp skipped
    C:\Documents and Settings\mihai\Local Settings\Temporary Internet Files\Content.IE5\Y7K7WBYR\index[3] Infected: Packed.JS.Agent.d skipped
    C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
    C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
    C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
    C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
    C:\Program Files\Norton AntiVirus\AVApp.log Object is locked skipped
    C:\Program Files\Norton AntiVirus\AVError.log Object is locked skipped
    C:\Program Files\Norton AntiVirus\AVVirus.log Object is locked skipped
    C:\Program Files\Yahoo!\Messenger\logs\billing_Adrian.log Object is locked skipped
    C:\Program Files\Yahoo!\Messenger\logs\client_Adrian.log Object is locked skipped
    C:\Program Files\Yahoo!\Messenger\logs\network_Adrian.log Object is locked skipped
    C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
    C:\System Volume Information\_restore{97FCBF9F-FFF5-474C-AA63-6C4DCDD8101E}\RP108\A0025461.exe Infected: Backdoor.Win32.Agent.jeo skipped
    C:\System Volume Information\_restore{97FCBF9F-FFF5-474C-AA63-6C4DCDD8101E}\RP108\A0029469.exe Infected: Backdoor.Win32.Agent.jrp skipped
    C:\System Volume Information\_restore{97FCBF9F-FFF5-474C-AA63-6C4DCDD8101E}\RP108\A0031524.exe Infected: Backdoor.Win32.Agent.jvo skipped
    C:\System Volume Information\_restore{97FCBF9F-FFF5-474C-AA63-6C4DCDD8101E}\RP108\change.log Object is locked skipped
    C:\System Volume Information\_restore{97FCBF9F-FFF5-474C-AA63-6C4DCDD8101E}\RP18\A0011009.exe Infected: Backdoor.Win32.Agent.jeo skipped
    C:\System Volume Information\_restore{97FCBF9F-FFF5-474C-AA63-6C4DCDD8101E}\RP45\A0016437.exe Infected: Backdoor.Win32.Agent.jeo skipped
    C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
    C:\WINDOWS\SchedLgU.Txt Object is locked skipped
    C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
    C:\WINDOWS\system32\aspimgr.exe Infected: Backdoor.Win32.Agent.jvo skipped
    C:\WINDOWS\system32\aspimgr.exe_ Infected: Backdoor.Win32.Agent.jeo skipped
    C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
    C:\WINDOWS\system32\config\default Object is locked skipped
    C:\WINDOWS\system32\config\default.LOG Object is locked skipped
    C:\WINDOWS\system32\config\SAM Object is locked skipped
    C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
    C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
    C:\WINDOWS\system32\config\SECURITY Object is locked skipped
    C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
    C:\WINDOWS\system32\config\software Object is locked skipped
    C:\WINDOWS\system32\config\software.LOG Object is locked skipped
    C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
    C:\WINDOWS\system32\config\system Object is locked skipped
    C:\WINDOWS\system32\config\system.LOG Object is locked skipped
    C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat Object is locked skipped
    C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat Object is locked skipped
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
    C:\WINDOWS\system32\sockins32.dll Infected: not-a-virus:AdWare.Win32.BHO.awz skipped
    C:\WINDOWS\system32\sockots64.dll Infected: not-a-virus:AdWare.Win32.BHO.awz skipped
    C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
    C:\WINDOWS\WindowsUpdate.log Object is locked skipped

    Scan process completed.

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 10:53:03 PM, on 6/7/2008
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\aspimgr.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\Program Files\Norton AntiVirus\SAVScan.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\Apoint2K\Apoint.exe
    C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe
    C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
    C:\WINDOWS\System32\rundll32.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Program Files\Apoint2K\Apntex.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\WINDOWS\System32\rundll32.exe
    C:\WINDOWS\System32\wuauclt.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = file:///c:/windows/homepage.html
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = file://c:/windows/homepage.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = file://c:/windows/homepage.html
    R3 - URLSearchHook: Yahoo! §u®„¶C - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O2 - BHO: Microsoft copyright - {FFFFFFFF-BBBB-4146-86FD-A722E8AB3489} - sockots64.dll (file missing)
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Yahoo! §u®„¶C - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
    O4 - HKLM\..\Run: [SoundMAXPnP] "C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe"
    O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
    O4 - HKLM\..\aRun: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [Apoint] "C:\Program Files\Apoint2K\Apoint.exe"
    O4 - HKLM\..\Run: [GhostStartTrayApp] "C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
    O4 - Global Startup: BTTray.lnk = ?
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
    O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
    O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/par...an_unicode.cab
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
    O21 - SSODL: WebProxy - {66186F05-BBBB-4a39-864F-72D84615C679} - sockots64.dll (file missing)
    O23 - Service: Microsoft ASPI Manager (aspimgr) - Unknown owner - C:\WINDOWS\System32\aspimgr.exe
    O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: GhostStartService - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
    O23 - Service: Microsoft Security Center Extension (msscenter) - Unknown owner - C:\WINDOWS\System32\msscntr32.exe
    O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
    O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

    --
    End of file - 7602 bytes

  2. #2
    Junior Member
    Join Date
    Jun 2008
    Posts
    2

    Default

    Thanks a head of time for your help

  3. #3
    Emeritus Blade81's Avatar
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    25,300

    Default

    Hi

    Download ATF (Atribune Temp File) Cleaner© by Atribune to your desktop.

    Double-click ATF Cleaner.exe to open it

    Under Main choose:
    Windows Temp
    Current User Temp
    All Users Temp
    Cookies
    Temporary Internet Files
    Prefetch
    Java Cache

    *The other boxes are optional*
    Then click the Empty Selected button.

    If you use Firefox:
    Click Firefox at the top and choose: Select All
    Click the Empty Selected button.
    NOTE: If you would like to keep your saved passwords, please click NO at the prompt.

    If you use Opera:
    Click Opera at the top and choose: Select All
    Click the Empty Selected button.
    NOTE: If you would like to keep your saved passwords, please click NO at the prompt.

    Click Exit on the Main menu to close the program.


    Please download Malwarebytes' Anti-Malware to your desktop.

    • Double-click mbam-setup.exe and follow the prompts to install the program.
    • At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
    • If an update is found, it will download and install the latest version.
    • Once the program has loaded, select Perform full scan, then click Scan.
    • When the scan is complete, click OK, then Show Results to view the results.
    • Be sure that everything is checked, and click Remove Selected.
    • When completed, a log will open in Notepad. Please save it to a convenient location. The log can also be found here: C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
    • Please post contents of that file & a fresh hjt log in your next reply. How's the system running?
    Microsoft Windows Insider MVP 2016
    Microsoft MVP Consumer Security 2008-2015
    UNITE member since 2006

    If you have problems create a thread in the forum, please.

    Malware removal instructions are for the correspondent user's case only.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •